Antonio Fontes
New Access SA
A.F. has over 10 years experience in the field of software development and information security with financial and government organizations. He holds a master degree in competitive intelligence and strategic information from the University of Applied Sciences in Geneva. He leads the local OWASP chapter (Geneva) and works as security officer for a Swiss banking software editor. His work strongly emphasizes on software security engineering and SDL integration within respective products’ SDLCs.
OWASP Top10 2010: Most important risks in web apps Afficher la page de la présentation
Session en anglais
-Presentation (authors, methodology, timeline, adoption)
-List review, short comparison with the 2007 list
-Review of each risk and attributes (attack vector, testing and preventing measures) with examples
-Integrating the Top 10 2010 into an existing SDLC
-Q&A
-List review, short comparison with the 2007 list
-Review of each risk and attributes (attack vector, testing and preventing measures) with examples
-Integrating the Top 10 2010 into an existing SDLC
-Q&A
Web application security: where to start? Afficher la page de la présentation
Session en anglais
-Understanding the need for information security and privacy
-Secure design: key principles
-Threat modeling and analysis: building a threat model and identifying major risks
-Secure coding: key weaknesses
-Security testing: testing techniques and perspectives
-The big picture: key resources and methodologies, and how to initiate them
-Secure design: key principles
-Threat modeling and analysis: building a threat model and identifying major risks
-Secure coding: key weaknesses
-Security testing: testing techniques and perspectives
-The big picture: key resources and methodologies, and how to initiate them
