Beyond OWASP Top 10 Vulnerabilities

March 5, 2018

 

We recently made a presentation about 3 vulnerabilities which are dangerous if present in a web application and are not covered in the OWASP Top 10 (https://www.owasp.org/images/7/72/OWASP_Top_10-2017_%28en%29.pdf.pdf). In case you missed it, here’s a recap:

[embed]https://www.youtube.com/watch?v=3YWEdgZABIk[/embed]

Abstract:

The OWASP Top 10 is the standard first reference we give web developers who are interested in making their applications more secure. It is also the categorization scheme given to web vulnerabilities on security assessment reports. In this webinar, we discuss 3 vulnerabilities that don’t fit into the OWASP Top 10 categories, but are just as dangerous if present in a web application.

Speaker:

Vishal Asthana — Director of Customer Solutions

Bio:

Vishal Asthana, CISSP has been with Security Compass for over 4 years, as a Regional Director for the company’s India Operations until mid-2017, and now our Director of Customer Solutions. He designed and co-presented SecureMe Droid app at OWASP’s flagship AppSec USA (2015). He was also OWASP Delhi Chapter’s lead for nearly 2 years. He continues to represent Security Compass in SAFECode as a member of the Technical Leadership Team. Prior to joining Security Compass, he was a part of Symantec’s central product security team as a Senior Principal Security Engineer. He possesses over 15 years of work experience in various Information Security domains, of which the past 10 years have been in Application Security. Connect with Vishal on LinkedIn: https://www.linkedin.com/in/vishalasthana/

 

 

Previous Article
How to Automatically Verify Security Requirements: SD Elements & Fortify Integration
How to Automatically Verify Security Requirements: SD Elements & Fortify Integration

We’re excited about our integration with Fortify. It follows on our recent Veracode integration. With these...

Next Article
4 Reasons Why You Should Define Software Security Requirements for Mature Applications
4 Reasons Why You Should Define Software Security Requirements for Mature Applications

There’s a common misconception that security requirements are only useful for net new applications. Most pe...