|
|
 |
|
|
|
| |
|
|
|
 Conferences |
|
|
Mix10 |
|
| Partner Showcase |
|
|
Pluralsight is a premier Microsoft .NET training provider and home to many of the top authorities on .NET today. Pluralsight delivers professional training classes at various open enrollment locations and customer sites around the world. The experience and reputation of Pluralsight's instructors and the high quality of Pluralsight course materials generate a high demand for its courses, making them among the most sought after in the industry.
|
|
|
|
|
|
|
 |
|
|
 |
|
 |
|
NxtGenUG Profile |
 |
| Cruz, Dinis |
|
| Dinis Cruz is a Senior IOActive Security Consultant based in London specializing in ASP.NET Application Security |
|
|
|
|
|
Dinis Cruz is a Senior IOActive Security Consultant based in London (UK) and specializes in: ASP.NET Application Security, Active Directory deployments, Application Security audits and .NET Security Curriculum Development.
Since the 1.1 release of the .Net Framework, Dinis has been one of the strongest proponents of the need to write .Net applications that can be executed in secure Partially Trusted .Net environments, and has done extensive research on: Rooting the CLR, exposing the dangers of Full Trust Asp.Net Code, Type Confusion vulnerabilities in Full Trust (i.e. non verifiable) code, creating .Net Security Protection Layers and using Reflection to dynamically manipulate .Net Client applications.
Dinis is also the current Owasp .Net Project leader and the main developer of several of OWASP .Net tools (SAM'SHE, ANBS, SiteGenerator, PenTest Reporter, Asp.Net Reflector, Online IIS Metabase Explorer).
|
|
|
|
|
|
|
|
| Speaker Presentation List |
|
|
| ASP.NET Security and OWASP
|
|
| Dinis Cruz, renowned security consultant visits Birmingham to talk about ASP.NET Security, the Open Web Application Security Project (OWASP) and how you can get involved in helping make the web a more secure place to live and work
|
|
|
|
| O2 - Advanced Source Code Analysis Toolkit
|
|
| In this talk Dinis Cruz will show the open source toolkit O2 (Ounce Open) which is specifically designed for developers and security consultants to be able to perform quick, effective and thorough source code security reviews. The O2 toolkit (http://www.o2-ounceopen.com) uses the scanning engines from Ounce Labs, Microsoft's CAT.NET tool and FindBugs (with more engines to be added soon) and allows advanced filtering, manipulation and visualization of its findings. In the past, there has been a very healthy skepticism on the usability of Source Code analysis engines to find commonly found vulnerablities in real world applications. This presentation will show that with some creative and powerful tools, it IS possible to use O2 to discover those issues.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
 |
|
 |
|
|