This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
OWASP AppSec DC 2012/Security at scale Web application security in a continuousdeployment environment
Registration Now OPEN! | Hotel | Schedule | Convention Center | AppSecDC.org
The Presentation
Building a worldwide marketplace at scale, Etsy has overcome a number of application security challenges. This presentation will focus on new and interesting approaches to application security problems posed by a continuous deployment environment. Specifically, this presentation will cover useful security systems such as automatic vulnerability and application fault detection, effective platform defenses for XSS/SQLi, practical security alerting mechanisms, and visualizations of security related data. This talk demonstrates how to create these systems using free tools that improve security posture without commercial security products.
The Speakers
Zane LackeyZane Lackey leads the application security group at Etsy, the world's handmade marketplace. Prior to Etsy, Zane was a Senior Security Consultant at iSEC Partners with a focus in the fields of mobile and web application security.His research has been featured in notable media outlets such as the BBC, Associated Press, Forbes, Wired, CNET, SC Magazine and numerous others. A frequent speaker at top industry conferences, he has presented at BlackHat, RSA, Microsoft BlueHat, Toorcon, DeepSec, MEITSEC, YSTS, and in 2010 was named as one of 12 prominent security researchers by Network World magazine. He is a contributing author of Mobile Application Security (McGraw-Hill), a co-author of Hacking Exposed: Web 2.0 (McGraw-Hill), and a contributing author/technical editor of Hacking VoIP (No Starch Press). He holds a Bachelor of Arts in Economics with a minor in Computer Science from the University of California, Davis. |
Gold Sponsors |
||||
Silver Sponsors |
||||
Small Business |
||||
Exhibitors |