Los Angeles/2010 Meetings/May 26
Topic: OWASP Top 10 and Enterprise Security API (ESAPI)
Speaker: Neil Matatall
Neil Matatall, B.S., is an information security engineer for AT&T Interactive. He has been working in the information security field for the past 4 years and has been educating others both in house and at national conferences on security topics ranging from application security, web security, network security as well as software engineering and streamlining software development lifecycles. He is the Orange County chapter lead for the Open Web Application Security Project (OWASP) and a member of the program committee for the OWASP National Conference.
Abstract: OWASP Top 10 and Enterprise Security API (ESAPI)
The OWASP Top 10 project gives developers a short list of the most dangerous mistakes they can make when developing web applications. The OWASP Enterprise Security API or ESAPI tries to provide a structure and tools to help mitigate these threats. In this talk, I will go over the ESAPI project in general and drill down into the ESAPI for Java and how this project can help mitigate the Top 10.