SlideShare uma empresa Scribd logo

ESAPI

n|u - The Open Security Community
n|u - The Open Security Community

null Bangalore Chapter - June 2014 Meet

EducaçãoTecnologia
1 de 16
Baixar para ler offline
ESAPI
 Jeff Williams, Project Mgr - OWASP ESAPI  Founder and CEO of Aspect Security  25 years experience  Top 10, Webgoat proj About the author
 Issues! when security implementation is in developers hand.  Reinventing the wheel  Complexity of Application Security for developers  Simplify application security for developers. Why ESAPI ?
 Security API  Exhaustive list of security controls  Web application or web service project  120 methods and interfaces  First J2ee version realised Aug 2010 What is ESAPI ?
Footprints
J2ee ESAPI Libraries
Libraries barrowed !!
Packages
Create a security API that matches YOUR enterprise Create a custom ESAPI for your organization. It works best when ..
Canonicalization feature is handy Encoding module is very mature. Data validation response can be improved by spring validation framework HTTP header and cookie validations are good Client side JavaScript ESAPI is not part of this module. Not sure if Owasp CSRFguard and CSRF module in ESAPI is same or not My observation..
1. Add esapi.jar file to lib 2. Create a custom ESAPI for your organization. 2 Step Setup..
Data-validation.. Review.jsp Review.jsp Validation.properties
Encoding.. Review.jsp Review.jsp
Gap between suggestion and execution Learning .. ..
eND..

Recomendados

Testing with JUnit 5 and Spring
Testing with JUnit 5 and SpringTesting with JUnit 5 and Spring
Testing with JUnit 5 and SpringVMware Tanzu
 
MVC ppt presentation
MVC ppt presentationMVC ppt presentation
MVC ppt presentationBhavin Shah
 
Service Virtualization
Service VirtualizationService Virtualization
Service VirtualizationErika Barron
 
Software architecture patterns
Software architecture patternsSoftware architecture patterns
Software architecture patternsMd. Sadhan Sarker
 
Onion architecture
Onion architectureOnion architecture
Onion architectureVidyasagar Machupalli
 
Wireframe & Prototype - Task Management
Wireframe & Prototype - Task ManagementWireframe & Prototype - Task Management
Wireframe & Prototype - Task ManagementSuraj Rao
 
Serverless Architecture on AWS
Serverless Architecture on AWSServerless Architecture on AWS
Serverless Architecture on AWSRajind Ruparathna
 
Test-Driven Security
Test-Driven SecurityTest-Driven Security
Test-Driven SecurityVMware Tanzu
 

Recomendados

Testing with JUnit 5 and Spring
Testing with JUnit 5 and SpringTesting with JUnit 5 and Spring
Testing with JUnit 5 and SpringVMware Tanzu
 
MVC ppt presentation
MVC ppt presentationMVC ppt presentation
MVC ppt presentationBhavin Shah
 
Service Virtualization
Service VirtualizationService Virtualization
Service VirtualizationErika Barron
 
Software architecture patterns
Software architecture patternsSoftware architecture patterns
Software architecture patternsMd. Sadhan Sarker
 
Onion architecture
Onion architectureOnion architecture
Onion architectureVidyasagar Machupalli
 
Wireframe & Prototype - Task Management
Wireframe & Prototype - Task ManagementWireframe & Prototype - Task Management
Wireframe & Prototype - Task ManagementSuraj Rao
 
Serverless Architecture on AWS
Serverless Architecture on AWSServerless Architecture on AWS
Serverless Architecture on AWSRajind Ruparathna
 
Test-Driven Security
Test-Driven SecurityTest-Driven Security
Test-Driven SecurityVMware Tanzu
 
MVC architecture
MVC architectureMVC architecture
MVC architectureEmily Bauman
 
Vue.js
Vue.jsVue.js
Vue.jsJadson Santos
 
Azure WebApp Deployment Slots
Azure WebApp Deployment Slots Azure WebApp Deployment Slots
Azure WebApp Deployment Slots Ebru Cucen Çüçen
 
Modern Java web applications with Spring Boot and Thymeleaf
Modern Java web applications with Spring Boot and ThymeleafModern Java web applications with Spring Boot and Thymeleaf
Modern Java web applications with Spring Boot and ThymeleafLAY Leangsros
 
OpenAPI 3.0, And What It Means for the Future of Swagger
OpenAPI 3.0, And What It Means for the Future of SwaggerOpenAPI 3.0, And What It Means for the Future of Swagger
OpenAPI 3.0, And What It Means for the Future of SwaggerSmartBear
 
[WSO2 Summit EMEA 2020] Building an Interactive API Marketplace
[WSO2 Summit EMEA 2020] Building an Interactive API Marketplace[WSO2 Summit EMEA 2020] Building an Interactive API Marketplace
[WSO2 Summit EMEA 2020] Building an Interactive API MarketplaceWSO2
 
