The OWASP Top 10 2017 is a powerful awareness document for web application security and a new version has been recently released. The list, which represents the most common vulnerabilities found in web applications, suits very well testers.
But how can developers write more secure applications to prevent these ? What are the security techniques they can use while writing their software to prevent these ?

These are hard questions, as evidenced by the increased cyber breaches.
In this talk, we will explore together the new OWASP Top10 2017. Staring from real world examples and breaches, we identify the security controls that developers can use in SDLC to help them to prevent the most common vulnerabilities.


Comments are closed.

Martin Bampton at 20:43 on 9 May 2018

I feel like this talk could do with a little bit more of an introduction, just to explain exactly what OWASP is. It was very informative once it got going but a little more framing to start could ease people who are unfamiliar with OWASP into the talk a lot more easily.

Ashley Adams at 20:57 on 9 May 2018

An enormous amount of useful information, well explained. Perhaps if there was more time some extra visual content/examples could break up the large amount of information to digest. Really informative learned a lot.

Federico Vecco at 20:58 on 9 May 2018

Interesting talk and we'll prepared

Tawny Bartlett at 22:55 on 9 May 2018

Very great and informative talk covering very specific but also varying parts of security. I admittedly haven't used OWASP before so am intrigued to look into it and learn more. The talk was well structured and the slides very informative with good humour in various parts, however I did find myself getting a bit confused at parts purely due to my inexperience with certain bits of security. Perhaps various things could have been explained better with code examples of actual exploits, but I know there is only so much time in a talk. Either way I think it all worked well and learnt a lot so thank you!

Jim Morrison at 08:02 on 10 May 2018

Thanks Katy; really interesting, clear and structured talk and a super-important topic. The top 10 is such an important resource. I had more questions! ?

Dave Liddament at 13:21 on 5 Jun 2018

Interesting and very useful content.

My tip for improvement is perhaps spend a little longer explaining how the risks are assessed. I got there eventually but was a bit confused in the first couple of examples.

Other than that great talk.