application security

The Open Web Application Security Project (OWASP) Top 10 for 2017 is based primarily on 40+ data submissions from firms that specialize in application security and an industry survey that was completed by 515 individuals. This data spans vulnerabilities gathered from hundreds of organizations and over 100,000 real-world applications and APIs. The Top 10 items are selected and prioritized according to this prevalence data, in combination with consensus estimates of exploitability, detectability, and impact.

This presentation covers observations and best practices related to supply chain hygiene in code development, infrastructure choices for “as a platform” architectures (IaaS, PaaS, SaaS), and concerns about open and closed sources. This session will benefit developers and infrastructure architects/engineers.