Creating an Effective Roadmap for Your Cloud Journey (ENT225-R1) - AWS re:Inv...
Creating an Effective Roadmap for Your Cloud Journey (ENT225-R1) - AWS re:Inv...Creating an Effective Roadmap for Your Cloud Journey (ENT225-R1) - AWS re:Inv...
Creating an Effective Roadmap for Your Cloud Journey (ENT225-R1) - AWS re:Inv...Amazon Web Services
 
Projects In Laravel : Learn Laravel Building 10 Projects
Projects In Laravel : Learn Laravel Building 10 ProjectsProjects In Laravel : Learn Laravel Building 10 Projects
Projects In Laravel : Learn Laravel Building 10 ProjectsSam Dias
 
{Re}designing a Developer Portal
{Re}designing a Developer Portal{Re}designing a Developer Portal
{Re}designing a Developer PortalPronovix
 
Module 5: AWS Elasticity and Management Tools - AWSome Day Online Conference
Module 5: AWS Elasticity and Management Tools - AWSome Day Online Conference Module 5: AWS Elasticity and Management Tools - AWSome Day Online Conference
Module 5: AWS Elasticity and Management Tools - AWSome Day Online Conference Amazon Web Services
 
Architecture: Microservices
Architecture: MicroservicesArchitecture: Microservices
Architecture: MicroservicesAmazon Web Services
 
MVC Seminar Presantation
MVC Seminar PresantationMVC Seminar Presantation
MVC Seminar PresantationAbhishek Yadav
 
Azure web apps
Azure web appsAzure web apps
Azure web appsVaibhav Gujral
 
How to use AWS WAF to Mitigate OWASP Top 10 attacks - AWS Online Tech Talks
How to use AWS WAF to Mitigate OWASP Top 10 attacks - AWS Online Tech TalksHow to use AWS WAF to Mitigate OWASP Top 10 attacks - AWS Online Tech Talks
How to use AWS WAF to Mitigate OWASP Top 10 attacks - AWS Online Tech TalksAmazon Web Services
 
Monolithic architecture
Monolithic architectureMonolithic architecture
Monolithic architectureSRM University Delhi-NCR sonepat
 
Getting Started with Serverless Architectures
Getting Started with Serverless ArchitecturesGetting Started with Serverless Architectures
Getting Started with Serverless ArchitecturesAmazon Web Services
 
Project onion - Project Architecture for .Net Core Application
Project onion - Project Architecture for .Net Core ApplicationProject onion - Project Architecture for .Net Core Application
Project onion - Project Architecture for .Net Core ApplicationAbhinav Jha
 
Apigee Demo: API Platform Overview
Apigee Demo: API Platform OverviewApigee Demo: API Platform Overview
Apigee Demo: API Platform OverviewApigee | Google Cloud
 
API for Beginners
API for BeginnersAPI for Beginners
API for BeginnersGustavo De Vita
 
Microservice Orchestration at any Scale - Zalando Tech Meetup 09/2017
Microservice Orchestration at any Scale - Zalando Tech Meetup 09/2017 Microservice Orchestration at any Scale - Zalando Tech Meetup 09/2017
Microservice Orchestration at any Scale - Zalando Tech Meetup 09/2017 Zeebe
 
Springcamp 2015 - xss는 네가 맡아라
Springcamp 2015 - xss는 네가 맡아라Springcamp 2015 - xss는 네가 맡아라
Springcamp 2015 - xss는 네가 맡아라Hyeong-Kyu Lee
 
Secuirty News Bytes-Bangalore may 2014
Secuirty News Bytes-Bangalore may 2014 Secuirty News Bytes-Bangalore may 2014
Secuirty News Bytes-Bangalore may 2014 n|u - The Open Security Community
 

Mais conteúdo relacionado

Mais procurados

Modern Java web applications with Spring Boot and Thymeleaf
Modern Java web applications with Spring Boot and ThymeleafModern Java web applications with Spring Boot and Thymeleaf
Modern Java web applications with Spring Boot and ThymeleafLAY Leangsros
 
OpenAPI 3.0, And What It Means for the Future of Swagger
OpenAPI 3.0, And What It Means for the Future of SwaggerOpenAPI 3.0, And What It Means for the Future of Swagger
OpenAPI 3.0, And What It Means for the Future of SwaggerSmartBear
 
[WSO2 Summit EMEA 2020] Building an Interactive API Marketplace
[WSO2 Summit EMEA 2020] Building an Interactive API Marketplace[WSO2 Summit EMEA 2020] Building an Interactive API Marketplace
[WSO2 Summit EMEA 2020] Building an Interactive API MarketplaceWSO2
 
Creating an Effective Roadmap for Your Cloud Journey (ENT225-R1) - AWS re:Inv...
Creating an Effective Roadmap for Your Cloud Journey (ENT225-R1) - AWS re:Inv...Creating an Effective Roadmap for Your Cloud Journey (ENT225-R1) - AWS re:Inv...
Creating an Effective Roadmap for Your Cloud Journey (ENT225-R1) - AWS re:Inv...Amazon Web Services
 
