Hi [[ session.user.profile.firstName ]]
Sort by:
    • How the OWASP Top 10 can Secure your DevSecOps Initiative
      How the OWASP Top 10 can Secure your DevSecOps Initiative Katy Anton, Principal Application Security Consultant @ Veracode & OWASP Bristol Chapter Leader Upcoming: Aug 9 2018 10:00 am UTC 45 mins
    • This session will be led by Katy Anton - Senior Application Security Consultant @ Veracode, OWASP Bristol Chapter Leader & Project Co-Leader for OWASP Proactive Controls Project. Katy will take the audience through the ins and outs of the OWASP Top 10.

      As software becomes increasingly complex, the difficulty of achieving application security increases. With the rapid pace of modern software development processes, securing the software from the beginning can be challenging.

      -How can developers write more secure applications?
      -What are the security techniques they could use while writing their software?

      These are hard questions, as evidenced by the increased cyber breaches. This session will explore the OWASP Top 10 (2017) and will identify the security controls that can prevent these vulnerabilities in which developers can use in the software development lifecycle. By the end of the webinar, you will have an arsenal of security controls that you can start using and apply them while writing your software applications.

      Register to this session to find out how the OWASP Top 10 can secure your DevSecOps Initiative!

      Read more >
    • The OWASP Top 10 2017 - Let's Cut to The Chase
      The OWASP Top 10 2017 - Let's Cut to The Chase Kevin Poniatowski and Mark Burnett Recorded: Feb 7 2018 7:00 pm UTC 60 mins
    • What Do You REALLY Need to Know About the New OWASP Top Ten?

      The OWASP Top Ten is the de-facto web application security standard because it reflects the evolving threat landscape, providing organizations a framework to manage and mitigate application security risk.

      This dual-presenter format will examine the critical newcomers and pesky incumbents from both an offensive and defensive perspective. Attend to get our expert insight on how to harden Web applications and align your program towards OWASP compliance.


      Topics covered include:

      - The newcomers – why they are so tricky and elude traditional test efforts
      - XSS and Injection – mistakes organizations keep making that land these preventable threats on every Top Ten list
      - Design flaws that cause them and coding errors that expose them
      - High impact activities that reduce exploitability, prevalence and impact

      Meet the Presenters:

      Kevin Poniatowski, Sr. Security Instructor & Engineer at Security Innovation, brings an optimal blend of speaking ability, technical savvy, and an insatiable passion for security to Security Innovation's training customers. Kevin entered the application security field in 2007 with Security Innovation, where he has split time between application security course development and delivering instructor-led courses.

      Mark Burnett is a security consultant, author, and researcher who specializes in application security, authentication, and hardening Microsoft Windows-based servers and networks. Since 1999 he has worked in numerous areas of IT security, developing unique strategies and techniques for protecting critical assets. Mark is author and coauthor of a number of security books and publishes security articles for several web sites, newsletters, and magazines.

      Read more >
    • Setting up a Secure Development Life Cycle with OWASP
      Setting up a Secure Development Life Cycle with OWASP Sebastien Deleersnyder, OWASP board member Recorded: Nov 14 2012 9:00 am UTC 37 mins
    • Synopsis:
      Using the OWASP Software Assurance Maturity Model (OpenSAMM) as a framework, this talk covers the major application security controls of a secure development lifecycle program as provided by OWASP. Featured OWASP open source material include: OWASP guidelines and tools such as ESAPI, ZAProxy, as well as educational resources.

      About the speaker:
      Sebastien started the Belgian OWASP Chapter Leader and is a member of the OWASP Foundation Board. He performed several public presentations on Web Application and Web Services Security and co-organizes the yearly security & hacker BruCON conference and trainings in Belgium.

      For the past 10 years has built up extensive experience in Information Security and specialises in Web Application Security. He has performed several successful secure development lifecycle projects in the financial and utility sector, started up software security groups, supported customers in selecting and implementing Web Application Firewalls (WAF), delivered web application security training and closed numerous audit findings regarding application security.

      Read more >
    • Taking the best of Agile, DevOps and CI/CD into your AppSec Program
      Taking the best of Agile, DevOps and CI/CD into your AppSec Program Matt Tesauro, Senior Technical Project Coordinator, OWASP Recorded: Apr 17 2018 4:30 pm UTC 47 mins
    • How many applications are in your company’s portfolio?
      What’s the headcount for your AppSec team?

