The good and bad of the CWE/SANS Top 25

Earlier this week SANS/CWE posted this. The top 25 most dangerous programming errors. This is a good list to know what to watch out for but don't get caught up in the details. As a security professional state "Security is all about risk management", the source can be found with an article by Gary McGraw. Gary does a good job and reminding you that while it's good to know the details, don't get caught up in them. First and foremost know how to prioritize and apply those risks to your responsibilities.