Helping Developers Build Secure Web Apps with Bill Sempf
Episode #1231
Wednesday, December 16, 2015
So what does it take to make your web applications secure? Carl and Richard talk to Bill Sempf about his work educating developers on writing secure software. The conversation focuses on the Open Web Application Security Project (OWASP) and all the resources there for securing your web applications. Bill leads the .NET side of OWASP, providing tools, techniques and links for everything you need to build a more secure web application. You'd be amazed how many great security resources are built into the .NET Framework, you just need to know where to look, and OWASP can help you - check it out!
Guests:
Bill Sempf
Bill Sempf is a programmer and hacker who is trying to bridge the gap between developers and security folks. You can find him all over the internet.
Links:
- Starwood Security Breach http://www.zdnet.com/article/starwood-hotels-fall-prey-to-point-of-sale-malware/
- ScotNetRocks! https://docs.google.com/forms/d/1GrJUlLesLd9_dlIwBc1P7mvgu2kwID7WK6kBbYQMvaA/closedform
- OWASP .NET Project https://www.owasp.org/index.php/Category:OWASP_.NET_Project
- WebGoat http://webgoat.github.io/
- OWASP Proactive Controls https://www.owasp.org/index.php/OWASP_Proactive_Controls
- DefCon https://www.defcon.org/
- Rubber Ducky http://hakshop.myshopify.com/products/usb-rubber-ducky
- LAN Turtle https://lanturtle.com/
- Top 10 Security Vulnerabilities for .NET Developers http://www.troyhunt.com/2011/12/free-ebook-owasp-top-10-for-net.html
- OWASP .NET Security Cheat Sheet https://www.owasp.org/index.php/.NET_Security_Cheat_Sheet
- Bouncy Castle Cryptography http://bouncycastle.org/
- WireShark https://www.wireshark.org/
- FireSheep https://codebutler.github.io/firesheep/
- Wifi Pineapple https://www.wifipineapple.com/