ºÝºÝߣshows by User: SherifMansour2 / http://www.slideshare.net/images/logo.gif ºÝºÝߣshows by User: SherifMansour2 / Tue, 29 Oct 2019 16:48:44 GMT ºÝºÝߣShare feed for ºÝºÝߣshows by User: SherifMansour2 Security in a Continuous Delivery World - 2015 - Sherif Mansour /slideshow/security-in-a-continuous-delivery-world-2015-sherif-mansour/188255168 owasp-ci-cd-pdf-191029164844
Imagine a world where a developer can have her/his code pushed into production a few minutes after its checked in. How do you engrain web application security in such a development pipeline? How do you keep track of the security issues? In this talk we'll discuss some of the security challenges for this paradigm shift and how OWASP can help development teams navigate some of these challenges.]]>

Imagine a world where a developer can have her/his code pushed into production a few minutes after its checked in. How do you engrain web application security in such a development pipeline? How do you keep track of the security issues? In this talk we'll discuss some of the security challenges for this paradigm shift and how OWASP can help development teams navigate some of these challenges.]]>
Tue, 29 Oct 2019 16:48:44 GMT /slideshow/security-in-a-continuous-delivery-world-2015-sherif-mansour/188255168 SherifMansour2@slideshare.net(SherifMansour2) Security in a Continuous Delivery World - 2015 - Sherif Mansour SherifMansour2 Imagine a world where a developer can have her/his code pushed into production a few minutes after its checked in. How do you engrain web application security in such a development pipeline? How do you keep track of the security issues? In this talk we'll discuss some of the security challenges for this paradigm shift and how OWASP can help development teams navigate some of these challenges. <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/owasp-ci-cd-pdf-191029164844-thumbnail.jpg?width=120&amp;height=120&amp;fit=bounds" /><br> Imagine a world where a developer can have her/his code pushed into production a few minutes after its checked in. How do you engrain web application security in such a development pipeline? How do you keep track of the security issues? In this talk we&#39;ll discuss some of the security challenges for this paradigm shift and how OWASP can help development teams navigate some of these challenges.
Security in a Continuous Delivery World - 2015 - Sherif Mansour from Sherif Mansour
]]>
95 0 https://cdn.slidesharecdn.com/ss_thumbnails/owasp-ci-cd-pdf-191029164844-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post http://activitystrea.ms/schema/1.0/posted 0
Leveraging Threat Intelligence /SherifMansour2/leveraging-threat-intelligence owasp-threat-intel-191029164424
An Introduction into Threat Intelligence]]>

An Introduction into Threat Intelligence]]>
Tue, 29 Oct 2019 16:44:24 GMT /SherifMansour2/leveraging-threat-intelligence SherifMansour2@slideshare.net(SherifMansour2) Leveraging Threat Intelligence SherifMansour2 An Introduction into Threat Intelligence <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/owasp-threat-intel-191029164424-thumbnail.jpg?width=120&amp;height=120&amp;fit=bounds" /><br> An Introduction into Threat Intelligence
Leveraging Threat Intelligence from Sherif Mansour
]]>
90 0 https://cdn.slidesharecdn.com/ss_thumbnails/owasp-threat-intel-191029164424-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post http://activitystrea.ms/schema/1.0/posted 0
The Myth of The Iron Triangle in Security /slideshow/the-myth-of-the-iron-triangle-in-security/188187320 owasp-sm-mythofirontriangle-191029133747
The Iron triangle was initially about the policy making relationships in US politics fixed relationships between congressional committees, bureaucracy & interest groups.
 In security it became a short hand for the relationship between ease of use, performance and security.
 Unfortunately this had a negative impact on the industry as it lead to the belief that you had a fixed trade off between security, ease of use and performance.]]>

