Erez Yalon

> A first page disclaimer (with this explanation written bold and an url link to the main OWASP Security top 10) as it has already be mentioned would be really...

Thanks, @planetlevel, your opinion was noted. @d0znpp, API10 is not a renamed Injection category. It is about the false trust feeling that developers have when recining data via responses and...

I agree with both of you. It is natural to encounter overlaps between categories that are sometimes very general. While the issues you raised, @ynvb, are correct for API4 and...

@gavjl, don't you feel that your suggestion: > The focus should be on sanitization at the point of use - parameterized SQL calls, output encoding for HTML etc is exactly...

Thank you all for the comments. It is now evident that we should have published a clear intro together with the Top 10 list. We didn't, but we are working...

Pulling from other locations is not always possible due to copyright rules, but feel free to contribute your own samples.

Hi @kevingo, We will happy to accommodate your translation. Hopefully, this will be the beginning of a multi-language project where everyone can contribute translations to any language. We will prepare...

Thanks, @JonEngle, would you like to suggest an alternative and/or open a PR?

These are interesting @lojikil. You are more than welcome to [contribute](https://github.com/OWASP/Go-SCP/blob/master/CONTRIBUTING.md).