Projects In Laravel : Learn Laravel Building 10 Projects
Projects In Laravel : Learn Laravel Building 10 ProjectsProjects In Laravel : Learn Laravel Building 10 Projects
Projects In Laravel : Learn Laravel Building 10 ProjectsSam Dias
 
{Re}designing a Developer Portal
{Re}designing a Developer Portal{Re}designing a Developer Portal
{Re}designing a Developer PortalPronovix
 
Module 5: AWS Elasticity and Management Tools - AWSome Day Online Conference
Module 5: AWS Elasticity and Management Tools - AWSome Day Online Conference Module 5: AWS Elasticity and Management Tools - AWSome Day Online Conference
Module 5: AWS Elasticity and Management Tools - AWSome Day Online Conference Amazon Web Services
 
MVC Seminar Presantation
MVC Seminar PresantationMVC Seminar Presantation
MVC Seminar PresantationAbhishek Yadav
 
How to use AWS WAF to Mitigate OWASP Top 10 attacks - AWS Online Tech Talks
How to use AWS WAF to Mitigate OWASP Top 10 attacks - AWS Online Tech TalksHow to use AWS WAF to Mitigate OWASP Top 10 attacks - AWS Online Tech Talks
How to use AWS WAF to Mitigate OWASP Top 10 attacks - AWS Online Tech TalksAmazon Web Services
 
Getting Started with Serverless Architectures
Getting Started with Serverless ArchitecturesGetting Started with Serverless Architectures
Getting Started with Serverless ArchitecturesAmazon Web Services
 
Project onion - Project Architecture for .Net Core Application
Project onion - Project Architecture for .Net Core ApplicationProject onion - Project Architecture for .Net Core Application
Project onion - Project Architecture for .Net Core ApplicationAbhinav Jha
 
Microservice Orchestration at any Scale - Zalando Tech Meetup 09/2017
Microservice Orchestration at any Scale - Zalando Tech Meetup 09/2017 Microservice Orchestration at any Scale - Zalando Tech Meetup 09/2017
Microservice Orchestration at any Scale - Zalando Tech Meetup 09/2017 Zeebe
 

Mais procurados (20)

MVC architecture
MVC architectureMVC architecture
MVC architecture
 
Vue.js
Vue.jsVue.js
Vue.js
 
Azure WebApp Deployment Slots
Azure WebApp Deployment Slots Azure WebApp Deployment Slots
Azure WebApp Deployment Slots
 
Modern Java web applications with Spring Boot and Thymeleaf
Modern Java web applications with Spring Boot and ThymeleafModern Java web applications with Spring Boot and Thymeleaf
Modern Java web applications with Spring Boot and Thymeleaf
 
OpenAPI 3.0, And What It Means for the Future of Swagger
OpenAPI 3.0, And What It Means for the Future of SwaggerOpenAPI 3.0, And What It Means for the Future of Swagger
OpenAPI 3.0, And What It Means for the Future of Swagger
 
[WSO2 Summit EMEA 2020] Building an Interactive API Marketplace
[WSO2 Summit EMEA 2020] Building an Interactive API Marketplace[WSO2 Summit EMEA 2020] Building an Interactive API Marketplace
[WSO2 Summit EMEA 2020] Building an Interactive API Marketplace
 
Creating an Effective Roadmap for Your Cloud Journey (ENT225-R1) - AWS re:Inv...
Creating an Effective Roadmap for Your Cloud Journey (ENT225-R1) - AWS re:Inv...Creating an Effective Roadmap for Your Cloud Journey (ENT225-R1) - AWS re:Inv...
Creating an Effective Roadmap for Your Cloud Journey (ENT225-R1) - AWS re:Inv...
 
Projects In Laravel : Learn Laravel Building 10 Projects
Projects In Laravel : Learn Laravel Building 10 ProjectsProjects In Laravel : Learn Laravel Building 10 Projects
Projects In Laravel : Learn Laravel Building 10 Projects
 
{Re}designing a Developer Portal
{Re}designing a Developer Portal{Re}designing a Developer Portal
{Re}designing a Developer Portal
 
Module 5: AWS Elasticity and Management Tools - AWSome Day Online Conference
Module 5: AWS Elasticity and Management Tools - AWSome Day Online Conference Module 5: AWS Elasticity and Management Tools - AWSome Day Online Conference
Module 5: AWS Elasticity and Management Tools - AWSome Day Online Conference
 
Architecture: Microservices
Architecture: MicroservicesArchitecture: Microservices
Architecture: Microservices
 
MVC Seminar Presantation
MVC Seminar PresantationMVC Seminar Presantation
MVC Seminar Presantation
 
Azure web apps
Azure web appsAzure web apps
Azure web apps
 
How to use AWS WAF to Mitigate OWASP Top 10 attacks - AWS Online Tech Talks
How to use AWS WAF to Mitigate OWASP Top 10 attacks - AWS Online Tech TalksHow to use AWS WAF to Mitigate OWASP Top 10 attacks - AWS Online Tech Talks
How to use AWS WAF to Mitigate OWASP Top 10 attacks - AWS Online Tech Talks
 
