← Older revision
Revision as of 16:04, 17 September 2012
(4 intermediate revisions by one user not shown)
Line 44:
Line 44:
'''Candidate Submitted By:'''Long Island Chapter
'''Candidate Submitted By:'''Long Island Chapter
+
+
'''Accomplishments:'''Dr. Leune stands out because he not only walks the walk, but also talks the talk, in classrooms where future software engineers are learning how to make the Internet a more secure place.
+
Dr. Leune is an information security officer at Adelphi University. He practices OWASP everyday when he manages the network that service thousands of students and staffs. He is also a professor at the university and a trainer in other institutions. He teaches with extensive coverage of OWASP.
+
+
'''Why this person was chosen?'''Dr. Leune has been a long time supporter of OWASP. He organized several chapter meetings. He provided equipment and meeting rooms. Dr. Leune is well regarded in the information security field. Whenever he teaches, audience always leave with deep admiration for him and knowledge they can use immediately. Dr. Leune promotes OWASP whenever he could, for example at different conferences including SOURCE Boston, EDUCAUSE/Internet2 and Security Professionals.
+
+
Dr. Leune is a confirmed OWASP member. Because of him, Adelphi became an educational supporter of OWASP in 2010.
+
+
Please see [https://docs.google.com/a/owasp.org/viewer?a=v&pid=gmail&attid=0.1&thid=139c1aaced5fc674&mt=application/vnd.openxmlformats-officedocument.wordprocessingml.document&url=https://mail.google.com/mail/u/0/?ui%3D2%26ik%3Df64bf2af68%26view%3Datt%26th%3D139c1aaced5fc674%26attid% Dr. Leune's publication and affiliation]
Line 51:
Line 60:
'''Candidate Submitted By:'''Zed Attack Proxy Project [https://www.owasp.org/index.php/ZAP]
'''Candidate Submitted By:'''Zed Attack Proxy Project [https://www.owasp.org/index.php/ZAP]
+
'''Accomplishments:'''OWASP ZAP Founder and project leader, GSoC Mentor, OWASP Manchester founder, international speaker
'''Accomplishments:'''OWASP ZAP Founder and project leader, GSoC Mentor, OWASP Manchester founder, international speaker
'''Why this person was chosen?:'''Simon started the OWASP Zed Attack Proxy Project in 2010 and actively leads the international group of volunteers who develop it. This summer he mentored 2 Google Summer of Code students working on ZAP. He started the OWASP Manchester chapter and has encouraged and supported the formation of the new East Midlands and Newcastle chapters. Simon has talked about ZAP and OWASP at both security and not security events around in Europe, America and Australia. He is also involved in the OWASP Data Exchange Format and AppSensor projects, started the Web Application Security Testing Cheat Sheet and has contributed to other open source security projects such as the BodgeIt Store and the Web Application Vulnerability Scanner Evaluation Project (wavsep).
'''Why this person was chosen?:'''Simon started the OWASP Zed Attack Proxy Project in 2010 and actively leads the international group of volunteers who develop it. This summer he mentored 2 Google Summer of Code students working on ZAP. He started the OWASP Manchester chapter and has encouraged and supported the formation of the new East Midlands and Newcastle chapters. Simon has talked about ZAP and OWASP at both security and not security events around in Europe, America and Australia. He is also involved in the OWASP Data Exchange Format and AppSensor projects, started the Web Application Security Testing Cheat Sheet and has contributed to other open source security projects such as the BodgeIt Store and the Web Application Vulnerability Scanner Evaluation Project (wavsep).
+
Line 70:
Line 81:
2) Providing best practices and training for virtual patching processes to mitigate vulns at conferences worldwide.
2) Providing best practices and training for virtual patching processes to mitigate vulns at conferences worldwide.
+
Line 84:
Line 96:
'''Why this person was chosen?''' Breno is the core developer of the hugely popular open source ModSecurity web application firewall project - http://www.modsecurity.org/. Breno is a passionate application software defender in Brazil that has greatly helped the owasp community worldwide with his contributions and presentations at conference.
'''Why this person was chosen?''' Breno is the core developer of the hugely popular open source ModSecurity web application firewall project - http://www.modsecurity.org/. Breno is a passionate application software defender in Brazil that has greatly helped the owasp community worldwide with his contributions and presentations at conference.
+
Line 97:
Line 110:
'''Why this person was chosen?'''From management of the call for papers of the
'''Why this person was chosen?'''From management of the call for papers of the
local chapter to helping with set-up and break down of meetings. Its volunteers that make OWASP happen and Israel is one of the people that make it happen with less words and more action.
local chapter to helping with set-up and break down of meetings. Its volunteers that make OWASP happen and Israel is one of the people that make it happen with less words and more action.
+
+
Line 107:
Line 122:
'''Why this person was chosen?'''
'''Why this person was chosen?'''
Volunteers such as Joan who have also worked extremely close with people such as Peter Dean and Tom Ryan on fostering results.
