Jeff Williams, Co-Founder, Chief Technology Officer
Jeff brings more than 20 years of security leadership experience as co-founder and Chief Technology Officer of Contrast Security. He recently authored the DZone DevSecOps, IAST, and RASP refcards and speaks frequently at conferences including JavaOne (Java Rockstar), BlackHat, QCon, RSA, OWASP, Velocity, and PivotalOne. Jeff is also a founder and major contributor to OWASP, where he served as Global Chairman for 9 years, and created the OWASP Top 10, OWASP Enterprise Security API, OWASP Application Security Verification Standard, XSS Prevention Cheat Sheet, and many more popular open source projects. Jeff has a BA from Virginia, an MA from George Mason, and a JD from Georgetown.
Subscribe Now- Thought Leaders
- Application Security
- Contrast News
- DevOps
- AppSec
- vulnerabilities
- Hacked
- Threat
- Runtime Security
- DevSecOps
- API security
- Product
- Contrast Protect
- RASP
- cyberattacks
- Contrast Assess
- ADR
- CodeSec
- Security
- AI
- APIs
- MFA
- Metrics
- cybersecurity awareness month
- CVE
- OSS
- cybersecurity
- 2FA
- CISA
- IAST
- SCA
- data breach
- incident response
- passwords
- runtime protection
- application attacks
- ransomware
- regulation
- AWS
- CISOs
- Contrast Scan
- JavaScript
- Log4j
- MTTR
- SAST
- backlog
- threat detection
- threat modeling
- CISO
- GitHub
- OpenSource
- SOC
- Security Observability
- WAF
- attack
- breach
- critical infrastructure
- cyberespionage
- observability
- path traversal
- scan
- software development
- transparency
- .Net
- AST
- Awards
- ChatGPT
- Community Edition
- Contrast SCA
- DBIR
- DHS
- Gen AI
- KVE
- Log4Shell
- OpenAI
- RSA
- React
- SIEM
- SQL injection
- XSS
- application layer
- artificial intelligence
- awareness
- chat apps
- cybercrime
- data privacy week
- detection
- jQuery
- malware
- okta
- python
- remediation
- secure by design
- security culture
- security monitoring
- shift smart
- supply chain
- vulnerability disclosure
- workplace
- zero-day
- .Net
- AI Act
- Angular
- Article 25
- Below the Waterline
- CISO Insights
- CSRF
- Chris Hughes
- Cloud Native Security
- Console
- Cyber Bank Heists
- DAST
- DORA
- Dependabot
- Developers
- Digital Operational Resilience Act
- Drupal
- EDR
- EL injection
- European Union
- Gartner Peer Insights
- Genie
- Git
- GitHub Action
- GitLab
- Go
- IoT
- Known Exploited Vulnerabilities
- MLflow
- MOVEit
- Microsoft
- Namasday
- Netflix
- Node.js
- OpenSourceSoftware
- PATs
- Protect data
- RCA
- RCE
- Regulation (EU) 2022/2554
- Ruby
- SEC
- SOAR
- SecOps
- Secure from within
- Splunk
- TypeScript
- agents
- attack data
- authentication security
- automatic updates
- benefits
- best practices
- brute force attack
- burnout
- certificates
- compliance
- corporate culture
- crime
- data privacy
- deep fakes
- digital resilience
- directory traversal
- dwell time
- false positive
- financial
- financial institutions
- financial sector
- github application security
- github secure code
- github security scanning
- hackers
- happiness
- hiring
- insecure deserialization
- insider threat
- instrumentation
- java
- labor shortage
- languages
- legislation
- machine learning
- malicious actors
- method tampering
- nation states
- open-source software
- organized crime
- passkeys
- password managers
- pen test
- pen testing
- penetration testing
- perks
- personal access tokens
- phishing
- policies
- proactive security
- quantum encryption
- regulatory
- resilience
- retention
- risk management
- risk ranking
- root account
- sbom
- scams
- security blueprint
- security debt
- security posture
- social engineering
- telemetry
- tracking
- training
- unsafe deserialization
- verizon
- video
- voice cloning
- voice of the customer
- vue.js
- vulnerability
- work-life balance
- zero days
Loving our content? Subscribe now!
Get the latest application security news, trends, tips and insights content from Contrast directly to your inbox. By subscribing, you will stay up to date with all the latest and greatest from Contrast Security.