      Whatever your situation is, I am sure the numbers are not in your favor. This talk covers the OWASP AppSec Pipeline project which provides real world examples from AppSec programs at several different companies who have seen increases of 5x in productivity. Companies covered include Rackspace with approximately 4,000+ employees and Pearson with 40,000+. Both have an international presence and far more apps and developers that AppSec staff. The talk will also cover the key principles to speed and scale up AppSec programs using an AppSec Pipeline as well as practical examples of these practices put into use. Start early and begin to buy down the technical security department by leaving the traditional AppSec program thinking behind.

      Read more >
    • How To Test For The OWASP Top Ten
      How To Test For The OWASP Top Ten Jason Taylor, CTO, Security Innovation Recorded: Dec 14 2017 6:40 pm UTC 63 mins
    • The OWASP Top 10 is an expert consensus of the most critical web application security threats. If properly understood, it is an invaluable framework to prioritize efforts and address flaws that expose your organization to attack.

      Watch this on-demand webinar as Jason Taylor, one of our most experienced security experts, takes us through the journey of identifying the tell-tale markers of the OWASP Top Ten and reveals the techniques used to hunt them down.

      This session covers:

      Vulnerability anatomy – how they present themselves
      Analysis of vulnerability root cause and protection schemas
      Test procedures to validate susceptibility (or not) for each threat

      Read more >
    • Don't Get Stung! Examining the OWASP Top 10 & Getting the Most from Advanced WAF
      Don't Get Stung! Examining the OWASP Top 10 & Getting the Most from Advanced WAF Nathan McKay, Solutions Marketing Manager, F5; Brandon Dunlap (Moderator) Recorded: Feb 1 2018 6:00 pm UTC 59 mins
    • Web application security is complex, difficult, and costly. These issues are well known, but remain prevalent out in the real world. Most development teams do not have the time or resources to sufficiently protect against the myriad of attacks that are relevant to each vector, while the level of expertise required to address these issues are difficult to come by even if your project has the time and budget for it. The good news is that advanced WAF technology is more accessible and affordable than ever before. With the right tools, comprehensive WAF coverage can not only reduce your exposures and give you better control over your applications but also help optimize your resources and reduce overall operating costs. Join F5 and (ISC)2 for Part 1 of a 3 part Security Briefings Series on February 1, 2018 at 1PM Eastern where we’ll discuss the OWASP Top 10, defenses for everything it addresses and how to use WAF to optimize and filter unwanted traffic to cut costs in the cloud.

      Read more >
    • Defend Your Web Applications Against the OWASP Top 10 Security Risks
      Defend Your Web Applications Against the OWASP Top 10 Security Risks Paul Dignan - Senior Systems Engineer, F5 Networks Recorded: Nov 21 2017 12:00 pm UTC 62 mins
    • Web application security is complex, time-consuming to manage, and costly. Most development teams do not have the resources to sufficiently protect apps against the myriad of attacks that are relevant to each vector. This is further compounded by the need to repeatedly address these vulnerabilities in every application that is deployed.

      The OWASP Top 10 provides a list of the ten most critical web application security risks. An advanced Web Application Firewall (WAF) can help defend your applications against these threats. In this webinar, you will learn:

      • The primary risks to your applications addressed by the OWASP Top 10
      • How using a WAF to protect your applications can offload development resources
      • How to address additional risk, such as DDoS and bot attacks
      • How a WAF can optimise and filter unwanted traffic to help cut costs in the cloud

      By watching this webinar, your personal details will be shared with F5 and treated in accordance with the F5 Privacy Notice (https://f5.com/about-us/policies/privacy-policy).

      Read more >
    • Chroń swoje aplikacje webowe przed OWASP Top 10 - listą największych zagrożeń
      Chroń swoje aplikacje webowe przed OWASP Top 10 - listą największych zagrożeń Mariusz Sawczuk - Systems Engineer, F5 Networks Recorded: Nov 28 2017 4:00 pm UTC 69 mins
    • Bezpieczeństwo aplikacji webowych to proces złożony, czasochłonny oraz kosztowny. Większość zespołów deweloperskich nie posiada wystarczających zasobów do tego, aby chronić aplikacje przed mnóstwem zagrożeń i pochodzących z różnych stron ataków. Sytuację dodatkowo komplikuje potrzeba regularnego reagowania na te zagrożenia w przypadku każdej uruchomionej aplikacji.

