I had a blast speaking at the Houston OWASP User Group last night. I did a review of the OWASP Top Ten and we had a lot of good discussion and conversation around secure application development and some of the implications. Though a relatively small group, it was pretty lively and really good to hang with some folks that care deeply and passionately about secure application development.
This presentation was one that I had put together a while ago but, while reviewing it for this presentation, I really wasn’t very happy with it. So, of course, I made a number of changes to it and added a bit of stuff. It certainly seems to have gone over very well, so I’m pretty pleased with it now. Still, for those of you that were there, feel free to let me know what could be improved … I think I’ll take this presentation and turn it into a webcast.
And, without further ado, here’s the content. Keep in mind that the demos are pretty simple … they really have only enough to show some mitigation strategies for particular vulnerabilities so they aren’t part of an overall application.