This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "User:Brennan"
m |
m |
||
| Line 5: | Line 5: | ||
''' | ''' | ||
| − | Tom Brennan is the Chief | + | Tom Brennan is the Chief Hacking Officer of [http://www.proactiverisk.com ProactiveRISK] known recently for CATScan℠, CyberTOOLBELT™ and his volunteer service to the OWASP Foundation since 2007' most recently as the Global Vice Chairman. Tom is a veteran of the United States Marine Corps and resides in the Rockaway Township, New Jersey, USA with his wife and children. He enjoys building both open source and commercial software solutions, off-roading with his Jeep and flying FPV Drones in his spare time. |
Tom's strengths include; | Tom's strengths include; | ||
Revision as of 13:26, 28 May 2015
tomb(@)proactiverisk.com
Tom Brennan is the Chief Hacking Officer of ProactiveRISK known recently for CATScan℠, CyberTOOLBELT™ and his volunteer service to the OWASP Foundation since 2007' most recently as the Global Vice Chairman. Tom is a veteran of the United States Marine Corps and resides in the Rockaway Township, New Jersey, USA with his wife and children. He enjoys building both open source and commercial software solutions, off-roading with his Jeep and flying FPV Drones in his spare time.
Tom's strengths include;
- Secure Software Concepts - explaining what constitutes secure software and what design aspects to take into consideration to architect hack-resilient software.
- Secure Software Requirements - facilitating the capture of all of the security requirements from various stakeholders and understanding the sources and processes needed to ensure a more effective design.
- Secure Software Design - recommend secure design element including, software architecture, secure design review, and conduct threat modeling.
- Secure Software Implementation/Coding - knowledgeable on how to review the code to ensure that there are no errors in the code or security controls.
- Secure Software Testing - Conducting software testing for security functionality, reliability, resiliency to attack, and recoverability.
- Software Acceptance - experienced with software acceptance including completion criteria, risk acceptance and documentation, Common Criteria and methods of independent testing and verification
- Software Deployment, Operations, Maintenance and Disposal – experienced with security measures that must be taken when a product reaches its end of life.
- Supply Chain and Software Acquisition – lifecycle thinker with a holistic outline of tasks required in managing risk for outsourced development, acquisition, and procurement of software and related services.
Artifacts:
- Written recommendations from 60+ industry leaders: ONLINE - OWASP interview at AppSecUSA 2013 - Video - Interview with PenTest Magazine about OWASP Foundation. - 2012 OWASP Board Candidate Interview: Audio / Transcript - Video Interview about OWASP with Tom Brennan, 2008 - Video 1, Video 2 - Thousands of wiki commits to OWASP.ORG since 2004 see: Wiki Edits
Contributor and champion to many OWASP projects including:
-- OWASP RFQ Criteria, Software Security
