What Do You REALLY Need to Know About the New OWASP Top Ten?
The OWASP Top Ten is the de-facto web application security standard because it reflects the evolving threat landscape, providing organizations a framework to manage and mitigate application security risk.
This dual-presenter format will examine the critical newcomers and pesky incumbents from both an offensive and defensive perspective. Attend to get our expert insight on how to harden Web applications and align your program towards OWASP compliance.
Topics covered include:
- The newcomers – why they are so tricky and elude traditional test efforts
- XSS and Injection – mistakes organizations keep making that land these preventable threats on every Top Ten list
- Design flaws that cause them and coding errors that expose them
- High impact activities that reduce exploitability, prevalence and impact
Meet the Presenters:
Kevin Poniatowski, Sr. Security Instructor & Engineer at Security Innovation, brings an optimal blend of speaking ability, technical savvy, and an insatiable passion for security to Security Innovation's training customers. Kevin entered the application security field in 2007 with Security Innovation, where he has split time between application security course development and delivering instructor-led courses.
Mark Burnett is a security consultant, author, and researcher who specializes in application security, authentication, and hardening Microsoft Windows-based servers and networks. Since 1999 he has worked in numerous areas of IT security, developing unique strategies and techniques for protecting critical assets. Mark is author and coauthor of a number of security books and publishes security articles for several web sites, newsletters, and magazines.