For the last meetup of the year, we are bringing in one of the OWASP titans to talk about OWASP's latest update on their Top 10 and afterwards we will have a casual conversation on the OWASP Top 10 2021 Release.
OWASP Top 10 2021 Release (6:00-7:00pm)
By: Jim Manico
Jim Manico is one of the co-authors of the OWASP Top 10 2021, the Application Security Verification Standard (ASVS) and the OWASP Cheatsheets. Many of you already know of him, he is a legend in the Application Security industry.
The OWASP Top 10 is a standard awareness document for web developers and web application security professionals. It represents a broad consensus about the most critical security risks to web applications. Companies should adopt this document and start the process of ensuring that their web applications minimize these risks. Using the OWASP Top 10 is perhaps the most effective first step towards changing the software development culture within your organization into one that produces more secure code.
The OWASP Top Ten 2021 includes:
- A01:2021-Broken Access Control
- A02:2021-Cryptographic Failures
- A03:2021-Injection
- A04:2021-Insecure Design
- A05:2021-Security Misconfiguration
- A06:2021-Vulnerable and Outdated Components
- A07:2021-Identification and Authentication Failures
- A08:2021-Software and Data Integrity Failures
- A09:2021-Security Logging and Monitoring Failure
- A10:2021-Server-Side Request Forgery
Speaker Bio:
Jim Manico is the founder of Manicode Security where he trains software developers on secure coding and security engineering. He is also an investor/advisor for Nucleus Security, BitDiscovery, Secure Circle, KSOC and Inspectiv. Jim is a frequent speaker on secure software practices, is a member of the Java Champion community, and is the author of "Iron-Clad Java: Building Secure Web Applications" from Oracle Press. Jim also volunteers for the OWASP foundation as the project lead for the OWASP Application Security Verification Standard and the OWASP Cheatsheet Series. For more information, see https://www.linkedin.com/in/jmanico
We should also note that Jim graciously was one of the keynotes for our very own Application Security Pacific Northwest conference this year. We want to thank him for all of his contributions to the application security space and to our OWASP Vancouver community.
Open discussion on OWASP Top 10 2021 Release (7:00-8:00pm)
For the second hour, we will have an open conversation on the OWASP Top 10 for 2021.
--> What surprised you about the new Top 10?
--> What are you happy about?
--> How will this impact your Application Security program?
--> Is there something you thing can be done better?
Make sure to stick around for the social hour, you do not want to miss this epic event!