OWASP - User contributions [en]

User:Edward Bonver

2013-12-07T21:54:30Z

Edward Bonver:

[[File:Edward_Bonver.jpg|alt=Edward Bonver|Edward Bonver]]

Edward Bonver is a technical director on the product security team under the Office of the CTO at Symantec Corporation. In this capacity, Edward is responsible for working with software developers and quality assurance (QA) professionals across Symantec to continuously enhance the company’s software security practices through the adoption of methodologies, procedures and tools for secure coding and security testing. Within Symantec, Edward teaches secure coding and security testing classes for Symantec engineers, and also leads the company’s QA Security Task Force, which he founded. Prior to joining Symantec, Edward held software engineering and QA roles at Digital Equipment Corporation, Nbase and Zuma Networks.

Edward is a Certified Information Systems Security Professional (CISSP) and a Certified Secure Software Lifecycle Professional (CSSLP). He holds a master’s degree in computer science from California State University, Northridge, and a bachelor’s degree in computer science from Rochester Institute of Technology. Edward is a Ph.D. student at NOVA Southeastern University.

Edward is a frequent speaker at OWASP events on various topics of software security.

E-mail: [mailto:edward@owasp.org edward@owasp.org]

LinkedIn: [http://www.linkedin.com/in/bonver Edward Bonver]

Twitter: [https://twitter.com/edward_bonver @edward_bonver]

WASPY Awards 2013

2013-09-05T16:11:55Z

Edward Bonver: Added link to Los Angeles chapter.

[[File:WASPY-BANNER.jpg]]

'''Web Application Security People of the Year Awards 2013'''

'''Who:'''

Anyone in the Community

'''What:'''

WASPY Awards 2013

'''Where:'''

Call for nominees http://www.tfaforms.com/284578

'''When:'''

May 7 – Call for nominees http://www.tfaforms.com/284578

August 16 – Call for nominees closes

August 19 – Announcement of nominees per category

September 6 – Deadline for bio and profile picture to be submitted

September 30 – Paid member deadline '''Not sure if you are a current member?''' [https://docs.google.com/a/owasp.org/spreadsheet/ccc?key=0Ag5ZloRZ0SmjdElHZnp5VnozSXFfR0c3UkF1WHh5dVE&hl=en#gid=0 Member Directory]

October 14 – October 25 – Voting process (will be included on the election ballot)

October 29 – Announcement of winners in Special Edition connector & recognition at AppSecUSA 2013

'''Why:'''

Every year a group of individuals including researchers, developers, security professionals and others work to ensure the security of web applications. Some of these individuals are featured in news stories or at conferences as recognized experts. But there are many other ‘unsung heroes’ that work every day to improve web application security and yet are rarely recognized.

'''Categories:'''

*Best Chapter Leader

{| border="1" cellpadding="2"
! scope="col" align="center" width="150" | Name
! scope="col" align="center" width="120" | Chapter
! scope="col" align="center" width="800" | Citation
|-
|align="center"| [https://www.owasp.org/index.php/User:Paul_Scott Paul Scott]||align="center"|[https://www.owasp.org/index.php/Houston Houston]||align="center"|"Paul has taken the Houston chapter from non-existent to one of the best I've seen. Every month something is going on, whether it's a "mini-con", a hands-on workshop, or a happy hour. He is very organized and enthusiastic. This leads to having sponsors, which helps encourage attendance. I'm a former OWASP chapter leader in Kansas City and have attended OWASP chapter meetings in Houston, Denver, New York, and London."
|-
|align="center"|[https://www.owasp.org/index.php/User:Jonathan_Marcil Jonathan Marcil]||align="center"|[https://www.owasp.org/index.php/Montr%C3%A9al Montreal]||align="center"|"Jonathan has been really active since he has been elected as the new chapter leader in Montreal. He has been able to reach a lot of developers that had no idea what was OWASP by simply going in event and talking to them one-o-one.

He's really dedicated to OWASP and his chapter, he spend at least 20 to 25 hours a week organizing, he also attended BlackHat and sat at the official OWASP booth to distribute and inform people about the wonderful organization that OWASP is.

I've never seen a chapter leader active like him, he definately deserve an award."
|-
|align="center"|[https://www.owasp.org/index.php/User:Abbas_Naderi Abbas Naderi]||align="center"|[https://www.owasp.org/index.php/Iran Iran] ||align="center"|"Abbas Naderi, Chapter Leader in Iran is one of the most helpful person I know. I choose him above all others because of his dedication towards pulling forward the entire security community. He demonstrated this act when he agreed to help me in Google Summer of Code Project even when he knew that he was not going to gain money or knowledge out of this. He helped my project just because he wanted everyone in security community to move forward. While working with him, I realized the vast amount of knowledge he possesses. His ideas and his dedication inspires me and I am proud to say that I have set my goal to be like him one day."
|-
|align="center"|[https://www.owasp.org/index.php/User:John.wilander John Wilander]||align="center"|Sweden||align="center"|"John has shown that he is one of the best chapter leaders of OWASP. He recently stepped down, but I believe he should be given the award regardless."
|-
|align="center"|[https://www.owasp.org/index.php/User:Jack_Mannino Jack Mannino]|| align="center"|Northern Virginia||align="center"|"Jack Mannino has brought top-notch speakers from Jim Manico, to Dan Cornell, and the Twitter appsec team as well as secured an amazing spot with LivingSocial for our meetings. Jack is fostering not only interested speaking events but hackathons and code projects. He is definitely going above and beyond. Most importantly, this chapter is consistent and 100% vendor neutral! Under his leadership, things are already on the right path and headed for even greater destinations.

Lastly, Jack is one of the leaders of the OWASP Mobile project as well the sole developer for the OWASP project GoatDroid.

If anyone deserves my nomination, it's him!"
|-
|align="center"|Tin Zaw, Richard Greenberg, Kelly FitzGerald, Stuart Schwartz, Edward Bonver|| align="center"|[https://www.owasp.org/index.php/Los_Angeles Los Angeles]||align="center"|"Tin was the leader of OWASP for the last several years. During his tenure, Tin created a formal board, solidified partnerships with ISSA, SCALE, B-Sides, .Net users groups and CSA, helped other nearby chapters and, took a leading role in the organization of the 2010 Global OWASP AppSec conference in Irvine, presented at several OWASP conferences and chapters and served as a chair on Global Chapter Committees. Richard, an ISSA LA Board member and ISSA Fellow, was able to utilize that relationship to tighten the bonds and collaboration between these two organizations, dramatically increasing monthly meeting attendance and sharing of ideas and information. Richard has ensured that Web Application Security speakers are addressing the ISSA chapter on a more frequent basis, including their yearly Security Symposium. OWASP and ISSA have joint dinner meetings twice a year. There was also a special collaborative meeting with OWASP, ISSA, ISC(2), and CSA. Richard was a member of the Global Conferences Committee and a co-chair of AppSec USA 2010. He also has taken an active role to help Neil Matatall reinvigorate the Orange County Chapter, and they are now experiencing rapid growth and meeting monthly, for the first time.

Under Richard's and Tin's leadership, the chapter grew from an average attendance of ~20-30 security enthusiasts to ~65-100+ at every meeting. OWASP LA conducted meetings religiously every month and the board goes out of their way to screen and invite excellent speakers. In addition, the board does an excellent job communicating the meeting agenda on our OWASP wiki and other social networks besides taking care of the meeting logistics (full catered dinners, sponsorship and more). The quality of the talks is so consistent that even other security organizations in LA (informally) acknowledge that OWASP has the best technical talks about security in town!

The LA Chapter is hosting the upcoming AppSec California, a collaborative conference uniting OWASP Chapters up and down the California coast, from San Diego to the Bay area. World class speakers are already lining up to participate."
|-
|align="center"|[https://www.owasp.org/index.php/User:Trenton_Ivey Trenton Ivey]|| align="center"|Milwaukee||align="center"|"Prior to 2012 there was no OWASP chapter in the Milwaukee area. One man, Trenton Ivey, had a vision. That vision was to establish the Milwaukee OWASP chapter. Through his bold leadership and keen insight he worked with the national OWASP association. His tireless work resulted in a fully functional OWASP Milwaukee Chapter. The response from Information Security professionals in the area was overwhelming. He has provided the local Information Security community a means to learn new technologies and stay current with emerging trends. Most importantly, we have the opportunity to collaborate and share ideas with our peers.

