This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Category:OWASP Columns

From OWASP
Revision as of 16:27, 9 November 2006 by Esheridan (talk | contribs) (The Articles)

Jump to: navigation, search

The Articles

  • September 29, 2003 - Jeff Williams - How to Build an HTTP Request Validation Engine for Your J2EE Application
  • September 22, 2003 - George Capehart - There Is More to Securing Web Services Systems Than WS-Security

The Authors

George Capehart

George has been working in computing since DEC, Data General, Texas Instruments and Wang were making minicomputers, tape was made of paper and /dev/tty really was a TeleType machine. Over his career he has been exposed to just about every aspect of IT systems and has done everything from crimping cable to leading an IT group. For the last five years, George has done international consulting focusing on the impact of the paradigm shift induced by the emergence of e-business and EAI on business and technical operations, the risk and trust management issues that accompany this shift, and the implications of all of these for systems security engineering, the risk management process, and the SDLC.

Jeff Williams

Jeff is the CEO of Aspect Security, a leading provider of application security services including security code review, penetration testing, secure development training, and security engineering services. Jeff speaks regularly about application security and leads the Top Ten project for OWASP. In addition, Aspect created WebGoat, and donated it to OWASP to help the community learn about application security. Jeff holds advanced degrees in computer science and human factors, as well as a law degree from Georgetown University.

Joe Lima

Joe Lima has led the product development and support teams at Port80 Software since its inception. He has worked for a variety of Internet, wireless and software development companies, specializing in research and development for server-centric technologies. A lecturer at the University of California, San Diego and a published author on Web server technologies, Joe Lima brings a depth of knowledge on HTTP and server systems coupled with an everyday understanding of the challenges faced by Web administrators.

Mark Curphey

Mark was the original OWASP founder and is the moderator of the webappsec mailing list at Security Focus and has a Masters Degree in Information Security from Royal Holloway, University of London. Currently on a long term contract in Boston, he was previously the Director for Information Security at Charles Schwab in San Francisco and ran the consulting teams on the East Coast for Internet Security Systems out of Atlanta before that. He has held various positions with international investment banks in Europe and North America. In his spare time he enjoys his family (wife Cara, Son Jack (aged 2 years) and daughter Hana (aged 2 months)). Mark is the Chair of the WAS Technical Commitee at OASIS, a project he thinks we revolutionize the web security tools industry.

Jeremy Poteet

Jeremy is one of the leaders for the OWASP Guide and an active member of the OWASP Testing Methodology Project. He also acts as the liason officer for the WAS-TC at OASIS and is a member of the AVDL TC. He is the Chief Security Officer for appDefense and a CISSP. Jeremy is the co-author of "Extreme Programming with Ant" and was the winner of eWeek's OpenHack IV competition.