Difference between revisions of "User:Psiinon"

From OWASP
Jump to: navigation, search
(13 intermediate revisions by one user not shown)
Line 1: Line 1:
 
Simon Bennetts (a.k.a. Psiinon) has been developing web applications since 1997, and strongly believes that you cannot build secure web applications without knowing how to attack them.
 
Simon Bennetts (a.k.a. Psiinon) has been developing web applications since 1997, and strongly believes that you cannot build secure web applications without knowing how to attack them.
  
He works for a UK FTSE 100 company and leads a team that develops and penetration tests secure web applications, and also gives talks and training courses on web application security.
+
He works for [http://www.mozilla.org/ Mozilla] as part of their [https://wiki.mozilla.org/Security Security Team].
  
 
Some of the projects Simon works on:
 
Some of the projects Simon works on:
Line 8: Line 8:
 
* [https://www.owasp.org/index.php/OWASP_Data_Exchange_Format_Project OWASP Data Exchange Format] project lead
 
* [https://www.owasp.org/index.php/OWASP_Data_Exchange_Format_Project OWASP Data Exchange Format] project lead
 
* [http://code.google.com/p/bodgeit/ Bodge It Store] project lead
 
* [http://code.google.com/p/bodgeit/ Bodge It Store] project lead
 +
* [https://www.owasp.org/index.php/Web_Application_Security_Testing_Cheat_Sheet OWASP Web Application Security Testing Cheat Sheet] joint author
 
* [https://www.owasp.org/index.php/Category:OWASP_AppSensor_Project OWASP AppSensor] contributor
 
* [https://www.owasp.org/index.php/Category:OWASP_AppSensor_Project OWASP AppSensor] contributor
 
* [http://code.google.com/p/wavsep/ wavsep] contributor
 
* [http://code.google.com/p/wavsep/ wavsep] contributor
 
* [http://pentest4devs.blogspot.com/ 'Penetration Testing for Developers'] blog author
 
* [http://pentest4devs.blogspot.com/ 'Penetration Testing for Developers'] blog author
  
He is also one of the chapter leaders for the newly formed [[Manchester]] chapter.
+
He is also one of the chapter leaders for the OWASP [[Manchester]] chapter.
  
 
Simon has a B.Sc in Computing and Information Systems from [http://www.manchester.ac.uk/ Manchester University].
 
Simon has a B.Sc in Computing and Information Systems from [http://www.manchester.ac.uk/ Manchester University].
Line 23: Line 24:
 
* Twitter: [http://twitter.com/psiinon @psiinon]
 
* Twitter: [http://twitter.com/psiinon @psiinon]
  
Talks and courses run:
+
Videos:
* 2010/12/08 [https://www.owasp.org/index.php/Leeds_UK OWASP Leeds chapter meeting]. Talk: An introduction to ZAP
+
* 2012/06/13 Security Testing in Development and QA [http://www.youtube.com/watch?v=ZWSLFHpg1So video]
* 2011/02/26 Manchester Linux User Group. Talk: [http://www.manlug.org/?p=1297 An introduction to OWASP, the top 10 and ZAP]
+
 
* 2011/06/10 Dublin AppSec EU. Talk: [https://www.owasp.org/index.php/AppSecEU2011#tab=June_10th An introduction to ZAP]
+
Talks:
* 2011/09/23 Minneapolis AppSec USA. Talk: [http://www.appsecusa.org/talks.html#zap An introduction to ZAP] - [https://www.owasp.org/index.php/File:OWASP_APPSEC_USA_2011_ZAP.ppt slides]
+
* 2013/02/02 [https://fosdem.org/2013/schedule/event/security_owasp/ FOSDEM]. Practical Security for developers, using OWASP ZAP - hopefully the video will be available soon
 +
* 2012/11/07 [https://www.owasp.org/index.php/German_OWASP_Day_2012/Programm OWASP German Day]. The OWASP Zed Attack Proxy - [https://www.owasp.org/images/d/d4/Zed_Attack_Proxy_-_Simon_Bennetts.pdf slides]
 +
* 2012/09/12 [https://www.owasp.org/index.php/East_Midlands OWASP East Midlands] chapter meeting. The OWASP Top Ten - [https://www.owasp.org/index.php/File:OWASP_Manchester_12_02_10_intro.pptx slides]
 +
* 2012/09/11 [https://www.owasp.org/index.php/Manchester OWASP Manchester] chapter meeting. The OWASP Zed Attack Proxy [http://www.slideshare.net/psiinon/owasp-2012-appsec-dublin-zap-intro - slides] (same as for Dublin;)
 +
* 2012/09/06 [http://www.appsecireland.org/ OWASP Dublin AppSec]. The OWASP Zed Attack Proxy [http://www.slideshare.net/psiinon/owasp-2012-appsec-dublin-zap-intro - slides]
 +
* 2012/04/14 [https://www.owasp.org/index.php/AppSecAsiaPac2012OWASP OWASP Sydney AppSec AsiaPac]. The Zed Attack Proxy - [https://www.owasp.org/index.php/File:OWASP_APPSEC_ASIAPAC_ZAP_2.pptx slides]
 +
* 2012/02/01 [https://www.owasp.org/index.php/2012_02_01_Manchester OWASP Manchester] chapter meeting. The OWASP Top Ten - [https://www.owasp.org/index.php/File:OWASP_Manchester_12_02_10_intro.pptx slides]
 +
* 2011/10/25 [https://www.owasp.org/index.php/Leeds_UK OWASP Leeds] chapter meeting. An introduction to ZAP
 +
* 2011/09/23 [http://www.appsecusa.org/talks.html#zap OWASP Minneapolis AppSec USA]. An introduction to ZAP - [https://www.owasp.org/index.php/File:OWASP_APPSEC_USA_2011_ZAP.ppt slides] - [http://vimeo.com/32387480 video]
 +
* 2011/06/10 [https://www.owasp.org/index.php/AppSecEU2011#tab=June_10th OWASP Dublin AppSec EU]. An introduction to ZAP
 +
* 2011/02/26 [http://www.manlug.org/?p=1297Manchester Linux User Group]. An introduction to OWASP, the top 10 and ZAP
 +
* 2010/12/08 [https://www.owasp.org/index.php/Leeds_UK OWASP Leeds] chapter meeting.  An introduction to ZAP
 +
 
 +
Courses run:
 
* 2011/10/20 [https://www.owasp.org/index.php/Ireland-Dublin OWASP Dublin chapter]. 2 hour course: The OWASP Zed Attack Proxy
 
* 2011/10/20 [https://www.owasp.org/index.php/Ireland-Dublin OWASP Dublin chapter]. 2 hour course: The OWASP Zed Attack Proxy
* 2011/10/25 [https://www.owasp.org/index.php/Leeds_UK OWASP Leeds chapter meeting]. Talk: An introduction to ZAP
 

Revision as of 11:32, 8 February 2013

Simon Bennetts (a.k.a. Psiinon) has been developing web applications since 1997, and strongly believes that you cannot build secure web applications without knowing how to attack them.

He works for Mozilla as part of their Security Team.

Some of the projects Simon works on:

He is also one of the chapter leaders for the OWASP Manchester chapter.

Simon has a B.Sc in Computing and Information Systems from Manchester University.

Contact details:

Videos:

  • 2012/06/13 Security Testing in Development and QA video

Talks:

Courses run: