Paco Hope

Paco Hope

Software Security Consultant

  • @pacohope

London, United Kingdom

Areas of Expertise:

  • Web Security
  • Software Testing
  • Online Gambling
  • Security Testing
  • Security Training
  • consulting
  • speaking
  • training
Paco Hope is a Technical Manager with Cigital. His areas of expertise software security, security testing, and casino gaming. He specializes in analyzing the security of software, software systems, and software development processes. Paco frequently speaks at conferences such as the Better Software Conference, STAR East, and STAR West. He conducts training on risk-based security testing, writing security requirements, and software security fundamentals. He can be reached at

Web Security Testing Cookbook Web Security Testing Cookbook
by Paco Hope, Ben Walther
October 2008
Print: $39.99
Ebook: $31.99

Mastering FreeBSD and OpenBSD Security Mastering FreeBSD and OpenBSD Security
by Yanek Korff, Paco Hope, Bruce Potter
March 2005
Print: $49.99
Ebook: $42.99

Paco blogs at:

"Web Security Testing Cookbook does a good job of assisting developers and testers in their quest to improve the way Web applications are deployed and to protect the precious data that resides on their Web sites. Those developers and quality assurance testers who are not already familiar with and practicing effective security design strategies should read this book and apply the recipes found therein."
--Don Fergus, Security Management

"Aimed for web developers and software testers, this cookbook provides a wealth of ideas on mangling with web applications - the hands-on way. "
--Mirko Zorz, Help Net Security

"Mastering FreeBSD and OpenBSD Security is a worthwhile book. It covers BSD security topics (in detail) that are not often seen in books. It's a good read and a good reference written in a terse manner that gets the points across without being overly verbose... unlike many technical books on the market today."
--Marc DeBonis, Virginia Tech Windows Users Group

"For advanced BSD administrators who want to add enhanced security tools to their arsenal, this is a good next step, although how useful it will be is left up to the reader."
--Robert Slade, Internet Review Project