His dedication to the field of information security and passion for spreading knowledge has enriched the lives of chapter members."
|-
|align="center"|[[David Hughes]]||align="center"|Austin||align="center"|"David is the current leader of the OWASP Austin Chapter and has done an amazing job over the past year and a half to continue what makes Austin the best chapter in the country. Under his leadership, the chapter meetings have grown significantly in size, we have monthly sponsored happy hours, we do weekly study groups, and we hosted the single largest fundraiser for OWASP with 750 attendees at AppSec USA 2012. David has expanded our leadership team to include several new members and he has set us up for success for many years to come. OWASP Austin is the best chapter on the planet and David is the best active chapter leader hands down. He truly deserves this award."
|-
|align="center"|[[Dhruv Soi]]||align="center"|India||align="center"|"My journey with OWASP started in the year 2006 when I formally started the chapter activities in New Delhi, India. Online mailing list had merely 10-20 subscribers and the visibility in different sectors on local industry was too low. There weren't even other active regional chapters in India.

We started with the chapter meets at very large software development companies in India which started providing visibility to the OWASP as a brand. In 2008, after 2 years of ground work, I announced the very first OWASP conference in the region. Holding a conference for the first time was a challenge but it went very well with participation from around 400 professionals. Our this year's event is lined up for August 2013.

Later, I was promoted by OWASP Foundation as Chair - OWASP India to promote OWASP activities nation wide. Today, we have got 10 active chapters in India and I was instrumental in formation of many new chapters by coordinating with OWASP Foundation US and mentoring the new chapter leads. Our local New Delhi OWASP Mailing list has grown to nearly 800 subscribers which is amongst largest OWASP mailing lists and we have thus far organized 3 OWASP conferences. Good thing has been that OWASP's conferences in India are the largest cyber security events in the region.

I even took an initiative to bring OWASP India to social media by creating LinkedIn profile, Facebook, Twitter and Googleplus pages and am actively maintaining all of these for promotion of local activities. Our LinkedIn and Facebook pages have more than 450 Fans/Followers which I see as a considerable number from a region.

I also facilitated alliances with other not-for-profit organizations to gain further visibility in other communities.

In most of our past events, I invited top brass from Government which helped in gaining more outreach into Government sector. We even included professors from Universities to make students also aware about OWASP. Total 500+ companies have so far participated in our last conferences.

We always kept focus on quality and branding in our events which was lauded by a representative from OWASP Foundation in our 2012 event which is also mentioned in the post-event report.

In these 7 years of my association, I have tried to promote OWASP in the region by all kind of promotional methods online, social media, private meetings, chapter meets, conferences, industry alliances etc.

Wikipedia history, owasp.in website, OWASP Foundation report on 2012 OWASP India event, owasp-delhi mailing list subscriber list can be looked as supporting documents."
|-
|}

*Best Project Leader
{| border="1" cellpadding="2"
! scope="col" align="center" width="150" | Name
! scope="col" align="center" width="120" | Project
! scope="col" align="center" width="800" | Citation

|-
|align="center"|[https://www.owasp.org/index.php/User:Abbas_Naderi Abbas Naderi]||align="center"|[https://www.owasp.org/index.php/OWASP_PHP_Security_Project PHP Security Project]||align="center"|I have known Abbas since last 4 months. Within this time I had the opportunity to see this person in action. He is one of the most dynamic, helpful and knowledgeable persons I know. I met him during Google Summer of Code. He is one of the mentors in this program. I have seen him help the people and the community even when things were out of reach. His breadth of knowledge in PHP is quite outstanding and his appeal to knowledge and security is quite inspiring for a lot of people including me. I wish him luck and I truly believe that this person deserves the WASPY award."

"Abbas is doing an excellent work promoting tools and helping the community with his knowledge and inspiration"
|-
|align="center"| [[Andrew_van_der_Stock|Andrew van der Stock]]||align="center"|Developer Guide||align="center"|"Recognition outside community by AusCERT, development of
- Application Security Verification Standard 2.0
- OWASP Developer Guide 2013 with a lot of others
- OWASP Proactive Controls 2013 with Jim Manico
- and support of other projects like Coding and Testing Guides. "
|-
|align="center"|[https://www.owasp.org/index.php/User:Simon_Bennetts Simon Bennetts]||align="center"|[https://www.owasp.org/index.php/ZAP ZAP]||align="center"|"For his work on ZAP and the constant effort he makes to improve and market the project."

"Simon has superbly led the ZAP project through 2012 and into 2013. The project is the most healthy ongoing OWASP project and continues to be updated. It also participated successfully in the GSoC 2012 initiative. Simon has also managed to attract non-coder contributors such as for the translation of the tools content."
|-
|align="center"|[https://www.owasp.org/index.php/User:Epsylon Epsylon "psy"]|| align="center"|[https://www.owasp.org/index.php/OWASP_XSSER XSSer]||align="center"|From hackers database: http://www.soldierx.com/hdb/psy-epsylon

-OWASP XSSer Founder and project leader.
-GSoC 2013 proposed Mentor
-Developer of: XSSer (http://xsser.sf.net)
-Developer of: CIntruder (http://cintruder.sf.net)
-Developer of: AnonTwi (http://anontwi.sf.net)
-Developer of: UFOnet (http://ufonet.sf.net)
-Different contributions to free software applications such as: Seeks-Project (http://www.seeks-project.info), Elgg (http://elgg.org), Lorea (http://lorea.org), etc...
-OWASP Spain contributor.

Epsylon has talked about OWASP XSSer at both security and not security events around in Europe: Spain, France, Netherlands and Germany. He is involved in some different social projects giving an important technical support and is doing a good job leading some security educational communities.

+ Videos:

XSSer: http://vimeo.com/album/1943305/video/42466699
CIntruder: http://vimeo.com/42918290

+ Slides:
http://www.slideshare.net/rootedcon/lord-epsylon-xsser-the-cross-site-scripting-framework-rootedcon-2012
http://www.scribd.com/doc/33492680/XSS-for-Fun-and-Profit"
|-
|}

*Best Community Supporter – contributor to chapter, project or initiative
{| border="1" cellpadding="2"
! scope="col" align="center" width="150" | Name
! scope="col" align="center" width="1000" | Citation
|-
|align="center"| [[Jason Montgomery]]||align="center"|"Jason has organized and run several training sessions for OWASP Columbus chapter in 2013. His training sessions help OWASP members better understand how to integrate security into the software development lifecycle."
|-
|align="center"|[[Fabio Cerullo]]||align="center"|"Fabio's work on:

Google Season of Code
Latam OWASP Tour
EU OWASP Tour"
|-
|align="center"|[https://www.owasp.org/index.php/User:John.wilander John Wilander]||align="center"|"John has done so much for OWASP over the years. He deeply supports our international community.

* John founded OWASP Sweden in 2007 and stepped down 2013 with a mailing list of 900+ chapter members, combined under the Sweden umbrella.

* John chaired OWASP AppSec Research 2010 in Stockholm with Microsoft and Google as main sponsors and keynote speakers. Managed to gather a great team/committee. The profit funded a big part of the subsequent Global Summit.

* John organized and chaired the Browser Security Track at the Global Summit in Portugal 2011. Round table discussions with Mozilla, Google, Microsoft, PayPal, Adobe, IETF, and some of the world's best web hackers (Mario Heiderich, Stefano di Paola, Gareth Heyes, Eduardo Vela Nava, and David Lindsay).

* John Co-championed the Builders-Breakers-Defenders communities within OWASP, took on the Builders' Developer Outreach, and went on a two-year mission to give appsec talks at developer conferences, not security conferences."
|-
|}

*Best Mission Outreach – grow the OWASP community
{| border="1" cellpadding="2"
! scope="col" align="center" width="150" | Name
! scope="col" align="center" width="1000" | Citation
|-
|align="center"| [https://www.owasp.org/index.php/User:Knoblochmartin Martin Knobloch]||align="center"|"Martin tirelessly attends every OWASP conference and supports the OWASP booth. But he also does this at many, many conferences. For example at this year's FOSDEM, Blackhat EU and Hack in the Box Amsterdam. These efforts take a lot of personal time, as well as effort transporting OWASP materials to and from venues."
|-
|align="center"|[[Fabio Cerullo]]||align="center"|"Fabio has been doing an amazing work for OWASP for so many years now, silently, without asking anything in return. I first met him at Appsec EU 2011, which was a great success. We then worked together during OWASP's first year as a GSoC organization, an initiative that Fabio put a lot of effort in and was a great success. He has also successfully run the LatAm tour and now the EU tour, a couple of very large and complex events, with amazing success in spreading the OWASP word in the corresponding areas.
I believe that Fabio has provided amazing value to OWASP's mission, in an altruistic way, without pursuing promotion for himself or any other benefits. He's the most fitting for the "Best mission outreach" award."

