Skip to content

Jeff Williams, Co-Founder, Chief Technology Officer

Jeff brings more than 20 years of security leadership experience as co-founder and Chief Technology Officer of Contrast Security. He recently authored the DZone DevSecOps, IAST, and RASP refcards and speaks frequently at conferences including JavaOne (Java Rockstar), BlackHat, QCon, RSA, OWASP, Velocity, and PivotalOne. Jeff is also a founder and major contributor to OWASP, where he served as Global Chairman for 9 years, and created the OWASP Top 10, OWASP Enterprise Security API, OWASP Application Security Verification Standard, XSS Prevention Cheat Sheet, and many more popular open source projects. Jeff has a BA from Virginia, an MA from George Mason, and a JD from Georgetown.

Subscribe Now
Hacked... Because of an Insecure Library

Hacked... Because of an Insecure Library

This morning, ZDNet’s Zack Whittaker reported a hacker has targeted the official forum for the mobile game Clash of..

crying-wolf-the-true-cost-of-false-positive-vulnerabilities-1.jpg

The True Cost of "False Positives" in Application Security

Remember the story of the boy who cried wolf?  His pranks were "false alarms" - defined as "a mistaken or intentionally..

Pokemon_Go_Security_fail.jpg

Security Fail in Pokémon Go

  As you may have heard, some Pokémon Go players may have given the game’s developers access to everything on their..

Contrast releases new open source integrations to transform DevOps into DevSecOps

Contrast releases new open source integrations to transform DevOps into DevSecOps

Contrast is tailor-made for powering appsec in devops organizations. It's instant, accurate, powerful, and scalable. It..

Third category of application security tools beyond

Third category of application security tools beyond "static" and "dynamic"?

Recently, Clark Coleman asked a very logical question about application security tools.

Waiter… there’s a fly in my appsec tool soup!!!

Waiter… there’s a fly in my appsec tool soup!!!

Brace yourself. Recent advances in application security are about to spawn an onslaught of application security tool..

How to Get Started in Application Security

How to Get Started in Application Security

My OWASP Cheat Sheet for Cross-site Scripting (XSS) just passed 1M views, and I'm proud of that. It ain't Shakespeare,..

Point of View: Congress Ironically Hacks CISA into "Must Pass" Omnibus Spending Bill -- Destroys Privacy

The most recent omnibus spending bill now includes the Cybersecurity Information Sharing Act of 2015.  This bill..

My Top 5 Cyber Security Predictions for 2016

It's that time of year for my top predictions for 2016.  And, let's review how well I did for 2015: My 2016 predictions..