Monolithic architecture
Monolithic architectureMonolithic architecture
Monolithic architecture
 
Getting Started with Serverless Architectures
Getting Started with Serverless ArchitecturesGetting Started with Serverless Architectures
Getting Started with Serverless Architectures
 
Project onion - Project Architecture for .Net Core Application
Project onion - Project Architecture for .Net Core ApplicationProject onion - Project Architecture for .Net Core Application
Project onion - Project Architecture for .Net Core Application
 
Apigee Demo: API Platform Overview
Apigee Demo: API Platform OverviewApigee Demo: API Platform Overview
Apigee Demo: API Platform Overview
 
API for Beginners
API for BeginnersAPI for Beginners
API for Beginners
 
Microservice Orchestration at any Scale - Zalando Tech Meetup 09/2017
Microservice Orchestration at any Scale - Zalando Tech Meetup 09/2017 Microservice Orchestration at any Scale - Zalando Tech Meetup 09/2017
Microservice Orchestration at any Scale - Zalando Tech Meetup 09/2017
 

Destaque

Springcamp 2015 - xss는 네가 맡아라
Springcamp 2015 - xss는 네가 맡아라Springcamp 2015 - xss는 네가 맡아라
Springcamp 2015 - xss는 네가 맡아라Hyeong-Kyu Lee
 
IE Memory Protector
IE Memory ProtectorIE Memory Protector
IE Memory Protector3S Labs
 
Venom vulnerability Overview and a basic demo
Venom vulnerability Overview and a basic demoVenom vulnerability Overview and a basic demo
Venom vulnerability Overview and a basic demoAkash Mahajan
 
Rapid Android Application Security Testing
Rapid Android Application Security TestingRapid Android Application Security Testing
Rapid Android Application Security TestingNutan Kumar Panda
 
Security Monitoring using SIEM null bangalore meet april 2015
Security Monitoring using SIEM null bangalore meet april 2015Security Monitoring using SIEM null bangalore meet april 2015
Security Monitoring using SIEM null bangalore meet april 2015n|u - The Open Security Community
 
OWASP Bangalore : OWTF demo : 13 Dec 2014
OWASP Bangalore : OWTF demo : 13 Dec 2014OWASP Bangalore : OWTF demo : 13 Dec 2014
OWASP Bangalore : OWTF demo : 13 Dec 2014Anant Shrivastava
 
Tale of Forgotten Disclosure and Lesson learned
Tale of Forgotten Disclosure and Lesson learnedTale of Forgotten Disclosure and Lesson learned
Tale of Forgotten Disclosure and Lesson learnedAnant Shrivastava
 
Owasp Mobile Risk M2 : Insecure Data Storage : null/OWASP/G4H Bangalore Aug 2014
Owasp Mobile Risk M2 : Insecure Data Storage : null/OWASP/G4H Bangalore Aug 2014Owasp Mobile Risk M2 : Insecure Data Storage : null/OWASP/G4H Bangalore Aug 2014
Owasp Mobile Risk M2 : Insecure Data Storage : null/OWASP/G4H Bangalore Aug 2014Anant Shrivastava
 
Owasp Mobile Risk Series : M4 : Unintended Data Leakage
Owasp Mobile Risk Series : M4 : Unintended Data LeakageOwasp Mobile Risk Series : M4 : Unintended Data Leakage
Owasp Mobile Risk Series : M4 : Unintended Data LeakageAnant Shrivastava
 
Owasp Mobile Risk Series : M3 : Insufficient Transport Layer Protection
Owasp Mobile Risk Series : M3 : Insufficient Transport Layer ProtectionOwasp Mobile Risk Series : M3 : Insufficient Transport Layer Protection
Owasp Mobile Risk Series : M3 : Insufficient Transport Layer ProtectionAnant Shrivastava
 

Destaque (20)

Springcamp 2015 - xss는 네가 맡아라
Springcamp 2015 - xss는 네가 맡아라Springcamp 2015 - xss는 네가 맡아라
Springcamp 2015 - xss는 네가 맡아라
 
Secuirty News Bytes-Bangalore may 2014
Secuirty News Bytes-Bangalore may 2014 Secuirty News Bytes-Bangalore may 2014
Secuirty News Bytes-Bangalore may 2014
 
Flashack
FlashackFlashack
Flashack
 
The Shellshocker
The ShellshockerThe Shellshocker
The Shellshocker
 
Browser Exploit Framework
Browser Exploit FrameworkBrowser Exploit Framework
Browser Exploit Framework
 
Demystifying captcha Bangalore Meet April 18
Demystifying captcha Bangalore Meet April 18Demystifying captcha Bangalore Meet April 18
Demystifying captcha Bangalore Meet April 18
 
Metasploit Demo
Metasploit DemoMetasploit Demo
Metasploit Demo
 
IE Memory Protector
IE Memory ProtectorIE Memory Protector
IE Memory Protector
 
Owasp Mobile Top 10 – 2014
Owasp Mobile Top 10 – 2014Owasp Mobile Top 10 – 2014
Owasp Mobile Top 10 – 2014
 
