Explore the evolution of web security over 15 years in this conference talk by Jeremiah Grossman, founder of WhiteHat Security. Delve into legacy issues, threat modeling, and vulnerability data while examining the changing landscape of cyber threats. Analyze broad statistics, time-to-fix metrics, and the concept of the "window of exposure" in application security. Investigate the growth of AppSec, the rise of cyber insurance, and the potential for security guarantees and product liability in the industry. Gain insights into risk reduction strategies and the importance of security assessments in today's digital landscape.
15 Years of Web Security - The Rebellious Teenage Years
Overview
Syllabus
Introduction
Legacy Issues
Web Security
Threat Modeling
Threat Actors
Vulnerability Data
One Layer Deeper
Broad Numbers
Time to Fix
The Annual
Window of Exposure
Data Losses
Apathy
Cyber Insurance
Whos Offering Cyber Insurance
AppSec Growth
Security Guarantees
Product Liability
Risk Reduction
Security Assessment
Taught by
OWASP Foundation
