Difference between revisions of "DISA's Application Security and Development STIG: How OWASP Can Help You"

From OWASP
Jump to: navigation, search
(Created page with '== The presentation == rightIn July 2008, the Defense Information Systems Agency (DISA) released the first enforceable version of its Applicatio…')
 
m (Adding link to presentation)
 
(One intermediate revision by one user not shown)
Line 3: Line 3:
 
[[Image:Owasp_logo_normal.jpg|right]]In July 2008, the Defense Information Systems Agency (DISA) released the first enforceable version of its Application Security and Development (ASD) Security Technical Implementation Guide (STIG). The ASD STIG is a series of application security requirements that apply to "all DoD developed, architected, and administered applications and systems connected to DoD networks." Learn about this new ASD STIG and get a head start for your organization's compliance! What is the ASD STIG? What are the common pitfalls in developing a compliant application? How can effective and efficient validation testing be performed? Jason Li of Aspect Security will be presenting his experiences doing ASD STIG validation testing and point out OWASP resources that can help organizations with addressing the ASD STIG.
 
[[Image:Owasp_logo_normal.jpg|right]]In July 2008, the Defense Information Systems Agency (DISA) released the first enforceable version of its Application Security and Development (ASD) Security Technical Implementation Guide (STIG). The ASD STIG is a series of application security requirements that apply to "all DoD developed, architected, and administered applications and systems connected to DoD networks." Learn about this new ASD STIG and get a head start for your organization's compliance! What is the ASD STIG? What are the common pitfalls in developing a compliant application? How can effective and efficient validation testing be performed? Jason Li of Aspect Security will be presenting his experiences doing ASD STIG validation testing and point out OWASP resources that can help organizations with addressing the ASD STIG.
  
== The speakers ==
+
[https://www.owasp.org/images/0/0f/DISAs_Application_Security_and_Development_STIG_How_OWASP_Can_Help_You-Jason_Li.pdf Download the presentation]
 +
 
 +
== The speaker ==
  
 
Jason Li is a Senior Application Security Engineer for Aspect Security where he has performed numerous ASD STIG validation tests of a variety of applications. In addition, he performs application security assessments and architecture reviews, as well as application security training, to a wide variety of financial and government customers. Jason is an active OWASP leader, contributing to several OWASP projects and serving on the OWASP Global Projects Committee. He holds a Post-Masters certificate in Computer Science and concentration in Information Security from Johns Hopkins University and a Masters degree in Computer Science from Cornell University.
 
Jason Li is a Senior Application Security Engineer for Aspect Security where he has performed numerous ASD STIG validation tests of a variety of applications. In addition, he performs application security assessments and architecture reviews, as well as application security training, to a wide variety of financial and government customers. Jason is an active OWASP leader, contributing to several OWASP projects and serving on the OWASP Global Projects Committee. He holds a Post-Masters certificate in Computer Science and concentration in Information Security from Johns Hopkins University and a Masters degree in Computer Science from Cornell University.
  
 
[[Category:OWASP_AppSec_DC_09]] [[Category:OWASP_Conference_Presentations]]
 
[[Category:OWASP_AppSec_DC_09]] [[Category:OWASP_Conference_Presentations]]

Latest revision as of 23:32, 3 August 2011

The presentation

Owasp logo normal.jpg
In July 2008, the Defense Information Systems Agency (DISA) released the first enforceable version of its Application Security and Development (ASD) Security Technical Implementation Guide (STIG). The ASD STIG is a series of application security requirements that apply to "all DoD developed, architected, and administered applications and systems connected to DoD networks." Learn about this new ASD STIG and get a head start for your organization's compliance! What is the ASD STIG? What are the common pitfalls in developing a compliant application? How can effective and efficient validation testing be performed? Jason Li of Aspect Security will be presenting his experiences doing ASD STIG validation testing and point out OWASP resources that can help organizations with addressing the ASD STIG.

Download the presentation

The speaker

Jason Li is a Senior Application Security Engineer for Aspect Security where he has performed numerous ASD STIG validation tests of a variety of applications. In addition, he performs application security assessments and architecture reviews, as well as application security training, to a wide variety of financial and government customers. Jason is an active OWASP leader, contributing to several OWASP projects and serving on the OWASP Global Projects Committee. He holds a Post-Masters certificate in Computer Science and concentration in Information Security from Johns Hopkins University and a Masters degree in Computer Science from Cornell University.