As a penetration tester from the Netherlands, Riccardo specializes in application security and has extensive knowledge in securing applications in multiple coding languages. He has many years of experience in training and guiding development teams becoming more mature and making their applications secure by design. Riccardo also has expertise on implementing security test automation in CI/CD pipelines. This helps create short feedback loops back to the developer and prevents bugs from getting into production into an early phase of the development lifecycle.
Session: OWASP Security Knowledge Framework
Over 10 years of experience in web application security bundled into a single application! The OWASP Security Knowledge Framework (SKF) is a vital asset to the coding toolkit of you and your development team. Use SKF to learn and integrate security by design in your web application. During the last five years since we released the SKF a lot has changed. We took all the challenges and problems that both security and development teams are facing and re-shaped the SKF to fit their needs most effective. In a nutshell the OWASP security knowledge framework:
* trains your developers in writing secure code * facilitates security by design by providing the right security requirements * integrates seamlessly in your favorite source control systems * provides containerized labs with detailed write-ups to train developers to do verification on their code.
We want to take the stage to introduce the new release of the SKF.