"For his effort in the Latam Tour, spreading OWASP brand and awareness in Latin America and the OWASP European Tour!"
|-
|align="center"|[https://www.owasp.org/index.php/User:John.wilander John Wilander]||align="center"|"John managed to stay a developer and had a massive influence on the developer community with his security knowledge.
He did this next to his OWASP global involvement at various OWASP conferences of one he organized himself and leading the Swedish chapter."
|-
|}
*Best Innovator – willingness to try new ideas
{| border="1" cellpadding="2"
! scope="col" align="center" width="150" | Name
! scope="col" align="center" width="1000" | Citation
|-
|align="center"| [[Tanoh Aka Marcellin]]||align="center"|"la raison est que je voudrais lui faire gagner ce prix afin de pouvoir avoir accÃ¨s aux nouveaux outils et surtout pour ce faire des contacts avec le groupe OWASP et pourquoi pas si possible, travailler avec ce groupe merci."
|-
|align="center"|[https://www.owasp.org/index.php/User:Abbas_Naderi Abbas Naderi]||align="center"|"Abbas is developing a new php security library which seems very promising. There is no such a library yet and during the GSOC Abbas is working hard to implement this together as project leader with the student and volunteers "
|-
|}

'''Rules:'''

1. Board members can NOT be nominated

2. Paid staff can NOT be nominated

3. Must be a paid member to vote '''Not sure if you are a current member?''' [https://docs.google.com/a/owasp.org/spreadsheet/ccc?key=0Ag5ZloRZ0SmjdFZILXhCRjQyMjVIRURhNFgzRVZ5aVE&hl=en#gid=0 Member Directory]

4. All nominees will remain anonymous until August 19, 2013

5. Anyone can nominate any individual

6. One person per category may be nominated

'''Sponsorship Opportunities:''' Please see our [https://docs.google.com/a/owasp.org/document/d/1VDBZ4vnJ52XkB2MJ35PCdMUTbS8qFmChkL24-GsygtY/edit# Sponsorship Document]

These awards are funded solely by sponsors. If you or your company are interested in sponsoring this years WASPY Awards, please let us know by [http://www.tfaforms.com/274270 contacting us]

'''Information about last years WASPY Awards including our winner Helen Gao and our sponsors Qualys and Trustwave can be found here: https://www.owasp.org/index.php/WASPY_Awards'''

<center> '''2013 Sponsors'''

'''Platinum'''

{{MemberLinks|link=http://www.qualys.com|logo=Qualys_Logo_For_WASPY_Resized.png}}

OWASP Student Chapters Program

2011-02-15T20:51:16Z

Edward Bonver:

==== Main ====

The Open Web Application Security Project (OWASP) has local chapters around the world that help teach, learn, and inspire application security. Our College Chapters program helps to extend application security into colleges and universities worldwide. If your school has a computer science or management information systems degree, we want to start a College Chapter there.

==Apply for OWASP College Chapter Leadership==

If you're interested in starting a College Chapter at your school, please review the rules for the College Chapter program below and then fill out the short application form. In short, all we expect is that you will find a location, organize monthly meetings, learn a lot about application security, behave ethically, and have fun!

[https://spreadsheets.google.com/embeddedform?formkey=dEUwNEd3V0JBSEMwa2twVU9oYXFpZUE6MQ OWASP College Chapter Application Form]

==OWASP College Chapter Rules==

# Your primary goal is to promote understanding of application security
# You will have a President, Treasurer, and Secretary
# You will have meetings at least monthly throughout the school year
# You will arrange for a place to meet that is conducive to discussion, presentations, etc…
# You will work with faculty to integrate application security into the CS curriculum
# You will encourage members to make regular updates to the OWASP wiki, submit projects to OWASP, participate in OWASP conferences, etc…
# You will NOT engage in any unauthorized security testing or other unethical behavior

==== Project About ====
{{:Projects/OWASP College Chapters Program | Project About}}

==== List of Student Chapters ====

==== Summit 2011 notes ====
During the Summit 2011, we had a 'dynamic' session about the college chapter programm:
http://forum.owasp.org/index.php/Summit_2011_Working_Sessions/Session261

Project leader responsibilities:
* maintaining list of college chapters
* being the link (whenever requested) to the OWASP community
* find OWASP members to be advisor for students during their research

College Chapter responsibilities:
* annually appoint college chapter leaders to guarantee continiuty
* follow the Chapter Handbook
* promote the college chapter inside and outside the university
* seakout for a faculty advisor
* get involved in the local chapter (if available)

Actions:
*Global Membership Committee,
** create student membership for free
** including student-specific welcome package
* Create promotion material for the college chapter
** reach out to PR students for PR material
* create College Chaper competition (ask John Wilander for ideas)
** research, development, everything
* Local Chapters, support the local college chapter
** speakers
** chapter meeting invitation
* Rename to student chapter
* enable seperate mailinglists per college chapter

* requesting quotes from goverment, industry and 
... to promote security education at universities
** Industry / connection committee

==== Meeting notes ====

== February 15th 2011 ==
Project leads are, as volunteered during the Summit, [http://forum.owasp.org/index.php/User:Edward%20Bonver Edward Bonver] and [http://forum.owasp.org/index.php/User:Knoblochmartin Martin Knobloch].

'''TODO's:'''
*Project has to be renamed to "Student Chapter Program", Martin
*Finding other, existing Student / University initiatives, Edward
*Contact with the Membership Committee about proposing Free Student Membership, Martin
**Creation of a student specific welcome package
*Create College Chaper competition, Edward
*Contact the registered Student Chapters about project restart, Edward & Martin

__NOTOC__ <headertabs />

[[Category:OWASP_Project|College Chapters Program]] [[Category:OWASP_Document]] [[Category:OWASP_Alpha_Quality_Document|OWASP Alpha Quality Document]]

User:Edward Bonver

2011-02-11T11:06:52Z

Edward Bonver: Added picture and bio

[[File:Edward_Bonver.jpg|alt=Edward Bonver|Edward Bonver]]

Edward Bonver is a principal software engineer on the product security team under the Office of the CTO at Symantec Corporation. In this capacity, Edward is responsible for working with software developers and quality assurance (QA) professionals across Symantec to continuously enhance the company’s software security practices through the adoption of methodologies, procedures and tools for secure coding and security testing. Within Symantec, Edward teaches secure coding and security testing classes for Symantec engineers, and also leads the company’s QA Security Task Force, which he founded. Prior to joining Symantec, Edward held software engineering and QA roles at Digital Equipment Corporation, Nbase and Zuma Networks.

Edward is a Certified Information Systems Security Professional (CISSP) and a Certified Secure Software Lifecycle Professional (CSSLP). He holds a master’s degree in computer science from California State University, Northridge, and a bachelor’s degree in computer science from Rochester Institute of Technology. Edward is a Ph.D. student at NOVA Southeastern University.

Edward is a frequent speaker at OWASP events on various topics of software security.

E-mail: [mailto:edward@owasp.org edward@owasp.org]

LinkedIn: [http://www.linkedin.com/in/bonver Edward Bonver]

File:Edward Bonver.jpg

2011-02-11T10:54:42Z

Edward Bonver:

Category:OWASP Speakers Project

2011-02-11T10:47:17Z

Edward Bonver: Added Edward Bonver speaker info

This program lead by [[:user:Knoblochmartin|Martin Knobloch]] helps local chapters or application security conferences to find OWASP related speakers to have OWASP presenters on site.

This program allows two parties to find each other:

* Local chapters or application security events that want to attract an OWASP speaker
* OWASP speakers to entertain OWASP presentations and that want to see the world

For sponsorship, see the [[:Category:OWASP_on_the_Move_Project|OWASP on the Move Project]] page

== available presentations ==

== available speakers ==

If you want to (re)do an OWASP related presentation, propose them here with your availability boundaries (timing/geographical)

*Add your name, contact and bio information to become available as OWASP Speaker!

{| class="prettytable"
|-
! Name
! Introduction
! Available Area
! Bios
|-
| [mailto:Robert(at)ZakonGroup.com Robert H'obbes' Zakon]
| Presenter on Web Application Security, OWASP Top 10, PHP Security, and assorted other topics. Training sessions taught at events such as [http://www.zakongroup.com/technology/services-training.shtml OWASP, ACSAC, and CCS]. Based in New Hampshire, and available for travel worldwide. Fluent in English, and able to converse in Portuguese. A developer and consultant for the past decade, formerly a Principal Engineer with MITRE's InfoSec Group.
| Global (USA/NH-based)
| [http://www.zakon.org/robert/vitae.html BIO]
|-
| [mailto:jmcgovern@virtusa.com James McGovern]
| Presenter on Enterprise Architecture and Web Application Security, SOA Web Services Security and Federated Identity.
| Global (USA/CT-based)
| [http://www.linkedin.com/in/jamesmcgovern BIO]
|-
| [mailto:chuck(at)McCulloughAssociates.com Chuck McCullough]
| Chuck provides training sessions to developers on the Top 10. Chuck welcomes speaking opportunities to any group. Chuck is available in the Texas area and at various other locations in the USA.
| USA/Texas
| [http://www.linkedin.com/in/chuckmccullough BIO]
|-
| Marc Curphey
| Marc will happily speak about the WebAppSec industry, SDLC etc. around Europe. You can see him in action at [http://video.hitb.org/2006.html HITB with John Viega] (big download)
| Europe
| [http://www.linkedin.com/in/curphey BIO]
|-
| [mailto:tomb(at)owasp.org Tom Brennan]
| based in NYC Metro Tom is a long time volunteer and OWASP contributor and [http://www.owasp.org/index.php/About_OWASP Global Board Member]. As a security evangelist for [http://www.whitehatsec.com WhiteHat Security] top frequently talks about application security including the [http://www.owasp.org/images/0/06/WPstats_fall09_8th.pdf "Stats Report"]. He is available for global speaking venues to educate audiences about the OWASP Foundation core mission, how it works and various projects. In addition he also provides regular talks on honeypot research and case-studies about tactical experiences when conducting [http://en.wikipedia.org/wiki/Red_Team Red Team]/Tiger Team assessments involving the application, network, wireless and physical security.
| Global
| [http://www.linkedin.com/in/tombrennan BIO]
|-
| [mailto:thesp0nge@owasp.org Paolo Perego]
| Paolo is available to talk about [http://www.owasp.org/index.php/Category:OWASP_Orizon_Project Orizon project], safe coding and code review issues around Europe in the near October-December.
| Europe
| [http://www.linkedin.com/in/thesp0nge BIO]
|-
| [mailto:marc.m.morana@gmail.org Marco Morana]
| Marco is available to talk about [http://iac.dtic.mil/iatac/download/security.pdf Software Security Frameworks]and Secure Code Reviews [https://www.cmpevents.com/CSI33/a.asp?option=G&V=3&id=443342 see 07 CSI conference as reference] in USA around November-December and in Europe around January-February
| Europe
| [http://www.linkedin.com/pub/2/a7a/59b BIO]
|-
| [mailto:sebastien.gioria@owasp.fr Sébastien Gioria]
| Sebastien is available to talk about WebAppSec, educational purpose on AppSec in French or at least in english around France/Europe/Canada from middle of March 08. You can find some Talk on the [http://www.owasp.fr Owasp France Chapter]
| France/Europe/Canada
| [http://www.linkedin.com/in/gioria BIO]
|-
| [mailto:mkraushar@gmail.com Mordecai Kraushar]
| Mordecai is available to talk about different topics within the Web application security space. One discussion involves the OWASP project [http://www.owasp.org/index.php/Category:OWASP_Vicnum_Project Vicnum], a flexible vulnerable web application that can be used in 'capture the flag' exercises.
| Northeastern United States
| [http://www.linkedin.com/in/mkraushar BIO]
|-
| [mailto:michael.coates@owasp.org Michael Coates]
| Michael is available to talk on a variety of web application security topics. Talks are interactive and include live demos and code examples. Michael has spoken at multiple OWASP conferences and University security courses on topics such as Introduction to Application Security, Automated Defense Systems in Applications, Real Time Detection and Prevention of Application Worms, and security risks in SSL/TLS. Michael is based in <strike>Chicago</strike> San Francisco and able to travel where needed.
| USA/San Francisco
| [http://www.linkedin.com/in/mcoates BIO]
|-
| [mailto:dan.cornell@owasp.org Dan Cornell]
| Dan Cornell has over twelve years of experience architecting, developing and securing web-based software systems. He speaks on a variety of software development and software security topics such as Vulnerability Management, Software Security Remediation, and Code Review/Static Analysis. Dan is based in San Antonio, TX and available to fly/drive as needed to the site.
| USA/San Antonio
| [http://www.denimgroup.com/about_team_dan.html BIO]
|-
| [mailto:John.Steven@owasp.org John Steven]
| John speaks on a variety of topics including "How to build your own application security group", "Threat Modeling", "Code Review and Static analysis", as well as other topics. John has spoken at and given tutorials for multiple OWASP conferences. John frequents New York, Boston, Washington DC, and Charlotte, but is available for travel elsewhere.
| Washington, DC/USA
| [http://www.cigital.com/about/team/management.php#jsteven BIO]
|-
| [mailto:blake@owasp.org Blake Cornell]
| Blake is available to speak regarding topics including Security v. HIPPA, Penetration Testing Methodologies, Fuzzing and Blended Threats such as attacking VoIP with the OWASP Top 10. Blake lives in the NY Metro area and is available for speaking at regional, national and world wide events.
| New York, NY/USA
| [http://www.linkedin.com/in/blakecornell BIO]
|-
| [mailto:Nick.Coblentz@gmail.com Nick Coblentz]
| Nick regularly performs research related to secure software development. He is available to present on topics such as the [http://www.owasp.org/index.php/Category:Software_Assurance_Maturity_Model Software Assurance Maturity Model (SAMM)], the [http://nickcoblentz.blogspot.com/2009/06/samm-inteview-template-version-10.html SAMM Interview Template], [http://nickcoblentz.blogspot.com/2009/05/issa-journal-web-application-security.html Building Web Application Security Portfolios], and [http://nickcoblentz.blogspot.com/2009/11/owasp-presentation-on-dec-10-microsoft.html The Microsoft SDL for Agile Development]. Please email Nick if you see articles on his [http://nickcoblentz.blogspot.com/ blog] that you would like him to present.
| USA/Kansas, Oklahoma, Missouri
| [http://www.linkedin.com/in/ncoblentz BIO]
|-
| [mailto:johnccr@yahoo.com Juan Carlos Calderon]
| Juan has being part of the Appliction Security industry for 9 years, currently performs research on application and information security arena. He is available to present "Preparing an strategy for application vulnerability detection", "Owasp Spanish and Internationalization" and "Análisis y efectos del cibercrimen en Mexico"(Analysis and effects of cibercrime in México). He is also open to talk about other topics related to OWASP materials and tools, send him a note to verify the coverage.
| Aguascalientes/México
| [http://www.linkedin.com/in/juancarloscalderon BIO]
|-
| [mailto:edward@owasp.org Edward Bonver]
| Edward has over a decade of experience in the software security field. He currently works for Symantec's Product Security Team, where he brings all aspects of secure software development to product teams across the company. He is a frequent speaker at various industry conferences and OWASP events; topics of interest include Threat Modeling and Security Testing.
| Global(USA/Los Angeles-based)
| [http://www.linkedin.com/in/bonver BIO]
|}

*Add your name, contact and bio information to become available as OWASP Speaker!

