User:Wichers - Revision history

Wichers at 18:33, 22 April 2019

2019-04-22T18:33:12Z

Wichers: /* OWASP Contributions */

2018-02-19T19:57:18Z

‎OWASP Contributions

Wichers: Add new EY employment.

2018-02-19T19:56:25Z

Add new EY employment.

Wichers at 15:11, 3 July 2017

2017-07-03T15:11:29Z

Wichers at 15:10, 3 July 2017

2017-07-03T15:10:51Z

Wichers at 16:35, 31 October 2016

2016-10-31T16:35:47Z

Wichers: /* OWASP Contributions */

2016-05-25T15:44:33Z

‎OWASP Contributions

Wichers: /* OWASP Contributions */

2015-04-17T14:25:03Z

‎OWASP Contributions

Wichers at 22:37, 17 July 2014

2014-07-17T22:37:35Z

Wichers at 22:28, 17 July 2014

2014-07-17T22:28:19Z

@@ Line 3: / Line 3: @@
 ==BIO==
-Dave Wichers is an executive director for application security at EY (www.ey.com). He was a cofounder of [https://www.aspectsecurity.com/ Aspect Security], a consulting company that specializes in application security services, that was acquired by EY in 2017. He is also a long time contributor to OWASP, helping to establish the OWASP Foundation in 2004, serving on the [[Board | OWASP Board]] since it was formed from 2004 through 2013, served as [[Conferences | OWASP Conferences Chair]] from 2005 through 2008, was a coauthor of the [[Top10 | OWASP Top 10]] since its inception until 2017 release candidate 1 and led the project from 2007 thru May 2017. Dave is also the lead of the new OWASP [[Benchmark]] project and has also contributed to numerous other important OWASP projects including [[WebGoat]], [[ESAPI]], [[ASVS]], and the [[Cheat Sheets | OWASP Cheat Sheet Series]].
+Dave Wichers is a managing director for application security at Ernst & Young (www.ey.com). He was a cofounder of [https://www.aspectsecurity.com/ Aspect Security], a consulting company that specializes in application security services, that was acquired by EY in 2017. He is also a long time contributor to OWASP, helping to establish the OWASP Foundation in 2004, serving on the [[Board | OWASP Board]] since it was formed from 2004 through 2013, served as [[Conferences | OWASP Conferences Chair]] from 2005 through 2008, was a coauthor of the [[Top10 | OWASP Top 10]] since its inception until 2017 release candidate 1 and led the project from 2007 thru May 2017. Dave is also the lead of the new OWASP [[Benchmark]] project and has also contributed to numerous other important OWASP projects including [[WebGoat]], [[ESAPI]], [[ASVS]], and the [[Cheat Sheets | OWASP Cheat Sheet Series]].
 Dave has over 30 years of experience in the information security field, and has focused exclusively on application security since 1998. At EY, he provides a wide variety of application security consulting services to EY's clients. Prior to starting Aspect, he ran the Application Security Services Group at Exodus Communications. Dave has a Bachelors and Masters degree in Computer Science and is a CISSP.

← Older revision		Revision as of 19:57, 19 February 2018
Line 47:		Line 47:
	* 2006 AppSec Seattle: Why AJAX Applications are far more likely to be insecure, and What to do about it - [http://www.owasp.org/index.php/Image:OWASPAppSec2006Seattle_Why_AJAX_Applications_More_Likely_Insecure.ppt Slides]		* 2006 AppSec Seattle: Why AJAX Applications are far more likely to be insecure, and What to do about it - [http://www.owasp.org/index.php/Image:OWASPAppSec2006Seattle_Why_AJAX_Applications_More_Likely_Insecure.ppt Slides]

−	Dave can be reached at: dave.wichers (at) ~~aspectsecurity~~.com or dave.wichers (at) owasp.org	+	Dave can be reached at: dave.wichers (at) ey.com or dave.wichers (at) owasp.org

