User:Dinis.cruz

Hello, Welcome to my page where you can find more details about who I am and what I do at OWASP. You can contact me on dinis.cruz at owasp.org or dinis at ddplus.net

To see my wiki contributions, click here.

Current OWASP Involvement

I am currently involved in a number of OWASP areas:

• leader of the OWASP O2 Platform project
• participant of the OWASP Global Projects Committee
• chair of the OWASP Connections Committee
• member of the OWASP Board Member

Past OWASP involvement

• leader of the OWASP London chapter (2006/2007) - but have passed the leadership to Ivan from ModSecurity, who passed it to Justin.
• leader of the OWASP .NET Project
• main developer of a number of OWASP .NET tools
• helped to organize the OWASP EU Summit 2008 in Portugal
• helped to organize the past OWASP Sponsorship programs:
  • OWASP Season of Code 2009
  • OWASP Summer of Code 2008
  • OWASP Spring Of Code 2007
  • OWASP Autumn Of Code 2006

Short CV

Dinis Cruz is a Security Consultant based in London (UK) and specialized in: ASP.NET/J2EE Application Security, Application Security audits and .NET Security Curriculum Development.

For the past years Dinis has focused on the field of Static Source Code analysis, from May 2007 to Dec 2009 he worked as a independent consultant for Ounce Labs (bought by IBM in July 2009) where during active security engagements using Ounce's technology he developed the Open Source codebase which now is the foundation of the OWASP O2 Platform.

Dinis is currently focused on making the O2 Platform the industry standard for consuming, instrumenting and data-sharing between the multiple WebAppSec tools, the Security consultants and the final developers.

Dinis is a also active trainer on .Net security having written and delivered courses for IOActive, Foundstone, Intense School and KPMG (at multiple locations including BlackHat), and has delivered a number of presentations and keynote speeches at multiple OWASP and Security related conferences

At OWASP, Dinis is the leader of the OWASP O2 Platform project, member of the OWASP Global Projects Committee, chair of the OWASP Connections Committee and member of the OWASP Board

Security vulnerability research

• Microsoft Security Bulletin MS07-040 - Critical

Interviews & Media quotes

• Asked and Answered: More Secure .NET Development, Redmond Developer News, 24/Oct/07
• OWASP Preps Framework for Website Security Certification, Dark Reading, 08/Oct/07
• Security, .NET, and the OWASP Project , Dr.Dobb's Portal , 05/Oct/07
• Security Laboratory: Thought Leaders in Software Security Series, SANS, 11/Jun/07
• Reflection on Dinis Cruz, Anurag Agarwal Blog, 02/Jul/07

Videos

• The Value of Code Scanning, SANS, 24/Aug/07
• 'Live Demo Of An Web Application Security Review (And Source Code Analysis)' , OWASP Turkey Chapter, 31/Jul/07
• On OWASP , OWASP Turkey Chapter, 31/Jul/07
• Dinis Cruz @ BlackHat 2006 with FSTV, 30/Aug/06

Working pages

This is more a reference for me (Dinis) but feel free to look around

• OWASP .NET Project
• Members Comments On OWASP membership
• Dinis Cruz Research - Draft Notes
• OWASP_Spring_Of_Code_2007
• OWASP_Winter_Of_Code_2008