Presentation at OWASP – Los Angeles

I will be presenting at the OWASP Los Angeles chapter on Wednesday evening October 29th.
I will update this blog with the presentation immediately following the meeting.

Here is the presentation

(Thanks to my colleague Adam Vincent for his input)


Introducing the Layer 7 SecureSpan Gateway

The Layer7 SecureSpan Gateway, hereafter referred to as “SSG” , secures Service Oriented Architectures (SOA) and Web Oriented Architectures (WOA) including SOAP, POX, AJAX and REST. The SSG is available as a 1U appliance or a software solution installed on the hardware of your choice. The SSG inspects incoming packets of XML data and applies policies to them. The policies are created using a simple GUI. (Take a look here for more product details.)

What is a SecureSpan Gateway policy assertion?
Web services are deployed for consumption by other applications. This ease of availability is by definition, inherently insecure. In order to alleviate the web services developer of the burden of protecting the web service, the Layer 7 SecureSpan Gateway (SSG) provides policies that restrict who can consume a published service. An SSG policy can also discard XML packets that contain known threats such as SQL injection.

The next series of blog posts will begin to explore SSG policies.