Summit 2011 Attendee/Attendee172

2011-02-06T22:55:04Z

Edward Bonver:

{{Template:<includeonly>{{{1}}}</includeonly><noinclude>OWASP 2011 Global Summit Attendee Tab</noinclude>
|-
| summit_attendee_name1 = Edward Bonver
| summit_attendee_email1 = edward@owasp.org
| summit_attendee_wiki_username1 = Edward Bonver
|-
| summit_attendee_company = Symantec
|-
| Project Leadership (less than 6 months old) =
| Project Leadership (more than 6 months old) =
| Release Leadership (less than 6 months old) =
| Release Leadership (more than 6 months old) =
| Project Contribution (less than 6 months old) =
| Project Contribution (more than 6 months old) =
| Release Contribution (less than 6 months old) =
| Release Contribution (more than 6 months old) =
| Committee Membership =
| Chapter Co-Leadership =
| Conference Co-Leadership = OWASP Appsec USA
| Projected Funding Cost =
|-
| summit_attendee_current_owasp_involvement_name1 =
| summit_attendee_current_owasp_involvement_url_1 =
| summit_attendee_current_owasp_involvement_name2 =
| summit_attendee_current_owasp_involvement_url_2 =
| summit_attendee_current_owasp_involvement_name3 =
| summit_attendee_current_owasp_involvement_url_3 =
| summit_attendee_current_owasp_involvement_name4 =
| summit_attendee_current_owasp_involvement_url_4 =
| summit_attendee_current_owasp_involvement_name5 =
| summit_attendee_current_owasp_involvement_url_5 =
|-
| summit_attendee_reason_for_summit_participation_name1 = Threat Modeling
| summit_attendee_reason_for_summit_participation_url_1 =
| notes_reason_for_participating_issues_to_be_discussed_1 =
| summit_attendee_reason_for_summit_participation_name2 = Security Testing
| summit_attendee_reason_for_summit_participation_url_2 =
| notes_reason_for_participating_issues_to_be_discussed_2 =
| summit_attendee_reason_for_summit_participation_name3 = University Outreach
| summit_attendee_reason_for_summit_participation_url_3 =
| notes_reason_for_participating_issues_to_be_discussed_3 =
| summit_attendee_reason_for_summit_participation_name4 =
| summit_attendee_reason_for_summit_participation_url_4 =
| notes_reason_for_participating_issues_to_be_discussed_4 =
| summit_attendee_reason_for_summit_participation_name5 =
| summit_attendee_reason_for_summit_participation_url_5 =
| notes_reason_for_participating_issues_to_be_discussed_5 =
|-
| summit_attendee_owasp_sponsor =
|-
| summit_attendee_summit_time_paid_by_name1 = [[Image:Symantec1.gif| 180x51 px| link=http://symantec.com]]
| summit_attendee_summit_time_paid_by_url_1 = http://symantec.com
| summit_attendee_summit_time_paid_by_name2 =
| summit_attendee_summit_time_paid_by_url_2 =
|-
| summit_attendee_summit_expenses_paid_by_name1 = [[Image:Circle_owasp_logo_nowhitebackground.png| 50x50 px |link=http://www.owasp.org/]]
Los Angeles Chapter
| summit_attendee_summit_expenses_paid_by_url_1 =
| summit_attendee_summit_expenses_paid_by_name2 =
| summit_attendee_summit_expenses_paid_by_url_2 =
|-
| reason_for_sponsorship = Local OWASP Funds
|-
| status = Confirmed, Funded, Booked
|-
| letter sent to sponsor =
|-
| notes for Kate =
|-
| attendee_name_mask =  Attendee172
| attendee_home_page =  Summit_2011_Attendee/Attendee172
}}

File:Symantec1.gif

2011-02-06T22:54:02Z

Edward Bonver:

Summit 2011 Working Sessions/Session039

2011-02-03T22:17:37Z

Edward Bonver:

{{Template:<includeonly>{{{1}}}</includeonly><noinclude>Summit 2011 Working Sessions test tab</noinclude>
|-

| summit_session_attendee_name1 = Dinis Cruz
| summit_session_attendee_email1 = dinis.cruz@owasp.org
| summit_session_attendee_username1 =
| summit_session_attendee_company1=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed1=

| summit_session_attendee_name2 = Matthew Chalmers
| summit_session_attendee_email2 = matthew.chalmers@owasp.org
| summit_session_attendee_username2 =
| summit_session_attendee_company2=[http://www.rockwellautomation.com/ http://www.rockwellautomation.com/lib/images/ralogo_web.gif]
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed2=

| summit_session_attendee_name3 = Mateo Martinez
| summit_session_attendee_email3 = mateo.martinez@owasp.org
| summit_session_attendee_username3 =
| summit_session_attendee_company3=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed3=

| summit_session_attendee_name4 = Jeremy Long
| summit_session_attendee_email4 = jeremy.long@owasp.org
| summit_session_attendee_username4 =
| summit_session_attendee_company4=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed4=

| summit_session_attendee_name5 = Matteo Meucci
| summit_session_attendee_email5 = matteo.meucci@owasp.org
| summit_session_attendee_username5 =
| summit_session_attendee_company5= Minded Security
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed5=

| summit_session_attendee_name6 = Seba Deleersnyder
| summit_session_attendee_email6 = seba@owasp.org
| summit_session_attendee_username6 =
| summit_session_attendee_company6= SAIT Zenitel
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed6=

| summit_session_attendee_name7 = Daniel Brzozowski
| summit_session_attendee_email7 = daniel@brzozowski.biz
| summit_session_attendee_username7 = Daniel Brzozowski
| summit_session_attendee_company7=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed7=

| summit_session_attendee_name8 = Paolo Perego
| summit_session_attendee_email8 = thesp0nge@owasp.org
| summit_session_attendee_username8 = thesp0nge
| summit_session_attendee_company8= Armoredcode.com
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed8=

| summit_session_attendee_name9 = Edward Bonver
| summit_session_attendee_email9 = edward@owasp.org
| summit_session_attendee_username9 = Edward Bonver
| summit_session_attendee_company9= Symantec
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed9=

| summit_session_attendee_name10 =
| summit_session_attendee_email10 =
| summit_session_attendee_username10 =
| summit_session_attendee_company10=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed10=

| summit_session_attendee_name11 =
| summit_session_attendee_email11 =
| summit_session_attendee_username11 =
| summit_session_attendee_company11=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed11=

| summit_session_attendee_name12 =
| summit_session_attendee_email12 =
| summit_session_attendee_username12 =
| summit_session_attendee_company12=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed12=

| summit_session_attendee_name13 =
| summit_session_attendee_email13 =
| summit_session_attendee_username13 =
| summit_session_attendee_company13=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed13=

| summit_session_attendee_name14 =
| summit_session_attendee_email14 =
| summit_session_attendee_username14 =
| summit_session_attendee_company14=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed14=

| summit_session_attendee_name15 =
| summit_session_attendee_email15 =
| summit_session_attendee_username15 =
| summit_session_attendee_company15=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed15=

| summit_session_attendee_name16 =
| summit_session_attendee_email16 =
| summit_session_attendee_username16 =
| summit_session_attendee_company16=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed16=

| summit_session_attendee_name17 =
| summit_session_attendee_email17 =
| summit_session_attendee_username17 =
| summit_session_attendee_company17=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed17=

| summit_session_attendee_name18 =
| summit_session_attendee_email18 =
| summit_session_attendee_username18 =
| summit_session_attendee_company18=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed18=

| summit_session_attendee_name19 =
| summit_session_attendee_email19 =
| summit_session_attendee_username19 =
| summit_session_attendee_company19=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed19=

| summit_session_attendee_name20 =
| summit_session_attendee_email20 =
| summit_session_attendee_username20 =
| summit_session_attendee_company20=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed20=

|-
| summit_track_logo = [[Image:T._university.jpg]]
| summit_ws_logo = [[Image:WS._university.jpg]]
| summit_session_name = OWASP Certification
| summit_session_url = http://www.owasp.org/index.php/Summit_2011_Working_Sessions/Session039
| mailing_list =

|-

| short_working_session_description= This session aims to establish the model by which an certification/exam based on OWASP materials could be created. The topics of discussion will include:
* What is a workable/acceptable certification model for OWASP's Community?
* What types of certification should there be?
* What would a CC-licensed certification exam look like (as executed by others)?
* Since OWASP is not interested or able to administer certifications itself who could run/administer such CC certifications/exams?
* What should OWASP's official position be on entities that provide OWASP based certifications?

|-

| related_project_name1 =
| related_project_url_1 =

| related_project_name2 =
| related_project_url_2 =

| related_project_name3 =
| related_project_url_3 =

| related_project_name4 =
| related_project_url_4 =

| related_project_name5 =
| related_project_url_5 =

|-

| summit_session_objective_name1 = Determine whether certification would have value for OWASP's Community

| summit_session_objective_name2 = Determine a model by which certification based on OWASP materials could succeed

| summit_session_objective_name3 = Determine a model for creation and distribution of a CC-licensed certification exam based on OWASP materials

| summit_session_objective_name4 = (if agreed) Determine a model for supporting the administration of certification based on OWASP Materials

| summit_session_objective_name5 =

|-

| working_session_date_and_time =

|-

| discussion_model = participants and attendees

|-

| operational_resources = Projector, whiteboards, markers, Internet connectivity, power

|-

| working_session_additional_details =

|-

|summit_session_deliverable_name1 = A business plan for evaluation by the community at large.

