Owasp Forum Web Services Security

Marco Morana
SVP Technology Risks & Controls at Open Web Application Security Project Foundation
Aug. 30, 2009
Owasp Forum Web Services Security
Owasp Forum Web Services Security
Owasp Forum Web Services Security
Owasp Forum Web Services Security
Owasp Forum Web Services Security
Owasp Forum Web Services Security
Owasp Forum Web Services Security
Owasp Forum Web Services Security
Owasp Forum Web Services Security
Owasp Forum Web Services Security
Owasp Forum Web Services Security
Owasp Forum Web Services Security
Owasp Forum Web Services Security
Owasp Forum Web Services Security
Owasp Forum Web Services Security
1 of 15

Owasp Forum Web Services Security

Aug. 30, 2009
Download to read offline
Education
Technology
Business
Marco Morana
SVP Technology Risks & Controls at Open Web Application Security Project Foundation

Recommended

Web 2.0 threats, vulnerability analysis,secure web 2.0 application developmen...Web 2.0 threats, vulnerability analysis,secure web 2.0 application developmen...
Web 2.0 threats, vulnerability analysis,secure web 2.0 application developmen...Marco Morana8.4K views38 slides
OWASP Top 10 And Insecure Software Root CausesOWASP Top 10 And Insecure Software Root Causes
OWASP Top 10 And Insecure Software Root CausesMarco Morana11.4K views67 slides
Secure coding guidelinesSecure coding guidelines
Secure coding guidelinesZakaria SMAHI620 views32 slides
Owasp webgoatOwasp webgoat
Owasp webgoatZakaria SMAHI2K views24 slides
Owasp Top 10 And Security Flaw Root CausesOwasp Top 10 And Security Flaw Root Causes
Owasp Top 10 And Security Flaw Root CausesMarco Morana5.5K views60 slides
Owasp Top 10Owasp Top 10
Owasp Top 10Shivam Porwal688 views16 slides

More Related Content

Slideshows for you

OWASP Top 10 2017 - New VulnerabilitiesOWASP Top 10 2017 - New Vulnerabilities
OWASP Top 10 2017 - New VulnerabilitiesDilum Bandara242 views23 slides
OWASP Top 10 2017OWASP Top 10 2017
OWASP Top 10 2017Siddharth Phatarphod227 views23 slides
Attques webAttques web
Attques webTarek MOHAMED1.9K views147 slides
BEST PRACTICES OF WEB APPLICATION SECURITY By SAMVEL GEVORGYANBEST PRACTICES OF WEB APPLICATION SECURITY By SAMVEL GEVORGYAN
BEST PRACTICES OF WEB APPLICATION SECURITY By SAMVEL GEVORGYANSamvel Gevorgyan24.2K views88 slides
CROSS-SITE REQUEST FORGERY - IN-DEPTH ANALYSIS 2011CROSS-SITE REQUEST FORGERY - IN-DEPTH ANALYSIS 2011
CROSS-SITE REQUEST FORGERY - IN-DEPTH ANALYSIS 2011Samvel Gevorgyan3K views6 slides
Content Management System SecurityContent Management System Security
Content Management System SecuritySamvel Gevorgyan1.1K views16 slides

Slideshows for you(20)

