Last week at AppSec USA in New York City (November 20, 2013), I moderated a panel with Jeff Williams and Ryan Berg talking about the latest addition to the OWASP Top 10, Using Components with Known Vulnerabilities. This is the full recording of that session.
Listen to the full recording: Using Components with Known Vulnerabilities
The Panel: Jeff Williams and Ryan Berg
Ryan Berg is the Chief Security Officer at Sonatype. Before joining Sonatype, Ryan was a co-founder and chief scientist for Ounce Labs which was acquired by IBM in 2009. Ryan holds multiple patents and is a popular speaker, instructor and author, in the fields of security, risk management, and secure application development. Prior to Ounce Labs, Ryan co-founded Qiave Technologies, a pioneer in kernel-level security, which later sold to WatchGuard Technologies in 2000. In the late 1990′s, Ryan also designed and developed the infrastructure for GTE Internetworking/Genuity’s appliance-based managed security services.
As Chair, Jeff Williams helped OWASP grow from a mailing list to a worldwide charitable organization with thousands of corporate, educational, and individual members; a dozen AppSec conferences worldwide every year, over 150 chapters around the world, and hundreds of different projects. I personally contributed some of OWASP’s most successful projects, including the OWASP Top Ten, WebGoat, ESAPI, ASVS, and the XSS Prevention Cheat Sheet.