Paolo Perego

Application security specialist and security code reviewer

Milan Area, Italy

Current
  • Source code flaws Top 10 - Project leader at OWASP
  • Owasp Orizon Project leader at OWASP
  • Senior Consultant at Spike Reply (a Reply s.p.a. company)
Education
  • Università degli Studi di Milano
  • ITSOS - M.Curie
Recommended
Paolo has 21 recommendations 21 people have recommended Paolo
Connections
330 connections
Industry
Computer & Network Security

Paolo Perego’s Summary

Code reviewer and SSDLC designer. I help my customers in adding security into their SDLC (Software Development LiveCycle) using a "step by step" approach trying to be as gentle as possible with existing workflows.
Focused into reviewing source code with automatic both static than dynamic tools and with a manual code review process to better refine tools' results.

Active in research in the source static analysis, in paper writing and evangelism in various conferences about SSDLC, code review and safe coding.

Penetration tester in many ethical hacking activities for important realities such as banks, telcos, manufacture industries in the Italian market place.

Paolo Perego’s Specialties:

code reviewing, SSDLC, safe coding, penetration testing, java, c, web application delopment, kernel hacking, linux, unix, osx

Paolo Perego’s Experience

  • Source code flaws Top 10 - Project leader

    OWASP

    (Privately Held; 201-500 employees; Computer & Network Security industry)

    December 2008Present (1 year 1 month)

    The Source code flaws Top 10 project is a project with the ambitious goal to give a taxonomy for security flaws you can find in a security code review.

    Providing such a taxonomy we can use it into Owasp Code Review guide and into Owasp Orizon project to gather security findings introducing source flaw categories.

    Main project link: http://www.owasp.org/index.php/Project_Information:template_Source_Code_Flaws_Top_10_Project

  • Owasp Orizon Project leader

    OWASP

    (Non-Profit; Information Technology and Services industry)

    October 2006Present (3 years 3 months)

    Owasp Orizon is a framework to provide security tools code reviewing and SSDLC safe coding rules enforcement.
    I'm project leader of Orizon and our mean goal is to provide to opensource community a good programming safe coding library and APIs to make source code assessment

  • Senior Consultant

    Spike Reply (a Reply s.p.a. company)

    (Computer & Network Security industry)

    November 2004Present (5 years 2 months)

    Code reviewing and SSDLC building
    Penetration tester
    Identity and Access Management solution design and implementation

Paolo Perego’s Education

  • Università degli Studi di Milano

    Laurea , Computer Science, Security, Operating Systems, Networking , 19952001

  • ITSOS - M.Curie

    Maturità tecnica , Computer Science, Software development , 19911995

Additional Information

Paolo Perego’s Interests:

Rollerblade, taekwon-do, playing guitar, drinking beer, photograph, writing, reading, listening music, coding

Paolo Perego’s Contact Settings

Interested In:

  • career opportunities
  • new ventures
  • job inquiries
  • expertise requests
  • business deals
  • getting back in touch

View Full Profile

Public profile powered by: LinkedIn

Create a public profile: Sign In or Join Now

View Paolo Perego’s full profile:

  • See who you and Paolo Perego know in common
  • Get introduced to Paolo Perego
  • Contact Paolo Perego directly

View Full Profile