The OWASP Top Ten Proactive Controls

Presented at ShellCon 2019, Oct. 11, 2019, 4 p.m. (50 minutes)

Software developers are the foundation of any application. In order to achieve secure software, developers must be supported and helped by the organization they author code for. As software developers author code that makes up a web application, they need to embrace and practice a wide variety of secure coding techniques. The OWASP Top Ten Proactive Controls (2018) is an OWASP documentation project that lists critical security techniques that should be included in every software development project. This document was written by developers for developers to assist those new to secure development.

Presenters:

• Jim Manico
  Jim Manico is the founder of Manicode Security where he trains software developers on secure coding and security engineering. He is also an investor/advisor for KSOC, Nucleus Security, Signal Sciences and BitDiscovery. Jim is a frequent speaker on secure software practices, is a member of the Java Champion community, and is the author of "Iron-Clad Java: Building Secure Web Applications" from Oracle Press. Jim also volunteers for the OWASP foundation as the project co-lead for the OWASP Application Security Verification Standard and the OWASP Proactive Controls.

Links:

• https://2019.shellcon.io/talks/owasp-top-ten/
• https://infocon.org/cons/ShellCon/ShellCon 2019/The OWASP Top Ten Proactive Controls.mp4
• https://infocon.org/cons/ShellCon/ShellCon 2019/The OWASP Top Ten Proactive Controls.eng.srt (subtitles)
• https://www.youtube.com/watch?v=QeNUGjDOQsU

Similar Presentations:

• HushCon Seattle 2017 / Developers, developers, developers. When DevOps Fails to secure.
• AppSec USA 2013 / OWASP Top Ten Proactive Controls
• NolaCon 2017 / Beyond OWASP Top 10