Description: The Presentation
I explain the decision-making process of the customer during proof-of-concept, pilot and eventual deployment of a distributed Web App Firewall (dWAF). Post-deployment, I go through the care and feeding of a dWAF protecting resources living in the public cloud, from technical hiccups and tradeoffs to integration in the Dev/QA/Production processes of the security lifecycle of a web app firewall. The talk will be 45 minutes including questions and answers.
The Speakers
Alexander Meisel
A member of OWASP Germany, Alexander Meisel was CTO and co-founder of 'art of defence'. He currently is charge of the development for the web application firewall product at Riverbed.
His interest and expertise in the area of security dates back to his thesis in which he wrote about avoiding and tracing distributed denial-of-service attacks. He worked for a Swiss IT service provider as a Web security expert; later he joined LINX, Europe's largest Internet exchange, where he took care of member network security issues. After working for three years as a senior consultant designing and implementing large Web farms, including security audits with a leading traffic management company, Alexander switched to the SPX Corporation, where he was the main project manager for Web application solutions in the SAP area. In 2005 he founded 'art of defence' in Germany and developed a truly distributed web application firewall product for high performance environments. The company has been acquired in 2011 by Zeus Technology which has shortly after been acquired by Riverbed Technology. Alex is one of the major contributors to OWASP's whitepaper 'Best Practices Guide: Web Application Firewalls,' which was released by the OWASP Germany Chapter has been translated into English, French, and Chinese. He is a regular speaker at OWASP conferences and meetings world wide mostly with a focus on web application security, scalability and performance.
Tags: securitytube , Confidence , hacking , hackers , information security , convention , computer security , owasp-12 , owasp-dc-2012 ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.