OWASP Top 10 2017 - New VulnerabilitiesOWASP Top 10 2017 - New Vulnerabilities
OWASP Top 10 2017 - New Vulnerabilities
Dilum Bandara242 views
OWASP Top 10 2017OWASP Top 10 2017
OWASP Top 10 2017
Siddharth Phatarphod227 views
Attques webAttques web
Attques web
Tarek MOHAMED1.9K views
BEST PRACTICES OF WEB APPLICATION SECURITY By SAMVEL GEVORGYANBEST PRACTICES OF WEB APPLICATION SECURITY By SAMVEL GEVORGYAN
BEST PRACTICES OF WEB APPLICATION SECURITY By SAMVEL GEVORGYAN
Samvel Gevorgyan24.2K views
CROSS-SITE REQUEST FORGERY - IN-DEPTH ANALYSIS 2011CROSS-SITE REQUEST FORGERY - IN-DEPTH ANALYSIS 2011
CROSS-SITE REQUEST FORGERY - IN-DEPTH ANALYSIS 2011
Samvel Gevorgyan3K views
Content Management System SecurityContent Management System Security
Content Management System Security
Samvel Gevorgyan1.1K views
Security in the cloud protecting your cloud appsSecurity in the cloud protecting your cloud apps
Security in the cloud protecting your cloud apps
Cenzic1.4K views
OWASPOWASP
OWASP
gehad hamdy100 views
OWASP Serbia - A3 broken authentication and session managementOWASP Serbia - A3 broken authentication and session management
OWASP Serbia - A3 broken authentication and session management
Nikola Milosevic4.5K views
OWASP -Top 5 JagjitOWASP -Top 5 Jagjit
OWASP -Top 5 Jagjit
Jagjit Singh Brar102 views
Web Application Security Guide by Qualys 2011 Web Application Security Guide by Qualys 2011
Web Application Security Guide by Qualys 2011
nat page1.1K views
Security risks awarenessSecurity risks awareness
Security risks awareness
Janagi Kannan70 views
Oh, WASP! Security Essentials for Web AppsOh, WASP! Security Essentials for Web Apps
Oh, WASP! Security Essentials for Web Apps
TechWell2K views
Threat modeling driven security testingThreat modeling driven security testing
Threat modeling driven security testing
Paúl Sn188 views
Owasp top 10Owasp top 10
Owasp top 10
YasserElsnbary409 views
Hacking A Web Site And Secure Web Server Techniques UsedHacking A Web Site And Secure Web Server Techniques Used
Hacking A Web Site And Secure Web Server Techniques Used
Siddharth Bhattacharya6.1K views
Planning Extranet Environments with SharePoint 2010Planning Extranet Environments with SharePoint 2010
Planning Extranet Environments with SharePoint 2010
Michael Noel3.5K views
4.Xss4.Xss
4.Xss
phanleson1.2K views
A Multidimensional View of Critical Web Application Security Risks: A Novel '...A Multidimensional View of Critical Web Application Security Risks: A Novel '...
A Multidimensional View of Critical Web Application Security Risks: A Novel '...
Cognizant502 views
OWASP Serbia - A5 cross-site request forgeryOWASP Serbia - A5 cross-site request forgery
OWASP Serbia - A5 cross-site request forgery
Nikola Milosevic3.7K views

Viewers also liked

Cryptographic Hash Function using Cellular AutomataCryptographic Hash Function using Cellular Automata
Cryptographic Hash Function using Cellular AutomataEditor IJCATR304 views3 slides
XML And Web Services Security StandardsXML And Web Services Security Standards
XML And Web Services Security Standardsguest68465b1.9K views16 slides
18 hashing18 hashing
18 hashingdeonnash1.9K views27 slides
Web Services Security TutorialWeb Services Security Tutorial
Web Services Security TutorialJorgen Thelin4.4K views112 slides
Microservices Tutorial Session at JavaOne 2016Microservices Tutorial Session at JavaOne 2016
Microservices Tutorial Session at JavaOne 2016Jason Swartz549 views130 slides
5. message authentication and hash function5. message authentication and hash function
5. message authentication and hash functionChirag Patel17K views30 slides

Viewers also liked(15)

Cryptographic Hash Function using Cellular AutomataCryptographic Hash Function using Cellular Automata
Cryptographic Hash Function using Cellular Automata
Editor IJCATR304 views
XML And Web Services Security StandardsXML And Web Services Security Standards
XML And Web Services Security Standards
guest68465b1.9K views
18 hashing18 hashing
18 hashing
deonnash1.9K views
Web Services Security TutorialWeb Services Security Tutorial
Web Services Security Tutorial
Jorgen Thelin4.4K views
Microservices Tutorial Session at JavaOne 2016Microservices Tutorial Session at JavaOne 2016
Microservices Tutorial Session at JavaOne 2016
Jason Swartz549 views
5. message authentication and hash function5. message authentication and hash function
5. message authentication and hash function
Chirag Patel17K views
CryptographyCryptography
Cryptography
Deepak Kumar14.6K views
Hash Function & AnalysisHash Function & Analysis
Hash Function & Analysis
Pawandeep Kaur5.5K views
Hash FunctionHash Function
Hash Function
Siddharth Srivastava23.9K views
Cryptography & SteganographyCryptography & Steganography
Cryptography & Steganography
Animesh Shaw22.6K views
Intrusion detectionIntrusion detection
Intrusion detection
Umesh Dhital17.8K views
Ch11 Basic CryptographyCh11 Basic Cryptography
Ch11 Basic Cryptography
Information Technology7.7K views
CryptographyCryptography
Cryptography
Shivanand Arur130.8K views
Intrusion detection system pptIntrusion detection system ppt
Intrusion detection system ppt
Sheetal Verma82.9K views
Intrusion detection system Intrusion detection system
Intrusion detection system
gaurav koriya43.5K views

