Layers of API Security and Log4j: Beyond the OWASP Top 10Noname Security's Matt Tesauro on Improving Discovery, Detection, Response
Everyone knows the OWASP Top 10 list of application security risks. But what about #11 and beyond - aren't those key priorities, too? Matt Tesauro of Noname Security talks about "Beyond the Top 10" and relates it back to mitigating the Log4j zero-day vulnerability.
In this video interview with Information Security Media Group, Tesauro discusses:
- OWASP #11 and beyond;
- Gaps exposed by Log4j;
- How enterprises can address these issues via discovery, detection and response.
Tesauro is the global director of security evangelism at Noname Security. Prior to joining Noname, he rolled out AppSec automation at a major financial institution and founded 10Security. Other roles include the director of community and operations at the OWASP Foundation, senior AppSec engineer building an AppSec pipeline and continuous security program for Duo Security, senior software security engineer at Pearson and senior product security engineer at Rackspace. Tesauro is also an adjunct professor for the University of Texas Computer Science department, teaching the next generation of CS students about application security.