Upgrade to Pro — share decks privately, control downloads, hide ads and more …

How to improve software security with OWASP open source initiatives

5b723186bd1e23af569bd623f193a2b9?s=47 oxdef
September 15, 2021

How to improve software security with OWASP open source initiatives

Samsung Open Source Conference Russia 2021

5b723186bd1e23af569bd623f193a2b9?s=128

oxdef

September 15, 2021
Tweet

Transcript

  1. SOSCON Russia 2021 Ozon How to improve software security with

    OWASP open-source initiatives TARAS IVASCHENKO
  2. SOSCON Russia 2021 /about  Product security team leader at

    Ozon  OWASP Moscow chapter team leader  Free and open-source software evangelist  Fedora GNU/Linux user 2
  3. SOSCON Russia 2021 Is it possible to use open-source solutions

    to improve software security? 3
  4. SOSCON Russia 2021 The Open Web Application Security Project OWASP

    works to improve the security of software through:  community-led open-source software projects  hundreds of chapters worldwide  tens of thousands of members  by hosting local and global conferences 4
  5. SOSCON Russia 2021 Documentation Projects  Top 10 Web Application

    Security Risks  Proactive controls  SAMM (Software Assurance Maturity Model)  Cheat Sheet Series  Application Security Verification Standard 5
  6. SOSCON Russia 2021 Zed Attack Proxy  Web application security

    scanner and proxy  Free and open-source  Actively maintained  Cross platform and CI/CD friendly 6
  7. SOSCON Russia 2021 Dependency Track  Component Analysis platform 

    Allows organizations to identify and reduce risk in the software supply chain  Monitors component usage across all versions of every application in its portfolio in order to proactively identify risk across an organization  API-first design and is ideal for use in CI/CD environments 7
  8. SOSCON Russia 2021 8

  9. SOSCON Russia 2021 Key Takeaways  You can use open

    source solutions to build S-SDLC processes and controls  OWASP (www.owasp.org) will help you with it! 9
  10. SOSCON Russia 2021 Thanks! Questions?