This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit

Organizing a Defensive Posture – Integrating Web App Testing, Source Code Analysis, and WAF’s

Jump to: navigation, search

There are many avenues an organization can take to achieve success with an Application Security program. Ethical Hacking, Source Code Analysis, and the utilization of a Web Application Firewall. This presentation demonstrates and describes a method of integrating all three options for success.

We will see a real example on combining the results of runtime testing and Automated Source Code Analysis into the larger starting point of Manual source code verification. Finally, we will see how to apply these how a Web Application Firewall can be used to mitigate many of the identified threats.