Brian Glas, OWASP Top Ten Co-lead and Assistant Professor of Computer Science at Union University
Brian possesses nearly 20 years of experience in various roles in IT and over a decade in application development and security. In addition to teaching a full load of classes at Union University, Brian serves as a part-time management consultant and advisor for Contrast Labs. He worked on the Trustworthy Computing team at Microsoft and served as a project lead and active contributor for SAMM v1.1-2.0 and OWASP Top Ten in 2017 and 2021. He is a popular speaker at numerous conferences and online events, having presented at InfoSec World, Cloud Security World, and numerous OWASP conferences and meetings. Brian is also an author of various papers and is currently researching writing a book on application security. He holds a long list of cybersecurity and IT certifications as well as a master in business administration and bachelors in computer science from Union University.
Subscribe Now- Thought Leaders
- Application Security
- Contrast News
- DevOps
- AppSec
- vulnerabilities
- Hacked
- Threat
- Runtime Security
- DevSecOps
- API security
- Product
- cyberattacks
- Contrast Protect
- RASP
- Contrast Assess
- ADR
- AI
- CodeSec
- Security
- APIs
- MFA
- Metrics
- cybersecurity awareness month
- CVE
- OSS
- cybersecurity
- 2FA
- CISA
- IAST
- incident response
- SCA
- data breach
- passwords
- runtime protection
- application attacks
- ransomware
- regulation
- AWS
- CISOs
- Contrast Scan
- JavaScript
- Log4j
- MTTR
- SAST
- backlog
- threat detection
- threat modeling
- CISO
- GitHub
- OpenSource
- SOC
- Security Observability
- WAF
- attack
- breach
- critical infrastructure
- cyberespionage
- observability
- path traversal
- scan
- software development
- transparency
- .Net
- AST
- Awards
- ChatGPT
- Community Edition
- Contrast SCA
- DBIR
- DHS
- Gen AI
- KVE
- Log4Shell
- OpenAI
- RSA
- React
- SIEM
- SQL injection
- XSS
- application layer
- artificial intelligence
- awareness
- chat apps
- cybercrime
- data privacy week
- detection
- financial sector
- jQuery
- malware
- okta
- python
- remediation
- secure by design
- security culture
- security monitoring
- shift smart
- supply chain
- vulnerability disclosure
- workplace
- zero-day
- .Net
- AI Act
- Angular
- Article 25
- Below the Waterline
- CISO Insights
- CSRF
- Chris Hughes
- Cloud Native Security
- Console
- Cyber Bank Heists
- DAST
- DORA
- Dependabot
- Developers
- Digital Operational Resilience Act
- Drupal
- EDR
- EL injection
- European Union
- Gartner Peer Insights
- Genie
- Git
- GitHub Action
- GitLab
- Go
- Incident Response challenges with CVE backlog
- IoT
- Known Exploited Vulnerabilities
- LLMs
- MLflow
- MOVEit
- Microsoft
- NIST CVE Backlog
- Namasday
- Netflix
- Node.js
- OpenSourceSoftware
- PATs
- Protect data
- RCA
- RCE
- Regulation (EU) 2022/2554
- Ruby
- SEC
- SOAR
- SOC (Security Operations Center)
- SecOps
- Secure from within
- Splunk
- Threat Intelligence
- TypeScript
- Vulnerability Management:
- agents
- attack data
- authentication security
- automatic updates
- benefits
- best practices
- brute force attack
- burnout
- certificates
- compliance
- corporate culture
- crime
- data privacy
- deep fakes
- digital resilience
- directory traversal
- dwell time
- false positive
- financial
- financial institutions
- github application security
- github secure code
- github security scanning
- hackers
- happiness
- hiring
- insecure deserialization
- insider threat
- instrumentation
- java
- labor shortage
- languages
- legislation
- liability
- machine learning
- malicious actors
- method tampering
- nation states
- open-source software
- organized crime
- passkeys
- password managers
- pen test
- pen testing
- penetration testing
- perks
- personal access tokens
- phishing
- policies
- proactive security
- quantum encryption
- regulatory
- resilience
- retention
- risk management
- risk ranking
- root account
- sbom
- scams
- security blueprint
- security debt
- security posture
- social engineering
- telemetry
- tracking
- training
- unsafe deserialization
- verizon
- video
- voice cloning
- voice of the customer
- vue.js
- vulnerability
- vulnerability scanning
- work-life balance
- zero days
Loving our content? Subscribe now!
Get the latest application security news, trends, tips and insights content from Contrast directly to your inbox. By subscribing, you will stay up to date with all the latest and greatest from Contrast Security.