|summit_session_deliverable_name2 =

|summit_session_deliverable_name3 =

|summit_session_deliverable_name4 =

|summit_session_deliverable_name5 =

|summit_session_deliverable_name6 =

|summit_session_deliverable_name7 =

|summit_session_deliverable_name8 =

|-

| summit_session_leader_name1 =
| summit_session_leader_email1 =
| summit_session_leader_username1 =

| summit_session_leader_name2 =
| summit_session_leader_email2 =
| summit_session_leader_username2 =

| summit_session_leader_name3 =
| summit_session_leader_email3 =
| summit_session_leader_username3 =

|-

| operational_leader_name1 =
| operational_leader_email1 =
| operational_leader_username1 =

|-
| meeting_notes =

|-
| session_name_mask =  Session039
| session_home_page =  Summit_2011_Working_Sessions/Session039
}}

Summit 2011 Working Sessions/Session012

2011-02-03T22:15:24Z

Edward Bonver:

{{Template:<includeonly>{{{1}}}</includeonly><noinclude>Summit 2011 Working Sessions test tab</noinclude>
|-

| summit_session_attendee_name1 = Nishi Kumar
| summit_session_attendee_email1 = nishi.kumar@owasp.org
| summit_session_attendee_username1 =
| summit_session_attendee_company1= FIS
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed1=

| summit_session_attendee_name2 = Cecil Su
| summit_session_attendee_email2 = cecil.su@owasp.org
| summit_session_attendee_username2 =
| summit_session_attendee_company2= Grant Thornton
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed2=

| summit_session_attendee_name3 = Elke Roth-Mandutz
| summit_session_attendee_email3 = elke.roth-mandutz@ohm-hochschule.de
| summit_session_attendee_username3 =
| summit_session_attendee_company3= GSO-University of Applied Sciences
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed3=

| summit_session_attendee_name4 = Heiko Richler
| summit_session_attendee_email4 = heiko.richler@ohm-hochschule.de
| summit_session_attendee_username4 =
| summit_session_attendee_company4= GSO-University of Applied Sciences
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed4=

| summit_session_attendee_name5 = Lucas C. Ferreira
| summit_session_attendee_email5 = lucas.ferreira@owasp.org
| summit_session_attendee_username5 =
| summit_session_attendee_company5=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed5=

| summit_session_attendee_name6 = Jason Taylor
| summit_session_attendee_email6 = jtaylor@securityinnovation.com
| summit_session_attendee_username6 =
| summit_session_attendee_company6=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed6=

| summit_session_attendee_name7 = Carlos Serrão
| summit_session_attendee_email7 = carlos.serrao@iscte.pt
| summit_session_attendee_username7 =
| summit_session_attendee_company7=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed7=

| summit_session_attendee_name8 = Konstantinos Papapanagiotou
| summit_session_attendee_email8 = Konstantinos@owasp.org
| summit_session_attendee_username8 =
| summit_session_attendee_company8=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed8=

| summit_session_attendee_name9 = Mateo Martinez
| summit_session_attendee_email9 = mateo.martinez@owasp.org
| summit_session_attendee_username9 =
| summit_session_attendee_company9=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed9=

| summit_session_attendee_name10 = L. Gustavo C. Barbato
| summit_session_attendee_email10 = lgbarbato@owasp.org
| summit_session_attendee_username10 = Gustavo Barbato
| summit_session_attendee_company10= Dell
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed10=

| summit_session_attendee_name11 = Edward Bonver
| summit_session_attendee_email11 = edward@owasp.org
| summit_session_attendee_username11 = Edward Bonver
| summit_session_attendee_company11= Symantec
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed11=

| summit_session_attendee_name12 =
| summit_session_attendee_email12 =
| summit_session_attendee_username12 =
| summit_session_attendee_company12=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed12=

| summit_session_attendee_name13 =
| summit_session_attendee_email13 =
| summit_session_attendee_username13 =
| summit_session_attendee_company13=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed13=

| summit_session_attendee_name14 =
| summit_session_attendee_email14 =
| summit_session_attendee_username14 =
| summit_session_attendee_company14=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed14=

| summit_session_attendee_name15 =
| summit_session_attendee_email15 =
| summit_session_attendee_username15 =
| summit_session_attendee_company15=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed15=

| summit_session_attendee_name16 =
| summit_session_attendee_email16 =
| summit_session_attendee_username16 =
| summit_session_attendee_company16=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed16=

| summit_session_attendee_name17 =
| summit_session_attendee_email17 =
| summit_session_attendee_username17 =
| summit_session_attendee_company17=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed17=

| summit_session_attendee_name18 =
| summit_session_attendee_email18 =
| summit_session_attendee_username18 =
| summit_session_attendee_company18=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed18=

| summit_session_attendee_name19 =
| summit_session_attendee_email19 =
| summit_session_attendee_username19 =
| summit_session_attendee_company19=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed19=

| summit_session_attendee_name20 =
| summit_session_attendee_email20 =
| summit_session_attendee_username20 =
| summit_session_attendee_company20=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed20=

|-
| summit_track_logo = [[Image:T._university.jpg]]
| summit_ws_logo = [[Image:WS._university.jpg]]
| summit_session_name = University Outreach
| summit_session_url = http://www.owasp.org/index.php/Summit_2011_Working_Sessions/Session012
| mailing_list =
|-

| short_working_session_description= During the university outreach working session, we hope to bring OWASP educational supporters together and address questions such as:

● What security education programs currently exist in university settings around the world?

● How can OWASP participate and influence the curricula of these educational programs?

● How can we foster relationships between OWASP and universities?

● How can the relationship between OWASP and universities be standardized?

● What can OWASP offer universities and what can they, in turn, expect from each other?
|-

|-

| related_project_name1 =
| related_project_url_1 =

| related_project_name2 =
| related_project_url_2 =

| related_project_name3 =
| related_project_url_3 =

| related_project_name4 =
| related_project_url_4 =

| related_project_name5 =
| related_project_url_5 =

|-

| summit_session_objective_name1=
Estimation of Security prorams currently exist in university settings around the world
| summit_session_objective_name2 =
How can OWASP participate and influence the curricula of these educational programs?
| summit_session_objective_name3 =
How can we foster relationships between OWASP and universities?
| summit_session_objective_name4 =
How can the relationship between OWASP and universities be standardized?
| summit_session_objective_name5 =
What can OWASP offer universities and what can they, in turn, expect from each other?
|-

| working_session_date_and_time =

|-

| discussion_model = participants and attendees

|-

| operational_resources = Projector, whiteboards, markers, Internet connectivity, power

|-

| working_session_additional_details =

|-

|summit_session_deliverable_name1 = A study with facts, numbers, and other metrics about application secuirity in academia. The OWASP Academic State of the World.

|summit_session_deliverable_name2 = A white paper with strategies for infiltrating academia with our priorities.

|summit_session_deliverable_name3 =

|summit_session_deliverable_name4 =

|summit_session_deliverable_name5 =

|summit_session_deliverable_name6 =

|summit_session_deliverable_name7 =

|summit_session_deliverable_name8 =

|-

| summit_session_leader_name1 = Martin Knobloch
| summit_session_leader_email1 = martin.knobloch@owasp.org
| summit_session_leader_username1 = Knoblochmartin

| summit_session_leader_name2 =
| summit_session_leader_email2 =
| summit_session_leader_username2 =

| summit_session_leader_name3 =
| summit_session_leader_email3 =
| summit_session_leader_username3 =

|-

| operational_leader_name1 =
| operational_leader_email1 =
| operational_leader_username1 =

|-

| meeting_notes =

|-
| session_name_mask =  Session012
| session_home_page =  Summit_2011_Working_Sessions/Session012
}}

Summit 2011 Working Sessions/Session052

2011-02-03T22:13:17Z

Edward Bonver:

