Organizing a Defensive Posture – Integrating Web App Testing, Source Code Analysis, and WAF’s

From OWASP
Jump to: navigation, search

Brief:
There are many avenues an organization can take to achieve success with an Application Security program. Ethical Hacking, Source Code Analysis, and the utilization of a Web Application Firewall. This presentation demonstrates and describes a method of integrating all three options for success.

We will see a real example on combining the results of runtime testing and Automated Source Code Analysis into the larger starting point of Manual source code verification. Finally, we will see how to apply these how a Web Application Firewall can be used to mitigate many of the identified threats.