Owasp Broken Web Applications Project Update presented at OWASP Appsec 2010

by Chuck Willis (Mandiant),

Tags: Security Web Application Security

URL : http://www.owasp.org/index.php/OWASP_Broken_Web_Applications_Project_Update

Summary : At AppSecDC in 2009, the OWASP Broken Web Applications (OWASP BWA) Project was announced and the first version of the project virtual machine was released. The virtual machine provides a standard set of web applications with various types of security vulnerabilities and is well suited for use as a learning environment and as a standard target for testing tools and techniques. This talk will provide an update on the current state of the project and describe the vision for the project’s future.

Chuck Willis: Chuck Willis is a Technical Director with MANDIANT (http://www.mandiant.com/), a full spectrum information security company in Alexandria, Virginia, where he concentrates in web application security, research, and development. Prior to joining MANDIANT, Chuck performed security software engineering, penetration testing, and vulnerability assessments at a large government contractor and also conducted computer forensics and network intrusion investigations as a U.S. Army Counterintelligence Special Agent. Chuck holds a Master of Science in Computer Science from the University of Illinois at Urbana-Champaign and has previously spoken at the Black Hat Briefings, the OWASP AppSec Conference, the IT Underground security conference in Europe, DefCon, and ShmooCon. Chuck has contributed to several open source security software projects and is a member of the Open Web Application Security Project, a Certified Information Systems Security Professional, and a Certified Forensic Computer Examiner.