Elar Lang
Elar Lang is a web application security specialist and enthusiast who has been working for more than 13 years in different aspects of web application security. A full-time security tester, training architect, and web application security developer educator (close to 3000 hours of training). Likes to research and write proof-of-concepts for attacks. More than 5 years actively developing and co-leading a security standard - OWASP Application Security Verification Standard (ASVS).
Out of business hours, to "escape" the screens and keyboards, takes a photo camera and stays or hikes in nature. Favorite places - Iceland and North Scandinavia.
Session
Soon to be released OWASP ASVS v5.0 contains a new chapter of requirements related to OAuth and OIDC. The talk is about - what is (not) ASVS, how it covers OAuth and OIDC, and most importantly - calling you to review the related chapter.