This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
User:Yiannis
There is a world of numbers, hiding behind letters, inside computers, this is what stimulates my work. I am currently employed in IT risk management within the financial industry, running a team of technical risk assessors. Prior to this, I spent 5 years in the world of professional penetration testing. I focused my career evolution on assisting large scale projects actually implement secure development practices. This included teaching developers how to write secure code. For OWASP, I was the project leader for JBroFuzz and used to chair the Global Industry Committee. I am on the Application Security Advisory Board of the (ISC)2. My academic qualifications include a PhD in information security, designing routing protocols for ad-hoc networks. I am a certified scrum master and hold the CISSP certification.
Information Assurance: Risk Management & Risk Control
- 2014 - ISC2 EMEA Congress Risk Engineering
- 2014 - ISC2 Security Congress Atlanta Building an Agile Risk Assessment Program - Keeping Up with the Pace of Hackers
Application Security
- 2011 - Web-Spa Single Request Authorisation Web Knocking
- 2011 - Port Knocking Web Implementations Ideas for more ports
- 2011 - Swiss Cyber Storm Protecting Web Applications through Port Knocking
- 2009 - WebGoat Off-By-One Lesson WebGoat Off-By-One Lesson Remains to be Published
OWASP Life in Bullets:
- 2010 - Bletchley Park ISSA UK Hacking for Queen and Country
- 2010 - OWASP GitHub http://www.owasp.org/index.php/Category:OWASP_GitHub
- 2010 - OWASP London http://www.owasp.org/index.php/London#Thursday.2C_January_14th_2010
- Penetration Testing with Selenium
- 2009 - OWASP Global Industry Committee http://www.owasp.org/index.php/Global_Industry_Committee
- 2008 - OWASP NYC Conference http://video.google.com/videoplay?docid=-1551704659206071145#
- JBroFuzz - Building a Java Fuzzer
- 2008 - Deepsec Vienna http://2008.deepsec.net/
- Hybrid Code Auditing: A Dataflow Source Code Review Methodology
- 2007 - OWASP New York/New Jersey http://www.owasp.org/images/4/4e/OWASP_NY_07-Financial-Real-Time-Threats_Pavlosoglou.ppt
- Financial Real-Time Threats: Impacting Trading Floor Operations
- 2006 - JBroFuzz Project Leader http://lists.owasp.org/mailman/listinfo/owasp-jbrofuzz
- JBroFuzz Mailing List
Project Involvement
- DirBuster - http://www.owasp.org/index.php/Category:OWASP_DirBuster_Project
- JBroFuzz - http://www.owasp.org/index.php/JBroFuzz
Contact
Yiannis Pavlosoglou
[email protected]
