Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
OWT2017JP - OWASP Project Overview for Developers
Search
OWASP Japan
September 30, 2017
Technology
11
3.8k
OWT2017JP - OWASP Project Overview for Developers
#OWT2017JP
Opening Session by 上野宣, OWASP Japan
OWASP Japan
September 30, 2017
Tweet
Share
More Decks by OWASP Japan
See All by OWASP Japan
OWASP Night 2019.03 Tokyo
owaspjapan
0
350
OWASP SAMMを活用したセキュア開発の推進
owaspjapan
0
1k
20190107_AbuseCaseCheatSheet
owaspjapan
0
190
セキュリティ要求定義で使える非機能要求グレードとASVS
owaspjapan
5
1k
AWSクラスタに捧ぐウェブを衛っていく方法論と死なない程度の修羅場の価値
owaspjapan
9
3.3k
Shifting Left Like a Boss
owaspjapan
2
300
OWASP Top 10 and Your Web Apps
owaspjapan
2
390
OWASP Japan Proposal: Encouraging Japanese Translation
owaspjapan
1
250
elegance_of_OWASP_Top10_2017
owaspjapan
2
530
Other Decks in Technology
See All in Technology
Access-what? why and how, A11Y for All - Nordic.js 2025
gdomiciano
1
110
Goにおける 生成AIによるコード生成の ベンチマーク評価入門
daisuketakeda
2
100
"複雑なデータ処理 × 静的サイト" を両立させる、楽をするRails運用 / A low-effort Rails workflow that combines “Complex Data Processing × Static Sites”
hogelog
3
1.9k
SOC2取得の全体像
shonansurvivors
1
370
Findy Team+のSOC2取得までの道のり
rvirus0817
0
320
「Verify with Wallet API」を アプリに導入するために
hinakko
1
230
Escaping_the_Kraken_-_October_2025.pdf
mdalmijn
0
120
業務自動化プラットフォーム Google Agentspace に入門してみる #devio2025
maroon1st
0
190
PLaMoの事後学習を支える技術 / PFN LLMセミナー
pfn
PRO
9
3.8k
Modern_Data_Stack最新動向クイズ_買収_AI_激動の2025年_.pdf
sagara
0
200
「AI駆動PO」を考えてみる - 作る速さから価値のスループットへ:検査・適応で未来を開発 / AI-driven product owner. scrummat2025
yosuke_nagai
4
580
AIが書いたコードをAIが検証する!自律的なモバイルアプリ開発の実現
henteko
1
340
Featured
See All Featured
Building Applications with DynamoDB
mza
96
6.6k
Unsuck your backbone
ammeep
671
58k
Understanding Cognitive Biases in Performance Measurement
bluesmoon
29
