OWASP ModSecurity Core Rule Set - Revision history

Mark.bristow at 17:12, 1 October 2010

2010-10-01T17:12:43Z

Mark.bristow: /* The speaker */

2010-10-01T17:11:31Z

‎The speaker

Dallendoug: added link header

2010-09-21T04:59:57Z

added link header

Mark.bristow: /* The presentation */

2010-09-21T03:00:17Z

‎The presentation

Mark.bristow: Created page with '== The presentation == rightDevelopers in large organizations are experiencing a move to a more holistic centralized management of application s…'

2010-09-17T15:43:06Z

Created page with '== The presentation == rightDevelopers in large organizations are experiencing a move to a more holistic centralized management of application s…'

New page

== The presentation ==

[[Image:Owasp_logo_normal.jpg|right]]Developers in large organizations are experiencing a move to a more holistic centralized management of application source code and its review and reporting for vulnerabilities. Presented will be the vulnerability statistics, which were collected at various programming milestones for a range of applications from an enterprise-wide application development portfolio. Application vulnerabilities, which were detected using automated source code analysis tools were stored in a centralized database and reported back to developers and management with the intent of managing risk at an enterprise level. Reports aligned vulnerability classes to the OWASP Top 10. The centralized view of source code vulnerability metrics are shown to drive an enterprise approach to developing standardized security API’s throughout the SDLC.

== The speaker ==

Speaker bio will be posted shortly.

[[Category:AppSec_DC_2010_Presentations]] [[Category:OWASP_Conference_Presentations]]

@@ Line 5: / Line 5: @@
 == The presentation  ==
-[[Image:Owasp_logo_normal.jpg|right]]This project just recently achieved Release Quality status as an OWASP Project.  http://www.owasp.org/index.php/Category:OWASP_ModSecurity_Core_Rule_Set_Project
+[[Image:Ryan_Barnett-headshot.jpg|right]]This project just recently achieved Release Quality status as an OWASP Project.  http://www.owasp.org/index.php/Category:OWASP_ModSecurity_Core_Rule_Set_Project
 This presentation will be an overview of the Core Rule Set functionality, what it does and doesn't do and all of the new features.  We will also discuss the project synergies with other OWASP projects such as AppSensor.

@@ Line 9: / Line 9: @@
 This presentation will be an overview of the Core Rule Set functionality, what it does and doesn't do and all of the new features.  We will also discuss the project synergies with other OWASP projects such as AppSensor.
-== The speaker  ==
+== Ryan Barnett ==
-Speaker bio will be posted shortly.
+Ryan C. Barnett is a senior security researcher on Trustwave's SpiderLabs Team. He is a SANS Institute certified instructor and a member of both the Top 20 Vulnerabilities and CWE/SANS Top 25 Most Dangerous Programming Errors teams. In addition to working with SANS, he is also a WASC Member where he leads the Web Hacking Incidents Database (WHID) and Distributed Open Proxy Honeypots Projects and is also the OWASP ModSecurity Core Rule Set (CRS) project leader. Mr. Barnett has also authored a Web security book for Addison/Wesley Publishing entitled Preventing Web Attacks with Apache.
 [[Category:AppSec_DC_2010_Presentations]] [[Category:OWASP_Conference_Presentations]]

← Older revision		Revision as of 04:59, 21 September 2010
Line 1:		Line 1:
		+	[[Image:468x60-banner-2010.gif\|link=http://www.owasp.org/index.php?title=OWASP_AppSec_DC_2010]]
		+
		+	[https://guest.cvent.com/EVENTS/Register/IdentityConfirmation.aspx?e=d52c6f5f-d568-4e16-b8e0-b5e2bf87ab3a Registration] \| [https://resweb.passkey.com/Resweb.do?mode=welcome_gi_new&groupID=2766908 Hotel] \| [http://www.dcconvention.com/ Walter E. Washington Convention Center]
		+	<br>
	== The presentation ==		== The presentation ==