Recon ng null meet April 2015
Recon ng null meet April 2015Recon ng null meet April 2015
Recon ng null meet April 2015
 
Owasp m7-m8-shivang nullmeetblr 21june2015
Owasp m7-m8-shivang nullmeetblr 21june2015Owasp m7-m8-shivang nullmeetblr 21june2015
Owasp m7-m8-shivang nullmeetblr 21june2015
 
Venom vulnerability Overview and a basic demo
Venom vulnerability Overview and a basic demoVenom vulnerability Overview and a basic demo
Venom vulnerability Overview and a basic demo
 
Rapid Android Application Security Testing
Rapid Android Application Security TestingRapid Android Application Security Testing
Rapid Android Application Security Testing
 
Metasploit Humla for Beginner
Metasploit Humla for BeginnerMetasploit Humla for Beginner
Metasploit Humla for Beginner
 
Security Monitoring using SIEM null bangalore meet april 2015
Security Monitoring using SIEM null bangalore meet april 2015Security Monitoring using SIEM null bangalore meet april 2015
Security Monitoring using SIEM null bangalore meet april 2015
 
OWASP Bangalore : OWTF demo : 13 Dec 2014
OWASP Bangalore : OWTF demo : 13 Dec 2014OWASP Bangalore : OWTF demo : 13 Dec 2014
OWASP Bangalore : OWTF demo : 13 Dec 2014
 
Tale of Forgotten Disclosure and Lesson learned
Tale of Forgotten Disclosure and Lesson learnedTale of Forgotten Disclosure and Lesson learned
Tale of Forgotten Disclosure and Lesson learned
 
Owasp Mobile Risk M2 : Insecure Data Storage : null/OWASP/G4H Bangalore Aug 2014
Owasp Mobile Risk M2 : Insecure Data Storage : null/OWASP/G4H Bangalore Aug 2014Owasp Mobile Risk M2 : Insecure Data Storage : null/OWASP/G4H Bangalore Aug 2014
Owasp Mobile Risk M2 : Insecure Data Storage : null/OWASP/G4H Bangalore Aug 2014
 
Owasp Mobile Risk Series : M4 : Unintended Data Leakage
Owasp Mobile Risk Series : M4 : Unintended Data LeakageOwasp Mobile Risk Series : M4 : Unintended Data Leakage
Owasp Mobile Risk Series : M4 : Unintended Data Leakage
 
Owasp Mobile Risk Series : M3 : Insufficient Transport Layer Protection
Owasp Mobile Risk Series : M3 : Insufficient Transport Layer ProtectionOwasp Mobile Risk Series : M3 : Insufficient Transport Layer Protection
Owasp Mobile Risk Series : M3 : Insufficient Transport Layer Protection
 

Semelhante a ESAPI

Strengthen and Scale Security for a dollar or less
Strengthen and Scale Security for a dollar or lessStrengthen and Scale Security for a dollar or less
Strengthen and Scale Security for a dollar or lessMohammed A. Imran
 
Scale security for a dollar or less
Scale security for a dollar or lessScale security for a dollar or less
Scale security for a dollar or lessMohammed A. Imran
 
Strengthen and Scale Security Using DevSecOps - OWASP Indonesia
Strengthen and Scale Security Using DevSecOps - OWASP IndonesiaStrengthen and Scale Security Using DevSecOps - OWASP Indonesia
Strengthen and Scale Security Using DevSecOps - OWASP IndonesiaMohammed A. Imran
 
Automating OWASP Tests in your CI/CD
Automating OWASP Tests in your CI/CDAutomating OWASP Tests in your CI/CD
Automating OWASP Tests in your CI/CDrkadayam
 
Declaring Server App Components in Pure Java
Declaring Server App Components in Pure JavaDeclaring Server App Components in Pure Java
Declaring Server App Components in Pure JavaAtlassian
 
Spring boot vs spring framework razor sharp web applications
Spring boot vs spring framework razor sharp web applicationsSpring boot vs spring framework razor sharp web applications
Spring boot vs spring framework razor sharp web applicationsKaty Slemon
 
Simplify and Scale Enterprise Apps in the Cloud | Dallas 2023
Simplify and Scale Enterprise Apps in the Cloud | Dallas 2023Simplify and Scale Enterprise Apps in the Cloud | Dallas 2023
Simplify and Scale Enterprise Apps in the Cloud | Dallas 2023VMware Tanzu
 
All you need is Zap - Omer Levi Hevroni & Yshay Yaacobi - DevOpsDays Tel Aviv...
All you need is Zap - Omer Levi Hevroni & Yshay Yaacobi - DevOpsDays Tel Aviv...All you need is Zap - Omer Levi Hevroni & Yshay Yaacobi - DevOpsDays Tel Aviv...
All you need is Zap - Omer Levi Hevroni & Yshay Yaacobi - DevOpsDays Tel Aviv...DevOpsDays Tel Aviv
 
