OWASP Cambridge 2 nd December 2014
Agenda Networking, food and refreshments Welcome Colin Watson Global Application Security Survey & Benchmarking John Smith Anatomy of a Data Breach Joe Pelletier OWASP Roundup Colin Watson Networking
OWASP Roundup Past conferences Project updates AppSec EU 2015 Supporters Close
Past AppSec Conferences AppSec EU June, Cambridge UK AppSec USA September, Denver USA
Testing Guide Version 4 17 th September sting_Project
Proactive Controls Version 1 10 th March oactive_Controls
AppSensor Website 11 th September Reference implementation 13 th September 2014 v2.0.0 beta s/tag/v2.0.0-beta
Dependency Checker Version th November k/
Web Goat Version th September
Cyber Security Week OWASP London Cyber Security Week Workshops, talks and hackathon Startup focus Free to all Held at Google and UCL January 2015
AppSec EU 2015 Envisioned program 4 applied talk tracks: Builder, Breaker, Defender, CISO 1 research track May 2015 Amsterdam RAI The Netherlands
London Chapter Supporters
Thank You Speakers John Smith Joe Pelletier Chapter Leaders Justin Clarke Tobias Gondrom Hosts for this evening Skype Attendees
OWASP Volunteers Project leaders Project contributors Chapter leaders Members Corporate supporters Individual members Other supporters
Corporate Sponsors
Something Different Top Ten Risks 1.Injection 2.Broken Authentication and Session Management 3.Cross-Site Scripting (XSS) 4.Insecure Direct Object References 5.Security Misconfiguration 6.Sensitive Data Exposure 7.Missing Function Level Access Control 8.Cross-Site Request Forgery (CSRF) 9.Using Components with Known Vulnerabilities 10.Unvalidated Redirects and Forwards Top Ten Proactive Controls 1.Parameterize Queries 2.Encode Data 3.Validate All Inputs 4.Implement Appropriate Access Controls 5.Establish Identity and Authentication Controls 6.Protect Data and Privacy 7.Implement Logging, Error Handling and Intrusion Detection 8.Leverage Security Features of Frameworks and Security Libraries 9.Include Security-Specific Requirements 10.Design and Architect Security In
Another Game
Snakes and Ladders
Mobile Apps Too
Print Your Own Adobe PDF A2 print quality Adobe Illustrator Source Web Applications DE, EN, ES, FR, JA, ZH Mobile Apps EN, JA
Staying in Touch Chapter page Mailing list TwitterFacebook Elsewhere in the UK Birmingham, Bristol, Cambridge, East Midlands, Leeds, Manchester, Newcastle, Royal Holloway, Scotland, South Wales, Suffolk
The Melton Mowbray 18 Holborn