Hi [[ session.user.profile.firstName ]]
Sort by:
    • The OWASP Top 10 2017 - Let's Cut to The Chase
      The OWASP Top 10 2017 - Let's Cut to The Chase Kevin Poniatowski and Mark Burnett Recorded: Feb 7 2018 7:00 pm UTC 60 mins
    • What Do You REALLY Need to Know About the New OWASP Top Ten?

      The OWASP Top Ten is the de-facto web application security standard because it reflects the evolving threat landscape, providing organizations a framework to manage and mitigate application security risk.

      This dual-presenter format will examine the critical newcomers and pesky incumbents from both an offensive and defensive perspective. Attend to get our expert insight on how to harden Web applications and align your program towards OWASP compliance.


      Topics covered include:

      - The newcomers – why they are so tricky and elude traditional test efforts
      - XSS and Injection – mistakes organizations keep making that land these preventable threats on every Top Ten list
      - Design flaws that cause them and coding errors that expose them
      - High impact activities that reduce exploitability, prevalence and impact

      Meet the Presenters:

      Kevin Poniatowski, Sr. Security Instructor & Engineer at Security Innovation, brings an optimal blend of speaking ability, technical savvy, and an insatiable passion for security to Security Innovation's training customers. Kevin entered the application security field in 2007 with Security Innovation, where he has split time between application security course development and delivering instructor-led courses.

      Mark Burnett is a security consultant, author, and researcher who specializes in application security, authentication, and hardening Microsoft Windows-based servers and networks. Since 1999 he has worked in numerous areas of IT security, developing unique strategies and techniques for protecting critical assets. Mark is author and coauthor of a number of security books and publishes security articles for several web sites, newsletters, and magazines.

      Read more >
    • Setting up a Secure Development Life Cycle with OWASP
      Setting up a Secure Development Life Cycle with OWASP Sebastien Deleersnyder, OWASP board member Recorded: Nov 14 2012 9:00 am UTC 37 mins
    • Synopsis:
      Using the OWASP Software Assurance Maturity Model (OpenSAMM) as a framework, this talk covers the major application security controls of a secure development lifecycle program as provided by OWASP. Featured OWASP open source material include: OWASP guidelines and tools such as ESAPI, ZAProxy, as well as educational resources.

      About the speaker:
      Sebastien started the Belgian OWASP Chapter Leader and is a member of the OWASP Foundation Board. He performed several public presentations on Web Application and Web Services Security and co-organizes the yearly security & hacker BruCON conference and trainings in Belgium.

      For the past 10 years has built up extensive experience in Information Security and specialises in Web Application Security. He has performed several successful secure development lifecycle projects in the financial and utility sector, started up software security groups, supported customers in selecting and implementing Web Application Firewalls (WAF), delivered web application security training and closed numerous audit findings regarding application security.

      Read more >
    • How To Test For The OWASP Top Ten
      How To Test For The OWASP Top Ten Jason Taylor, CTO, Security Innovation Recorded: Dec 14 2017 6:40 pm UTC 63 mins
    • The OWASP Top 10 is an expert consensus of the most critical web application security threats. If properly understood, it is an invaluable framework to prioritize efforts and address flaws that expose your organization to attack.

      Watch this on-demand webinar as Jason Taylor, one of our most experienced security experts, takes us through the journey of identifying the tell-tale markers of the OWASP Top Ten and reveals the techniques used to hunt them down.

      This session covers:

      Vulnerability anatomy – how they present themselves
      Analysis of vulnerability root cause and protection schemas
      Test procedures to validate susceptibility (or not) for each threat

      Read more >
    • Don't Get Stung! Examining the OWASP Top 10 & Getting the Most from Advanced WAF
      Don't Get Stung! Examining the OWASP Top 10 & Getting the Most from Advanced WAF Nathan McKay, Solutions Marketing Manager, F5; Brandon Dunlap (Moderator) Recorded: Feb 1 2018 6:00 pm UTC 59 mins
    • Web application security is complex, difficult, and costly. These issues are well known, but remain prevalent out in the real world. Most development teams do not have the time or resources to sufficiently protect against the myriad of attacks that are relevant to each vector, while the level of expertise required to address these issues are difficult to come by even if your project has the time and budget for it. The good news is that advanced WAF technology is more accessible and affordable than ever before. With the right tools, comprehensive WAF coverage can not only reduce your exposures and give you better control over your applications but also help optimize your resources and reduce overall operating costs. Join F5 and (ISC)2 for Part 1 of a 3 part Security Briefings Series on February 1, 2018 at 1PM Eastern where we’ll discuss the OWASP Top 10, defenses for everything it addresses and how to use WAF to optimize and filter unwanted traffic to cut costs in the cloud.