Security Testing with Zap
Security Testing with ZapSecurity Testing with Zap
Security Testing with ZapSoluto
 
jVoiD - the enterprise ecommerce Java by Schogini
jVoiD - the enterprise ecommerce Java by SchoginijVoiD - the enterprise ecommerce Java by Schogini
jVoiD - the enterprise ecommerce Java by SchoginiSchogini Systems Pvt Ltd
 
Dev secops. Real experience.
Dev secops. Real experience.Dev secops. Real experience.
Dev secops. Real experience.Vitaly Balashov
 
Introduction to Spring sec1.pptx
Introduction to Spring sec1.pptxIntroduction to Spring sec1.pptx
Introduction to Spring sec1.pptxNourhanTarek23
 
LAST Conference - Dev-Ops and Continuous Delivery
LAST Conference - Dev-Ops and Continuous DeliveryLAST Conference - Dev-Ops and Continuous Delivery
LAST Conference - Dev-Ops and Continuous DeliveryNigel Fernandes
 
DevOps on AWS - Building Systems to Deliver Faster
DevOps on AWS - Building Systems to Deliver FasterDevOps on AWS - Building Systems to Deliver Faster
DevOps on AWS - Building Systems to Deliver FasterAmazon Web Services
 
DevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer Tools
DevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer ToolsDevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer Tools
DevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer ToolsAmazon Web Services
 
Developer Productivity with Forge, Java EE 6 and Arquillian
Developer Productivity with Forge, Java EE 6 and ArquillianDeveloper Productivity with Forge, Java EE 6 and Arquillian
Developer Productivity with Forge, Java EE 6 and ArquillianRay Ploski
 
Microsoft DevOps Solution - DevOps
Microsoft DevOps Solution - DevOps Microsoft DevOps Solution - DevOps
Microsoft DevOps Solution - DevOps Chetan Gordhan
 
Integration Testing on Steroids: Run Your Tests on the Real Things
Integration Testing on Steroids: Run Your Tests on the Real ThingsIntegration Testing on Steroids: Run Your Tests on the Real Things
Integration Testing on Steroids: Run Your Tests on the Real ThingsAtlassian
 
Enterprise Spring Building Scalable Applications
Enterprise Spring Building Scalable ApplicationsEnterprise Spring Building Scalable Applications
Enterprise Spring Building Scalable ApplicationsGordon Dickens
 
SE2018_Lec-22_-Continuous-Integration-Tools
SE2018_Lec-22_-Continuous-Integration-ToolsSE2018_Lec-22_-Continuous-Integration-Tools
SE2018_Lec-22_-Continuous-Integration-ToolsAmr E. Mohamed
 

Semelhante a ESAPI (20)

Strengthen and Scale Security for a dollar or less
Strengthen and Scale Security for a dollar or lessStrengthen and Scale Security for a dollar or less
Strengthen and Scale Security for a dollar or less
 
Scale security for a dollar or less
Scale security for a dollar or lessScale security for a dollar or less
Scale security for a dollar or less
 
Strengthen and Scale Security Using DevSecOps - OWASP Indonesia
Strengthen and Scale Security Using DevSecOps - OWASP IndonesiaStrengthen and Scale Security Using DevSecOps - OWASP Indonesia
Strengthen and Scale Security Using DevSecOps - OWASP Indonesia
 
Automating OWASP Tests in your CI/CD
Automating OWASP Tests in your CI/CDAutomating OWASP Tests in your CI/CD
Automating OWASP Tests in your CI/CD
 
Declaring Server App Components in Pure Java
Declaring Server App Components in Pure JavaDeclaring Server App Components in Pure Java
Declaring Server App Components in Pure Java
 
Spring boot vs spring framework razor sharp web applications
Spring boot vs spring framework razor sharp web applicationsSpring boot vs spring framework razor sharp web applications
Spring boot vs spring framework razor sharp web applications
 
Simplify and Scale Enterprise Apps in the Cloud | Dallas 2023
Simplify and Scale Enterprise Apps in the Cloud | Dallas 2023Simplify and Scale Enterprise Apps in the Cloud | Dallas 2023
Simplify and Scale Enterprise Apps in the Cloud | Dallas 2023
 
All you need is Zap - Omer Levi Hevroni & Yshay Yaacobi - DevOpsDays Tel Aviv...
All you need is Zap - Omer Levi Hevroni & Yshay Yaacobi - DevOpsDays Tel Aviv...All you need is Zap - Omer Levi Hevroni & Yshay Yaacobi - DevOpsDays Tel Aviv...
All you need is Zap - Omer Levi Hevroni & Yshay Yaacobi - DevOpsDays Tel Aviv...
 
Security Testing with Zap
Security Testing with ZapSecurity Testing with Zap
Security Testing with Zap
 
jVoiD - the enterprise ecommerce Java by Schogini
jVoiD - the enterprise ecommerce Java by SchoginijVoiD - the enterprise ecommerce Java by Schogini
jVoiD - the enterprise ecommerce Java by Schogini
 
Dev secops. Real experience.
Dev secops. Real experience.Dev secops. Real experience.
Dev secops. Real experience.
 
