Skip to content

Jeff Williams, Co-Founder, Chief Technology Officer

Jeff brings more than 20 years of security leadership experience as co-founder and Chief Technology Officer of Contrast Security. He recently authored the DZone DevSecOps, IAST, and RASP refcards and speaks frequently at conferences including JavaOne (Java Rockstar), BlackHat, QCon, RSA, OWASP, Velocity, and PivotalOne. Jeff is also a founder and major contributor to OWASP, where he served as Global Chairman for 9 years, and created the OWASP Top 10, OWASP Enterprise Security API, OWASP Application Security Verification Standard, XSS Prevention Cheat Sheet, and many more popular open source projects. Jeff has a BA from Virginia, an MA from George Mason, and a JD from Georgetown.

Subscribe Now
    Topics
    Waiter… there’s a fly in my appsec tool soup!!!

    Waiter… there’s a fly in my appsec tool soup!!!

    Brace yourself. Recent advances in application security are about to spawn an onslaught of application security tool..

    How to Get Started in Application Security

    How to Get Started in Application Security

    My OWASP Cheat Sheet for Cross-site Scripting (XSS) just passed 1M views, and I'm proud of that. It ain't Shakespeare,..

    Point of View: Congress Ironically Hacks CISA into "Must Pass" Omnibus Spending Bill -- Destroys Privacy

    The most recent omnibus spending bill now includes the Cybersecurity Information Sharing Act of 2015. This bill..

    My Top 5 Cyber Security Predictions for 2016

    It's that time of year for my top predictions for 2016. And, let's review how well I did for 2015: My 2016 predictions..

    Why the Java serialization vulnerability makes Heartbleed look tame - explained

    Why the Java serialization vulnerability makes Heartbleed look tame - explained

    I've been receiving questions from some of you to provide a bit more detail on why this Java vulnerability is so..

    Dashboard0127.png

    How to protect your Apps from the Java Serialization Vulnerability

    A widespread vulnerability in Java environments leaves thousands of businesses seriously exposed. Despite lacking a..

    Point of View: Potential security issues with vehicle to vehicle connected cars

    Point of View: Potential security issues with vehicle to vehicle connected cars

    The fundamental problem is that the industry hasn’t created a thorough (and openly available) threat model that..

    Point of View: $100MM cost of hacking

    Many people think wires are the most secure way to send large sums of money. I’ve seen how many of these wires get..

    Point of View: Delta flight and airline cybersecurity

    Point of View: Delta flight and airline cybersecurity

    This is always the tradeoff… How do we balance the risk of providing some new, cool, useful feature against the risks..