Home » Events » OWASP Ireland Chapter Meeting

News Stories

Job Search


Back to Events »

OWASP Ireland Chapter Meeting

Time15:00:00 Phone
DateFriday, February 19, 2010 Web
VenueHarcourt Street, Dublin 2





The OWASP Ireland chapter meeting to be held on February 19th, at 3:00pm-5:00pm (show up at venue between 2:30pm-3:00pm) in the Ernst & Young offices Harcourt Street, Dublin 2 (MAP)



Dinis Cruz is the Chief OWASP Evangelist and a Security Consultant based in London (UK), specializig in: ASP.NET Application Security, Active Directory deployments, Application Security audits and .NET Security Curriculum Development.


Since the 1.1 release of the .Net Framework, Dinis has been one of the strongest proponents of the need to write .Net applications that can be executed in secure Partially Trusted .Net environments, and has done extensive research on: Rooting the CLR, exposing the dangers of Full Trust Asp.Net Code, Type Confusion vulnerabilities in Full Trust (i.e. non verifiable) code, creating .Net Security Protection Layers and using Reflection to dynamically manipulate .Net Client applications.


Dinis is the current [Owasp .Net Project] and [OWASP Autumn of Code] project's leader and the main developer of several of OWASP .Net tools ([SAM'SHE], [ANBS], [SiteGenerator], Owasp Report Generator, [Asp.Net Reflector]), and an active trainer on .Net security having written and delivered courses for IOActive, Foundstone, Intense School and KPMG .


OWASP O2 Platform - Open Platform for automating application security knowledge and workflows

In this talk Dinis will show the OWASP O2 Platform which is an open source toolkit specifically designed for developers and security consultants to be able to perform quick, effective and thorough 'source-code-driven' application security reviews.



The OWASP O2 Platform consumes results from the scanning engines from Ounce Labs, Microsoft's CAT.NET tool, FindBugs, CodeCrawler and AppScan DE, and also provides limited support for Fortify and OWASP WebScarab dumps. In the past, there has been a very healthy skepticism on the usability of Source Code analysis engines to find commonly found vulnerablities in real world applications. This presentation will show that with some creative and powerful tools, it IS possible to use O2 to discover those issues. This presentation will also show O2's advanced support for Struts and Spring MVC.




If you are planning to attend you must RSVP with your real name by midday the day of the event.  




People reading this article also read....


More Security News on 




Get Instant Updates....

Join on Facebook and Twitter