[Owasp-sanantonio] Dinis Cruz speaking at special OWASP San Antonio meeting

Dan Cornell dan at denimgroup.com
Mon Aug 9 08:48:12 EDT 2010


We have two exciting OWASP San Antonio events coming up:

The first event is a special meeting this Friday (8/13/2010).  We have Dinis Cruz - OWASP Board Member - in town to talk about his O2 project:

11:30 at the San Antonio Technology Center in the Web Room.

More details below.  If you are interested in code review and static analysis this will be a great presentation.

Also - lunch will be provided!




San Antonio OWASP Chapter: Fri. August 13, 2010

Topic: 1)How OWASP Works and Guided Tour of OWASP Projects / 2) Using the O2 Platform to Consume OWASP projects

Presenter: Dinis Cruz

Date: Friday, August 13, 2010, 2010 11:30am - 1:00pm

Location: San Antonio Technology Center (Web Room) 3463 Magic Drive San Antonio, TX 78229 http://maps.google.com/maps?f=q&hl=en&q=3463+Magic+Drive,+San+Antonio,+TX+78229

Abstract: 1) How OWASP Works and Guided Tour of OWASP Projects - This presentation will focus on my experience in getting things done at OWASP, what resources are available and what types of initiatives should the local chapters be doing. In addition to a quick overview of a number of key OWASP projects, this talk will also provide a tutorial on how the OWASP WIKI (MediaWiki based) can be used as a database (using the MediaWiki templates technology)

2) Using the O2 Platform to Consume OWASP projects - This presentation will focus on how to consume the OWASP Wiki and a number of OWASP projects using the OWASP O2 Platform. The O2 Platform has powerful technology and capabilities for both BlackBox and WhiteBox analysis and this presentation will provide examples on how to use O2 with: WebGoat, WebScarab, Code Crawler, Dir Buster, Testing Guide, Code Review Guide and OpenSAMM

The O2 Platform is focused on automating application security knowledge and workflows. It is specifically designed for developers and security consultants to be able to perform quick, effective and thorough 'source-code-driven' application security reviews (BlackBox + WhiteBox). In addition to the manual findings created/discovered by security consultants, the OWASP O2 Platform allows the easy consumption of results from multiple OWASP projects and commercial scanning tools. This allows security consultants to find, exploit and automate (via Unit Tests) security vulnerabilities usually dismissed by the community as impossible to find/recreate. More importantly, it provides the Security Consultants a mechanism to: a) 'talk' with developers (via UnitTest) , b) give developers a way to replicate + "check if it's fixed" the vulnerabilities reported and c) engage on a two-way conversion on the best way to fix/remediate those vulnerabilities.

Presenter Bio: Dinis Cruz is a Security Consultant based in London (UK) and specialized in: ASP.NET/J2EE Application Security, Application Security audits and .NET Security Curriculum Development. For the past years Dinis has focused on the field of Static Source Code analysis, from May 2007 to Dec 2009 he worked as a independent consultant for Ounce Labs (bought by IBM in July 2009) where during active security engagements using Ounce's technology he developed the Open Source codebase which now is the foundation of the OWASP O2 Platform. Dinis is currently focused on making the O2 Platform the industry standard for consuming, instrumenting and data-sharing between the multiple WebAppSec tools, the Security consultants and the final developers. Dinis is a also active trainer on .Net security having written and delivered courses for IOActive, Foundstone, Intense School and KPMG (at multiple locations including BlackHat), and has delivered a number of presentations and keynote speeches at multiple OWASP and Security related conferences At OWASP, Dinis is the leader of the OWASP O2 Platform project, member of the OWASP Global Projects Committee, chair of the OWASP Connections Committee and member of the OWASP

Please RSVP: E-mail owasprsvp at denimgroup.com or call (210) 572-4400.

More information about the Owasp-sanantonio mailing list