Skip to content

Improve Application Security by Turning it into Code

    
devops-application-security.jpg

Why is application security such a pain? One of the hard problems with application security is that there are a zillion different ways that things can go wrong.

devops-application-security.jpgEarlier this week I wrote a guest blog post for App Developer Magazine. In the post I concede that application security is far more than any one person can be expert in. It's unfair to think that a software developer, who is already supposed to be expert in all the latest software languages, frameworks and best practices, should also be keeping up with application security.

So, what is the answer? 

One way out of this trap is to turn application security into code.

To see what I mean, please click here to read the full article in App Developer Magazine. 

 

self-protecting

Jeff Williams, Co-Founder, Chief Technology Officer

Jeff Williams, Co-Founder, Chief Technology Officer

Jeff brings more than 20 years of security leadership experience as co-founder and Chief Technology Officer of Contrast Security. He recently authored the DZone DevSecOps, IAST, and RASP refcards and speaks frequently at conferences including JavaOne (Java Rockstar), BlackHat, QCon, RSA, OWASP, Velocity, and PivotalOne. Jeff is also a founder and major contributor to OWASP, where he served as Global Chairman for 9 years, and created the OWASP Top 10, OWASP Enterprise Security API, OWASP Application Security Verification Standard, XSS Prevention Cheat Sheet, and many more popular open source projects. Jeff has a BA from Virginia, an MA from George Mason, and a JD from Georgetown.