This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Podcast News

From OWASP
Revision as of 19:35, 12 October 2009 by Jmanico (talk | contribs) (OWASP Podcast Roundtable)

Jump to: navigation, search

OWASP Podcast News

OWASP NEWS October 2009

OWASP Podcast Roundtable

Next Recording : October 22, 2009

The entire October 22 roundtable will focus on "Overcoming Objections to an Application Security Program"
http://jeremiahgrossman.blogspot.com/2009/08/overcoming-objections-to-application.html

  • "There have been no security problems in the past, nor is there any evidence we’ll be attacked in the future."/li>
  • "Security is an IT problem. They have firewalls, patch & configuration management systems, and SSL currently in place protecting us."/li>
  • "We need new features first and there is no discretionary budget left to allocate towards security."/li>
  • "Hackers can't break in because our Web application can't be accessed externally."/li>
  • "We outsource our software development and the vendor is responsible for making sure the code is secure."/li>
  • "We use penetration-testing services. We fix or accept the risk of any issues found, which keeps us safe."/li>
  • "We passed our most recent compliance audit and not required to do anything more."/li>
  • "We trust our developers and they already know how to develop secure code after completing the training course."/li>
  • "We already have scanning tools. Doing more will slow down the development process, inhibit innovation, and add large unnecessary costs."
Retrieved from "https://wiki.owasp.org/index.php?title=Podcast_News&oldid=71401"