Deploying Secure Web Applications with OWASP Resources

The presentation
Universities are key to making application security visible and the need to educate software developers about application security as an aspect of proper software development has never been more important. In this presentation I will share how OWASP resources can be used by universities to develop, test and deploy secure web applications. I will discuss challenges that Universities currently face integrating a pplication security best practices, describe how OWASP tools and resources are currently used at New York University to test for most common web application flaws. I will introduce projects such as the OWASP Enterprise Security API which can be used to mitigate most common flaws in web applications and share initiatives the OWASP Global Education Committee is currently working on. If you are interested in securing web applications, and supporting the OWASP Global Education Committee efforts you don't want to miss this!

The speakers
Kuai could not make it and will be replaced by Sebastien Deleersnyder and Fabio Cerullo.

Sebastien Deleersnyder, Lead Application Security, Telindus - Belgacom ICT Sebastien started the successful Belgian OWASP Chapter and performed several public presentations on web application and web services security. Sebastien specialises in (web) application security, combining his software development and information security experience. He is currently OWASP Foundation board member and responsible for the Telindus application security offering.

Fabio E Cerullo is currently working as an IT Security Specialist of AIB Bank in Dublin, Ireland. He has obtained the Certified Information Systems Security Professional (CISSP) certification in December 2006 which he holds in good standing. Prior to joining AIB, he worked as a Security Engineer at Symantec Security Response European Headquarters. Security Response provides customers with world-class analysis and protection from viruses, blended threats, security risks and vulnerabilities. While at Symantec, he also collaborated developing traning materials and workshops for parents and teachers around Internet Safety. Before moving to Ireland, he worked in different software development and training activities with an emphasis in secure software development back in his native Argentina. He holds a Msc in Information Technology from the Catholic University of Buenos Aires, Argentina.

Kuai Hinojosa has been developing and securing web applications for about 12 years. He previously worked in the banking industry as a database security administrator for the 5th largest bank in the U.S. where he worked in a small team developing applications that protected company's assets. He now works for New York University as a Web Applications Specialist where he continues to use web application development and application security experience to protect university resources. In his spare time Kuai volunteers his time preaching the application security gospel and leading the Minneapolis OWASP chapter. Kuai is a member of the OWASP (Open Web Application Security Project) Global Education Committee.