Facilitating the Spread of Knowledge and Innovation in Professional Software Development

Write for InfoQ


Choose your language

InfoQ Homepage Presentations Establishing Your Organization's Enterprise Security API

Establishing Your Organization's Enterprise Security API



Every organization should define a standard way for developers to perform common security-related actions - authenticating, access control, validation, encoding, encryption, logging, error handling, and more. In this talk, Jeff discuss the process of establishing a security API for your enterprise, focusing on the most critical methods needed by web application and web service developers.


Jeff Williams is the founder and CEO of Aspect Security and serves as the volunteer Chair of the Open Web Application Security Project, a free and open source organization dedicated to finding and fighting the causes of insecure software. Jeff has been writing code for 25 years, speaks frequently on application security, and has published numerous papers on practical risk and assurance techniques.

About the conference

QCon is a conference that is organized by the community, for the community.The result is a high quality conference experience where a tremendous amount of attention and investment has gone into having the best content on the most important topics presented by the leaders in our community.QCon is designed with the technical depth and enterprise focus of interest to technical team leads, architects, and project managers.

Recorded at:

Nov 05, 2008