      Read more >
    • Defend Your Web Applications Against the OWASP Top 10 Security Risks
      Defend Your Web Applications Against the OWASP Top 10 Security Risks Paul Dignan - Senior Systems Engineer, F5 Networks Recorded: Nov 21 2017 12:00 pm UTC 62 mins
    • Web application security is complex, time-consuming to manage, and costly. Most development teams do not have the resources to sufficiently protect apps against the myriad of attacks that are relevant to each vector. This is further compounded by the need to repeatedly address these vulnerabilities in every application that is deployed.

      The OWASP Top 10 provides a list of the ten most critical web application security risks. An advanced Web Application Firewall (WAF) can help defend your applications against these threats. In this webinar, you will learn:

      • The primary risks to your applications addressed by the OWASP Top 10
      • How using a WAF to protect your applications can offload development resources
      • How to address additional risk, such as DDoS and bot attacks
      • How a WAF can optimise and filter unwanted traffic to help cut costs in the cloud

      Read more >
    • Chroń swoje aplikacje webowe przed OWASP Top 10 - listą największych zagrożeń
      Chroń swoje aplikacje webowe przed OWASP Top 10 - listą największych zagrożeń Mariusz Sawczuk - Systems Engineer, F5 Networks Recorded: Nov 28 2017 4:00 pm UTC 69 mins
    • Bezpieczeństwo aplikacji webowych to proces złożony, czasochłonny oraz kosztowny. Większość zespołów deweloperskich nie posiada wystarczających zasobów do tego, aby chronić aplikacje przed mnóstwem zagrożeń i pochodzących z różnych stron ataków. Sytuację dodatkowo komplikuje potrzeba regularnego reagowania na te zagrożenia w przypadku każdej uruchomionej aplikacji.

      OWASP Top 10 to lista najbardziej krytycznych zagrożeń aplikacji webowych. Zaawansowany firewall do aplikacji webowych (WAF) może być pomocny w obronie przeciwko tym zagrożeniom. Na tym webinarium dowiesz się więcej o:

      • Podstawowych zagrożeniach dla Twoich aplikacji omówionych w OWASP Top 10.
      • Jak użycie firewalla WAF do ochrony aplikacji może uwolnić zasoby programistyczne.
      • Jak zabezpieczyć się przed dodatkowymi zagrożeniami, takimi jak ataki DDoS oraz boty.
      • Jak firewall WAF może optymalizować i filtrować niepożądany ruch, zmniejszając przy tym koszty korzystania z chmury.

      Read more >
    • Protege tus aplicaciones web de los riesgos de seguridad de la OWASP Top 10
      Protege tus aplicaciones web de los riesgos de seguridad de la OWASP Top 10 Salvador del Real - Senior Systems Engineer, F5 Networks Recorded: Nov 29 2017 11:00 am UTC 55 mins
    • La seguridad de las aplicaciones web es una tarea costosa en tiempo y dinero. La mayoría de desarrolladores no dispone de recursos que aseguren una protección suficiente de las apps frente a los innumerables ataques a cada vector. A ello se añade la necesidad de abordar repetidamente estas vulnerabilidades en cada app.

      OWASP Top 10 es una lista de los 10 riesgos de seguridad más críticos para las aplicaciones web. Contar con un avanzado firewall de aplicaciones web (WAF) puede ayudarte a proteger tus apps frente a estas amenazas. En este seminario web abordaremos los siguientes temas:

      • Riesgos de seguridad para las aplicaciones de la lista OWASP Top 10
      • Cómo usando un WAF para proteger tus apps puede reducir los costes de desarrollo
      • Cómo abordar otros riesgos como los ataques DDoS y de bots
      • Cómo un WAF puede optimizar y filtrar el tráfico no deseado para ayudarte a reducir costes en la nube

      Read more >
    • Verteidigen Sie Ihre Web-Applikationen gegen die Top 10 OWASP-Bedrohungen
      Verteidigen Sie Ihre Web-Applikationen gegen die Top 10 OWASP-Bedrohungen Patrick Zoller - Systems Engineer, F5 Networks Recorded: Nov 24 2017 3:15 pm UTC 62 mins
    • Die Sicherheit von Web-Applikationen ist kompliziert, aufwändig zu verwalten und kostspielig. Die meisten Entwicklungsteams haben nicht die Ressourcen, um Anwendungen adäquat gegen die Unzahl von Attacken zu schützen. Das wird zusätzlich dadurch erschwert, dass diese Schwachstellen in jeder eingesetzten Applikation adressiert werden müssen.

