Injecting Proactive Security Controls in Software Development
The SQL Injection was first mentioned in a 1998 article in Phrack Magazine. Twenty years later, injection is still a common occurrence in software applications (No.1 in latest OWASP Top 10 2017). For the last 20 years, we have been focusing on vulnerabilities from attacker’s point of view and SQL injection is still King. Something else must be done.
How can developers write more secure applications ? Which security controls are an absolutely must-have, and which additional security measures do you need to take into account?
These are hard questions as evidenced by the numerous insecure applications we still have today. Starting from real-world examples, we will discuss the security controls that developers are familiar with, offer actionable advice when to use them in the software development life cycle and how to verify for them.
Recommended to security professionals looking to integrate security in their software applications.
Katy Anton is a security professional with a background in software development. An international public speaker, she enjoys speaking about software security and how to secure software applications.
In her previous roles she led software development teams and implemented security best practices in software development life cycle. As part of her work she got involved in OWASP Top Ten Proactive Controls project where she joined as project leader.
In her current role as Application Security Consultant, Katy works with security teams and software developers around the world and helps them secure their software.
Get promotions and special offers directly to your inbox.