User:Weilin Zhong

Application Security Expert
Weilin is an application security expert with 13+ year's experience in information security and specializes in application security since 2002. She is an expert in security code review, penetration testing, vulnerability management, risk assessment and security process. Weilin has rich experience in application security consulting, helping organizations understand and mitigate their application security risks.

Weilin currently works in the security code review team at the Wells Fargo bank, serving business channels across the entire enterprise on application security risks and security coding issues. Prior to Wells Fargo, Weilin spent 6+ years working as a security consultant in Aspect Security and Cigital, providing application security services to customers across various industrial verticals.

Prior to her industrial experience, Weilin has spent 5 years in the academia as a research assistant in the Computer Science Department of University of Virginia and the Engineering Research Center of Information Security Technology (ERCIST) in Institute of Software, Chinese Academy of Sciences in Beijing China. She has rich R&D experience in various information security areas, including authentication, cryptography and network security.

Sharing the passion of application security, Weilin has been actively involved with OWASP since its early years. She is the creator of the OWASP Honeycomb Project, the lead of the OWASP Top 10 Chinese translation, the lead of the OWASP Chinese Project, the key organizer of OWASP China Summit 2010, and an active contributor for OWASP China-mainland Chapter.

Weilin received her M.S. in Computer Science from University of Virginia and M.S. in Computer Software from Institute of Software, Chinese Academy of Sciences in Beijing China. Weilin received her B.S. from Huazhong University of Science and Technology in Wuhan China. Weilin has been a Certified Information Systems Security Professional (CISSP) since 2003 and holds GIAC Secure Software Programmer (GSSP) – Java certification.

Weilin is a mother of two boys and lives with her family in Maryland.

[mailto:weilin.zhong@owasp.org Email Weilin.]

资深应用安全专家 钟卫林
应用程序安全专家，13年以上丰富的信息安全经验. 精通互联网应用程序的代码检测，入侵检测，漏洞分析和风险评估的工具和方法，并随时跟踪最新的互联网和安全技术发展动向. 现任职于美国第四大银行富国银行安全部门，为富国银行各个部门的各种大型企业级互联网应用程序提供代码安全服务，执行代码检测，漏洞分析和风险评估. 钟卫林有多年安全咨询经验，曾任职于美国领先的应用安全咨询公司Apsect Security 和 Cigital, 为各个行业的各大公司提供各种安全咨询服务，帮助企业正确了解应用安全风险，建立和评估企业安全流程，为各种大型企业级应用程序提供安全评估和安全解决方案. 钟卫林还拥有多年信息安全研究和开发经验，曾在美国弗吉尼亚大学的计算机系和中科院软件所信息安全工程研究中心做多个信息安全领域的研究和开发工作，包括身份认证系统，密码学和网络安全. 钟卫林拥有美国弗吉尼亚大学计算机科学硕士学位，中国科学院软件所计算机软件硕士学位和华中理工大学计算机科学学士学位. 钟卫林拥有CISSP和GSSP-J证书.