Skip to content

Jeff Williams, Co-Founder, Chief Technology Officer

Jeff brings more than 20 years of security leadership experience as co-founder and Chief Technology Officer of Contrast Security. He recently authored the DZone DevSecOps, IAST, and RASP refcards and speaks frequently at conferences including JavaOne (Java Rockstar), BlackHat, QCon, RSA, OWASP, Velocity, and PivotalOne. Jeff is also a founder and major contributor to OWASP, where he served as Global Chairman for 9 years, and created the OWASP Top 10, OWASP Enterprise Security API, OWASP Application Security Verification Standard, XSS Prevention Cheat Sheet, and many more popular open source projects. Jeff has a BA from Virginia, an MA from George Mason, and a JD from Georgetown.

Subscribe Now
    Topics

    A CTO's Response to Trump's Cybersecurity Executive Order

    In principle, holding each agency head accountable for his or her agency’s cybersecurity is logical. The problem with..

    devops-application-security.jpg

    Improve Application Security by Turning it into Code

    Why is application security such a pain? One of the hard problems with application security is that there are a zillion..

    OWASPLOGO.png

    Adding "A7: Insufficient Attack Protection" to the OWASP Top 10

    We know there are some very strong feelings about both the recent Top Ten Release Candidate and my involvement in the..

    We are Seeing Ongoing Struts 2 Attacks

    We are Seeing Ongoing Struts 2 Attacks

    If you’re running web applications on the Internet, then you’re almost certainly seeing probes for the Struts 2..

    Two New Vulnerabilities added to the OWASP Top 10

    The Open Web Application Security Project (OWASP) just released an update to the ten most critical web application..

    US Needs a Federal CISO — A Response to the Appointment of a US Cybersecurity Coordinator

    In response to the Trump administration announcement of the appointment of a White House cybersecurity..

    continuous-application-security.jpeg

    Automating Application Security in Modern Software Projects

    Today, it seems like every organization has become a software company. The increasing dependence on automation demands..

    Obama Orders Review of Election Hacking

    BACKROUND - President Obama recently ordered a “deep dive” into the cyberattacks of this year’s election and he wants..

    application-security-tools-third-category-1.jpg

    Is There a 3rd Category of Application Security Tools Beyond Static & Dynamic?

    Recently, Clark Coleman asked a very logical question about application security tools: Can you explain the difference..

    Prev 1 2 3 4 5 Next