Similar to Owasp Forum Web Services Security

Web application security (eng)Web application security (eng)
Web application security (eng)Anatoliy Okhotnikov795 views69 slides
FS_Usage_ScenariosFS_Usage_Scenarios
FS_Usage_ScenariosKevin Kao128 views6 slides
Don't Drop the SOAP: Real World Web Service Testing for Web Hackers Don't Drop the SOAP: Real World Web Service Testing for Web Hackers
Don't Drop the SOAP: Real World Web Service Testing for Web Hackers Tom Eston5.6K views50 slides
Web Api services using IBM DatapowerWeb Api services using IBM Datapower
Web Api services using IBM DatapowerSigortam.net19.1K views7 slides
Web-services Web-services
Web-services webhostingguy832 views42 slides
Owasp top 10_openwest_2019Owasp top 10_openwest_2019
Owasp top 10_openwest_2019Sean Jackson224 views67 slides

Similar to Owasp Forum Web Services Security(20)

Web application security (eng)Web application security (eng)
Web application security (eng)
Anatoliy Okhotnikov795 views
FS_Usage_ScenariosFS_Usage_Scenarios
FS_Usage_Scenarios
Kevin Kao128 views
Don't Drop the SOAP: Real World Web Service Testing for Web Hackers Don't Drop the SOAP: Real World Web Service Testing for Web Hackers
Don't Drop the SOAP: Real World Web Service Testing for Web Hackers
Tom Eston5.6K views
Web Api services using IBM DatapowerWeb Api services using IBM Datapower
Web Api services using IBM Datapower
Sigortam.net19.1K views
Web-services Web-services
Web-services
webhostingguy832 views
Owasp top 10_openwest_2019Owasp top 10_openwest_2019
Owasp top 10_openwest_2019
Sean Jackson224 views
Secure SDLC for Software Secure SDLC for Software
Secure SDLC for Software
Shreeraj Shah5.9K views
the-most-dangerous-code-in-the-worldthe-most-dangerous-code-in-the-world
the-most-dangerous-code-in-the-world
Martin Georgiev215 views
the-most-dangerous-code-in-the-worldthe-most-dangerous-code-in-the-world
the-most-dangerous-code-in-the-world
Martin Georgiev153 views
Shmat ccs12Shmat ccs12
Shmat ccs12
Hai Nguyen756 views
Security OperationsSecurity Operations
Security Operations
ankitmehta21880 views
Corporate Security Issues and countering them using Unified Threat Management...Corporate Security Issues and countering them using Unified Threat Management...
Corporate Security Issues and countering them using Unified Threat Management...
Rishabh Dangwal2.5K views
AppSec 2007 - .NET Web Services HackingAppSec 2007 - .NET Web Services Hacking
AppSec 2007 - .NET Web Services Hacking
Shreeraj Shah5.9K views
Introduction to SSL and How to Exploit & SecureIntroduction to SSL and How to Exploit & Secure
Introduction to SSL and How to Exploit & Secure
Brian Ritchie3.3K views
DevSecOps - automating securityDevSecOps - automating security
DevSecOps - automating security
John Staveley726 views
Unit 6Unit 6
Unit 6
Vinod Kumar Gorrepati713 views
Owasp Top 10 2017Owasp Top 10 2017
Owasp Top 10 2017
SamsonMuoki40 views
WebApps_Lecture_15.pptWebApps_Lecture_15.ppt
WebApps_Lecture_15.ppt
OmprakashVerma5610 views
On technical security issues in cloud computingOn technical security issues in cloud computing
On technical security issues in cloud computing
sashi799994 views
Sql server security in an insecure worldSql server security in an insecure world
Sql server security in an insecure world
Gianluca Sartori500 views

