Imperva Blog|Login|中文Deutsch日本語

Podcasts

Launch iTunes & Subscribe  Imperva on iTunes Hide Descriptions
Selected Tag: WAF | Show All
Application Security Survey Results -- An interview with Jeremiah Grossman

Application Security Survey Results -- An interview with Jeremiah Grossman


On this episode of the Imperva Security Podcast Jeremiah Grossman of Whitehat Security is interviewed regarding the latest application security survey conducted by the Ponemon Institute.

Jeremiah gives his perspectives on the survey results and details the why and how of the survey's findings: good, bad, and ugly.

Jeremiah Grossman is the founder and CTO of WhiteHat Security. He is considered a world-renowned expert in Web security, is a co-founder of the Web Application Security Consortium, and was named to InfoWorld's Top 25 CTOs for 2007. Grossman is a frequent speaker at industry events and universities around the globe. He has authored dozens of articles and white papers; is credited with the discovery of many cutting-edge attack and defensive techniques and is a co-author of XSS Attacks. Grossman is often quoted in the business and technical press. Prior to WhiteHat, Grossman was an information security officer at Yahoo!

Tags: Application Security, Jeremiah Grossman, Whitehat Security, Survey, WAF, VA, Application Security Survey Results

Play Podcast Podcast Transcript (PDF)
Application Security Survey Results -- An interview with Dr. Larry Ponemon

Application Security Survey Results -- An interview with Dr. Larry Ponemon


On this episode of the Imperva Security Podcast Dr. Larry Ponemon of the Ponemon Institute is interviewed regarding his latest application security survey.

Dr. Ponemon discusses why this survey is so timely given the state of application security. He goes on to discuss some of the statistical findings as well as well as his interpretation of the results. Finally, he outlines what companies that are getting application security done correctly are doing in contrast to those that are missing the mark.

Dr. Larry Ponemon is the Chairman and Founder of the Ponemon Institute, a research "think tank" dedicated to advancing privacy and data protection practices. Dr. Ponemon is considered a pioneer in privacy auditing and the Responsible Information Management or RIM framework.

Dr. Ponemon consults with leading multinational organizations on global privacy management programs. Dr. Ponemon was appointed to the Advisory Committee for Online Access & Security for the United States Federal Trade Commission. He was appointed by the White House to the Data Privacy and Integrity Advisory Committee for the Department of Homeland Security. Dr. Ponemon was also an appointed to two California State task forces on privacy and data security laws.

Dr. Ponemon earned his Ph.D. at Union College in Schenectady, New York. He has a Master's degree from Harvard University, Cambridge, Massachusetts, and attended the doctoral program in system sciences at Carnegie Mellon University, Pittsburgh, Pennsylvania. Dr. Ponemon earned his Bachelors with Highest Distinction from the University of Arizona, Tucson, Arizona.

Tags: Application Security, Larry Ponemon, Ponemon Institute, Survey, WAF, VA, Application Security Survey Results

Play Podcast Podcast Transcript (PDF)
Securing Mission-Critical Web Applications -- An interview with Catho Online CTO - Marcelo Roberto Riberio

Securing Mission-Critical Web Applications -- An interview with Catho Online CTO - Marcelo Roberto Riberio


Marcelo, CTO of Catho Online in Brazil, discusses the importance of Web application security for one of the largest job-search websites in South America.

Catho Online is the largest job-search website in South America, and one of the top 15 in the world. It is the market leader in its segment. With the slogan "your success is our business", the company's main objective is to facilitate hiring processes, as a liaison those looking for new challenges with hiring companies.

Marcelo Roberto Ribeiro has been the CTO at Catho Online since 2007. His goal is to turn Catho's network and security infrastructure into a high-availability, cutting-edge technology environment, meant to work like the major internet providers, focused on availability, performance, integrity, security and professionalism.

Marcelo has over 25 years of experience in Information Technology, majored in Information Technology and Business Administration, and has experience working in different industries: Internet Service Provider, Telecom Operator, Pulp and Paper, Oil, and others.

To download a Portuguese version of the transcript, click here.

Tags: Marcelo Roberto Ribeiro, WAF, Application Security, Catho Online, Customer

Play Podcast Podcast Transcript (PDF)
Adaptive Reputation-based Defense (ThreatRadar) -- An interview with Eldad Chai

Adaptive Reputation-based Defense (ThreatRadar) -- An interview with Eldad Chai


On this episode of the Imperva Security Podcast Eldad Chai -- Imperva Web Application Firewall Product Manager, is interviewed.