@@ Line 3: / Line 3: @@
 ==BIO==
-Dave Wichers is a cofounder of [https://www.aspectsecurity.com/ Aspect Security], a consulting company that specializes in application security services. He is also a long time contributor to OWASP, helping to establish the OWASP Foundation in 2004, serving on the [[Board | OWASP Board]] since it was formed from 2004 through 2013, served as [[Conferences | OWASP Conferences Chair]] from 2005 through 2008, was a coauthor of the [[Top10 | OWASP Top 10]] since its inception until 2017 release candidate 1 and led the project from 2007 thru May 2017. Dave is also the lead of the new OWASP [[Benchmark]] project and has also contributed to numerous other important OWASP projects including [[WebGoat]], [[ESAPI]], [[ASVS]], and the [[Cheat Sheets | OWASP Cheat Sheet Series]].
+Dave Wichers is an executive director for application security at EY (www.ey.com). He was a cofounder of [https://www.aspectsecurity.com/ Aspect Security], a consulting company that specializes in application security services, that was acquired by EY in 2017. He is also a long time contributor to OWASP, helping to establish the OWASP Foundation in 2004, serving on the [[Board | OWASP Board]] since it was formed from 2004 through 2013, served as [[Conferences | OWASP Conferences Chair]] from 2005 through 2008, was a coauthor of the [[Top10 | OWASP Top 10]] since its inception until 2017 release candidate 1 and led the project from 2007 thru May 2017. Dave is also the lead of the new OWASP [[Benchmark]] project and has also contributed to numerous other important OWASP projects including [[WebGoat]], [[ESAPI]], [[ASVS]], and the [[Cheat Sheets | OWASP Cheat Sheet Series]].
-Dave has over 25 years of experience in the information security field, and has focused exclusively on application security since 1998. At Aspect, in addition to his cofounder duties, he is one of their chief training instructors, and provides a wide variety of application security consulting services to Aspect's clients. Prior to starting Aspect, he ran the Application Security Services Group at Exodus Communications. Dave has a Bachelors and Masters degree in Computer Science and is a CISSP.
+Dave has over 30 years of experience in the information security field, and has focused exclusively on application security since 1998. At EY, he provides a wide variety of application security consulting services to EY's clients. Prior to starting Aspect, he ran the Application Security Services Group at Exodus Communications. Dave has a Bachelors and Masters degree in Computer Science and is a CISSP.
 ==OWASP Contributions==

@@ Line 3: / Line 3: @@
 ==BIO==
-Dave Wichers is a cofounder and the Chief Operating Officer (COO) of [https://www.aspectsecurity.com/ Aspect Security], a consulting company that specializes in application security services. He is also a long time contributor to OWASP, helping to establish the OWASP Foundation in 2004, serving on the [[Board | OWASP Board]] since it was formed from 2004 through 2013, served as [[Conferences | OWASP Conferences Chair]] from 2005 through 2008, was a coauthor of the [[Top10 | OWASP Top 10]] since its inception until 2017 release candidate 1 and led the project from 2007 thru May 2017. Dave is also the lead of the new OWASP [[Benchmark]] project and has also contributed to numerous other important OWASP projects including [[WebGoat]], [[ESAPI]], [[ASVS]], and the [[Cheat Sheets | OWASP Cheat Sheet Series]].
+Dave Wichers is a cofounder of [https://www.aspectsecurity.com/ Aspect Security], a consulting company that specializes in application security services. He is also a long time contributor to OWASP, helping to establish the OWASP Foundation in 2004, serving on the [[Board | OWASP Board]] since it was formed from 2004 through 2013, served as [[Conferences | OWASP Conferences Chair]] from 2005 through 2008, was a coauthor of the [[Top10 | OWASP Top 10]] since its inception until 2017 release candidate 1 and led the project from 2007 thru May 2017. Dave is also the lead of the new OWASP [[Benchmark]] project and has also contributed to numerous other important OWASP projects including [[WebGoat]], [[ESAPI]], [[ASVS]], and the [[Cheat Sheets | OWASP Cheat Sheet Series]].
 Dave has over 25 years of experience in the information security field, and has focused exclusively on application security since 1998. At Aspect, in addition to his cofounder duties, he is one of their chief training instructors, and provides a wide variety of application security consulting services to Aspect's clients. Prior to starting Aspect, he ran the Application Security Services Group at Exodus Communications. Dave has a Bachelors and Masters degree in Computer Science and is a CISSP.

