Owasp top 10 2017 RC - Comments, observations and ideas

Dinis Cruz
Chief Scientist at Glasswall and CISO at Holland and Barrett
May. 18, 2017
Owasp top 10 2017 RC - Comments, observations and ideas
Owasp top 10 2017 RC - Comments, observations and ideas
Owasp top 10 2017 RC - Comments, observations and ideas
Owasp top 10 2017 RC - Comments, observations and ideas
Owasp top 10 2017 RC - Comments, observations and ideas
Owasp top 10 2017 RC - Comments, observations and ideas
Owasp top 10 2017 RC - Comments, observations and ideas
Owasp top 10 2017 RC - Comments, observations and ideas
Owasp top 10 2017 RC - Comments, observations and ideas
Owasp top 10 2017 RC - Comments, observations and ideas
Owasp top 10 2017 RC - Comments, observations and ideas
Owasp top 10 2017 RC - Comments, observations and ideas
Owasp top 10 2017 RC - Comments, observations and ideas
Owasp top 10 2017 RC - Comments, observations and ideas
Owasp top 10 2017 RC - Comments, observations and ideas
Owasp top 10 2017 RC - Comments, observations and ideas
Owasp top 10 2017 RC - Comments, observations and ideas
Owasp top 10 2017 RC - Comments, observations and ideas
Owasp top 10 2017 RC - Comments, observations and ideas
Owasp top 10 2017 RC - Comments, observations and ideas
Owasp top 10 2017 RC - Comments, observations and ideas
Owasp top 10 2017 RC - Comments, observations and ideas
Owasp top 10 2017 RC - Comments, observations and ideas
Owasp top 10 2017 RC - Comments, observations and ideas
Owasp top 10 2017 RC - Comments, observations and ideas
Owasp top 10 2017 RC - Comments, observations and ideas
Owasp top 10 2017 RC - Comments, observations and ideas
Owasp top 10 2017 RC - Comments, observations and ideas
Owasp top 10 2017 RC - Comments, observations and ideas
Owasp top 10 2017 RC - Comments, observations and ideas
Owasp top 10 2017 RC - Comments, observations and ideas
Owasp top 10 2017 RC - Comments, observations and ideas
Owasp top 10 2017 RC - Comments, observations and ideas
Owasp top 10 2017 RC - Comments, observations and ideas
Owasp top 10 2017 RC - Comments, observations and ideas
Owasp top 10 2017 RC - Comments, observations and ideas
Owasp top 10 2017 RC - Comments, observations and ideas
Owasp top 10 2017 RC - Comments, observations and ideas
Owasp top 10 2017 RC - Comments, observations and ideas
Owasp top 10 2017 RC - Comments, observations and ideas
Owasp top 10 2017 RC - Comments, observations and ideas
Owasp top 10 2017 RC - Comments, observations and ideas
Owasp top 10 2017 RC - Comments, observations and ideas
Owasp top 10 2017 RC - Comments, observations and ideas
Owasp top 10 2017 RC - Comments, observations and ideas
Owasp top 10 2017 RC - Comments, observations and ideas
Owasp top 10 2017 RC - Comments, observations and ideas
Owasp top 10 2017 RC - Comments, observations and ideas
Owasp top 10 2017 RC - Comments, observations and ideas
Owasp top 10 2017 RC - Comments, observations and ideas
Owasp top 10 2017 RC - Comments, observations and ideas
Owasp top 10 2017 RC - Comments, observations and ideas
Owasp top 10 2017 RC - Comments, observations and ideas
Owasp top 10 2017 RC - Comments, observations and ideas
1 of 54

Owasp top 10 2017 RC - Comments, observations and ideas

May. 18, 2017
Download to read offline
Software

An overview of the two main changes to the Owasp top 10, some of the reactions to it and a couple ideas for replacing the most controversial categories

Dinis Cruz
Chief Scientist at Glasswall and CISO at Holland and Barrett

Recommended

JournalsJournals
JournalsRiaz Ahmad8 views1 slide
The SAS® PlatformThe SAS® Platform
The SAS® PlatformSAS Italy197 views12 slides
Semantic Web Meetup @ APASemantic Web Meetup @ APA
Semantic Web Meetup @ APAAlexander Stocker463 views3 slides
2017 OSHA's Top 10 (preliminary data)2017 OSHA's Top 10 (preliminary data)
2017 OSHA's Top 10 (preliminary data)Safety Health31K views25 slides
No2 concentration in urban area of cataniaNo2 concentration in urban area of catania
No2 concentration in urban area of cataniaCristina Popa207 views10 slides
Our Digital World - A generational perspective on privacy and security in Agr...Our Digital World - A generational perspective on privacy and security in Agr...
Our Digital World - A generational perspective on privacy and security in Agr...Drew Zabrocki659 views21 slides