Introduction to Spring sec1.pptx
Introduction to Spring sec1.pptxIntroduction to Spring sec1.pptx
Introduction to Spring sec1.pptx
 
LAST Conference - Dev-Ops and Continuous Delivery
LAST Conference - Dev-Ops and Continuous DeliveryLAST Conference - Dev-Ops and Continuous Delivery
LAST Conference - Dev-Ops and Continuous Delivery
 
DevOps on AWS - Building Systems to Deliver Faster
DevOps on AWS - Building Systems to Deliver FasterDevOps on AWS - Building Systems to Deliver Faster
DevOps on AWS - Building Systems to Deliver Faster
 
DevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer Tools
DevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer ToolsDevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer Tools
DevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer Tools
 
Developer Productivity with Forge, Java EE 6 and Arquillian
Developer Productivity with Forge, Java EE 6 and ArquillianDeveloper Productivity with Forge, Java EE 6 and Arquillian
Developer Productivity with Forge, Java EE 6 and Arquillian
 
Microsoft DevOps Solution - DevOps
Microsoft DevOps Solution - DevOps Microsoft DevOps Solution - DevOps
Microsoft DevOps Solution - DevOps
 
Integration Testing on Steroids: Run Your Tests on the Real Things
Integration Testing on Steroids: Run Your Tests on the Real ThingsIntegration Testing on Steroids: Run Your Tests on the Real Things
Integration Testing on Steroids: Run Your Tests on the Real Things
 
Enterprise Spring Building Scalable Applications
Enterprise Spring Building Scalable ApplicationsEnterprise Spring Building Scalable Applications
Enterprise Spring Building Scalable Applications
 
SE2018_Lec-22_-Continuous-Integration-Tools
SE2018_Lec-22_-Continuous-Integration-ToolsSE2018_Lec-22_-Continuous-Integration-Tools
SE2018_Lec-22_-Continuous-Integration-Tools
 

Mais de n|u - The Open Security Community

Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...
Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...
Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...n|u - The Open Security Community
 

Mais de n|u - The Open Security Community (20)

Hardware security testing 101 (Null - Delhi Chapter)
Hardware security testing 101 (Null - Delhi Chapter)Hardware security testing 101 (Null - Delhi Chapter)
Hardware security testing 101 (Null - Delhi Chapter)
 
Osint primer
Osint primerOsint primer
Osint primer
 
SSRF exploit the trust relationship
SSRF exploit the trust relationshipSSRF exploit the trust relationship
SSRF exploit the trust relationship
 
Nmap basics
Nmap basicsNmap basics
Nmap basics
 
Metasploit primary
Metasploit primaryMetasploit primary
Metasploit primary
 
Api security-testing
Api security-testingApi security-testing
Api security-testing
 
Introduction to TLS 1.3
Introduction to TLS 1.3Introduction to TLS 1.3
Introduction to TLS 1.3
 
Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...
Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...
Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...
 
Talking About SSRF,CRLF
Talking About SSRF,CRLFTalking About SSRF,CRLF
Talking About SSRF,CRLF
 
Building active directory lab for red teaming
Building active directory lab for red teamingBuilding active directory lab for red teaming
Building active directory lab for red teaming
 
Owning a company through their logs
Owning a company through their logsOwning a company through their logs
Owning a company through their logs
 
Introduction to shodan
Introduction to shodanIntroduction to shodan
Introduction to shodan
 
Cloud security
Cloud security Cloud security
Cloud security
 
Detecting persistence in windows
Detecting persistence in windowsDetecting persistence in windows
Detecting persistence in windows
 
Frida - Objection Tool Usage
Frida - Objection Tool UsageFrida - Objection Tool Usage
Frida - Objection Tool Usage
 
OSQuery - Monitoring System Process
OSQuery - Monitoring System ProcessOSQuery - Monitoring System Process
OSQuery - Monitoring System Process
 
DevSecOps Jenkins Pipeline -Security
DevSecOps Jenkins Pipeline -SecurityDevSecOps Jenkins Pipeline -Security
DevSecOps Jenkins Pipeline -Security
 
Extensible markup language attacks
Extensible markup language attacksExtensible markup language attacks
Extensible markup language attacks
 
Linux for hackers
Linux for hackersLinux for hackers
Linux for hackers
 
Android Pentesting
Android PentestingAndroid Pentesting
Android Pentesting
 

Último

Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsIntroduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsTechSoup
 
General Principles of Intellectual Property: Concepts of Intellectual Proper...
General Principles of Intellectual Property: Concepts of Intellectual Proper...General Principles of Intellectual Property: Concepts of Intellectual Proper...
General Principles of Intellectual Property: Concepts of Intellectual Proper...Poonam Aher Patil
 
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...christianmathematics
 
2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx
2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx
2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptxMaritesTamaniVerdade
 