@@ Line 3: / Line 3: @@
 ==BIO==
-Dave Wichers is a cofounder and the Chief Operating Officer (COO) of [http://www.aspectsecurity.com/ Aspect Security], a consulting company that specializes in application security services. He is also a long time contributor to OWASP, helping to establish the OWASP Foundation in 2004, serving on the [[Board | OWASP Board]] since it was formed from 2004 through 2013, served as [[Conferences | OWASP Conferences Chair]] from 2005 through 2008, is a coauthor of the [[Top10 | OWASP Top 10]] and has led that project since 2007. Dave is also the lead of the new OWAASP [[Benchmark]] project and has also contributed to numerous other important OWASP projects including [[WebGoat]], [[ESAPI]], [[ASVS]], and the [[Cheat Sheets | OWASP Cheat Sheet Series]].
+Dave Wichers is a cofounder and the Chief Operating Officer (COO) of [https://www.aspectsecurity.com/ Aspect Security], a consulting company that specializes in application security services. He is also a long time contributor to OWASP, helping to establish the OWASP Foundation in 2004, serving on the [[Board | OWASP Board]] since it was formed from 2004 through 2013, served as [[Conferences | OWASP Conferences Chair]] from 2005 through 2008, was a coauthor of the [[Top10 | OWASP Top 10]] since its inception until 2017 release candidate 1 and led the project from 2007 thru May 2017. Dave is also the lead of the new OWASP [[Benchmark]] project and has also contributed to numerous other important OWASP projects including [[WebGoat]], [[ESAPI]], [[ASVS]], and the [[Cheat Sheets | OWASP Cheat Sheet Series]].
-Dave has over 25 years of experience in the information security field, and has focused exclusively on application security since 1998. At Aspect, in addition to his COO duties, he is Aspect's application security courseware lead, one of their chief instructors, and provides a wide variety of application security consulting services to Aspect's clients. Prior to starting Aspect, he ran the Application Security Services Group at Exodus Communications. Dave has a Bachelors and Masters degree in Computer Science and is a CISSP.
+Dave has over 25 years of experience in the information security field, and has focused exclusively on application security since 1998. At Aspect, in addition to his cofounder duties, he is one of their chief training instructors, and provides a wide variety of application security consulting services to Aspect's clients. Prior to starting Aspect, he ran the Application Security Services Group at Exodus Communications. Dave has a Bachelors and Masters degree in Computer Science and is a CISSP.
 ==OWASP Contributions==
-I have been contributing to OWASP since 2002. In 2004, along with Jeff Williams, we established the 501c3 organization that is now the OWASP Foundation. Since establishing the OWASP Foundation, I served as the de facto Chief Financial Officer of OWASP, until the OWASP Board established an Executive Director in mid 2013. In late 2004, I volunteered to become the OWASP Conferences Chair where I launched the OWASP Conferences Series, personally organized all the  U.S. and European AppSec conferences from 2005 through 2008, and helped launch the Global Conferences Committee in 2009, which organized the conferences from 2009 through 2012. The OWASP Conferences have since grown to serve as a primary revenue generating resource for OWASP.
+I have been contributing to OWASP since 2002. In 2004, along with Jeff Williams, we established the 501c3 organization that is now the OWASP Foundation. Since establishing the OWASP Foundation, I served as the de facto Chief Financial Officer of OWASP, until the OWASP Board established an Executive Director in mid 2013. In late 2004, I volunteered to become the OWASP Conferences Chair where I launched the OWASP Conferences Series, personally organized all the U.S. and European AppSec conferences from 2005 through 2008, and helped launch the Global Conferences Committee in 2009, which organized the conferences from 2009 through 2012. The OWASP Conferences have since grown to serve as a primary revenue generating resource for OWASP.
 As a volunteer to OWASP, Dave is or has been:
@@ Line 15: / Line 15: @@
 * A member of the [[About_OWASP#Global_Board_Members|OWASP Board]] since it was established in 2004 through the end of 2013,
 * The [[:Category:OWASP_AppSec_Conference | OWASP Conferences]] Chair from 2005 through 2008,
-* Project lead and coauthor of the [[OWASP_Top_Ten_Project | OWASP Top 10]],
+* Project lead and coauthor of the [[OWASP_Top_Ten_Project | OWASP Top 10]] thru May 2017,
 * Coauthor of the first version of the [[ASVS | OWASP Application Security Verification Standard]],
 * Contributor to the [[ESAPI | OWASP Enterprise Security API (ESAPI)]] project,

