Compliance driven vulnerabilities
]Fingerprinting and enumeration techniques help plan security assessments, but knowledge of the compliance requirements can also provide an insight into the application. If the compliance requirements are fully considered at earlier stages in the software development lifecycle, the implications for security can be addressed reducing design changes later on. These topics are explored with reference to legislative, regulatory and other mandates including the Web Content Accessibility Guidelines (WCAG) 2.0 which covers a wide range of recommendations for making Web content more accessible.
[[Image:Watsonc-owasp-benelux.JPG|right]Colin Watson has a production and process engineering background, but has worked in information systems for thirteen years, concentrating exclusively on web application development, security and compliance. He holds an MSc in Computation from the University of Oxford and is a member of OWASP's Global Industry Committee. Colin is the technical director and principal consultant at web security consultancy Watson Hall Ltd in the United Kingdom. He has a particular interest in creating user trust and the relationship between security and usability.