The Iron triangle was initially about the policy making relationships in US politics fixed relationships between congressional committees, bureaucracy & interest groups.
 In security it became a short hand for the relationship between ease of use, performance and security.
 Unfortunately this had a negative impact on the industry as it lead to the belief that you had a fixed trade off between security, ease of use and performance.]]>
Tue, 29 Oct 2019 13:37:47 GMT /slideshow/the-myth-of-the-iron-triangle-in-security/188187320 SherifMansour2@slideshare.net(SherifMansour2) The Myth of The Iron Triangle in Security SherifMansour2 The Iron triangle was initially about the policy making relationships in US politics fixed relationships between congressional committees, bureaucracy & interest groups.
 In security it became a short hand for the relationship between ease of use, performance and security.
 Unfortunately this had a negative impact on the industry as it lead to the belief that you had a fixed trade off between security, ease of use and performance. <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/owasp-sm-mythofirontriangle-191029133747-thumbnail.jpg?width=120&amp;height=120&amp;fit=bounds" /><br> The Iron triangle was initially about the policy making relationships in US politics fixed relationships between congressional committees, bureaucracy &amp; interest groups.
 In security it became a short hand for the relationship between ease of use, performance and security.
 Unfortunately this had a negative impact on the industry as it lead to the belief that you had a fixed trade off between security, ease of use and performance.
The Myth of The Iron Triangle in Security from Sherif Mansour
]]>
221 0 https://cdn.slidesharecdn.com/ss_thumbnails/owasp-sm-mythofirontriangle-191029133747-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post http://activitystrea.ms/schema/1.0/posted 0
Scripts that automate OWASP ZAP as part of a continuous delivery pipeline /slideshow/scripts-that-automate-owasp-zap-as-part-of-a-continuous-delivery-pipeline-66901802/66901802 owaspzapsdlcintegration-161008172255
Code contributions to the OWASP ZAP Project. We agreed to focus on automation so that developers can run zap as part of their build tests.The code and instructions can be found here: https://github.com/zaproxy/community-scripts/tree/master/api/sdlc-integration]]>

Code contributions to the OWASP ZAP Project. We agreed to focus on automation so that developers can run zap as part of their build tests.The code and instructions can be found here: https://github.com/zaproxy/community-scripts/tree/master/api/sdlc-integration]]>
Sat, 08 Oct 2016 17:22:55 GMT /slideshow/scripts-that-automate-owasp-zap-as-part-of-a-continuous-delivery-pipeline-66901802/66901802 SherifMansour2@slideshare.net(SherifMansour2) Scripts that automate OWASP ZAP as part of a continuous delivery pipeline SherifMansour2 Code contributions to the OWASP ZAP Project. We agreed to focus on automation so that developers can run zap as part of their build tests.The code and instructions can be found here: https://github.com/zaproxy/community-scripts/tree/master/api/sdlc-integration <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/owaspzapsdlcintegration-161008172255-thumbnail.jpg?width=120&amp;height=120&amp;fit=bounds" /><br> Code contributions to the OWASP ZAP Project. We agreed to focus on automation so that developers can run zap as part of their build tests.The code and instructions can be found here: https://github.com/zaproxy/community-scripts/tree/master/api/sdlc-integration
Scripts that automate OWASP ZAP as part of a continuous delivery pipeline from Sherif Mansour
]]>
3611 5 https://cdn.slidesharecdn.com/ss_thumbnails/owaspzapsdlcintegration-161008172255-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post http://activitystrea.ms/schema/1.0/posted 0
https://cdn.slidesharecdn.com/profile-photo-SherifMansour2-48x48.jpg?cb=1649956837 I am a passionate and accomplished information security professional with a successful track record as a information security SME and product manager. I have in-depth technical security knowledge and board level experience as chairman of a limited liability private company in the UK. Outside of work I volunteer as the OWASP London chapter leader and as a product manager of OWASPs flagship open source security tool, ZAP. ZAP is routinely rated as the #1 open source web application security tool used by many developers as well as security engineers to test the security of web applications. https://cdn.slidesharecdn.com/ss_thumbnails/owasp-ci-cd-pdf-191029164844-thumbnail.jpg?width=320&height=320&fit=bounds slideshow/security-in-a-continuous-delivery-world-2015-sherif-mansour/188255168 Security in a Continuo... https://cdn.slidesharecdn.com/ss_thumbnails/owasp-threat-intel-191029164424-thumbnail.jpg?width=320&height=320&fit=bounds SherifMansour2/leveraging-threat-intelligence Leveraging Threat Inte... https://cdn.slidesharecdn.com/ss_thumbnails/owasp-sm-mythofirontriangle-191029133747-thumbnail.jpg?width=320&height=320&fit=bounds slideshow/the-myth-of-the-iron-triangle-in-security/188187320 The Myth of The Iron T...