@@ Line 21: / Line 21: @@
 * Contributor to the [[ESAPI | OWASP Enterprise Security API (ESAPI)]] project,
 * Past lead of the [[OWASP_Cheat_Sheet_Series | OWASP Prevention Cheat Sheet Series]] and primary author of the [[SQL_Injection_Prevention_Cheat_Sheet | SQL Injection Prevention Cheat Sheet]].
-* Lead of the [[OWASP WebGoat Benchmark Edition (WBE)]] project.
+* Lead of the OWASP [[Benchmark]] project.
 For more details than this short bio on what I've done at OWASP, listen to my [https://www.owasp.org/download/jmanico/owasp_podcast_82.mp3 OWASP podcast].
@@ Line 29: / Line 29: @@
 I've also done lots of OWASP conference presentations. Here are some of them:
 * 2014 AppSec AsiaPac: [http://owaspappsecapac2014.sched.org/event/fec0f8c8cecafa44b1925641fbfee8fa#.U8hO02dOWJA AppSec at DevOps Speed and Portfolio Scale talk abstract]
 * 2014 AppSec AsiaPac: [http://owaspappsecapac2014.sched.org/event/c7ba6e43fa6f4a7e242c40c44c7164c9#.U8hObGdOWJA OWASP Top 10 2013 talk abstract]

@@ Line 28: / Line 28: @@
 I've also done lots of OWASP conference presentations. Here are some of them:
 * 2013 AppSec USA: [http://appsecusa2013.sched.org/event/817cc39ce670549247d2d0ba05b02701#.Up99XsRDuO2 OWASP Top 10 2013 talk abstract] - [http://appsecusa.org/2013/wp-content/uploads/2013/12/OWASP-Top-10-2013-AppSec-USA.pptx Slides] - [https://www.youtube.com/watch?v=bWqb3Hemepc&list=PLpr-xdpM8wG8ODR2zWs06JkMmlRiLyBXU&index=17 Video]
 * 2013 AppSec EU: [https://www.owasp.org/images/1/17/OWASP_Top-10_2013--AppSec_EU_2013_-_Dave_Wichers.pdf OWASP Top 10 2013 - Slides] - [https://www.its.fh-muenster.de/owasp-appseceu13/rooms/Aussichtsreich_+_Freiraum/high_quality/OWASP-AppsecEU13-DaveWichers-OWASPTop10-2013_720p.mp4 Video]

@@ Line 3: / Line 3: @@
 ==BIO==
-Dave Wichers is a cofounder and the Chief Operating Officer (COO) of [https://www.aspectsecurity.com/ Aspect Security], a consulting company that specializes in application security services. He is also a long time contributor to OWASP, helping to establish the OWASP Foundation in 2004, serving on the [[Board | OWASP Board]] since it was formed from 2004 through 2013, served as [[Conferences | OWASP Conferences Chair]] from 2005 through 2008, is a coauthor of the [[Top10 | OWASP Top 10]] and has led the project since 2007, and has contributed to numerous other important OWASP projects including [[WebGoat]], [[ESAPI]], [[ASVS]], and the [[Cheat Sheets | OWASP Cheat Sheet Series]].
+Dave Wichers is a cofounder and the Chief Operating Officer (COO) of [http://www.aspectsecurity.com/ Aspect Security], a consulting company that specializes in application security services. He is also a long time contributor to OWASP, helping to establish the OWASP Foundation in 2004, serving on the [[Board | OWASP Board]] since it was formed from 2004 through 2013, served as [[Conferences | OWASP Conferences Chair]] from 2005 through 2008, is a coauthor of the [[Top10 | OWASP Top 10]] and has led the project since 2007, and has contributed to numerous other important OWASP projects including [[WebGoat]], [[ESAPI]], [[ASVS]], and the [[Cheat Sheets | OWASP Cheat Sheet Series]].
-Dave is also involved in developing a new type of application vulnerability analysis technology that uses instrumentation to detect vulnerabilities inside of a running web application. This new technology, called Contrast, is available from a [https://www.aspectsecurity.com/contrast/ partner company of Aspect Security] called [https://www.contrastsecurity.com Contrast Security].
+Dave is also involved in developing a new type of application vulnerability analysis technology that uses instrumentation to detect vulnerabilities inside of a running web application. This new technology, called Contrast, is available from a [http://www.aspectsecurity.com/contrast/ partner company of Aspect Security] called [https://www.contrastsecurity.com Contrast Security].
 Dave has over 25 years of experience in the information security field, and has focused exclusively on application security since 1998. At Aspect, in addition to his COO duties, he is Aspect's application security courseware lead, one of their chief instructors, and provides a wide variety of application security consulting services to Aspect's clients. Prior to starting Aspect, he ran the Application Security Services Group at Exodus Communications. Dave has a Bachelors and Masters degree in Computer Science and is a CISSP.