This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit

User:Chris Wysopal

Jump to: navigation, search
started my career as software engineer that first built commercial software and then migrated to the specialty of testing software for vulnerabilities. 

I researched software security for the first vulnerability research think tank, L0pht Heavy Industries, from 1994-1999. I was one of the authors of L0phtCrack, the Windows password auditing program. I am the author of Netcat for Windows. I have published several major security vulnerabilities in Lotus Notes, Microsoft Windows and Cold Fusion.

I have performed dozens of security code audits, design reviews, and software penetration tests for major software vendors on products such as web servers, SQL servers, mail servers and DRM products.

I have led highly productive and innovative software development teams and have had product management roles.

My work has led me to testify on Capitol Hill twice on software security. I am a founder of the Organization for Internet Safety. I have been interviewed by several major newspapers, magazines, and TV news programs on the subject of computer security.

I am the author of "Software Security Testing" published by Addison-Wesley.

My goals are to automate the difficult task of finding vulnerabilities in software and to let customers assess the security of the software they purchase that can put them at risk.