More Related Content

Slideshows for you

Basel III ClinicBasel III Clinic
Basel III ClinicMarkus Krebsz372 views7 slides
Hat 2013 congres Hat 2013 congres
Hat 2013 congres Lucien Engelen1.1K views20 slides
MeetNN ICT netwerk Nijmegen. NovioTechCampusMeetNN ICT netwerk Nijmegen. NovioTechCampus
MeetNN ICT netwerk Nijmegen. NovioTechCampusLucien Engelen2.7K views52 slides
Healthware for medicine - Roberto AscioneHealthware for medicine - Roberto Ascione
Healthware for medicine - Roberto AscioneData Driven Innovation258 views16 slides
SAFETY TALK (WEEK 10)SAFETY TALK (WEEK 10)
SAFETY TALK (WEEK 10)Akinwale-Vincent Omoniyi95 views1 slide
Hypermedia-Driven Orchestration in MicroservicesHypermedia-Driven Orchestration in Microservices
Hypermedia-Driven Orchestration in MicroservicesIrakli Nadareishvili3.2K views54 slides

Slideshows for you(7)

Basel III ClinicBasel III Clinic
Basel III Clinic
Markus Krebsz372 views
Hat 2013 congres Hat 2013 congres
Hat 2013 congres
Lucien Engelen1.1K views
MeetNN ICT netwerk Nijmegen. NovioTechCampusMeetNN ICT netwerk Nijmegen. NovioTechCampus
MeetNN ICT netwerk Nijmegen. NovioTechCampus
Lucien Engelen2.7K views
Healthware for medicine - Roberto AscioneHealthware for medicine - Roberto Ascione
Healthware for medicine - Roberto Ascione
Data Driven Innovation258 views
SAFETY TALK (WEEK 10)SAFETY TALK (WEEK 10)
SAFETY TALK (WEEK 10)
Akinwale-Vincent Omoniyi95 views
Hypermedia-Driven Orchestration in MicroservicesHypermedia-Driven Orchestration in Microservices
Hypermedia-Driven Orchestration in Microservices
Irakli Nadareishvili3.2K views
CertificationCertification
Certification
Alfred Mitchell24 views

More from Dinis Cruz

Map camp - Why context is your crown jewels (Wardley Maps and Threat Modeling)Map camp - Why context is your crown jewels (Wardley Maps and Threat Modeling)
Map camp - Why context is your crown jewels (Wardley Maps and Threat Modeling)Dinis Cruz765 views31 slides
Glasswall - Safety and Integrity Through Trusted FilesGlasswall - Safety and Integrity Through Trusted Files
Glasswall - Safety and Integrity Through Trusted FilesDinis Cruz737 views20 slides
Glasswall - How to Prevent, Detect and React to Ransomware incidentsGlasswall - How to Prevent, Detect and React to Ransomware incidents
Glasswall - How to Prevent, Detect and React to Ransomware incidentsDinis Cruz773 views54 slides
The benefits of police and industry investigation - NPCC ConferenceThe benefits of police and industry investigation - NPCC Conference
The benefits of police and industry investigation - NPCC ConferenceDinis Cruz358 views70 slides
Serverless Security Workflows - cyber talks - 19th nov 2019Serverless Security Workflows - cyber talks - 19th nov 2019
Serverless Security Workflows - cyber talks - 19th nov 2019Dinis Cruz764 views68 slides
Modern security using graphs, automation and data scienceModern security using graphs, automation and data science
Modern security using graphs, automation and data scienceDinis Cruz1.1K views121 slides

More from Dinis Cruz(20)

