Nice article over on MSDN here.
Archive for the 'OWASP' Category
Team Foundation Server (TFS) and the Open Web Application Security Project (OWASP) Top Ten
November 21, 2008OWASP CISO Panel
October 20, 2008I didn’t go to OWASP NYC (put off by the vulnerability circus to be brutally honest) but I just watched the CISO panel and it’s just fantastic to see a panel of CISO’s discussing really important application security topics.
Jim Routh
‘…..view application security as a supply chain management problem’. Very wise!
‘Static analysis tools are most effective [...]
Microsoft Joins OWASP
October 12, 2008If you navigate over to the OWASP members page you will see a new logo
It’s an interesting full circle for me having started OWASP back in 2001 and now having had a hand in one of the biggest technology companies in the world (my current employer) joining. Someone sent me a mail on Friday [...]
Checklists Are Not For Dummies, Dummy!
May 24, 2008At the OWASP Conference in Belgium this week I had a slide about checklists.
This is the story behind the slide. My boss at Microsoft has a friend who is a pilot. He did his pre-take-off checklist and was cleared to taxi onto the runway by air traffic control. He consulted his checklist one [...]
Presenting Security Ideas or Driving Agendas?
May 24, 2008I opened the OWASP Europe Conference this week with a slide (below) about vendor neutrality.
In essence I urged attendees to consider the motivations of those presenting various ideas at the conference; including myself of course. During the conference it was pointed out that the moderator of a panel “The PCI 6.6 Dogfight – [...]
Techdays 2008, L’Innovation Avance Avec Nous
February 1, 2008Comprendre les problèmes courants de sécurité des applications Web, utiliser les ressources du projet OWASP (WEB303)animé par Mark Curphey , Sébastien Gioria
Audience : Architectes Décideur technologique Développeur Enseignants et chercheurs Informaticiens Niveau : Confirmé (300)
Le lundi 11 février 2008, 11:00 – 12:00.
Cette session a pour but de sensibiliser les développeurs aux vulnérabilités et aux [...]

Are You a Builder or a Breaker
September 10, 2008I am reading Brain Rules; great book! In the opening chapter there is a wonderful quotation from an interview with Frank Lloyd-Wright that resonates with how I feel about the application security industry.
“When I walk into St. Patrick’s cathedral here in New York City, I am enveloped with a feeling of reverence”, said Mike Wallace. [...]
Categories: Information Security Economics, Long Tail Security, OWASP, Productivity, Security 2.0, Social Networking, Software Development, Software Security, Technology Commentary, Web Security
Comments: 21 Comments