AppSec Blog: Category - Webcasts

2016 State of Application Security: Skills, Configurations, and Components

The 2016 SANS State of Application Security Survey analyst paper and webcast are complete. This year, Johannes Ullrich, dean of research at the SANS Technology Institute and instructor for DEV522: Defending Web Applications Security Essentials, led the project by analyzing the survey results, writing the whitepaper, and delivering the webcast. We had 475 respondents … Continue reading 2016 State of Application Security: Skills, Configurations, and Components


2015 State of Application Security: Closing the Gap

The 2015 SANS State of Application Security Analyst Paper and webcasts are complete. This year, Jim Bird, the lead author of the SANS Application Security Survey series, Frank Kim, and I all participated in writing the questions, analyzing the results, drafting the paper, and preparing the webcast material. In the 2015 survey, we split the … Continue reading 2015 State of Application Security: Closing the Gap


Survey on Application Security Programs - Webcast and Paper

For the second year in a row Jim Bird and I have helped SANS put together a "Survey on Application Security Programs and Practices". We asked some of the same questions as the previous year, just in a different way. Some interesting trends this year, as taken from the executive summary of the soon to … Continue reading Survey on Application Security Programs - Webcast and Paper


SANS Appsec Survey

SANS has just opened a survey to understand more about the challenges and risks that companies are facing in application security, and what tools and practices people have found are most effective in managing appsec problems. Please follow this link and take 5-10 minutes to answer the survey questions: https://www.surveymonkey.com/s/56TKYX7 Help shape the future of … Continue reading SANS Appsec Survey


Free AppSec Webcasts

Here are some recent appsec webcasts for your viewing pleasure: - Web Application Threats: Combining XSS and CSRF to own the world! Kevin Johnson covers Cross-Site Scripting (XSS) and Cross-Site Request Forgery (CSRF). Specifically, "how they can be used to exploit users and applications, how to find them and what their combined power can accomplish." … Continue reading Free AppSec Webcasts