Upload
chia-lung-hsieh
View
60
Download
3
Embed Size (px)
Citation preview
OWASP Top 10 - 2013 in JAPANESE!
Chia-Lung Albert HsiehAsia Tour 2014
November 29th
Albert Hsieh (謝佳龍)
• Came from Taiwan since 2007– Kobe, Kyoto, then Tokyo
• Work as Security Engineer– Rakuten Inc.
• Translated OWASP Top 10 – 2013– English JAPANESE
• Promoting Top 10 – Article in Nikkei NETWORK (Mar. 2014)
– Speeches in OWASP Night, AppSec APAC
OWASP Top 10
• OWASP Top 10 – 2013
– Web App Security RISK
– Occurrence * Impact evaluate by yourself!
• Up to date
– 3 year update cycle since 2004
• Referred by PCI DSS v3.0
– And NSA, Microsoft, ORACLE, CITRIX, etc.
– de facto!
Take a Look!
– Rank switched
– New category created
Take a Look!
Take a Look!
Take a Look!
– How to check?
– How to prevent?
Take a Look!
– Example Scenarios
– Free References
How to Use
要件 設計 実装 テスト 運用
後からセキュリティ検証だけでは足りない!
最初からセキュリティを意識しながら開発が必要!
Thank you!
– Contact me if you have any comment about the Japanese version! chialung.hsieh(at)mail.rakuten.com
OWASP Top 10