Eldad talks about Imperva's ThreatRadar solution. He outlines what it is, how it's used, and what customers can expect to gain from it. He covers specific threat examples such as automated attacks and business logic attacks and how they can be addressed beyond blocking and alerting with capabilities such as CAPTCHA, challenge-response, redirection and more.

Eldad Chai is a product manager at Imperva, responsible for Imperva's award winning Web Application Firewall (WAF). Eldad defines and leads the product vision and roadmap and is behind various game changers in the Web application security space such as the integration between WAFs and Web vulnerability scanners and Imperva's reputation based web security technology - ThreatRadar. Eldad started at Imperva as the leader of the web research team, where he was part of the Application Defense Center (ADC), Imperva's internationally recognized research organization focused on security and compliance. Eldad lead research projects in various fields such as web security, security technologies, mitigation strategies and hacking methodologies. Prior to Imperva, Eldad provided data security and network optimization services as a consultant. Eldad participated in Deutsche Telecom's eThreat project where he developed an innovative solution for a distributed electronic threat detection system that is now part of Deutsche Telecom's intellectual property. He holds a B.Sc and an M.Sc in Communication Systems Engineering from Ben-Gurion University, Israel.

Tags: Eldad Chai, Imperva, WAF, ThreatRadar

Play Podcast Podcast Transcript (PDF)
Next Generation WAF (NG-WAF) -- An interview with Amichai Shulman

Next Generation WAF (NG-WAF) -- An interview with Amichai Shulman


On this episode of the Imperva Security Podcast Amichai Shulman -- CTO and Co-founder of Imperva talks about the next generation of WAFs.

Amichai discusses the Industrialization of Hacking and how that's creating a need for WAF solutions to evolve so they can address automated attacks, business logic attacks, and the existing and growing list of technical attacks such as SQL Injection, XSS, etc. He also discusses mechanism for combating automated attacks and business logic attacks, deployments within MSSP and Cloud-based environments, and other components of Imperva's NG-WAF vision.

Amichai Shulman is Co-Founder and CTO of Imperva, where he heads the Application Defense Center (ADC), Imperva's internationally recognized research organization focused on security and compliance. Shulman regularly lectures at trade conferences and delivers monthly eSeminars. The press draws on Shulman's expertise to comment on breaking news, including security breaches, mitigation techniques, and related technologies. Under his direction, the ADC has been credited with the discovery of serious vulnerabilities in commercial Web application and database products, including Oracle, IBM, and Microsoft. Prior to Imperva, Shulman was founder and CTO of Edvice Security Services Ltd., a consulting group that provided application and database security services to major financial institutions, including Web and database penetration testing and security strategy, design and implementation. Shulman served in the Israel Defense Forces, where he led a team that identified new computer attack and defense techniques. He has B.Sc and Masters Degrees in Computer Science from the Technion, Israel Institute of Technology.

Tags: Amichai Shulman, ADC, WAF, NG-WAF, Industrialized Hacking, Automated Attacks, Business Logic Attacks, Hacking

Play Podcast Podcast Transcript (PDF)
Software Security -- An interview with Dr. Gary McGraw

Software Security -- An interview with Dr. Gary McGraw


On this episode of the Imperva Security Podcast Dr. Gary McGraw, CTO of Cigital, interviewed.

Gary and I discuss the current state of software security. We talk about SDLC, building security in, incident prevention and incident detection, and leveraging Web Application Firewalls, or WAF.

Gary also talks about BSIMM -- the Building Security In Maturity Model. You can find out more about BSIMM here -- http://www.bsi-mm.com/.

Gary McGraw is the CTO of Cigital, Inc., a software security and quality consulting firm with headquarters in the Washington, D.C. area. He is a globally recognized authority on software security and the author of eight bestselling books on this topic. His titles include Java Security, Building Secure Software, Exploiting Software, Software Security, and Exploiting Online Games; and he is editor of the Addison-Wesley Software Security series. Dr. McGraw has also written over 100 peer-reviewed scientific publications, authors a monthly security column for informIT, and is frequently quoted in the press. Besides serving as a strategic counselor for top business and IT executives, Gary is on the Advisory Boards of Fortify Software and Raven White. His dual PhD is in Cognitive Science and Computer Science from Indiana University where he serves on the Dean's Advisory Council for the School of Informatics. Gary served on the IEEE Computer Society Board of Governors, produces the monthly Silver Bullet Security Podcast for IEEE Security & Privacy magazine (syndicated by informIT), and produces the Reality Check Security Podcast for CSO Online.

