Nytro Posted September 29, 2012 Report Posted September 29, 2012 How To Defend Against The Owasp Top Ten Web Security Threats Description: In this video Ken Sipe talking about OWASP Top Ten, for making your Web Application Secure.Ken Sipe : - Ken Sipe is a Technology Director with Perficient, Inc. (PRFT) in St. Louis, MO, USA, where he leads multiple teams in the development of enterprise solutions on both the Java and .Net platforms.Ken was the founder of CodeMentor, where he was the Chief Architect and Mentor, leading clients in the execution of RUP and Agile methodologies in the delivery of software solutions.Ken is passionate about technology and regular speaks on topics of architecture and software development. He is a core speaker with NFJS and won the Rock Star award in 2009 at JavaOne, JavaZone and The Strange Loop.When it comes to cross cutting software concerns, we expect to have or build a common framework or utility to solve this problem. This concept is represented well in the Java world with the log4j framework, which abstracts the concern of logging, where it logs and the management of logging. The one cross cutting software concern that seems for most applications to be piecemeal is that of security. Security concerns include certification generation, SSL, protection from SQL Injection, protection from XSS, user authorization and authentication. Each of these separate concerns tend to have there own standards and libraries and leaves it as an exercise for the development team to cobble together a solution which includes multiple needs.... until now... Enterprise Security API toolkit from OWASP.This session will look at a number of security concerns and how the ESAPI library provides a unified solution for security. This includes authorization, authentication of services, encoding, encrypting, and validation. This session will discuss a number of issues that can be solved through standardizing on the open source Enterprise Security API. Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying. Original Source: How to Defend Against the OWASP Top Ten Web Security Threats on VimeoSursa: How To Defend Against The Owasp Top Ten Web Security Threats Quote
