Every year the web security community votes on the top web hacking techniques for the past year. The techniques identified are normally innovative, scary and sometimes down right funny and they serve an important purpose for raising awareness of emerging threats and attack methods. This year's survey is now online and I encourage you to vote - http://www.surveymonkey.com/s/TopTenWebHackingTechniques2011.
While the web application Breaker community certainly hogs up the spotlight, I want to try and take back a bit of that attention and shine it on the Defender community. There are many organizations and individuals whose goals are not to get a big pat on the back for their 3l33t hacking demo at a security conference but instead put forth their efforts to protecting organizations and user from these vary same hacking techniques. So, this year, I am starting a Top Ten Web Protection Techniques of 2011 list.
Once we get a good listing of protection candidates, we will then hold a public survey for voting.
I will present a few nominations here to get our entry pool started. If you would like to nominate a web protection technique (either protecting web servers/applications or web browsers), please either comment below the blog post or you can send a Tweet to @ryancbarnett with the hash tag #Top10WebProtect.