Tags: Dr. Gary McGraw, Software Security, WAF, SDLC

Play Podcast Podcast Transcript (PDF)
Interview with Lars Ewe -- CTO of Cenzic -- WAF

Interview with Lars Ewe -- CTO of Cenzic -- WAF


On this episode of the Imperva Security Podcast Lars Ewe, CTO of Cenzic, is interviewed.

Lars discusses the Imperva Cenzic partnership, and why bringing together vulnerability scanning services with Web Application Firewalls (WAF) is critical for application security. He also shares his views on what the future holds for application security overall.

Lars Ewe, Chief Technology Officer and VP of Engineering with Cenzic, is a technology executive with broad background in (web) application development and security, middleware infrastructure, software development and application/system manageability technologies. Throughout his career Lars has held key positions in engineering, product management/marketing, and sales in a variety of different markets. Prior to Cenzic, Lars was software development director at Advanced Micro Devices, Inc., responsible for AMD's overall systems manageability and related security strategy and all related engineering efforts. Lars was also AMD's representative to the board of directors of the Distributed Management Task Force. Before AMD, Lars was senior director at Borland Software Corp., where he managed worldwide server software pre-sales, technical services, and key partner relationships. Prior to Borland he held key positions at Oracle Corporation's Server Technologies Division and Webgain. Lars has Bachelor of Science and Master of Science degrees in Mechanical Engineering from the Technical University of Munich, Germany.

Tags: Lars Ewe, Cenzic, Partner, WAF and VA, Web Application Security

Play Podcast Podcast Transcript (PDF)
Leveraging WAF and DAM for Protecting Data, Securing Servers, Meeting Partner Requirements, Addressing PCI, and Beyond -- an Interview with Richard Collins from Imperva Customer TechSoup Global

Leveraging WAF and DAM for Protecting Data, Securing Servers, Meeting Partner Requirements, Addressing PCI, and Beyond -- an Interview with Richard Collins from Imperva Customer TechSoup Global


On this episode of the Imperva Security Podcast Richard Collins from TechSoup Global talks about using Imperva SecureSphere WAF and DAM solutions. He discusses key drivers such as sensitive data protection, securing mission-critical servers, addressing partner concerns over data security from Microsoft, Adobe, and Intuit (which require their partners to have strong data security solutions), and addressing PCI.

Richard also discusses how WAF can be used as a unifying technology that brings together development and operations teams. Finally he explains why he chose Imperva SecureSphere above competitors, and how Imperva offers the best solution for TechSoup Global by providing a superior: user interface, policy management system, profiling and learning capability, architecture flexibility, and ability to integrate database and Web application protection through a single solution.

Mr. Collins is the Senior Director for Information System Security for TechSoup Global, a nonprofit organization that helps nonprofits in 31 countries around the world get and use technology to better serve their missions. In addition, TechSoup Global works with companies and foundations to optimize their philanthropic impact.

At TechSoup Global, Mr. Collins is in charge of security strategy and security policy to protect data and information systems across the organization. He is also responsible for senior project management, consulting, and coordination for all security and system-stability related projects.

Mr. Collins is currently leading several security projects including achieving PCI compliance, providing security and risk protection across the architecture stack, and embedding security into systems development, operations planning, and implementation processes.

A 20-year industry veteran, Mr. Collins has held positions ranging from programmer analyst to CIO in a wide range of industries including banking, telecommunications, publishing, and technical consulting services. Mr. Collins holds a Masters Degree in Information Systems and Telecommunications Management.

Tags: Customer, WAF, DAM, Richard Collins, TechSoup Global, Sensitive Data, Compliance, PCI

Play Podcast Podcast Transcript (PDF)
Web Application Security within Cloud Computing, SaaS, and Virtualized Environments -- Chris Richter of Savvis, an Imperva Partner, shares his Wealth of Experience

Web Application Security within Cloud Computing, SaaS, and Virtualized Environments -- Chris Richter of Savvis, an Imperva Partner, shares his Wealth of Experience


On this episode of the Imperva Security Podcast Chris Richter from Savvis talks about cloud computing, SaaS, virtualization, and the need for Web Application Firewalls. He shares some stories from the trenches, and talks about the trend in modern business to become more focused on core capabilities and less on infrastructure, thus getting back to managing the top and bottom lines.

