<-- Back to timeline


Understanding the known OWASP A9 using components with known vulnerabilities

c0c0n 2015

2015/08/20

Talk

Abstract

OWASP Top 10 introduced A9: Usage of known vulnerable component. Although one of the important issue however still highly ignored. This talk will focus on various aspects of This issue and what could be done at various level’s of Information technology flow. We are not going to stress more on the impact rather the focus of this presentation would be on what can be done to reduce the effect. How a developer or a tester or a administrator find out about A9 issues and work towards mitigating it. This talk will not just look at various existing tools that can be use but also how to integrate them in environment as well as how to craft your component usage policy to counter the effect of A9 issues.

As part of the presentation we will also be sharing automation techniques and various technological solutions on how to counter A9 issues.