      Die OWASP Top 10 ist eine Liste der zehn kritischsten Sicherheitsrisiken für Web-Applikationen. Eine fortschrittliche WAF (Web Application Firewall) kann Ihnen helfen, Ihre Web-Applikationen vor diesen Bedrohungen zu schützen. In diesem Webinar erfahren Sie:

      • Welche primären Risiken für Ihre Applikationen die OWASP Top 10 umfassen
      • Wie der Einsatz einer WAF zum Schutz Ihrer Applikationen Entwicklungsressourcen schonen kann
      •Wie Sie zusätzliche Risiken wie etwa DDoS und Bot-Attacken adressieren können
      •Wie eine WAF unerwünschten Traffic optimieren und filtern kann, um so Kosten in der Cloud zu reduzieren

      Read more >
    • Protégez vos apps Web contre les risques de sécurité selon le Top 10 OWASP
      Protégez vos apps Web contre les risques de sécurité selon le Top 10 OWASP Arnaud Lemaire – Senior Systems Engineer, F5 Networks Recorded: Nov 30 2017 11:00 am UTC 63 mins
    • La sécurité des applications Web est complexe, onéreuse et longue à gérer. La plupart des équipes de développement n’ont pas les moyens de protéger suffisamment les applications contre toutes les attaques actuelles. En outre, puisqu’il est nécessaire de résoudre ces vulnérabilités dans chaque application déployée, la situation devient toujours plus inquiétante.

      Le Top 10 OWASP dresse une liste des dix risques de sécurité les plus critiques pour les applications Web. Un pare-feu sophistiqué pour les applications Web (WAF) peut aider vos applications à contrer ces menaces. Dans ce webinar, vous découvrirez :

      • les principaux risques pour vos applications examinés dans le Top 10 OWASP ;
      • comment utiliser un WAF pour protéger vos applications et soulager vos équipes de développement ;
      • comment contrer d’autres risques, tels que les attaques DDoS et de bots ;
      • comment un WAF peut optimiser et filtrer le trafic indésirable pour vous aider à réduire les coûts liés au cloud.

      Read more >
    • DevSecOps from Cradle to Scale: Real-World Lessons and Success Cases
      DevSecOps from Cradle to Scale: Real-World Lessons and Success Cases Dr. Chenxi Wang, Founder of The Jane Bond Project & Vice Chair, Board of Directors, OWASP; Mike D. Kail, CTO, CYBRIC Recorded: Feb 8 2018 6:00 pm UTC 58 mins
    • Many businesses today are harnessing the tools and promise of DevOps or Agile to drive innovation. Everything from new website capabilities to entirely new products are fair game in this revolution. However, the majority of security tools and processes are not inherently designed to be integrated in this new world, which is limiting the results new developments can bring.

      In this webinar, Dr. Chenxi Wang, founder of cybersecurity consultancy the Jane Bond Project and Vice Chair of the Board of Directors of OWASP, and CYBRIC CTO Mike D. Kail will discuss:
      • How to effectively integrate security into your DevOps process
      • How to integrate it at scale
      • Real-world examples of business results using this approach

      Mike and Chenxi will also cover where to get started with "DevSecOps," what metrics to use and what security at scale can mean for businesses.

      Guest Presenter:
      Dr. Chenxi Wang is founder of The Jane Bond Project, and a founding partner in 360Velocity, a strategic Cybersecurity consultancy. She is Vice Chair of the Board of Directors of OWASP, a strategic advisor for IT Security Planet and serves on the advisory board of various start-ups. Previously, Chenxi served as the Chief Strategy Officer at Twistlock, responsible for corporate strategy and thought leadership. Chenxi is the 2016 & 2017 program co-chair for Security & Privacy at the Grace Hopper Conference and named by SC Magazine as a 2016 Women of Influence. Prior to Twistlock, Chenxi built an illustrious career at Forrester Research, Intel Security and CipherCloud. At Forrester, Chenxi covered mobile, cloud, and enterprise security, and wrote many hard-hitting research papers. At Intel Security, she led the ubiquity strategy that spans both hardware and software platforms. Chenxi started her career as a faculty member of Computer Engineering at Carnegie Mellon University.

      Read more >
    • Don't Get Stung by the OWASP Top 10 - Getting the Most from Advanced WAF
      Don't Get Stung by the OWASP Top 10 - Getting the Most from Advanced WAF Nathan McKay, Security Solutions Manager, F5 Networks; Danny Luedke, Product Marketing Manager, F5 Networks Recorded: Nov 16 2017 9:00 pm UTC 65 mins
    • Web application security is complex, difficult, and costly – the problems are well known, but remain prevalent out in the real world. Most development teams do not have the resources to sufficiently protect against the myriad of attacks that are relevant to each vector, and the level of expertise required is difficult to come by even if your project has the time and budget for it. This is further compounded by the need to address these vulnerabilities over and over in every application that goes out the door making it a significant blocker in your path to production.

