Name: Co-founders Discuss Key Takeaways from the 2021 OWASP Top Ten
Start: 2021-10-26T17:00:00Z
End: 2021-10-26T17:01:08.000Z
Location: BrightTALK
Rating: 5

Stop attacks in your applications and APIs from development to production. Novel attacks can appear harmless without visibility into the grey areas of your application layer. Make sure you can see zero-day attacks so you can stop exploits instantly. It's never black and white: Reveal your application layer in full contrast with the Contrast Security Runtime Platform. 


New data reveals production applications are attacked every three minutes, but the real risk lies in what’s actually exploitable in your code. Traditional tools often miss the mark, flooding teams with false positives or focusing on vulnerabilities that attackers can’t reach, while the real threats slip through.

Watch Contrast Security's breakdown of findings from the Software Under Siege 2025 report. You’ll get a clear picture of the current application threat landscape and you'll walk away with actionable strategies to respond faster, fix smarter and defend what matters.

What you'll learn:
- The reasons attackers are winning, and why your tools aren’t telling you the truth
- What Contrast’s latest data reveals about which vulnerabilities actually get exploited (and which don’t)
- Why language choice and architecture may matter more than you think when it comes to real risk
- How leading teams are flipping their AppSec strategy from chasing CVEs to stopping real threats in runtime

Featuring an expert panel of Contrast Security subject matter experts:
- Jeff Williams, Founder & CTO
- Naomi Buckwalter, Senior Director, Product Security
- Tyler Rosonke, Senior Manager, Security Research
- Jake Milstein, Vice President, Corporate Communications

Don't just scan for threats, see the data so you can understand what’s actually being exploited.

Software Under Siege: What Every Security Leader Needs to Know About Application Defense

Discover how Application Detection and Response (ADR) enhances your security posture by providing critical application-layer visibility that Endpoint Detection and Response (EDR) often misses. Learn why, with the rise of application-focused attacks, relying solely on EDR is insufficient and how ADR complements existing EDR and WAF investments to provide comprehensive protection.

What EDR and WAFs Miss: Exposing the Blindspot in Application Security

Security Operations Centers are on the front lines of defense against rising API threats. This panel from security professional Naomi Buckwalter and David Lindner addresses the critical need to enhance SOC capabilities with application security expertise and runtime intelligence. They'll delve into why a shift-right approach is essential to complement shift-left practices, providing the real-time visibility necessary to detect and respond to application-layer attacks. 

Learn how to build effective AppSec incident response playbooks within the SOC, enabling proactive threat hunting, faster incident triage, and reduced breach impact. The panel will also discuss the importance of cross-functional collaboration and the future of AppSec in the SOC.

The AppSec-Enabled SOC: Addressing Modern Challenges in Incident Response

Why do our applications and APIs keep getting breached? Learn more about what Security Operations teams can do now to have more effectively defenses against application attacks.

What you can expect from this webinar:
- What SOC teams need to know about the evolution of software development
- How to better protect applications and APIs
- How ADR benefits SecOps

What SOC teams need to better protect applications and APIs

Check out this short demo to learn more about the integration between Splunk and Contrast ADR.

Overview of the Contrast ADR-Splunk integration

This webinar will focus on how tech companies can improve their application security posture by streamlining collaboration across teams. Speakers David Lindner and Naomi Buckwalter will discuss the current state of collaboration between SecOps, product security, supply chain security, and CISOs. They will share real-world examples and anecdotes to illustrate the challenges and benefits of cross-functional communication and collaboration.

Key topics covered in the webinar include:
- The challenges of communication and collaboration between security teams and other business units
- Strategies for building relationships with peers and developers
- The importance of threat modeling, application infrastructure, and security controls in improving application security
- The unique challenges of security in tech companies compared to other industries

From silos to synergy: How tech companies can streamline collaboration and improve application security

Companies that sell software to anyone living in the EU will now face consumer lawsuits for any software defects that lead to breaches, even zero-days. 