Third Battle of Panipat detailed notes.pptx
Third Battle of Panipat detailed notes.pptxThird Battle of Panipat detailed notes.pptx
Third Battle of Panipat detailed notes.pptxAmita Gupta
 
psychiatric nursing HISTORY COLLECTION .docx
psychiatric nursing HISTORY COLLECTION .docxpsychiatric nursing HISTORY COLLECTION .docx
psychiatric nursing HISTORY COLLECTION .docxPoojaSen20
 
1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdfQucHHunhnh
 
Unit-V; Pricing (Pharma Marketing Management).pptx
Unit-V; Pricing (Pharma Marketing Management).pptxUnit-V; Pricing (Pharma Marketing Management).pptx
Unit-V; Pricing (Pharma Marketing Management).pptxVishalSingh1417
 
ComPTIA Overview | Comptia Security+ Book SY0-701
ComPTIA Overview | Comptia Security+ Book SY0-701ComPTIA Overview | Comptia Security+ Book SY0-701
ComPTIA Overview | Comptia Security+ Book SY0-701bronxfugly43
 
How to Manage Global Discount in Odoo 17 POS
How to Manage Global Discount in Odoo 17 POSHow to Manage Global Discount in Odoo 17 POS
How to Manage Global Discount in Odoo 17 POSCeline George
 
Application orientated numerical on hev.ppt
Application orientated numerical on hev.pptApplication orientated numerical on hev.ppt
Application orientated numerical on hev.pptRamjanShidvankar
 
Unit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptxUnit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptxVishalSingh1417
 
Micro-Scholarship, What it is, How can it help me.pdf
Micro-Scholarship, What it is, How can it help me.pdfMicro-Scholarship, What it is, How can it help me.pdf
Micro-Scholarship, What it is, How can it help me.pdfPoh-Sun Goh
 
Python Notes for mca i year students osmania university.docx
Python Notes for mca i year students osmania university.docxPython Notes for mca i year students osmania university.docx
Python Notes for mca i year students osmania university.docxRamakrishna Reddy Bijjam
 
Food safety_Challenges food safety laboratories_.pdf
Food safety_Challenges food safety laboratories_.pdfFood safety_Challenges food safety laboratories_.pdf
Food safety_Challenges food safety laboratories_.pdfSherif Taha
 
This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.christianmathematics
 
Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...
Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...
Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...pradhanghanshyam7136
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfciinovamais
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introductionMaksud Ahmed
 

Último (20)

Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsIntroduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The Basics
 
General Principles of Intellectual Property: Concepts of Intellectual Proper...
General Principles of Intellectual Property: Concepts of Intellectual Proper...General Principles of Intellectual Property: Concepts of Intellectual Proper...
General Principles of Intellectual Property: Concepts of Intellectual Proper...
 
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
 
2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx
2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx
2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx
 
Third Battle of Panipat detailed notes.pptx
Third Battle of Panipat detailed notes.pptxThird Battle of Panipat detailed notes.pptx
Third Battle of Panipat detailed notes.pptx
 
Mehran University Newsletter Vol-X, Issue-I, 2024
Mehran University Newsletter Vol-X, Issue-I, 2024Mehran University Newsletter Vol-X, Issue-I, 2024
Mehran University Newsletter Vol-X, Issue-I, 2024
 
psychiatric nursing HISTORY COLLECTION .docx
psychiatric nursing HISTORY COLLECTION .docxpsychiatric nursing HISTORY COLLECTION .docx
psychiatric nursing HISTORY COLLECTION .docx
 
1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf
 
Unit-V; Pricing (Pharma Marketing Management).pptx
Unit-V; Pricing (Pharma Marketing Management).pptxUnit-V; Pricing (Pharma Marketing Management).pptx
Unit-V; Pricing (Pharma Marketing Management).pptx
 
ComPTIA Overview | Comptia Security+ Book SY0-701
ComPTIA Overview | Comptia Security+ Book SY0-701ComPTIA Overview | Comptia Security+ Book SY0-701
ComPTIA Overview | Comptia Security+ Book SY0-701
 
How to Manage Global Discount in Odoo 17 POS
How to Manage Global Discount in Odoo 17 POSHow to Manage Global Discount in Odoo 17 POS
How to Manage Global Discount in Odoo 17 POS
 
Application orientated numerical on hev.ppt
Application orientated numerical on hev.pptApplication orientated numerical on hev.ppt
Application orientated numerical on hev.ppt
 
Unit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptxUnit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptx
 
Micro-Scholarship, What it is, How can it help me.pdf
Micro-Scholarship, What it is, How can it help me.pdfMicro-Scholarship, What it is, How can it help me.pdf
Micro-Scholarship, What it is, How can it help me.pdf
 
Python Notes for mca i year students osmania university.docx
Python Notes for mca i year students osmania university.docxPython Notes for mca i year students osmania university.docx
Python Notes for mca i year students osmania university.docx
 
Food safety_Challenges food safety laboratories_.pdf
Food safety_Challenges food safety laboratories_.pdfFood safety_Challenges food safety laboratories_.pdf
Food safety_Challenges food safety laboratories_.pdf
 
This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.
 
Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...
Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...
Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdf
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introduction
 

ESAPI