Volunteers such as Joan who have also worked extremely close with people such as Peter Dean and Tom Ryan on fostering results.
+
+
Line 115:
Line 132:
'''Accomplishments:''' This OWASP effort has been adopted by numerous organizations worldwide to help them meet their contracting needs when procuring application security services.
'''Accomplishments:''' This OWASP effort has been adopted by numerous organizations worldwide to help them meet their contracting needs when procuring application security services.
−
'''Why this person was chosen?'''
+
'''Why this person was chosen?'''Project contributor
−
Project contributor
+
+
Line 126:
Line 144:
'''Why this person was chosen?:''' Hard work done to expand and consolidate OWASP.
'''Why this person was chosen?:''' Hard work done to expand and consolidate OWASP.
+
Line 142:
Line 161:
In parallel Kostas was promoting OWASP and application security in Universities and other academic organisations with great success and enthusiasm. Eventually he created and now co-leads the OWASP hackademic challenges project (https://www.owasp.org/index.php/OWASP_Hackademic_Challenges_Project), which is a global owasp project in promoting application security within academia.
In parallel Kostas was promoting OWASP and application security in Universities and other academic organisations with great success and enthusiasm. Eventually he created and now co-leads the OWASP hackademic challenges project (https://www.owasp.org/index.php/OWASP_Hackademic_Challenges_Project), which is a global owasp project in promoting application security within academia.
−
+
'''Bold text'''
It is worth noting that Hackademic challenges was also successfully selected by GSOC as one of the OWASP projects to be funded (http://lists.owasp.org/pipermail/owasp-hackademic-challenges/2012-April/000020.html)
It is worth noting that Hackademic challenges was also successfully selected by GSOC as one of the OWASP projects to be funded (http://lists.owasp.org/pipermail/owasp-hackademic-challenges/2012-April/000020.html)
Line 150:
Line 169:
As the committee of the Greek OWASP chapter we certainly believe that Kostas Papapanagiotou is one of the most globally valuable members of the OWASP community and he is also one of the biggest Web Application Security voices within the Greek community.
As the committee of the Greek OWASP chapter we certainly believe that Kostas Papapanagiotou is one of the most globally valuable members of the OWASP community and he is also one of the biggest Web Application Security voices within the Greek community.
+
+
+
+
+
'''Candidate:''' Cassio Goldschmidt
+
+
'''Candidate Submitted By:''' Los Angeles Chapter
+
+
'''Accomplishments:'''Founder of Los Angeles chapter and president till Dec 2009
+
+
Los Angeles board member 2010-2012
+
+
Co-Chair AppSec USA 2010
+
+
Global Conferences Committee 2011
+
+
Chair (or Co-Chair) AppSec Brazil 2011
+
+
Founding father of many chapters in Brazil
+
+
Professional summary:
+
Cassio Goldschmidt is a globally recognized application security leader with strong background in both product and program-level security. Outside work, Cassio is known for his contributions to Open Web Application Security Project (OWASP), Software Assurance Forum for Excellence in Code (SAFECode), the Common Weakness Enumeration(CWE)/SysAdmin, Audit, Network, Security (SANS) Top 25 Most Dangerous Software Errors, along with contributing to the security education curriculum of numerous universities and helping to create International Information Systems Security Certification Consortium(ISC)2’s Certified Secure Software Lifecycle Professional (CSSLP)certification. Cassio was one of the three finalist in the first
+
(ISC)² Americas Information Security Leadership (ISLA) Awards 2011 in the Information Security Practitioner category and endowed with the special Community Service Star award during the same occasion. Cassio holds a number of US patents and is an accomplished writer and presenter in the field of application security.
+
+
'''Why this person was chosen?'''Cassio exemplifies what OWASP is about -- impressive professional accomplishments, countless contributions to software security and selfless volunteerism. Cassio's contributions to OWASP has made chapters in Los Angeles and Brazil started and successful, and OWASP stronger as a community. Although Cassio has resigned from volunteer positions at OWASP, his efforts must not be forgotten.
+
+
+
+
+
'''Candidate:''' V.Vasanthkumar
+
+
'''Candidate Submitted By:''' OWASP Xelenium Project
+
+
'''Accomplishments:'''Project Leader of OWASP Xelenium Project, Conceived, Designed, Developed and Tested the project single handedly.
+
+
'''Why this person was chosen?''' I would like to self nominate me for this award. As I am the only person who works on this initiative, this award would help me ascertain that my efforts are put in right direction and also would help me in garnering the support and guidance from fellow OWASP members. Also, Vasanth is not a security specialist and works as a full time test automation engineer. He learns about the security testing vulnerabilities in his free time and designs the automation strategy to identify them.
+
+
Xelenium is an automated solution that helps to identify security vulnerabilities present in the web application. First published in the month of June 2012, this solution has been downloaded for more than 5000 times till now. Current version helps in identifying the cross site scripting threats. In the subsequent versions, Xelenium will be enhanced to include other security vulnerabilities.