Security Influencers provides real-world insight and “in-the-trenches” experiences on topics ranging from software application security to DevOps and cloud security.


David Wichers

Dave has over 20 years of experience touching all aspects of secure software development for high assurance projects. A founding member of OWASP and current Board Member, Dave has contributed his expertise to many free and open tools, including the OWASP Top Ten, Enterprise Security API (ESAPI) and WebGoat. As a foremost expert in application security, Dave teaches secure coding practices to a worldwide clientele, including sectors of the Department of Defense and the Federal government. Dave began his career as a computer security consultant assisting DoD clients such as the NSA, U.S. Navy, U.S. Army and product vendors selling into the defense market. Dave holds a B.S.E in Computer Science from Arizona State and a M.S in Computer Science from the University of California at Davis and is a CISSP. A history buff, Dave enjoys genealogy, and discovered that he is a descendant of Pocahontas.

Connect With Us :  

The Ankle Biters of the Application Security World

The playing field isn't exactly level, and ankle biters (aka script kiddies and hackers) know it. While businesses and organizations are triaging their vulnerabilities and fixing them as they can, script kiddies don't need to focus on The OWASP..

Continue Reading >>

Libraries & Application Security, Part 3: Unused Libraries

This is the third blog posting in a series about vulnerable libraries. Click here for part one on known vulnerabilities inside libraries. Click here for part two on unknown vulnerabilities inside libraries. 

Most applications use only a very..

Continue Reading >>

Libraries & Application Security, Part 2: Unknown Vulnerabilities

This is part two in a three-part series on vulnerable libraries. Click here to read part one where we discuss known vulnerabilities inside libraries.

Vulnerabilities that haven't been uncovered yet are what most developers and security..

Continue Reading >>

Libraries & Application Security, Part 1: Known Vulnerabilities

We're a fan of using open-source frameworks and libraries. It makes sense. It saves time and money when you don't have to write already existing code, especially for universal features or basic functions. It lets developers focus on application..

Continue Reading >>