Top Cybersecurity Training Protects Your Assets - Learn From the BEST and Apply New Knowledge Immediately!


To attend this webcast, login to your SANS Account or create your Account.

This webcast has been archived. To view the webcast login into your SANS Portal Account or create an account by clicking the "Get Registered" button on the right. Once you register, you can download the presentation slides below.

OWASP Top 10 2017: What You Need to Know

  • Friday, December 08, 2017 at 10:30 AM EST (2017-12-08 15:30:00 UTC)
  • Dr. Johannes Ullrich, Chris Eng


  • Veracode

You can now attend the webcast using your mobile device!



For the first time since 2013, the Open Web Application Security Project (OWASP) has updated its top 10 list of the most critical application security risks. According to OWASP, the 2017 OWASP Top 10 is a major update, with three new entries making the list, based on feedback from the AppSec community. During this webinar, Johannes Ullrich, Senior SANS Institute Expert and Chris Eng, VP Security Research at Veracode will explain more about the three new risks in the 2017 top 10, what else has changed since 2013, and provide resources to adopt best practices for preventing these risks.

Speaker Bios

Dr. Johannes Ullrich

Dr. Johannes Ullrich is the Dean of Research for SANS Technology Institute, a SANS Faculty Fellow, and founder of the Internet Storm Center ( which provides a free analysis and warning service to thousands of Internet users and organizations. He is the host of the SANS Internet Storm Center Daily Stormcast, a daily podcast that provides a brief 5-minute summary of current network security related events, and the author of SEC546: IPv6 Essentials, co-author of SANS SEC522: Defending Web Applications Security Essentials, and can be found teaching his own courses as well as SEC503: Intrusion Detection In-Depth. Learn more about Johannes here.

Chris Eng

Chris Eng is vice president of research at CA Veracode. A founding member of the Veracode team, he currently leads all security research initiatives including applied research, product security and Veracode Labs. Chris has led projects breaking, building and defending software in a career spanning nearly two decades. In addition to research, he consults frequently with stakeholders to advance application security initiatives. Chris is a frequent speaker and occasional review board member at premier industry conferences. Prior to Veracode, Chris was technical director at Symantec (formerly @stake) and an engineer at the National Security Agency.

Need Help? Visit our FAQ page or email

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.