Skip to content

Jeff Williams, Co-Founder, Chief Technology Officer

Jeff brings more than 20 years of security leadership experience as co-founder and Chief Technology Officer of Contrast Security. He recently authored the DZone DevSecOps, IAST, and RASP refcards and speaks frequently at conferences including JavaOne (Java Rockstar), BlackHat, QCon, RSA, OWASP, Velocity, and PivotalOne. Jeff is also a founder and major contributor to OWASP, where he served as Global Chairman for 9 years, and created the OWASP Top 10, OWASP Enterprise Security API, OWASP Application Security Verification Standard, XSS Prevention Cheat Sheet, and many more popular open source projects. Jeff has a BA from Virginia, an MA from George Mason, and a JD from Georgetown.

Subscribe Now
    Topics

    "The DCCC Hacked:  SQL Injection?  Come on."

    Jeff's comments here are a follow-up to his blog post "International hacks, politics and knee-jerk cybersecurity.....

    when-all-you-have-is-a-hammer-everything-looks-like-a-vulnerability.jpg

    With Only a Hammer, Everything Looks Like a Security Vulnerability!

    Did you know that most security vulnerabilities are simply the result of failing to use the right security control in..

    International hacks, politics and knee-jerk cybersecurity - never a good mix

    The FBI is now leading an investigation into a hack into the Democratic National Committee. This is the first..

    Hacked... Because of an Insecure Library

    Hacked... Because of an Insecure Library

    This morning, ZDNet’s Zack Whittaker reported a hacker has targeted the official forum for the mobile game Clash of..

    crying-wolf-the-true-cost-of-false-positive-vulnerabilities-1.jpg

    The True Cost of "False Positives" in Application Security

    Remember the story of the boy who cried wolf? His pranks were "false alarms" - defined as "a mistaken or intentionally..

    Pokemon_Go_Security_fail.jpg

    Security Fail in Pokémon Go

    As you may have heard, some Pokémon Go players may have given the game’s developers access to everything on their..

    Contrast releases new open source integrations to transform DevOps into DevSecOps

    Contrast releases new open source integrations to transform DevOps into DevSecOps

    Contrast is tailor-made for powering appsec in devops organizations. It's instant, accurate, powerful, and scalable. It..

    Third category of application security tools beyond

    Third category of application security tools beyond "static" and "dynamic"?

    Recently, Clark Coleman asked a very logical question about application security tools.

    Waiter… there’s a fly in my appsec tool soup!!!

    Waiter… there’s a fly in my appsec tool soup!!!

    Brace yourself. Recent advances in application security are about to spawn an onslaught of application security tool..

    Prev 3 4 5 6 7 Next