User:Stephen de Vries

Stephen specialises in web application and particularly Java security, with an emphasis on security assessment, risk assessment and integrating security practices into the software development lifecycle. He has published numerous original research papers and presented at conferences such as Blackhat USA/Europe, Devoxx and OWASP, amongst others.

He was a founding leader of the OWASP Java Project and contributor to OWASP ASVS and Testing projects. As a consultant he is responsible for leading security assessments, delivering training courses and defining new services and methodologies. Stephen's 15 years experience in information security has included a broad range of disciplines from software development and security assessment to risk management and architecture security reviews.