This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "SnowFROC Abstract Byrne"
(→The Speaker: David Byrne) |
(→The Presentation: "Automated vs. Manual Security: You can't filter the stupid") |
||
| Line 1: | Line 1: | ||
==The Presentation: "Automated vs. Manual Security: You can't filter the stupid"== | ==The Presentation: "Automated vs. Manual Security: You can't filter the stupid"== | ||
| + | |||
| + | Automated application security tools have been available for quite a while, but their manual counterparts are still doing quite well. This presentation will cover the relative strengths and weaknesses of both automated solutions, such as Web Application Firewalls (WAFs), source code review tools, and automated application scanners, and manual approaches, namely application penetration tests and manual code reviews. | ||
==The Speakers: David Byrne & Charles Henderson== | ==The Speakers: David Byrne & Charles Henderson== | ||
Revision as of 18:11, 18 February 2009
The Presentation: "Automated vs. Manual Security: You can't filter the stupid"
Automated application security tools have been available for quite a while, but their manual counterparts are still doing quite well. This presentation will cover the relative strengths and weaknesses of both automated solutions, such as Web Application Firewalls (WAFs), source code review tools, and automated application scanners, and manual approaches, namely application penetration tests and manual code reviews.
The Speakers: David Byrne & Charles Henderson
David Byrne has almost a decade of experience in information security, specializing in web application penetration testing. Currently, he is a Senior Security Consultant in Trustwave’s SpideLabs division. Before joining Trustwave, David was the Security Architect at Dish Network. In addition to penetration testing, David has extensive experience working with developers and implementers to design security controls into applications from the ground up. He also has worked with governance and compliance groups to create security policies and standards documents.
In 2006, David started the Denver chapter of OWASP. In 2008, he released Grendel (grendel-scan.com), an open source web application security scanner. David has spoken at many industry events, including Black Hat, DEFCON, Toorcon, and the Computer Security Institute’s annual conference.
Charles Henderson is the Practice Manager of Trustwave’s Application Penetration Testing Group.
