Alex Meisel

CTO at Art of Defence GmbH

Alex Meisel is the CTO and co-founder of Art of Defence, where he is responsible for product development, professional services and support. His leadership has focused the company exclusively on providing comprehensive web application security technology from source code analysis to development tools to total shielding, on any scale. Art of DefenceĀ“s flagship distributed web application firewall technology is the most flexible on the market today, available as a SaaS, software plug-ins virtual appliance, hardware appliance or as standalone software solution.

Mr. Meisel is heavily involved with OWASP and is a member of the Cloud Security Alliance. Prior to Art of Defence, he held prominent technology roles in companies such asLINX (London Internet Exchange), Zeus Technologies and ImagExpo - SPX Corp.

  •   Contributions  
  •   Groups  
Paper: Domain 10: Guidance for Application Security V2.1 PDF
Picking up from the latest Cloud Security Alliance papers, Domain 10: Guidance for Application Security V2.1 explores some of the challenges that organizations have encountered with application security for cloud computing. Domain 10 provides an upfront analysis, covering the traditional aspects of managing information confidentiality, integrity and availability, as it is central to documenting the classification of data handled by the application and will influence many of the design decisions. It also elaborates on situations for existing applications that are migrated to the cloud, as it can serve as an opportunity to address outstanding fundamental problems that have been overlooked or underrepresented during their development.

Paper: Security Guidance for Critical Areas of Focus in Cloud Computing v2 PDF
The Cloud Security Alliance's initial report, outlining areas of concern and guidance for organizations adopting cloud computing. The intention is to provide security practitioners with a comprehensive roadmap for being proactive in developing positive and secure relationships with cloud providers. Much of this guidance is also quite relevant to the cloud provider to improve the quality and security of their service offerings. As with any initial foray, there will certainly be guidance that we could improve upon. We will quite likely modify the number of domains and change the focus of some areas of concern. We seek your help to improve this guidance to make version 2.0 of this document an even better asset to the security practitioner and cloud provider. We will be kicking off numerous online activities and in-person regional events to share our findings and connect with experts to increase our knowledge base.

Paper: Defining a dWAF to Secure Cloud Applications PDF
Cloud computing was not designed for security, although organizations such as Cloud Security Alliance (CSA) and Open Web Application Security Project (OWASP) are taking great strides in helping the industry solve the myriad of security problems confronting cloud computing. The benchmark guidelines established by the CSA in their document, Guidance for Critical Areas of Focus in Cloud Computing, is a great first step. This paper is intended to pick up where the CSA guide left off in terms of defining what a distributed web application firewall (dWAF) should look like in order to meet the standards set within the CSA document. It also includes recommendations and practical use-cases.

Presentation: Best Practice Guide: Web Application Firewalls PDF
The CTO at Art of Defence, Alex Meisel, gives an introduction to Web Application Firewalls and their benefits, risks and operation at the OWASP Conference.

Cloud Security Alliance (CSA)
Cloud Security Alliance (CSA)

The Cloud Security Alliance is a non-profit organization formed to promote the use of best practices for providing security assurance within Cloud Computing, and provide education on the uses of Cloud Computing to help secure all other forms of computing.
View the Cloud Security Alliance (CSA) Profile >>
Alex Meisel
View My Blog
View My LinkedIn Profile