There’s a new change to the EU Product Liability Directive that took effect in December of 2024 that “upsets the apple cart.” Instead of needing to prove a company was negligent in creating vulnerabilities, the consumer can just prove they were harmed, and the company is liable. 

To better understand why this is such a massive change in liability law and to see how companies that make software should respond, check out this six-minute video featuring Jeff Williams, CTO and Founder of Contrast Security.

Understanding the EU Product Liability Directive

In this video, Naomi Buckwalter, Senior Director of Product Security at Contrast Security, highlights the many benefits of Application Detection and Response, especially for SOC analysts and operations teams. Naomi discusses why ADR is so critical for safeguarding applications and APIs in production.

The benefits of application detection and response

In this video, Jeff Williams, Founder and CTO of Contrast Security, chats with Chris Hughes, CEO of cybersecurity consulting firm Aquia and a former Cyber Innovation Fellow (CIF) at the U.S. Cybersecurity and Infrastructure Security Agency (CISA), about Contrast Application Detection and Response (ADR).

What you can expect in this 11-minute video:

- Overview of Contrast’s ADR solution
- How instrumenting applications in runtime improves application security
- The downsides to using eBPF technology to safeguard applications
- Best practices for incorporating ADR technology into existing tech stacks

Understanding Contrast ADR

The average enterprise uses 765 web applications to run their business, and many of these have serious vulnerabilities. 

Organizations around the world evaluate their application risk using the OWASP Top Ten. On September 24, the OWASP Foundation released the OWASP Top 10 2021. It’s been four years since the last release, and there are some notable additions, changes, and combinations.

Organizations are recalibrating how they measure application risk and reevaluate strategies based on these changes. The co-founders of OWASP address the latest changes to the Top Ten and provide their perspectives on each one. Topics covered during the moderated webinar include:

● New entrants, deletions, and combinations to the Top Ten
● Risks—in terms of prevalence and likelihood to exploit—posed by each of the Top Ten
● How to use the OWASP Top Ten to evaluate risk and existing application security programs
● Potential application security gaps not covered by the OWASP Top Ten
● How to assess application security coverage based on the OWASP Top Ten
● Future trajectories for application cyber threats

Co-founders Discuss Key Takeaways from the 2021 OWASP Top Ten

Application Security

AppSec

Developers

DevOps

SecOps

DevSecOps

CISO

Security

Security Awareness

Best Practice

Are you an IT service management professional interested in developing your knowledge and improving your job performance? Join the IT service management community to access the latest updates from industry experts. Learn and share insights related to IT service management (ITSM) including topics such as the service desk, service catalog, problem and incident management, ITIL v4 and more. Engage with industry experts on current best practices and participate in active discussions that address the needs and challenges of the ITSM community.

IT Service Management

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

The application development community features top thought leadership focusing on optimal practices in software development, SDLC methodology, mobile app development and application development platforms and tools. Join top software engineers and coders as they cover emerging trends in everything from enterprise app development to developing for mobile platforms such as Android and iOS.

Application Development

The unexpected nature of natural disasters and other disruptive events means that preparation is key to managing disaster recovery and business continuity planning. Join the business continuity and disaster recovery community for live and recorded presentations discussing best practices for business continuity planning, disaster recovery programs and business continuity management. Learn from BCDR experts to develop your critical infrastructure and gain insight into tactical solutions to your BCDR issues.

Business Continuity / Disaster Recovery

Enterprise applications have become a crucial piece of infrastructure for many businesses. The enterprise applications community on BrightTALK features the latest insights in enterprise application integration, enterprise application architecture and EAS software. Join the community to gain access to thousands of videos and webinars presented by recognized enterprise information systems experts and arm yourself with the knowledge you need to succeed.

Enterprise Applications

Get powerful end user computing insights from influential EUC experts. Connect with thought leaders and colleagues to get the most up-to-date knowledge on effective approaches to get non-programmers to create working applications.

End User Computing

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Co-founders Discuss Key Takeaways from the 2021 OWASP Top Ten

Presented by

About this talk

Contrast Security