Today’s episode features an interview with Georg Hess about Web application security and compliance in the cloud. Hess is the founder of application security provider Art of Defence and current German chapter head of the Open Web Application Security Project (OWASP).
The OWASP membership includes corporations, educational organizations and individuals from around the world. OWASP’s community works to create freely available articles, methodologies, documentation, tools and technologies.
When you listen to the podcast, recorded by associate editor Alexander B. Howard, you’ll learn the answers to the following questions:
- How are the security challenges that OWASP advises others on changing?
- OWASP recently published an Application Security Verification Standard. What does the standard mean?
- What does establishing such a standard mean for chief information security (CISO) and compliance officers who are considering cloud computing?
- What other security standards are being established for the cloud or need to be created?
- What compliance issues do companies face when implementing cloud computing?
- How can cloud providers offer secure cloud offerings?
- How can security and compliance officers confirm that they are doing so?
- What do banking and health care CISOs who are considering adopting cloud models need to know?
- How are threats to Web application security evolving?
- What do compliance and security officers need to know — and do — to respond?
- What other regulations do compliance officers need to be aware of in 2009?