{{Template:<includeonly>{{{1}}}</includeonly><noinclude>Summit 2011 Working Sessions test tab</noinclude>
|-

| summit_session_attendee_name1 = Nishi Kumar
| summit_session_attendee_email1 = nishi.kumar@owasp.org
| summit_session_attendee_username1 =
| summit_session_attendee_company1= FIS
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed1=

| summit_session_attendee_name2 = Cecil Su
| summit_session_attendee_email2 = cecil.su@owasp.org
| summit_session_attendee_username2 =
| summit_session_attendee_company2= GT
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed2=

| summit_session_attendee_name3 = Lucas C. Ferreira
| summit_session_attendee_email3 = lucas.ferreira@owasp.org
| summit_session_attendee_username3 =
| summit_session_attendee_company3=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed3=

| summit_session_attendee_name4 = Keith Turpin
| summit_session_attendee_email4 = keith.turpin@owasp.org
| summit_session_attendee_username4 = Keith_Turpin
| summit_session_attendee_company4=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed4=

| summit_session_attendee_name5 = Achim Hoffmann
| summit_session_attendee_email5 = achim@owasp.org
| summit_session_attendee_username5 = Achim
| summit_session_attendee_company5= sic[!]sec
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed5=

| summit_session_attendee_name6 = Tom Neaves
| summit_session_attendee_email6 = tom.neaves@verizonbusiness.com
| summit_session_attendee_username6 =
| summit_session_attendee_company6= Verizon Business
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed6=

| summit_session_attendee_name7 = Vishal Garg
| summit_session_attendee_email7 = vishalgrg@gmail.com
| summit_session_attendee_username7 =
| summit_session_attendee_company7= AppSecure Labs
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed7=

| summit_session_attendee_name8 = Giorgio Fedon
| summit_session_attendee_email8 = giorgio.fedon@mindedsecurity.com
| summit_session_attendee_username8 =
| summit_session_attendee_company8= Minded Security
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed8=

| summit_session_attendee_name9 = Stefano Di Paola
| summit_session_attendee_email9 = stefano@owasp.org
| summit_session_attendee_username9 =
| summit_session_attendee_company9= Minded Security
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed9=

| summit_session_attendee_name10 = Pavol Luptak
| summit_session_attendee_email10 = pavol.luptak@nethemba.com
| summit_session_attendee_username10 =
| summit_session_attendee_company10= Nethemba
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed10=

| summit_session_attendee_name11 = Andre Gironda
| summit_session_attendee_email11 = andregATthegmail
| summit_session_attendee_username11 = Dre
| summit_session_attendee_company11=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed11= Will be available remotely

| summit_session_attendee_name12 = Edward Bonver
| summit_session_attendee_email12 = edward@owasp.org
| summit_session_attendee_username12 = Edward Bonver
| summit_session_attendee_company12= Symantec
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed12=

| summit_session_attendee_name13 =
| summit_session_attendee_email13 =
| summit_session_attendee_username13 =
| summit_session_attendee_company13=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed13=

| summit_session_attendee_name14 =
| summit_session_attendee_email14 =
| summit_session_attendee_username14 =
| summit_session_attendee_company14=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed14=

| summit_session_attendee_name15 =
| summit_session_attendee_email15 =
| summit_session_attendee_username15 =
| summit_session_attendee_company15=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed15=

| summit_session_attendee_name16 =
| summit_session_attendee_email16 =
| summit_session_attendee_username16 =
| summit_session_attendee_company16=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed16=

| summit_session_attendee_name17 =
| summit_session_attendee_email17 =
| summit_session_attendee_username17 =
| summit_session_attendee_company17=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed17=

| summit_session_attendee_name18 =
| summit_session_attendee_email18 =
| summit_session_attendee_username18 =
| summit_session_attendee_company18=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed18=

| summit_session_attendee_name19 =
| summit_session_attendee_email19 =
| summit_session_attendee_username19 =
| summit_session_attendee_company19=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed19=

| summit_session_attendee_name20 =
| summit_session_attendee_email20 =
| summit_session_attendee_username20 =
| summit_session_attendee_company20=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed20=

|-
| summit_track_logo = [[Image:T._individual_projects.jpg]]
| summit_ws_logo = [[Image:WS._individual_projects.jpg]]
| summit_session_name = OWASP Testing Guide
| summit_session_url = http://www.owasp.org/index.php/Summit_2011_Working_Sessions/Session052
| mailing_list =
|-
| short_working_session_description= We need to define: 
 - an updated vulnerability list to test (from the OWASP Common Vulnerabiltity list)
 - Create a more readable guide, eliminating some sections that are not
really useful,
 - Insert new testing techniques: HTTP Verb tampering, HTTP Parameter
Pollutions, etc.,
 - Rationalize some sections as Session Management Testing,
 - Debate if create a new section: Client side security and Firefox
extensions testing.

|-

| related_project_name1 = OWASP Testing Project
| related_project_url_1 = http://www.owasp.org/index.php/Category:OWASP_Testing_Project

| related_project_name2 =
| related_project_url_2 =

| related_project_name3 =
| related_project_url_3 =

| related_project_name4 =
| related_project_url_4 =

| related_project_name5 =
| related_project_url_5 =

|-

| summit_session_objective_name1= Show the v3, and debating what we need to create an excellent v4

| summit_session_objective_name2 =

| summit_session_objective_name3 =

| summit_session_objective_name4 =

| summit_session_objective_name5 =

|-

| working_session_date_and_time = TODO

|-

| discussion_model = participants and attendees

|-

| operational_resources = Projector, whiteboards, markers, Internet connectivity, power

|-

| working_session_additional_details = The presence of participants on the Working Session [[Summit 2011 Working Sessions/Session085|'''Common structure and numbering for all guides''']] is advisable.

|-

|summit_session_deliverable_name1 = An updated outline for the testing guide that is tied into the OWASP common numbering scheme

|summit_session_deliverable_name2 = A short white paper with ideas for revisions to the Testing Guide for evaluation and discussion by the community at large.

|summit_session_deliverable_name3 = A committed project manager who can reach out to experts to get the document completed.

|summit_session_deliverable_name4 =

|summit_session_deliverable_name5 =

|summit_session_deliverable_name6 =

|summit_session_deliverable_name7 =

|summit_session_deliverable_name8 =

|-

| summit_session_leader_name1 = Matteo Meucci
| summit_session_leader_email1 = matteo.meucci@owasp.org

| summit_session_leader_name2 =
| summit_session_leader_email2 =
| summit_session_leader_username2 =

| summit_session_leader_name3 =
| summit_session_leader_email3 =
| summit_session_leader_username3 =
|-

| operational_leader_name1 = Giorgio Fedon
| operational_leader_email1 =

|-

| meeting_notes =

|-
| session_name_mask =  Session052
| session_home_page =  Summit_2011_Working_Sessions/Session052
}}

Summit 2011 Working Sessions/Session099

2011-02-03T22:10:59Z

Edward Bonver:

{{Template:<includeonly>{{{1}}}</includeonly><noinclude>Summit 2011 Working Sessions test tab</noinclude>
|-

| summit_session_attendee_name1 = Matthew Chalmers
| summit_session_attendee_email1 = matthew.chalmers@owasp.org
| summit_session_attendee_username1 =
| summit_session_attendee_company1=[http://www.rockwellautomation.com/ http://www.rockwellautomation.com/lib/images/ralogo_web.gif]
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed1=

| summit_session_attendee_name2 = Colin Watson
| summit_session_attendee_email2 = colin.watson@owasp.org
| summit_session_attendee_username2 =
| summit_session_attendee_company2=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed2=

| summit_session_attendee_name3 = Mateo Martinez
| summit_session_attendee_email3 = mateo.martinez@owasp.org
| summit_session_attendee_username3 =
| summit_session_attendee_company3=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed3=

| summit_session_attendee_name4 = Dinis Cruz
| summit_session_attendee_email4 = dinis.cruz@owasp.org
| summit_session_attendee_username4 =
| summit_session_attendee_company4=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed4=

| summit_session_attendee_name5 = Jim Manico
| summit_session_attendee_email5 = jim.manico@owasp.org
| summit_session_attendee_username5 =
| summit_session_attendee_company5=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed5=

| summit_session_attendee_name6 = Neil Matatall
| summit_session_attendee_email6 = neil@owasp.org
| summit_session_attendee_username6 =
| summit_session_attendee_company6=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed6=

| summit_session_attendee_name7 = Christian Martorella
| summit_session_attendee_email7 = laramies@gmail.com
| summit_session_attendee_username7 =
| summit_session_attendee_company7=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed7=

| summit_session_attendee_name8 = Steven van der Baan
| summit_session_attendee_email8 = steven.van.der.Baan@owasp.org
| summit_session_attendee_username8 =
| summit_session_attendee_company8=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed8=

| summit_session_attendee_name9 = Nishi Kumar
| summit_session_attendee_email9 = nishi787@hotmail.com
| summit_session_attendee_username9 =
| summit_session_attendee_company9=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed9=

| summit_session_attendee_name10 = Cecil Su
| summit_session_attendee_email10 = cecil.su@owasp.org
| summit_session_attendee_username10 =
| summit_session_attendee_company10=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed10=