More from Marco Morana

Is talent shortage ws marco moranaIs talent shortage ws marco morana
Is talent shortage ws marco moranaMarco Morana136 views6 slides
Isaca conference threat_modeling_marco_morana_short.pdfIsaca conference threat_modeling_marco_morana_short.pdf
Isaca conference threat_modeling_marco_morana_short.pdfMarco Morana1.4K views21 slides
Owasp atlanta-ciso-guidevs1Owasp atlanta-ciso-guidevs1
Owasp atlanta-ciso-guidevs1Marco Morana1.2K views20 slides
Owasp e crime-london-2012-finalOwasp e crime-london-2012-final
Owasp e crime-london-2012-finalMarco Morana1.2K views18 slides
Security And Privacy Cagliari 2012Security And Privacy Cagliari 2012
Security And Privacy Cagliari 2012Marco Morana773 views29 slides
Presentation sso design_securityPresentation sso design_security
Presentation sso design_securityMarco Morana9.4K views23 slides

More from Marco Morana(20)

Is talent shortage ws marco moranaIs talent shortage ws marco morana
Is talent shortage ws marco morana
Marco Morana136 views
Isaca conference threat_modeling_marco_morana_short.pdfIsaca conference threat_modeling_marco_morana_short.pdf
Isaca conference threat_modeling_marco_morana_short.pdf
Marco Morana1.4K views
Owasp atlanta-ciso-guidevs1Owasp atlanta-ciso-guidevs1
Owasp atlanta-ciso-guidevs1
Marco Morana1.2K views
Owasp e crime-london-2012-finalOwasp e crime-london-2012-final
Owasp e crime-london-2012-final
Marco Morana1.2K views
Security And Privacy Cagliari 2012Security And Privacy Cagliari 2012
Security And Privacy Cagliari 2012
Marco Morana773 views
Presentation sso design_securityPresentation sso design_security
Presentation sso design_security
Marco Morana9.4K views
Owasp security summit_2012_milanovs_finalOwasp security summit_2012_milanovs_final
Owasp security summit_2012_milanovs_final
Marco Morana1K views
Security Summit Rome 2011Security Summit Rome 2011
Security Summit Rome 2011
Marco Morana891 views
Risk Analysis Of Banking Malware AttacksRisk Analysis Of Banking Malware Attacks
Risk Analysis Of Banking Malware Attacks
Marco Morana10.9K views
Security Exploit of Business Logic Flaws, Business Logic AttacksSecurity Exploit of Business Logic Flaws, Business Logic Attacks
Security Exploit of Business Logic Flaws, Business Logic Attacks
Marco Morana6.5K views
Software Security InitiativesSoftware Security Initiatives
Software Security Initiatives
Marco Morana4.5K views
Business cases for software securityBusiness cases for software security
Business cases for software security
Marco Morana4.4K views
Security Compliance Web Application Risk ManagementSecurity Compliance Web Application Risk Management
Security Compliance Web Application Risk Management
Marco Morana5K views
Web Application Security TestingWeb Application Security Testing
Web Application Security Testing
Marco Morana17.6K views
Software Security FrameworksSoftware Security Frameworks
Software Security Frameworks
Marco Morana3.2K views
Software Open Source, Proprierio, Interoperabilita'Software Open Source, Proprierio, Interoperabilita'
Software Open Source, Proprierio, Interoperabilita'
Marco Morana495 views
Progetti Open Source Per La Sicurezza Delle Web ApplicationsProgetti Open Source Per La Sicurezza Delle Web Applications
Progetti Open Source Per La Sicurezza Delle Web Applications
Marco Morana1.3K views
Introduction To OWASPIntroduction To OWASP
Introduction To OWASP
Marco Morana3.1K views
Cross Site Request Forgery VulnerabilitiesCross Site Request Forgery Vulnerabilities
Cross Site Request Forgery Vulnerabilities
Marco Morana1.6K views
Software Security Initiative And Capability Maturity ModelsSoftware Security Initiative And Capability Maturity Models
Software Security Initiative And Capability Maturity Models
Marco Morana1.6K views

Recently uploaded

DTAB, CDL, DCC.pptxDTAB, CDL, DCC.pptx
DTAB, CDL, DCC.pptxDivyaDwivedi5082 views9 slides
Object Oriented Programming using C++(UNIT 1)Object Oriented Programming using C++(UNIT 1)
Object Oriented Programming using C++(UNIT 1)SURBHI SAROHA67 views54 slides
Digital Presence - LinkedInDigital Presence - LinkedIn
Digital Presence - LinkedInPMICHENNAICHAPTER60 views4 slides
adnan adil (physical examination of urine).pptxadnan adil (physical examination of urine).pptx
adnan adil (physical examination of urine).pptxAdnanSami8462 views11 slides
The Future.pdfThe Future.pdf
The Future.pdfNetziValdelomar1170 views18 slides
Personal BrandingPersonal Branding
Personal BrandingPMICHENNAICHAPTER57 views4 slides

