Loading…
This event has ended. View the official site or create your own event → Check it out
This event has ended. Create your own
View analytic
Thursday, June 30 • 16:15 - 17:45
Lightning Training - How to Use OWASP Security Logging

Sign up or log in to save this to your schedule and see who's attending!

This presentation will provide an overview of the OWASP Security Logging project, a standard Log4j compatible  Java API to log security related events. The presenters will discuss the case for logging security events, what  types of events to log, how to use the API in your code, and provide examples of API features:  * Overview of the security logging API features/benefits   * Overview of SLF4J logger features from security perspective   * Security logging with log4j, log4j2, logback, and JDK logging   * "Hello World" with security logging   * Logging console application properties   * Logging servlet application properties with correlated data like User ID   * Filtering passwords from logs   * Customize filtering for removing SSN/credit cards from logs   * Adding interval logging to your project   * Customize interval logging   * Adding information classification (e.g., CLASSIFIED messages) to projects

Speakers
avatar for August Detlefsen

August Detlefsen

Senior Application Security Consultant, CodeMagi, Inc.
August Detlefsen (California) is a Senior Security Consultant who has presented at JavaOne (2008, 2012) as well as AppSec USA (2014, 2015) and is the co‐author of Iron‐Clad Java: Building Secure Web Applications. August also teaches customized secure coding classes for large and small clients.
SV

Sytze van Koningsveld

Sytze van Koningsveld (Netherlands) is Senior Java Developer at KLM Royal Dutch Airlines, and OWASP He is especially interested in open source projects and specialized in defensive security measures.
avatar for Milton Smith

Milton Smith

Sr. Principal Security Analyst, Oracle
Milton Smith (California) is an application security security principal at Oracle working strategically to improve application security. Milton is also a project leader for both the OWASP Security Logging Project and the DeepViolet for SSL/TLS scanner project. Prior to Oracle, Milton lead security for Yahoo's User Data Analytics property. For more information visit, https://securitycurmudgeon.com/ or follow Milton on Twitter(@spoofzu).


Thursday June 30, 2016 16:15 - 17:45
Caravaggio 8

Attendees (19)