2.6k
How to train your dragon (web standard)
notwaldorf
96
6.3k
Easily Structure & Communicate Ideas using Wireframe
afnizarnur
194
16k
Designing for humans not robots
tammielis
254
25k
Building Flexible Design Systems
yeseniaperezcruz
329
39k
YesSQL, Process and Tooling at Scale
rocio
173
14k
GraphQLとの向き合い方2022年版
quramy
49
14k
Thoughts on Productivity
jonyablonski
70
4.9k
Bootstrapping a Software Product
garrettdimon
PRO
307
110k
The Art of Programming - Codeland 2020
erikaheidi
56
14k
Transcript
08"41ͷา͖ํ 085 08"41+BQBO $IBQUFS-FBEFS 4FO6&/0 08"411SPKFDU0WFSWJFX GPS%FWFMPQFST
08"411SPKFDU
'MBHTIJQ1SPKFDUT • 5PPMT – 08"41;FE"UUBDL1SPYZ – 08"418FC5FTUJOH&OWJSPONFOU1SPKFDU – 08"41085' –
08"41%FQFOEFODZ$IFDL – 08"414FDVSJUZ4IFQIFSE</FX> • $PEF – 08"41.PE4FDVSJUZ $PSF3VMF4FU1SPKFDU – 08"41$43'(VBSE 1SPKFDU – 08"41"QQ4FOTPS 1SPKFDU • %PDVNFOUBUJPO – 08"41"QQMJDBUJPO4FDVSJUZ7FSJGJDBUJPO4UBOEBSE1SPKFDU – 08"414PGUXBSF"TTVSBODF.BUVSJUZ.PEFM 4".. – 08"41"QQ4FOTPS 1SPKFDU – 08"415PQ5FO1SPKFDU – 08"415FTUJOH(VJEF1SPKFDU IUUQTXXXPXBTQPSHJOEFYQIQ08"41@1SPKFDU@*OWFOUPSZ'MBHTIJQ@1SPKFDUT
08"415PQ3$ • 8FCΞϓϦέʔγϣϯ੬ऑੑτοϓ 3$3FKFDUFE ݄Լ०ϦϦʔε༧ఆ
08"415PQGPS ຊޠ൛ΞϦ㽂
;"1 • ;"1 ;FE"UUBDL1SPYZ • 8FCΞϓϦέʔγϣϯ੬ऑੑεΩϟφʔ ຊޠ൛ΞϦ㽂
8FC5FTUJOH&OWJSPONFOU • ओʹ08"41ͷΞϓϦέʔγϣϯηΩϡϦςΟπʔϧͱυΩϡϝ ϯτͷ٧Ί߹Θͤ -JOVYEJTU • 08"41ͷ֤छϓϩδΣΫτ – πʔϧυΩϡϝϯτ –
08"41Ҏ֎ͷ8FCΞϓϦέʔγϣϯηΩϡϦςΟπʔϧऩ • *407.XBSF 7JSUVBM#PY 1BSBMMFMTɺ-JOVYύοέʔδͳͲͷ ܗࣜͰఏڙ – چ08"41-JWF$%
085' • 085' 0GGFOTJWF8FC5FTUJOH'SBNFXPSL – ࣗಈஅπʔϧ – 08"415FTUJOH(VJEF 15&4 UIF1FOFUSBUJPO5FTUJOH&YFDVUJPO
4UBOEBSE /*45
08"41%FQFOEFODZ$IFDL • 8FCΞϓϦέʔγϣϯͷத͔Β੬ऑੑͷ͋ΔίϯϙʔωϯτΛ ൃݟ͢ΔεΩϟφʔ – +BWB /&5ʹରԠ • 3VCZ /PEFKT
1ZUIPO $$ ࢼݧతͳରԠ
08"414FDVSJUZ4IFQIFSE • 8FCͱϞόΠϧͷΞϓϦέʔγϣϯηΩϡϦςΟͷͨΊͷτ Ϩʔχϯάπʔϧ – ηΩϡϦςΟΛֶͿͨΊͷϋϯζΦϯڥ – $5'ϞʔυɺΦʔϓϯϑϩΞϞʔυɺτʔφϝϯτϞʔυͳͲΛඋ͑Δ • 5FBDIJOH5PPMGPS"MM"QQMJDBUJPO4FDVSJUZ