Recently uploaded(20)

DTAB, CDL, DCC.pptxDTAB, CDL, DCC.pptx
DTAB, CDL, DCC.pptx
DivyaDwivedi5082 views
Object Oriented Programming using C++(UNIT 1)Object Oriented Programming using C++(UNIT 1)
Object Oriented Programming using C++(UNIT 1)
SURBHI SAROHA67 views
Digital Presence - LinkedInDigital Presence - LinkedIn
Digital Presence - LinkedIn
PMICHENNAICHAPTER60 views
adnan adil (physical examination of urine).pptxadnan adil (physical examination of urine).pptx
adnan adil (physical examination of urine).pptx
AdnanSami8462 views
The Future.pdfThe Future.pdf
The Future.pdf
NetziValdelomar1170 views
Personal BrandingPersonal Branding
Personal Branding
PMICHENNAICHAPTER57 views
Research Methodology-IntorductionResearch Methodology-Intorduction
Research Methodology-Intorduction
Dr-Dipali Meher35 views
Asura - Ramayan from a different perspective.pptxAsura - Ramayan from a different perspective.pptx
Asura - Ramayan from a different perspective.pptx
BhumiGohil180 views
Virtual Tumor Board: Multidisciplinary Management of Advanced Soft Tissue Sar...Virtual Tumor Board: Multidisciplinary Management of Advanced Soft Tissue Sar...
Virtual Tumor Board: Multidisciplinary Management of Advanced Soft Tissue Sar...
i3 Health111 views
Research Proposal.pptxResearch Proposal.pptx
Research Proposal.pptx
DrIrfanulHaqAkhoon91 views
BÀI TẬP BỔ TRỢ TIẾNG ANH LỚP 8 CẢ NĂM - GLOBAL SUCCESS - NĂM 2024 - CÓ FILE N...BÀI TẬP BỔ TRỢ TIẾNG ANH LỚP 8 CẢ NĂM - GLOBAL SUCCESS - NĂM 2024 - CÓ FILE N...
BÀI TẬP BỔ TRỢ TIẾNG ANH LỚP 8 CẢ NĂM - GLOBAL SUCCESS - NĂM 2024 - CÓ FILE N...
Nguyen Thanh Tu Collection100 views
Financail planning_Prakash Nair.pdfFinancail planning_Prakash Nair.pdf
Financail planning_Prakash Nair.pdf
crpnair135 views
NIDHI JAYSWAL.pptx Breast Self Examination.2023NIDHI JAYSWAL.pptx Breast Self Examination.2023
NIDHI JAYSWAL.pptx Breast Self Examination.2023
Nidhi1554644 views
Genetic purity & DUS test , PPV&FRAGenetic purity & DUS test , PPV&FRA
Genetic purity & DUS test , PPV&FRA
B S MEENA 71 views
Evolution of Computers ppt.pptxEvolution of Computers ppt.pptx
Evolution of Computers ppt.pptx
Anusha sivakumar184 views
DataPreprocessing.pptxDataPreprocessing.pptx
DataPreprocessing.pptx
Dr-Dipali Meher151 views
Skimming and Scanning.pdfSkimming and Scanning.pdf
Skimming and Scanning.pdf
NetziValdelomar1225 views
The Student Guide To Writing Better Sentences In The English Classroom 2The Student Guide To Writing Better Sentences In The English Classroom 2
The Student Guide To Writing Better Sentences In The English Classroom 2
jpinnuck237 views
1.3 ICH .pdf1.3 ICH .pdf
1.3 ICH .pdf
KoriyaKrupali179 views
Act#2 TDLab ALFQ Aguita Lab Rules.pptxAct#2 TDLab ALFQ Aguita Lab Rules.pptx
Act#2 TDLab ALFQ Aguita Lab Rules.pptx
Integrated Sciences 8 (2023- 2024)85 views

Owasp Forum Web Services Security

  1. OWASP Top Ten Web Services Vulnerabilities Marco Morana OWASP Chapter Lead [email_address] Based upon Gunnar Peterson Presentation OWASP T10 Web Services Proposal OWASP USA 08 NYC Appsec Conference Cincinnati Chapter August 2009 Meeting