We cannot "firewall" or "patch" our way to secure websites. In the past, security professionals thought firewalls, Secure Sockets Layer (SSL), patching, and privacy policies were enough. Today, however, these methods are outdated and ineffective, as attacks on prominent, well-protected websites are occurring every day. Most every organization in the world have something in common – they have had websites compromised in some way. No company or industry is immune. Programmers need to learn to build websites differently.
This BlackHat webinar will review the top coding techniques developers need to master in order to build a low-risk, high-security web application.
Jim Manico is the VP of Security Architecture for WhiteHat Security, a web security firm. He authors and delivers developer security awareness training for WhiteHat Security and has a background as a software developer and architect. Jim is also a global board member for the OWASP foundation. He manages and participates in several OWASP projects, including the OWASP cheat sheet series and the OWASP podcast series.
Michael Garvin is a Senior Principal Security Analyst with Symantec's Security Intelligence Group. His responsibilities include cyber range and exercise design and delivery, including Symantec's Cyber Readiness Challenge. Prior to this he has worked in professional services, enterprises and higher education. Michael has over 20 years in information security and compliance, system administration and enterprise architecture.