• 8FC"QQMJDBUJPO1FO5FTUJOH5SBJOJOH • .PCJMF"QQMJDBUJPO1FO5FTUJOH5SBJOJOH • 4BGF1MBZHSPVOEUP1SBDUJTF "QQ4FD 5FDIOJRVFT • 3FBM4FDVSJUZ3JTL&YBNQMFT
.PE4FDVSJUZ $PSF3VMF4FU1SPKFDU • .PE4FDVSJUZ – 0QFO4PVSDF8FC"QQMJDBUJPO'JSFXBMM • .PE4FDVSJUZ Ͱ͑Δϧʔϧηοτ –
1SPUPDPM7BMJEBUJPO – .BMJDJPVT$MJFOU*EFOUJGJDBUJPO – (FOFSJD"UUBDL4JHOBUVSFT – ,OPXO7VMOFSBCJMJUJFT4JHOBUVSFT – 5SPKBO#BDLEPPS"DDFTT – 0VUCPVOE%BUB-FBLBHF – "OUJ7JSVTBOE%P4 VUJMJUZTDSJQUT
$43'(VBSE 1SPKFDU • ΫϩεαΠτɾϦΫΤετϑΥʔδΣϦ $43' ରࡦϥΠϒϥϦ
"QQ4FOTPS 1SPKFDU • ΞϓϦέʔγϣϯϨΠϠʔʹର͢Δ৵ೖݕͱࣗಈԠͷͨΊͷ ϑϨʔϜϫʔΫ – ΞϓϦέʔγϣϯʹޚΛ࣮͢Δ • ݕग़ –
Ҏ্ͷݕग़ϙΠϯτͰ߈ܸΛݕ • Ԡ – ߈ܸΛݕग़ͨ͠ޙͷΞΫγϣϯ – ϢʔβʔͷϩάΞτɺΞΧϯτϩοΫɺཧऀͷ௨ͳͲ • ΞϓϦέʔγϣϯͷޚ
"QQMJDBUJPO4FDVSJUZ7FSJGJDBUJPO4UBOEBSE 1SPKFDU • "474 "QQMJDBUJPO4FDVSJUZ7FSJGJDBUJPO4UBOEBSE • ΞϓϦέʔγϣϯͷηΩϡϦςΟධՁͷͨΊͷݕࠪඪ४ – ࣗಈ·ͨखಈͷηΩϡϦςΟςετٴͼίʔυϨϏϡʔํࣜͷཁ݅
• -W0QQPSUVOJTUJD • -W4UBOEBSE • -W"EWBODFE ຊޠ൛ΞϦ㽂
4PGUXBSF"TTVSBODF.BUVSJUZ.PEFM • 4".. 4PGUXBSF"TTVSBODF.BUVSJUZ.PEFM ɿιϑτΣΞ ηΩϡϦςΟอোख़Ϟσϧ • ϦεΫʹ߹ΘͤͨιϑτΣΞηΩϡϦςΟઓུΛ࣮͢ΔͨΊ ͷϑϨʔϜϫʔΫ ຊޠ൛ΞϦ㽂
5FTUJOH(VJEF • 8FCαΠτʗΞϓϦέʔγϣϯͷςετΨΠυɺશϖʔδ ʢ7FSʣ • ֤੬ऑੑɺػೳผͷςετํ๏ – *OGPSNBUJPO(BUIFSJOH $POGJHVSBUJPO.BOBHFNFOU5FTUJOH
"VUIFOUJDBUJPO5FTUJOH 4FTTJPO.BOBHFNFOU "VUIPSJ[BUJPO 5FTUJOH #VTJOFTTMPHJDUFTUJOH %BUB7BMJEBUJPO5FTUJOH %P4 5FTUJOH 8FC4FSWJDFT5FTUJOH "+"95FTUJOH
8FCγεςϜʗ8FCΞϓϦέʔγϣϯ ηΩϡϦςΟཁ݅ॻ • 8FCγεςϜʗ8FCΞϓϦέʔγϣϯ։ൃͷͨΊͷཁ݅ఆٛॻ – ҰൠతʹΓࠐΉ͖ηΩϡϦςΟཁ݅ఆٛॻ – ։ൃݴޠϑϨʔϜϫʔΫʹґଘ͠ͳ͍ • 08"41+BQBOηΩϡϦςΟཁ݅ఆٛॻ8(
੬ऑੑஅ࢜εΩϧϚοϓϓϩδΣΫτ • ੬ऑੑஅΛߦ͏ݸਓͷٕज़తͳೳྗΛ۩ମతʹ͢Δ • ੬ऑੑஅΛߦ͏ٕज़ऀʢҎԼɺ੬ऑੑஅ࢜ʣͷεΩϧϚοϓ ͱֶशͷࢦͱͳΔγϥόεɺ੬ऑੑஅΛߦ͏ͨΊͷΨΠυϥ ΠϯͳͲΛඋ • *40(+ͱ08"41 +BQBOͷڞಉ8(
8FCΞϓϦέʔγϣϯ੬ऑੑஅΨΠυϥΠϯ • खಈஅิॿπʔϧΛͬͨ8FCΞϓϦέʔγϣϯ੬ऑੑஅ ʹ༻͢ΔΨΠυϥΠϯ – 42-J 944ͳͲͷ۩ମతͳஅύλʔϯ
੬ऑੑஅ ॳ৺ऀϋϯζΦϯτϨʔχϯά • ݄ ։࠵ • ืूਓ໊ <͢Ͱʹຬ੮> IUUQTQFOUFTUXFCDPOOQBTTDPNFWFOU
օ͞ΜͷڠྗͰΓཱ͍ͬͯ·͢ • ຊޠ൛͕ͳ͍ϓϩδΣΫτ͍͔ͭ͘ • ఀ͍ͯ͠ΔϓϩδΣΫτ͍͔ͭ͘ • ϘϥϯςΟΞͷྗΛඞཁͱ͍ͯ͠·͢
+PJOVT