Chris is VP and general manager of security products and services at Savvis, a leading network, hosting and security services provider, where he is responsible for the managed-security line of business, strategy and product portfolio. Chris has assisted many enterprises in adapting their premise-based infrastructure risk management programs and security controls to Savvis' outsourced virtual-ized and shared-infrastructure services. He brings an IT service provider's view of control requirements for virtualized- and cloud-based infra-structures. Chris is a member of ISSA and ISACA, and for more than 20 years has held various security and IT services manage-ment and consulting positions at companies such as Digital Equipment Corporation, Compaq Global Services, 3Com, Cable & Wireless and Sterling Software. He is a Certified Information Systems Security Professional (CISSP) and a Certified Information Security Manager (CISM), and has served as a technical advisor and board member of several Silicon Valley-based IT product and services companies.

Tags: Chris Richter, Partner, Savvis, WAF, Cloud Computing, SaaS, Virtualization

Play Podcast Podcast Transcript (PDF)
Protecting Web Portals and Bringing Together Security Operations and Development with the Imperva SecureSphere WAF at Telefonica O2 Germany -- an Interview with Daniel Stricharz

Protecting Web Portals and Bringing Together Security Operations and Development with the Imperva SecureSphere WAF at Telefonica O2 Germany -- an Interview with Daniel Stricharz


On this episode of the Imperva Security Podcast Daniel Stricharz is interviewed. He shares his experiences around choosing, implementing and operating the Imperva SecureSphere Web Application Firewall (WAF). He shares a number of examples where WAF helped Telefonica discover and address application vulnerabilities. He also discusses:
  • Drivers to implement WAF in large, complex, telco
  • Bringing together security operations and developers with WAF
  • Business logic attacks and application profiling
  • What to look for in a WAF
Daniel Stricharz is a senior security and infrastructure specialist at Telefonica O2 Germany responsible for the customer portals and their value-added services. Stricharz has studied law and computer science. Before he joined the telecommunications area in 2000 he worked as a consultant both in the IT and legal area for international businesses. His knowledge of emerging German legislation, cyber-crime, and cyber-law has helped to reconcile both specific legal and complex technical requirements. He initially specialized in data protection law and its technical implementation until he moved on to cover the full range of security aspects from product development to the operations of on-line services.

Telefonica O2 Germany GmbH & Co. OHG belongs to Telefonica Europe and is part of the Spanish telecommunication group Telefonica S.A. The Company offers its German private and business customers postpaid and prepaid mobile telecom products as well as innovative mobile data services based on the GPRS and UMTS technologies. In addition, the integrated communications provider also offers DSL fixed network telephony and high-speed internet. Telefonica Europe has nearly 47 million mobile and fixed network customers in Great Britain, Ireland, the Czech Republic, Slovakia and Germany.

In Germany, where the company is known simply as O2 with its head quarter located in Munich, Germany, has a customer base of more than 14.5 Million. Besides its more than 750 shops O2 operates a massive online portal, offering services ranging from an on-line shop over a complex web-based email solution, to a range of self-service opportunities for the customers and a huge number of other mobile services that help enrich the customers' mobile experience.

Tags: Daniel Stricharz, Customer, Telefonica O2 Germany, WAF, Business Logic Attacks, Application Profiling, Web Portal Security

Play Podcast Podcast Transcript (PDF)
SQL Injection Attacks and Mitigation Techniques with Amichai Shulman -- Imperva CTO & Co-founder

SQL Injection Attacks and Mitigation Techniques with Amichai Shulman -- Imperva CTO & Co-founder


On this episode of the Imperva Security Podcast Amichai Shulman -- CTO and Co-founder of Imperva talks about SQL Injection. He discusses how these attacks are preformed, why they are so pervasive, why signature detection doesn't work, and how to mitigate these attacks.

Amichai Shulman is Co-Founder and CTO of Imperva, where he heads the Application Defense Center (ADC), Imperva's internationally recognized research organization focused on security and compliance. Shulman regularly lectures at trade conferences and delivers monthly eSeminars. The press draws on Shulman's expertise to comment on breaking news, including security breaches, mitigation techniques, and related technologies. Under his direction, the ADC has been credited with the discovery of serious vulnerabilities in commercial Web application and database products, including Oracle, IBM, and Microsoft. Prior to Imperva, Shulman was founder and CTO of Edvice Security Services Ltd., a consulting group that provided application and database security services to major financial institutions, including Web and database penetration testing and security strategy, design and implementation. Shulman served in the Israel Defense Forces, where he led a team that identified new computer attack and defense techniques. He has B.Sc and Masters Degrees in Computer Science from the Technion, Israel Institute of Technology.

