<-- Back to schedule

OWASP Developer Guide 2013 - what it means for open source projects

Project: OWASP Developer Guide 2013

The Open Web Application Security Project (OWASP) Developer Guide 2013 is coming soon. In this presentation, you'll learn about the major revision to one of the major open source code hardening resources.

The new version will encompass not only web applications (although that is its primary focus), but also general advice for all languages, frameworks, and applications through the use of re-usable architecture, designs, patterns and practices that you can adopt in your code with a bit of thought.

Learn about:

* The latest research in application security
* How to apply new patterns to eliminate hundreds of security flaws in your apps, such as the bizarre world of race conditions, distributed and parallel artefacts. Few apps can afford to be single threaded any more, and yet these subtle flaws are easily prevented if you only knew how
* Challenges of documenting bleeding edge practices in long lived documents
* How to pull together a global open source document team whilst holding down a day job

If you code web apps, or write apps that need to be secure, this is a must attend presentation!

Andrew van der Stock

Andrew is a web application security specialist, and has been involved with the Open Web Application Security Project (OWASP) since nearly its inception in 2002, and held Executive Director and Global Chapters Committee member positions. Andrew wrote the OWASP Developer Guide 2.0, OWASP Top 10 2007, and is the OWASP ESAPI for PHP and OWASP Developer Guide 2013 lead. He is the long time moderator of the Symantec SecurityFocus webappsec mailing list. Andrew is working with One Laptop Per Child (OLPC), assisting with porting the One Education Server (XS) to ARM and x64 on Fedora 17.