      OWASP Top 10 to lista najbardziej krytycznych zagrożeń aplikacji webowych. Zaawansowany firewall do aplikacji webowych (WAF) może być pomocny w obronie przeciwko tym zagrożeniom. Na tym webinarium dowiesz się więcej o:

      • Podstawowych zagrożeniach dla Twoich aplikacji omówionych w OWASP Top 10.
      • Jak użycie firewalla WAF do ochrony aplikacji może uwolnić zasoby programistyczne.
      • Jak zabezpieczyć się przed dodatkowymi zagrożeniami, takimi jak ataki DDoS oraz boty.
      • Jak firewall WAF może optymalizować i filtrować niepożądany ruch, zmniejszając przy tym koszty korzystania z chmury.

      Oglądając webinar wyrażasz zgodę na udostępnienie Twoich danych firmie F5. Dane będą traktowane zgodnie Polityką Prywatności F5 (https://f5.com/about-us/policies/privacy-policy).

      Read more >
    • Verteidigen Sie Ihre Web-Applikationen gegen die Top 10 OWASP-Bedrohungen
      Verteidigen Sie Ihre Web-Applikationen gegen die Top 10 OWASP-Bedrohungen Patrick Zoller - Systems Engineer, F5 Networks Recorded: Nov 24 2017 3:15 pm UTC 62 mins
    • Die Sicherheit von Web-Applikationen ist kompliziert, aufwändig zu verwalten und kostspielig. Die meisten Entwicklungsteams haben nicht die Ressourcen, um Anwendungen adäquat gegen die Unzahl von Attacken zu schützen. Das wird zusätzlich dadurch erschwert, dass diese Schwachstellen in jeder eingesetzten Applikation adressiert werden müssen.

      Die OWASP Top 10 ist eine Liste der zehn kritischsten Sicherheitsrisiken für Web-Applikationen. Eine fortschrittliche WAF (Web Application Firewall) kann Ihnen helfen, Ihre Web-Applikationen vor diesen Bedrohungen zu schützen. In diesem Webinar erfahren Sie:

      • Welche primären Risiken für Ihre Applikationen die OWASP Top 10 umfassen
      • Wie der Einsatz einer WAF zum Schutz Ihrer Applikationen Entwicklungsressourcen schonen kann
      •Wie Sie zusätzliche Risiken wie etwa DDoS und Bot-Attacken adressieren können
      •Wie eine WAF unerwünschten Traffic optimieren und filtern kann, um so Kosten in der Cloud zu reduzieren

      Wenn Sie sich dieses Webinar ansehen, werden Ihre persönlichen Daten mit F5 geteilt und in Übereinstimmung mit den F5 Datenschutzrichlinien behandelt (https://f5.com/about-us/policies/privacy-policy).

      Read more >
    • Protege tus aplicaciones web de los riesgos de seguridad de la OWASP Top 10
      Protege tus aplicaciones web de los riesgos de seguridad de la OWASP Top 10 Salvador del Real - Senior Systems Engineer, F5 Networks Recorded: Nov 29 2017 11:00 am UTC 55 mins
    • La seguridad de las aplicaciones web es una tarea costosa en tiempo y dinero. La mayoría de desarrolladores no dispone de recursos que aseguren una protección suficiente de las apps frente a los innumerables ataques a cada vector. A ello se añade la necesidad de abordar repetidamente estas vulnerabilidades en cada app.

      OWASP Top 10 es una lista de los 10 riesgos de seguridad más críticos para las aplicaciones web. Contar con un avanzado firewall de aplicaciones web (WAF) puede ayudarte a proteger tus apps frente a estas amenazas. En este seminario web abordaremos los siguientes temas:

      • Riesgos de seguridad para las aplicaciones de la lista OWASP Top 10
      • Cómo usando un WAF para proteger tus apps puede reducir los costes de desarrollo
      • Cómo abordar otros riesgos como los ataques DDoS y de bots
      • Cómo un WAF puede optimizar y filtrar el tráfico no deseado para ayudarte a reducir costes en la nube

      Al asistir a este webinar, tus datos personales serán compartidos con F5 y tratados de acuerdo con la Política de Privacidad de F5 (https://f5.com/about-us/policies/privacy-policy).

      Read more >
    • Protégez vos apps Web contre les risques de sécurité selon le Top 10 OWASP
      Protégez vos apps Web contre les risques de sécurité selon le Top 10 OWASP Arnaud Lemaire – Senior Systems Engineer, F5 Networks Recorded: Nov 30 2017 11:00 am UTC 63 mins
    • La sécurité des applications Web est complexe, onéreuse et longue à gérer. La plupart des équipes de développement n’ont pas les moyens de protéger suffisamment les applications contre toutes les attaques actuelles. En outre, puisqu’il est nécessaire de résoudre ces vulnérabilités dans chaque application déployée, la situation devient toujours plus inquiétante.

