This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Category:OWASP Columns"

From OWASP
Jump to: navigation, search
(The Articles)
(The Articles)
Line 1: Line 1:
 
== The Articles ==
 
== The Articles ==
  
:*October 10, 2004 - Mark Burnett - [[Using Secret Questions]]
+
:*Mark Burnett - [[Blocking Brute Force Attacks]]
  
:*October 1, 2004 - Mark Burnett - [[Blocking Brute Force Attacks]]
+
:*Mark Burnett - [[Using Secret Questions]]
  
:*January 13, 2004 - Jeff Williams - [[Let's Sue The Idiots|Let's Sue the Idiots -- Security, Software, Contracts, and Lawyers]]
+
:*George Capehart - [[A_Tale_of_Two_Systems |A Tale of Two Systems]]
  
:*January 5, 2004 - [[Documentation Framework | A Tailored Web Application Security Documentation Framework]]
+
:*George Capehart -[[Web_Services_Architecture_and_Security | The Web Services Architecture and Security]]
  
:*December 1, 2003 - George Capehart -[[Web_Services_Architecture_and_Security | The Web Services Architecture and Security]]
+
:*George Capehart - [[Theres_More_to_Securing_Web_Services_Systems_Than_WS-Security | There Is More to Securing Web Services Systems Than WS-Security]]
  
:*November 03, 2003 - Jeff Williams - [[Access_Control_In_Your_J2EE_Application |Access Control (aka Authorization) in Your J2EE Application]]
+
:*Mark Curphey - [[Documentation Framework | A Tailored Web Application Security Documentation Framework]]
  
:*November 4, 2003 - Joe Lima - [[Authentication_In_IIS |Authentication in IIS]]
+
:*Mark Curphey - [[History_Isnt_Always_Pretty | History isn't always pretty and today isn't always inspiring (unless you live in Boston of course)]]
  
:*October 27, 2003 - George Capehart - [[A_Tale_of_Two_Systems |A Tale of Two Systems]]
+
:*Joe Lima - [[Authentication_In_IIS |Authentication in IIS]]
  
:*October 6, 2003 - Jeremy Poteet - [[Have_Your_Cake_and_Eat_It_Too |Have Your Cake and Eat It Too]]
+
:*Joe Lima - [[What_is_IIS_Security |What is IIS Security?]]
  
:*September 29, 2003 - Jeff Williams - [[How_to_Build_an_HTTP_Request_Validation_Engine_for_Your_J2EE_Application | How to Build an HTTP Request Validation Engine for Your J2EE Application]]
+
:*Jeremy Poteet - [[Be_Careful_What_You_Say |Be Careful What You Say]]
  
:*September 22, 2003 - Joe Lima - [[What_is_IIS_Security |What is IIS Security?]]
+
:*Jeremy Poteet - [[Have_Your_Cake_and_Eat_It_Too |Have Your Cake and Eat It Too]]
  
:*September 22, 2003 - George Capehart - [[Theres_More_to_Securing_Web_Services_Systems_Than_WS-Security | There Is More to Securing Web Services Systems Than WS-Security]]
+
:*Jeff Williams - [[Access_Control_In_Your_J2EE_Application |Access Control (aka Authorization) in Your J2EE Application]]
  
:*September 15, 2003 - [[History_Isnt_Always_Pretty | History isn't always pretty and today isn't always inspiring (unless you live in Boston of course)]]
+
:*Jeff Williams - [[How_to_Build_an_HTTP_Request_Validation_Engine_for_Your_J2EE_Application | How to Build an HTTP Request Validation Engine for Your J2EE Application]]
  
:*September 8, 2003 - Jeremy Poteet - [[Be_Careful_What_You_Say |Be Careful What You Say]]
+
:*Jeff Williams - [[Let's Sue The Idiots|Let's Sue the Idiots -- Security, Software, Contracts, and Lawyers]]
  
:*September 01, 2003 - Jeff Williams - [[Trustworthy_Java | Trustworthy Java - Are Your Apps Bulletproof?]]
+
:*Jeff Williams - [[Trustworthy_Java | Trustworthy Java - Are Your Apps Bulletproof?]]
  
 
== The Authors ==
 
== The Authors ==

Revision as of 18:13, 9 November 2006

The Articles

The Authors

George Capehart

George has been working in computing since DEC, Data General, Texas Instruments and Wang were making minicomputers, tape was made of paper and /dev/tty really was a TeleType machine. Over his career he has been exposed to just about every aspect of IT systems and has done everything from crimping cable to leading an IT group. For the last five years, George has done international consulting focusing on the impact of the paradigm shift induced by the emergence of e-business and EAI on business and technical operations, the risk and trust management issues that accompany this shift, and the implications of all of these for systems security engineering, the risk management process, and the SDLC.

Jeff Williams

Jeff is the CEO of Aspect Security, a leading provider of application security services including security code review, penetration testing, secure development training, and security engineering services. Jeff speaks regularly about application security and leads the Top Ten project for OWASP. In addition, Aspect created WebGoat, and donated it to OWASP to help the community learn about application security. Jeff holds advanced degrees in computer science and human factors, as well as a law degree from Georgetown University.

Joe Lima

Joe Lima has led the product development and support teams at Port80 Software since its inception. He has worked for a variety of Internet, wireless and software development companies, specializing in research and development for server-centric technologies. A lecturer at the University of California, San Diego and a published author on Web server technologies, Joe Lima brings a depth of knowledge on HTTP and server systems coupled with an everyday understanding of the challenges faced by Web administrators.

Mark Curphey

Mark was the original OWASP founder and is the moderator of the webappsec mailing list at Security Focus and has a Masters Degree in Information Security from Royal Holloway, University of London. Currently on a long term contract in Boston, he was previously the Director for Information Security at Charles Schwab in San Francisco and ran the consulting teams on the East Coast for Internet Security Systems out of Atlanta before that. He has held various positions with international investment banks in Europe and North America. In his spare time he enjoys his family (wife Cara, Son Jack (aged 2 years) and daughter Hana (aged 2 months)). Mark is the Chair of the WAS Technical Commitee at OASIS, a project he thinks we revolutionize the web security tools industry.

Jeremy Poteet

Jeremy is one of the leaders for the OWASP Guide and an active member of the OWASP Testing Methodology Project. He also acts as the liason officer for the WAS-TC at OASIS and is a member of the AVDL TC. He is the Chief Security Officer for appDefense and a CISSP. Jeremy is the co-author of "Extreme Programming with Ant" and was the winner of eWeek's OpenHack IV competition.