| summit_session_attendee_name11 = Antonio Fontes
| summit_session_attendee_email11 = antonio.fontes@owasp.org
| summit_session_attendee_username11 =
| summit_session_attendee_company11=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed11=

| summit_session_attendee_name12 = Sherif Koussa
| summit_session_attendee_email12 = sherif.koussa@owasp.org
| summit_session_attendee_username12 =
| summit_session_attendee_company12= Software Secured
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed12=

| summit_session_attendee_name13 = Matthias Rohr
| summit_session_attendee_email13 = m.rohr@sec-consult.com
| summit_session_attendee_username13 =
| summit_session_attendee_company13= SEC Consult
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed13=

| summit_session_attendee_name14 = Vishal Garg
| summit_session_attendee_email14 = vishalgrg@gmail.com
| summit_session_attendee_username14 =
| summit_session_attendee_company14= AppSecure Labs
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed14=

| summit_session_attendee_name15 = Matteo Meucci
| summit_session_attendee_email15 = matteo.meucci@owasp.org
| summit_session_attendee_username15 =
| summit_session_attendee_company15=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed15=

| summit_session_attendee_name16 = Seba Deleersnyder
| summit_session_attendee_email16 = seba@owasp.org
| summit_session_attendee_username16 =
| summit_session_attendee_company16= SAIT Zenitel
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed16=

| summit_session_attendee_name17 = Tony UcedaVelez
| summit_session_attendee_email17 = tonyuv@owasp.org
| summit_session_attendee_username17 = Tony UcedaVelez
| summit_session_attendee_company17= VerSprite
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed17=

| summit_session_attendee_name18 = L. Gustavo C. Barbato
| summit_session_attendee_email18 = lgbarbato@owasp.org
| summit_session_attendee_username18 = Gustavo Barbato
| summit_session_attendee_company18= Dell
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed18=

| summit_session_attendee_name19 = Edward Bonver
| summit_session_attendee_email19 = edward@owasp.org
| summit_session_attendee_username19 = Edward Bonver
| summit_session_attendee_company19= Symantec
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed19=

| summit_session_attendee_name20 =
| summit_session_attendee_email20 =
| summit_session_attendee_username20 =
| summit_session_attendee_company20=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed20=
|-
| summit_track_logo = [[Image:T._individual_projects.jpg]]
| summit_ws_logo = [[Image:WS._individual_projects.jpg]]
| summit_session_name = Threat Modeling
| summit_session_url = http://www.owasp.org/index.php/Summit_2011_Working_Sessions/Session099

|-

| short_working_session_description=Discussion on various components of threat modeling, threat modeling methodologies and their challenges.

|-

| related_project_name1 = Threat Modeling
| related_project_url_1 =

| related_project_name2 =
| related_project_url_2 =

| related_project_name3 =
| related_project_url_3 =

| related_project_name4 =
| related_project_url_4 =

| related_project_name5 =
| related_project_url_5 =

|-

| summit_session_objective_name1= Reviewing existing methodologies and their pros and cons

| summit_session_objective_name2 = Assigning business impacts to threats

| summit_session_objective_name3 = Assigning technical impacts to threats

| summit_session_objective_name4 = Threat Rating System.

| summit_session_objective_name5 = Can we bring attack trees into main stream threat modeling methodology?

| summit_session_objective_name6 = Can we use metrics to promote threat modeling?

|-

| working_session_date_and_time =

|-

| discussion_model = participants and attendees

|-

| operational_resources = Projector, whiteboards, markers, Internet connectivity, power

|-

| working_session_additional_details =

|-

|summit_session_deliverable_name1 = A document with a public recommendation on the use of threat modeling
|summit_session_deliverable_name2 = An OWASP standard defining what a threat model is.

|summit_session_deliverable_name3 = An OWASP standard defining a workflow for creating and maintaining a threat model.

|summit_session_deliverable_name4 = A white paper providing recommendations on how organizations can use threat modeling to achieve better security earlier in the process. Including a business-case rationale for threat modeling would be excellent.

|summit_session_deliverable_name5 =

|summit_session_deliverable_name6 =

|summit_session_deliverable_name7 =

|summit_session_deliverable_name8 =

|-

| summit_session_leader_name1 = Anurag Agarwal
| summit_session_leader_email1 = anurag@myappsecurity.com

| summit_session_leader_name2 =
| summit_session_leader_email2 =
| summit_session_leader_username2 =

| summit_session_leader_name3 =
| summit_session_leader_email3 =
| summit_session_leader_username3 =

|-

| operational_leader_name1 =
| operational_leader_email1 =
| operational_leader_username1 =

|-

| meeting_notes =

|-
| session_name_mask =  Session099
| session_home_page =  Summit_2011_Working_Sessions/Session099
}}

Summit 2011 Attendee/Attendee172

2011-02-02T21:43:05Z

Edward Bonver:

{{Template:<includeonly>{{{1}}}</includeonly><noinclude>OWASP 2011 Global Summit Attendee Tab</noinclude>
|-
| summit_attendee_name1 = Edward Bonver
| summit_attendee_email1 = edward@owasp.org
| summit_attendee_wiki_username1 = Edward Bonver
|-
| summit_attendee_company = Symantec
|-
| Project Leadership (less than 6 months old) =
| Project Leadership (more than 6 months old) =
| Release Leadership (less than 6 months old) =
| Release Leadership (more than 6 months old) =
| Project Contribution (less than 6 months old) =
| Project Contribution (more than 6 months old) =
| Release Contribution (less than 6 months old) =
| Release Contribution (more than 6 months old) =
| Committee Membership =
| Chapter Co-Leadership =
| Conference Co-Leadership = OWASP Appsec USA
| Projected Funding Cost =
|-
| summit_attendee_current_owasp_involvement_name1 =
| summit_attendee_current_owasp_involvement_url_1 =
| summit_attendee_current_owasp_involvement_name2 =
| summit_attendee_current_owasp_involvement_url_2 =
| summit_attendee_current_owasp_involvement_name3 =
| summit_attendee_current_owasp_involvement_url_3 =
| summit_attendee_current_owasp_involvement_name4 =
| summit_attendee_current_owasp_involvement_url_4 =
| summit_attendee_current_owasp_involvement_name5 =
| summit_attendee_current_owasp_involvement_url_5 =
|-
| summit_attendee_reason_for_summit_participation_name1 = Threat Modeling
| summit_attendee_reason_for_summit_participation_url_1 =
| notes_reason_for_participating_issues_to_be_discussed_1 =
| summit_attendee_reason_for_summit_participation_name2 = Security Testing
| summit_attendee_reason_for_summit_participation_url_2 =
| notes_reason_for_participating_issues_to_be_discussed_2 =
| summit_attendee_reason_for_summit_participation_name3 = University Outreach
| summit_attendee_reason_for_summit_participation_url_3 =
| notes_reason_for_participating_issues_to_be_discussed_3 =
| summit_attendee_reason_for_summit_participation_name4 =
| summit_attendee_reason_for_summit_participation_url_4 =
| notes_reason_for_participating_issues_to_be_discussed_4 =
| summit_attendee_reason_for_summit_participation_name5 =
| summit_attendee_reason_for_summit_participation_url_5 =
| notes_reason_for_participating_issues_to_be_discussed_5 =
|-
| summit_attendee_owasp_sponsor =
|-
| summit_attendee_summit_time_paid_by_name1 = [[Image:Symantec.png | 180x51 px| link=http://symantec.com]]
| summit_attendee_summit_time_paid_by_url_1 = http://symantec.com
| summit_attendee_summit_time_paid_by_name2 =
| summit_attendee_summit_time_paid_by_url_2 =
|-
| summit_attendee_summit_expenses_paid_by_name1 = [[Image:Circle_owasp_logo_nowhitebackground.png| 50x50 px |link=http://www.owasp.org/]]
Los Angeles Chapter
| summit_attendee_summit_expenses_paid_by_url_1 =
| summit_attendee_summit_expenses_paid_by_name2 =
| summit_attendee_summit_expenses_paid_by_url_2 =
|-
| reason_for_sponsorship = Local OWASP Funds
|-
| status = Confirmed, Funded, Booked
|-
| letter sent to sponsor =
|-
| notes for Kate =
|-
| attendee_name_mask =  Attendee172
| attendee_home_page =  Summit_2011_Attendee/Attendee172
}}

File:Symantec.png

2011-02-02T21:38:09Z

Edward Bonver: