A2 - broken authentication and session management(OWASP thailand chapter April 2016)
OWASP OTG-configuration (OWASP Thailand chapter november 2015)