Tags: Amichai Shulman, ADC, SQL Injection, WAF, Web Application Security

Play Podcast Podcast Transcript (PDF)
Aviram Jenik of BeyondSecurity, an Imperva Partner, talks about WAF, VA, Black Box testing, and related solutions necessary for a strong application security posture

Aviram Jenik of BeyondSecurity, an Imperva Partner, talks about WAF, VA, Black Box testing, and related solutions necessary for a strong application security posture


On this episode of the Imperva Security Podcast Aviram Jenik of BeyondSecurity is interviewed. Aviram discusses why Imperva and BeyondSecurity have partnered to offer a combination of WAF, Black Box Testing, and Vulnerability Assessment services together. Aviram discusses several very interesting application security "stories from the trenches," and shares his perspectives on the evolution of application security.

Mr. Jenik has 17 years of experience in the Computer Security field. From the early days of computer viruses he was involved in the fields of encryption, security vulnerabilities detection and research. He worked in development, marketing and sales roles in several startups, and had 2 successful exits before co-founding Beyond Security in 1999.

Aviram has a Bsc. in Computer Science with a major in cryptography and an MBA from T.A. University with majors in strategy and entrepreneurship.

Tags: Aviram Jenik, Partner, BeyondSecurity, WAF, VA, Black Box Testing

Play Podcast Podcast Transcript (PDF)
Jeremiah Grossman of Whitehat Security, an Imperva Partner, talks about bringing together to worlds of WAF and VA to improve overall application security and reduce business risk

Jeremiah Grossman of Whitehat Security, an Imperva Partner, talks about bringing together to worlds of WAF and VA to improve overall application security and reduce business risk


On this episode of the Imperva Security Podcast Jeremiah Grossman of Whitehat Security is interviewed. Jeremiah discusses why Imperva and Whitehat have partnered to offer a blended approach to Web application security through WAF plus VA. Jeremiah explains that the industry now requires these once diametrically opposed solutions to unite in order to address today's threats and reduce overall business risk.

Jeremiah Grossman is the founder and CTO of WhiteHat Security. He is considered a world-renowned expert in Web security, is a co-founder of the Web Application Security Consortium, and was named to InfoWorld's Top 25 CTOs for 2007. Grossman is a frequent speaker at industry events and universities around the globe. He has authored dozens of articles and white papers; is credited with the discovery of many cutting-edge attack and defensive techniques and is a co-author of XSS Attacks. Grossman is often quoted in the business and technical press. Prior to WhiteHat, Grossman was an information security officer at Yahoo!

Tags: Jeremiah Grossman, Partner, Whitehat Security, WAF, VA

Play Podcast Podcast Transcript (PDF)
Convergence of Risk and Security -- Andreas Wuchner, advisory board member for companies such as Microsoft, Oracle, Symantec and Cisco, is interviewed

Convergence of Risk and Security -- Andreas Wuchner, advisory board member for companies such as Microsoft, Oracle, Symantec and Cisco, is interviewed


On this episode of the Imperva Security Podcast Andreas Wuchner is interviewed. He discusses a wide range of subjects related to risk and security converging.
  • Who owns risk management
  • How can solutions like WAF be evaluated by businesses in terms of organizational risk
  • Where is the real value in risk management
  • How important are technical solutions and automation
  • Perspectives on cloud computing, outsourcing, and trust based models as they relate to risk
Andreas is an experienced IT Manager, Risk, Compliance and Security Professional who is a globally acknowledged and a well known thought leader, who is a highly respected deliverer within the Risk and Security industry. Andreas sits on advisory boards of leading IT technology companies including Microsoft, Oracle, Symantec, Cisco and others. In addition to his role at a multi-national pharmaceutical company Andreas operates the Risk Management Blog IT Risk Space - http://ITRiskSpace.com.