      Le Top 10 OWASP dresse une liste des dix risques de sécurité les plus critiques pour les applications Web. Un pare-feu sophistiqué pour les applications Web (WAF) peut aider vos applications à contrer ces menaces. Dans ce webinar, vous découvrirez :

      • les principaux risques pour vos applications examinés dans le Top 10 OWASP ;
      • comment utiliser un WAF pour protéger vos applications et soulager vos équipes de développement ;
      • comment contrer d’autres risques, tels que les attaques DDoS et de bots ;
      • comment un WAF peut optimiser et filtrer le trafic indésirable pour vous aider à réduire les coûts liés au cloud.

      En suivant ce webinar, vos données personnelles seront partagées avec F5 et seront traitées en accord avec la politique de confidentialité de F5 (https://f5.com/about-us/policies/privacy-policy).

      Read more >
    • DevSecOps from Cradle to Scale: Real-World Lessons and Success Cases
      DevSecOps from Cradle to Scale: Real-World Lessons and Success Cases Dr. Chenxi Wang, Founder of The Jane Bond Project & Vice Chair, Board of Directors, OWASP Recorded: Feb 8 2018 6:00 pm UTC 52 mins
    • Many businesses today are harnessing the tools and promise of DevOps or Agile to drive innovation. Everything from new website capabilities to entirely new products are fair game in this revolution. However, the majority of security tools and processes are not inherently designed to be integrated in this new world, which is limiting the results new developments can bring.

      In this webinar, Dr. Chenxi Wang, founder of cybersecurity consultancy the Jane Bond Project and Vice Chair of the Board of Directors of OWASP, and CYBRIC will discuss:
      • How to effectively integrate security into your DevOps process
      • How to integrate it at scale
      • Real-world examples of business results using this approach

      CYBRIC and Chenxi will also cover where to get started with "DevSecOps," what metrics to use and what security at scale can mean for businesses.

      Guest Presenter:
      Dr. Chenxi Wang is founder of The Jane Bond Project, and a founding partner in 360Velocity, a strategic Cybersecurity consultancy. She is Vice Chair of the Board of Directors of OWASP, a strategic advisor for IT Security Planet and serves on the advisory board of various start-ups. Previously, Chenxi served as the Chief Strategy Officer at Twistlock, responsible for corporate strategy and thought leadership. Chenxi is the 2016 & 2017 program co-chair for Security & Privacy at the Grace Hopper Conference and named by SC Magazine as a 2016 Women of Influence. Prior to Twistlock, Chenxi built an illustrious career at Forrester Research, Intel Security and CipherCloud. At Forrester, Chenxi covered mobile, cloud, and enterprise security, and wrote many hard-hitting research papers. At Intel Security, she led the ubiquity strategy that spans both hardware and software platforms. Chenxi started her career as a faculty member of Computer Engineering at Carnegie Mellon University.

      Read more >
    • Don't Get Stung by the OWASP Top 10 - Getting the Most from Advanced WAF
      Don't Get Stung by the OWASP Top 10 - Getting the Most from Advanced WAF Nathan McKay, Security Solutions Manager, F5 Networks; Danny Luedke, Product Marketing Manager, F5 Networks Recorded: Nov 16 2017 9:00 pm UTC 65 mins
    • Web application security is complex, difficult, and costly – the problems are well known, but remain prevalent out in the real world. Most development teams do not have the resources to sufficiently protect against the myriad of attacks that are relevant to each vector, and the level of expertise required is difficult to come by even if your project has the time and budget for it. This is further compounded by the need to address these vulnerabilities over and over in every application that goes out the door making it a significant blocker in your path to production.

      The good news is that advanced WAF technology is more accessible and affordable than ever before. F5 has teams of researchers and engineers dedicated to this task, and their industry-leading expertise is packaged and available today to defend apps of any size and variety. With the right tools, comprehensive WAF coverage can not only reduce your exposures and give you better control over your applications but also help optimize your resources and reduce overall operating costs. F5 is committed to supporting the OWASP Top 10 and providing defenses for everything it addresses, but that’s just the tip of the iceberg.

      In this webinar you will learn:
      - About the primary risks to your app, including those addressed by the Top 10.
      - How to make the most of development resources by using WAF to do the heavy lifting for you.
      - How F5’s unique and flexible deployment options will make WAF remediation for your app a snap.
      - How you can go beyond the Top 10 and address additional risk, such as DDoS, bot defense, intellectual property theft, or fraud.
      - How WAF can optimize and filter unwanted traffic to help you cut costs in the cloud.

      Read more >