Session Name: Discover Your Inner Security Engineer With This One Weird Trick (Hackers Hate It!)
When it comes to security, we are all trying to figure out how to do more, in less time and less budget. OWASP, the Open Web (and) Application Security Project can bring you this and more. However, with over 200 different projects and no easy way for someone outside the ecosystem to know where to start, some of the best resources might be the least known. In this talk, I will use my experience working with OWASP in a variety of areas to walk you through the key projects that can help you at different stages of your software security journey such as those noted above. I will also highlight the less obvious benefits that it offers you which could potentially save you time and money. You will leave with ideas and tricks which you can immediately adopt in your day job to level up your security knowledge, impress your peers, and maybe have some fun along the way!
Josh has worked as a consultant in IT/Application Security and Risk for 15 years now as well as a Software Developer. In that time he has seen the good, the bad, and the stuff which is sadly/luckily still covered by an NDA. He is currently Chief Technology Officer for Bounce Security where he spends his time helping organizations improve and get better value from their Application Security processes and providing specialist Application Security advice. In his spare time, he co-leads the OWASP Application Security Verification Standard project and is on the OWASP Israel chapter board.