Tags: Andreas Wuchner, Risk Management, Security, Governance, WAF

Play Podcast Podcast Transcript (PDF)
Using WAF in Complex, Global Environments -- an Interview with Marc Appelbaum -- Imperva Customer and Manager of Information Security for Vonage

Using WAF in Complex, Global Environments -- an Interview with Marc Appelbaum -- Imperva Customer and Manager of Information Security for Vonage


On this episode of the Imperva Security Podcast Marc Appelbaum is interviewed. Marc discusses the importance of application security at Vonage. He details several projects that are aimed at protecting Vonage as well as Vonage partners and customers. Marc also shares his views on application security as it relates to vulnerability scanning, the Imperva SecureSphere Web Application Firewall (WAF), and the integration of the two.

Marc Appelbaum is Manager of Information Security for Vonage, a leading provider of broadband telephone services. Marc is responsible for all Information Security functions for Vonage worldwide. Under Marc's leadership Vonage has deployed several security initiatives, including a Global Vulnerability Management Program, a Global Security Information Management System, and security awareness programs. Marc also developed policies and procedures that now involve the Security team in all technology projects. Marc also maintains the responsibility for ensuring IT Compliance with all government and industry regulations (i.e. SOX, PCI, CPNI, etc.).

Prior to joining Vonage, Marc was at Dow Jones & Co. for about 10 years. During that time Marc served in various roles, most recent as Security Architect introducing several new technologies to replace legacy equipment and establishing firewall guidelines. Marc began with Dow supporting the WSJ.COM website.

Tags: Marc Appelbaum, Customer, Practitioner, WAF, Vonage

Play Podcast Podcast Transcript (PDF)
Interview with Joe White -- Imperva Customer and Web Application Security Practitioner:  Getting Started in Web Application Security

Interview with Joe White -- Imperva Customer and Web Application Security Practitioner: Getting Started in Web Application Security


On this episode of the Imperva Security Podcast Joe White is interviewed. This is the second in a series of podcast interviews where Joe White and Brian Contos will discuss various topics related to application and data security.

Joe talks about getting started in Web Application Security. He discusses several tools and resources useful for those that are new to this industry and for seasoned experts. Here are some examples.In addition to working for a large SaaS provider in Northern California that's an Imperva Customer, Joe White is President of Cyberlocksmith Corporation, and specializes in Information Security and technology risk. He is a Subject Matter Expert in Internet, Extranet, and Intranet security risks and network penetration techniques. He has 15+ years of Information Technology experience including SOA, SaaS, Information Security, and Systems. Joe has focused expertise in securing web applications and extensive knowledge of networking, routing protocols switching and remote access methodologies. Over the years, Joe has participated in numerous penetration tests and ethical hacking engagements and comes to Web Application Security after spending many years involved in traditional infrastructure/operations security. Finally, with 10+ years of Business Development experience Joe offers a unique perspective on the marriage between business and technology.

Tags: Joe White, Customer, Practitioner, WAF, Getting Started with Web Application Security

Play Podcast Podcast Transcript (PDF)
Interview with Joe White -- Imperva Customer and Web Application Security Practitioner

Interview with Joe White -- Imperva Customer and Web Application Security Practitioner


On this episode of the Imperva Security Podcast Joe White is interviewed. This is the first in a series of podcast interview where Joe White and Brian Contos will discuss various topics related to application and data security.

Joe shares his perspectives on the current state of application security. He discusses some of the history and current gaps as well as technical and political issues. Joe also discusses Web Application Firewalls (WAF)-- what they can be used for in addition to firewalling, and where they fit within a holistic security program.

In addition to working for a large SaaS provider in Northern California that's an Imperva Customer, Joe White is President of Cyberlocksmith Corporation, and specializes in Information Security and technology risk. He is a Subject Matter Expert in Internet, Extranet, and Intranet security risks and network penetration techniques. He has 15+ years of Information Technology experience including SOA, SaaS, Information Security, and Systems. Joe has focused expertise in securing web applications and extensive knowledge of networking, routing protocols switching and remote access methodologies. Over the years, Joe has participated in numerous penetration tests and ethical hacking engagements and comes to Web Application Security after spending many years involved in traditional infrastructure/operations security. Finally, with 10+ years of Business Development experience Joe offers a unique perspective on the marriage between business and technology. Joe presented at OWASP in September 2008, and his presentation Web Application Security Roadmap can be found here.

Tags: Joe White, Customer, Practitioner, WAF, OWASP

Play Podcast Podcast Transcript (PDF)
Selected Tag: WAF | Show All
Launch iTunes & Subscribe Request More Information