Map camp - Why context is your crown jewels (Wardley Maps and Threat Modeling)Map camp - Why context is your crown jewels (Wardley Maps and Threat Modeling)
Map camp - Why context is your crown jewels (Wardley Maps and Threat Modeling)
Dinis Cruz765 views
Glasswall - Safety and Integrity Through Trusted FilesGlasswall - Safety and Integrity Through Trusted Files
Glasswall - Safety and Integrity Through Trusted Files
Dinis Cruz737 views
Glasswall - How to Prevent, Detect and React to Ransomware incidentsGlasswall - How to Prevent, Detect and React to Ransomware incidents
Glasswall - How to Prevent, Detect and React to Ransomware incidents
Dinis Cruz773 views
The benefits of police and industry investigation - NPCC ConferenceThe benefits of police and industry investigation - NPCC Conference
The benefits of police and industry investigation - NPCC Conference
Dinis Cruz358 views
Serverless Security Workflows - cyber talks - 19th nov 2019Serverless Security Workflows - cyber talks - 19th nov 2019
Serverless Security Workflows - cyber talks - 19th nov 2019
Dinis Cruz764 views
Modern security using graphs, automation and data scienceModern security using graphs, automation and data science
Modern security using graphs, automation and data science
Dinis Cruz1.1K views
Using Wardley Maps to Understand Security's Landscape and StrategyUsing Wardley Maps to Understand Security's Landscape and Strategy
Using Wardley Maps to Understand Security's Landscape and Strategy
Dinis Cruz3.6K views
Dinis Cruz (CV) - CISO and Transformation Agent v1.2Dinis Cruz (CV) - CISO and Transformation Agent v1.2
Dinis Cruz (CV) - CISO and Transformation Agent v1.2
Dinis Cruz1.7K views
Making fact based decisions and 4 board decisions (Oct 2019)Making fact based decisions and 4 board decisions (Oct 2019)
Making fact based decisions and 4 board decisions (Oct 2019)
Dinis Cruz1.2K views
CISO Application presentation - Babylon health securityCISO Application presentation - Babylon health security
CISO Application presentation - Babylon health security
Dinis Cruz4K views
Using OWASP Security Bot (OSBot) to make Fact Based Security DecisionsUsing OWASP Security Bot (OSBot) to make Fact Based Security Decisions
Using OWASP Security Bot (OSBot) to make Fact Based Security Decisions
Dinis Cruz2.2K views
GSBot Commands (Slack Bot used to access Jira data)GSBot Commands (Slack Bot used to access Jira data)
GSBot Commands (Slack Bot used to access Jira data)
Dinis Cruz589 views
(OLD VERSION) Dinis Cruz (CV) - CISO and Transformation Agent v0.6 (OLD VERSION) Dinis Cruz (CV) - CISO and Transformation Agent v0.6
(OLD VERSION) Dinis Cruz (CV) - CISO and Transformation Agent v0.6
Dinis Cruz1.5K views
OSBot - Data transformation workflow (from GSheet to Jupyter)OSBot - Data transformation workflow (from GSheet to Jupyter)
OSBot - Data transformation workflow (from GSheet to Jupyter)
Dinis Cruz738 views
Jira schemas - Open Security Summit (Working Session 21th May 2019)Jira schemas - Open Security Summit (Working Session 21th May 2019)
Jira schemas - Open Security Summit (Working Session 21th May 2019)
Dinis Cruz621 views
Template for "Sharing anonymised risk theme dashboards v0.8"Template for "Sharing anonymised risk theme dashboards v0.8"
Template for "Sharing anonymised risk theme dashboards v0.8"
Dinis Cruz447 views
Owasp and summits (may 2019)Owasp and summits (may 2019)
Owasp and summits (may 2019)
Dinis Cruz308 views
Creating a graph based security organisation - Apr 2019 (OWASP London chapter...Creating a graph based security organisation - Apr 2019 (OWASP London chapter...
Creating a graph based security organisation - Apr 2019 (OWASP London chapter...
Dinis Cruz4K views
Open security summit 2019 owasp london 25th febOpen security summit 2019 owasp london 25th feb
Open security summit 2019 owasp london 25th feb
Dinis Cruz573 views
Owasp summit 2019 - OWASP London 25th febOwasp summit 2019 - OWASP London 25th feb
Owasp summit 2019 - OWASP London 25th feb
Dinis Cruz153 views

Recently uploaded

CyberSecurity.pdfCyberSecurity.pdf
CyberSecurity.pdfAnilGupta951378 views12 slides
BROCHURE - TT INFOTECHS.pdfBROCHURE - TT INFOTECHS.pdf
BROCHURE - TT INFOTECHS.pdfTtinfotechs4 views30 slides
Networking.pptxNetworking.pptx
Networking.pptxJexsonDimayuga13 views51 slides
Proof of Democracy .pptxProof of Democracy .pptx
Proof of Democracy .pptxRupaliTasnimSamad3 views69 slides
Usage of PowerShell.pptxUsage of PowerShell.pptx
Usage of PowerShell.pptxSultanBaloch32 views8 slides
Android App Development Miami.pdfAndroid App Development Miami.pdf
Android App Development Miami.pdfAtivaItSolution4 views1 slide

