OWASP articles

AppSec EU 2017 Belfast - Organizing Committee.- Featured Image

AppSec EU 2017 Belfast – What to Expect

AppSec EU 2017 Belfast – What to Expect

In mid-May I’ll be joining the organizing team of AppSec EU 2017 in Belfast for a week of security and DevOps sessions. Listen in as Gary Robinson, Michelle Simpson and Owen Pendlebury talk about what’s planned for the week.

WebGoat Project - Featured Image

2016 AppSec USA – An Update on the WebGoat Project

WebGoat is a deliberately insecure web application maintained by OWASP designed to teach web application security lessons. It is one of the most used projects at OWASP. With the current team headed by Bruce Mayhew, Nanne Baars and Jason White, work is moving forward on the creation of new content for creating training lessons for

Core Rules Project - Chaim Sanders

AppSec USA 2016: Core Rule Set Project Update w/ Chaim Sanders [AUDIO]

The OWASP ModSecurity Core Rule Set Project‘s goal is to provide an easily “pluggable” set of generic attack detection rules that provide a base level of protection for any web application. Chaim Sanders,Ryan Barnett, Christian Folini and Walter Hop are the team coordinating the project. During 2016 AppSec USA, I spoke with Chaim Sanders about

IP Expo London 2016 - Shannon Lietz, Chris Swan and Mark Miller

The Future of DevSecOps w/ Shannon Lietz and Chris Swan, Live From IP Expo London

This is a live recording from 2016 IP Expo London, with Shannon Lietz (Intuit), Chris Swan (CSC) and host Mark Miller (Sonatype) discussing the future of security as it relates to DevOps. Shannon and Chris are real world practitioners, bringing stories from the trenches. We initially start with where the term DevSecOps came from the

OWASP 24-7 - 2016 Board Interviews - 04

2016 OWASP Board Election Interviews – Part Four of Four – Members, Projects, Conferences, Chapters

Today’s OWASP 24/7 Podcast is the fourth in a series of four, talking with prospective 2016 board members. Today’s question is, “What is more important to you as a candidate 1) Members 2) Projects 3) Conferences 4) Chapters ” The format for today’s Q&A with potential board members is simple. We ask a single question.

2016 OWASP Board Interviews - Q3 Featured Image

2016 OWASP Board Election Interviews – Part Three of Four – Most Important Issues

Today’s OWASP 24/7 podcast is the third in a series of four, talking with prospective 2016 board members. Today’s question is, “What is the single most important issue for you to tackle if elected to the board?” The format for today’s Q&A with potential board members is simple. We ask a single question. Each candidate

OWASP 24-7 - 2016 Board Interviews - 02

2016 OWASP Board Election Interviews – Part Two of Four – Vendor Neutrality

Today’s OWASP 24/7 podcast is the first in a series of four, talking with prospective 2016 board members. Today’s question is, “Do you consider vendor neutrality an issue at OWASP? If so, why?” The format for today’s Q&A with potential board members is simple. We ask a single question. Each candidate has 2 minutes to

OWASP 24-7 - 2016 Board Interviews - 01

2016 OWASP Board Election Interviews – Part One of Four – Developer Participation

Today’s OWASP 24/7 podcast is the first in a series of four, talking with prospective 2016 board members. Today’s question is, “What kind of action plan do you have in mind to help motivate the participation of Developers into OWASP community.” The format for today’s Q&A with potential board members is simple. We ask a

Top