OWASP Broken Web Applications (OWASP BWA): Beyond 1.0
OWASP Broken Web Applications (OWASP BWA): Beyond 1.0
Thursday, November 21 • 2:00 pm - 2:50 pm
The OWASP Broken Web Applications (OWASP BWA) Project produces a free and open source virtual machine (VM) loaded with more than twenty-five web applications with a variety of security vulnerabilities. The project VM is well suited for use as a learning and training environment or as a standard target for testing tools and techniques. After two years of betas, the project released version 1.0 of the VM in 2012. With that milestone behind us, this talk will focus on the project’s future, though it will include some background on the project and demonstrate key features in the current release.
Speaker:
Chuck Willis
Mr. Willis is the leader of the OWASP Broken Web Applications project, which distributes a virtual machine with known vulnerable web applications for testing and training.
Chuck Willis is a Senior Technical Director with MANDIANT, a full spectrum information security company in Alexandria, Virginia. At MANDIANT, Mr. Willis concentrates in several areas including application security, where he assesses the security of sensitive web, mobile, server, and desktop applications through external testing and static analysis. He also studies software analysis tools and techniques and strives to identify better ways to evaluate and secure applications.