Recently uploaded(20)

CyberSecurity.pdfCyberSecurity.pdf
CyberSecurity.pdf
AnilGupta951378 views
BROCHURE - TT INFOTECHS.pdfBROCHURE - TT INFOTECHS.pdf
BROCHURE - TT INFOTECHS.pdf
Ttinfotechs4 views
Networking.pptxNetworking.pptx
Networking.pptx
JexsonDimayuga13 views
Proof of Democracy .pptxProof of Democracy .pptx
Proof of Democracy .pptx
RupaliTasnimSamad3 views
Usage of PowerShell.pptxUsage of PowerShell.pptx
Usage of PowerShell.pptx
SultanBaloch32 views
Android App Development Miami.pdfAndroid App Development Miami.pdf
Android App Development Miami.pdf
AtivaItSolution4 views
SUSE shim and things related to itSUSE shim and things related to it
SUSE shim and things related to it
SUSE Labs Taipei8 views
In- Depth Salesforce Consulting Services.pptxIn- Depth Salesforce Consulting Services.pptx
In- Depth Salesforce Consulting Services.pptx
Cloudaction7 views
美国明尼苏达大学文凭学历样板查看美国明尼苏达大学文凭学历样板查看
美国明尼苏达大学文凭学历样板查看
abycyww3 views
Brochure for Dashboard Folders for JiraBrochure for Dashboard Folders for Jira
Brochure for Dashboard Folders for Jira
Akeles Consulting17 views
Alberto_Cappa_Resume_Apple.pdfAlberto_Cappa_Resume_Apple.pdf
Alberto_Cappa_Resume_Apple.pdf
AlbertoCappa14 views
Healthcare Software Development Company: How Can It Transform Healthcare?Healthcare Software Development Company: How Can It Transform Healthcare?
Healthcare Software Development Company: How Can It Transform Healthcare?
EMed HealthTech Pvt Ltd4 views
Laundry Management System(With Power of Sale)Laundry Management System(With Power of Sale)
Laundry Management System(With Power of Sale)
Geminate Consultancy Services7 views
留学未能毕业?如何办理德国亚琛应用技术大学毕业证书认证留学未能毕业?如何办理德国亚琛应用技术大学毕业证书认证
留学未能毕业?如何办理德国亚琛应用技术大学毕业证书认证
vweuwx3 views
Bellen FacebookBellen Facebook
Bellen Facebook
karizmakpor3 views
Sales Laundry Multi LocationSales Laundry Multi Location
Sales Laundry Multi Location
Geminate Consultancy Services4 views
JacksonvilleJUG_CVE101.pdfJacksonvilleJUG_CVE101.pdf
JacksonvilleJUG_CVE101.pdf
Theresa Mammarella5 views
办英国大学毕业证学位证奇切斯特大学毕业证制作|办英国大学毕业证学位证奇切斯特大学毕业证制作|
办英国大学毕业证学位证奇切斯特大学毕业证制作|
abycyww3 views
Indexing and Query Performance in MongoDB.pdfIndexing and Query Performance in MongoDB.pdf
Indexing and Query Performance in MongoDB.pdf
Malak Abu Hammad8 views
美国密歇根大学毕业证、学位证原版制作美国密歇根大学毕业证、学位证原版制作
美国密歇根大学毕业证、学位证原版制作
abycyww4 views

Owasp top 10 2017 RC - Comments, observations and ideas

  1. Owasp Top 10 2017 (RC) Some comments and observations and ideas
  2. https://twitter.com/securestep9/status/863005880161382400
  3. http://www.skeletonscribe.net/2017/04/abusing-owasp.html http://lists.owasp.org/pipermail/owasp-topten/2017-April/001422.html
  4. http://www.skeletonscribe.net/2017/04/abusing-owasp.html http://www.skeletonscribe.net/2017/04/abusing-owasp.html
  5. http://www.csoonline.com/article/3192505/security/contrast-security-responds-to-owasp-top-10-controversy.html
  6. SOLUTIONS
  7. http://lists.owasp.org/pipermail/owasp-topten/2017-April/001422.html
  8. Using these important activities
  9. Using these important activities
  10. Using these important activities
  11. Here is a (proposed) idea of a new Top 10
  12. Let’s continue this at the Summit
  13. Thanks