Today I'm in a security training session to become a security champion.  One of our sister security teams puts on a training program so we can understand all elements of security that Microsoft needs to address.  Being an application security program manager my focus is on applications and no other elements of security.  When I was signing up for this course I never considered the physical aspect of security.  How do people get into data centers, is there camera how is High Business Impact (HBI) data protected?  A lot of these things are vital to security but were clearly off my radar scope.  This afternoon we’ll be addressing the OWASP issues and application security.    

Training Update:

I just found out that the OWASP top 10 has been updated as of yesterday.  They update this list once a year so woo-hoo, got it in the nick of time!