This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit

Bil Corry 2019 Elect Me

Jump to: navigation, search

Bil Corry

2019 Election for Board of Directors, OWASP

Bil Corry speaking at AppSec USA 2017 Leaders Meeting
Bil Corry speaking at AppSec USA 2017 Leaders Meeting


I am a lifetime member of OWASP and I've been involved with OWASP since 2008. I am currently serving on the OWASP Compliance Committee and am the Chapter Leader of the Nashua Chapter, and have contributed to a variety of projects over the years (anyone remember the OWASP Certification project?). I've volunteered at AppSec USA, rounded up speakers for chapter meetings in Chicago and the Bay Area, hosted a Bay Area chapter meeting, helped WIA become a 2.0 Committee and have been a trainer using the OWASP Secure Coding deck.

I have contributed to the technology that underpins the “World Wide Web”, namely HTTP (RFC 7230) [1], HTTP Cookies (RFC 6265) [2], TLS (RFC 6125) [3], and the HTML specification [4]. If you have ever used a web browser to visit a website, then you have personally benefited from my efforts. Additionally, I’ve contributed to securing the web, including my participation in OWASP and WASC [5], and contributed to the design of various browser security and privacy controls (Content Security Policy, secure cookies, secure logoff, clickjacking protection, and more) [6] [7] [8] [9].

Beyond my contributions to the web, I’ve also served on the W3C Tracking Protection Working Group [10], which produced the specification for the Do Not Track web header, and the European Payments Council’s Payment Security Support Group, a trade group primarily focused on payment security and payment authorization in the European market.

In my professional capacity, I spent over a decade working at a web developer before switching to information security. As a security professional, I’ve worked for the largest FinTech company in the world, PayPal, in both North America and Europe, and I’ve worked at the largest mobile chip design company in the world, Arm. At PayPal, I was responsible for application security across all product lines and subsidiaries worldwide, and for a time, I was the Information Technology Officer of the Bank, a statutory position within PayPal’s licensed banking unit based in Luxembourg. At Arm, I was responsible for the end-to-end security strategy for their connected devices products (aka IoT, internet of things) and reported two levels down from the CEO. Many people are unfamiliar with the Arm brand, however anyone using a mobile device has used an Arm product as nearly every mobile device on the planet has an Arm processor, including every Apple and Android phone and tablet.

Currently I work at a healthcare startup, Blink Health, in the role of Security Assurance, which includes application security.


Bil Corry Video Interview