Difference between revisions of "OWASP in Action: Tools for the DISA ASD STIG"

Revision as of 05:44, 27 September 2010 (view source) Jason Li (talk | contribs) (Created page with '== The presentation == rightIn April 2010, the Defense Information Systems Agency (DISA) released Version 3 of its Application Security and Deve…') Newer edit →

(No difference)

---

Revision as of 05:44, 27 September 2010

The presentation

In April 2010, the Defense Information Systems Agency (DISA) released Version 3 of its Application Security and Development (ASD) Security Technical Implementation Guide (STIG). The ASD STIG is a series of application security requirements that apply to "all DoD developed, architected, and administered applications and systems connected to DoD networks." This presentation talks about the various that can be used to help fulfill these requirements. This presentation is given as part of OWASP Software Assurance Day at the | 13th Annual Software Assurance Forum.

Download the presentation

The speaker

Jason Li is a Principal Consultant for Aspect Security where he has performed numerous ASD STIG validation tests of a variety of applications. In addition, he performs application security assessments and architecture reviews, as well as application security training, to a wide variety of financial and government customers. Jason is an active OWASP leader, contributing to several OWASP projects and serving as Co-Chair of the OWASP Global Projects Committee. He holds a Post-Masters certificate in Computer Science and concentration in Information Security from Johns Hopkins University and a Masters degree in Computer Science from Cornell University.