      The good news is that advanced WAF technology is more accessible and affordable than ever before. F5 has teams of researchers and engineers dedicated to this task, and their industry-leading expertise is packaged and available today to defend apps of any size and variety. With the right tools, comprehensive WAF coverage can not only reduce your exposures and give you better control over your applications but also help optimize your resources and reduce overall operating costs. F5 is committed to supporting the OWASP Top 10 and providing defenses for everything it addresses, but that’s just the tip of the iceberg.

      In this webinar you will learn:
      - About the primary risks to your app, including those addressed by the Top 10.
      - How to make the most of development resources by using WAF to do the heavy lifting for you.
      - How F5’s unique and flexible deployment options will make WAF remediation for your app a snap.
      - How you can go beyond the Top 10 and address additional risk, such as DDoS, bot defense, intellectual property theft, or fraud.
      - How WAF can optimize and filter unwanted traffic to help you cut costs in the cloud.

      Read more >
    • OWASP Top 10 Security Risks: Are your AWS web applications secure?
      OWASP Top 10 Security Risks: Are your AWS web applications secure? James Brown - Director of Public Cloud EMEA Recorded: Dec 11 2014 3:00 pm UTC 48 mins
    • Whether you are evaluating AWS, or are already hosting your DevTest, disaster recovery or production workloads on AWS, security and compliance are high on your list of priorities.

      Application security for apps in the public cloud is the responsibility of you, the customer, and it is critical that you are able to protect your workloads from hackers looking to exploit security gaps to undermine your business.

      Register for this live webinar, hosted by James Brown, Director of Public Cloud for Alert Logic, to:
      • Receive an overview of the OWASP top 10 most critical web application security risks, such as SQL injections, cross-site scripting and un-validated re-directs
      • Discover best practices for protecting your environment from the OWASP Top 10 risks
      • Hear how other customers are securing their production workloads on AWS:
      o Core security technologies include intrusion detection, vulnerability scanning, log management and web application firewalls, combined with rich security content & analytics, and a 24x7 Security Operations Center
      • Learn how to secure your cloud workloads in less than 4 weeks, for as little as £750 per month*

      This session also includes a live Q&A, so this is a must-attend event for current or future customers of AWS. Alert Logic is an approved partner of the AWS Technology Partner Program.

      *entry level solution

      Read more >
    • 85% of App Store Apps Fail OWASP Mobile Top 10: Are you exposed?
      85% of App Store Apps Fail OWASP Mobile Top 10: Are you exposed? Andrew Hoog (Founder) // Brian Reed (Chief Mobility Officer) Recorded: Jan 23 2018 7:00 pm UTC 56 mins
    • NowSecure continuously monitors millions of mobile apps in third-party apps in the Apple® App Store® and the Google Play™ store for security, compliance and privacy risks.

      A comprehensive analysis of iOS and Android apps found that a staggering 85% of those apps fail one or more of the OWASP Mobile Top 10 criteria. Given that the average mobile device has over 89 mobile apps on it, what are the odds your employees have one or more of the apps and what’s the real risk to your business?

      During this webinar, renowned mobile security expert and NowSecure founder Andrew Hoog and Chief Mobility Officer Brian Reed will review the massive data set, detail the areas of exposure and review mitigation recommendations.

      Mobile apps power productivity in the modern business; don’t let a few bad apps bring it down.

      Note: Live attendees will be entered to win a free mobile app security assessment!

      Read more >
    • ITSPmagazine chats with Tom Brennan, Board of Directors at OWASP
      ITSPmagazine chats with Tom Brennan, Board of Directors at OWASP Tom Brennan, Director at Intel Security and Board of Dir Recorded: Feb 11 2017 4:45 pm UTC 4 mins
    • ITSPmagazine meets up with Tom Brennan, Director at Intel Security and Board of Directors at OWASP, to discuss diversity, education, and the Internet of Things. Here are a few highlights from the conversation:

      - Diversity is important in the organization relevant to having different perspectives. OWASP is a community of doers - if you're able to participate in the discussion from a tech perspective you're welcome, regardless of race, age gender etc.

      - If you truly believe in the mission that software security is important then this is one of those communities really focuses on that aspect.

      - There are 55,000 OWASP members that all have one thing in common: they understand tech and they understand the risk that impacts safety.

      Read more >