|
|
(16 intermediate revisions by the same user not shown) |
Line 1: |
Line 1: |
− | | + | [[File:B-2016-profile-photo.jpg|thumb]] |
| + | __NOTOC__ |
| | | |
− | I'm the VP of Security Architecture at [http://www.whitehatsec.com WhiteHat Security]. I've been an active member of OWASP since 2008. My main passion is supporting projects that help developers write secure code. You can reach me on twitter [http://www.twitter.com/manicode @manicode] or via [http://www.twitter.com/owasp_podcast @owasp_podcast] for OWASP Podcast updates. I also manage the [http://www.twitter.com/owasp @owasp] twitter feed.
| + | Jim Manico is the founder of [https://www.manicode.com Manicode Security] where he trains software developers on secure coding and security engineering. He is also the founder of Brakeman Security, Inc. and is a investor/advisor for Signal Sciences. Jim is a frequent speaker on secure software practices and is a member of the JavaOne rockstar speaker community. Jim is also a [[:Special:Contributions/jmanico|volunteer]] and former board member of the OWASP foundation. He is the author of "Iron-Clad Java: Building Secure Web Applications" from McGraw-Hill and Oracle Press. For more information, see http://www.linkedin.com/in/jmanico. |
| | | |
− | = I am running for the 2012 OWASP board! =
| + | You can reach Jim at [mailto:jim.manico@owasp.org jim.manico@owasp.org]. You also reach Jim on twitter at [http://www.twitter.com/manicode @manicode]. |
− | Here are a few questions and answers regarding my board candidacy.
| |
− | | |
− | == What are your most notable accomplishments over the past three years as an OWASP contributor? ==
| |
− | | |
− | * I am the founder, producer and host of the [[OWASP_Podcast | OWASP Podcast Series]]. As of May 2011 I have published 84 shows and have spent over 500 hours making the OWASP Podcast a reality. I am grateful to my many guests who have made the show a success.
| |
− | * I am also the chair of the [https://www.owasp.org/index.php/OWASP_Connections_Committee OWASP Connections Committee] where I manage the [http://owasp.blogspot.com OWASP Blog], [http://twitter.com/owasp twitter feed] and [https://www.owasp.org/index.php/Press press communications] for OWASP. I feel that these activities are directly inline with the OWASP core mission of spreading awareness.
| |
− | * I am also spearheading several ESAPI-like projects that provide modular single-use controls for ease of use. I have only begun these efforts, but have started to manage the [https://www.owasp.org/index.php/OWASP_Java_Encoder_Project OWASP Encoder ], the OWASP validator and the [https://www.owasp.org/index.php/OWASP_Java_HTML_Sanitizer_Project OWASP HTML Sanitizer] project with a variety of very talented developers.
| |
− | * I am also the project manager and significant contributor of the [https://www.owasp.org/index.php/Cheat_Sheets OWASP Cheatsheet Series]. I've worked on the XSS, DOM XSS, SQL Injection, Cryptographic Storage, Forgot Password and other topics in this series.
| |
− | * I recruited the team who created and maintain the OWASP Mobile Project.
| |
− | * I have raveled to OWASP chapters all over the world providing free developer training
| |
− | | |
− | == What are the most significant challenges OWASP is facing? ==
| |
− | | |
− | * Financial
| |
− | * Keeping basic IT services running well and securely
| |
− | * vendor neutrality
| |
− | | |
− | == If you become elected, what would the top three things be that you would focus on? ==
| |
− | | |
− | * Fundraising
| |
− | * Expand membership (developers).
| |
− | * Content Reorganization. In order to support increased membership, we need to increase quality and remove old content that is not pertinent or out of date - make OWASP more consumable for the masses!
| |
− | | |
− | == What do you want to do as a board member that you can't do as an OWASP leader or committee member? ==
| |
− | | |
− | * As a board member I will have more opportunities to serve as an ambassador for the organization evangelizing the importance to web security to both the security and the developer communities.
| |
− | * One of a board members main roles is too maintain a vendor-neutral stance when representing OWASP. I feel I have demonstrated a commitment to putting the mission of OWASP before my personal and business interests.
| |
− | | |
− | == How does your past experience relate to this position? ==
| |
− | | |
− | * Travel internationally speaking at 30+ OWASP chapters through much of Europe and the US
| |
− | * Have had a chance to "hear out" and interface with OWASP members on a global scale
| |
− | * Provide secure coding training as talks and free seminars emphasizing vendor neutral open source information
| |
− | * Interaction with several OWASP projects and committees
| |
− | * Worked with or partnered with several existing board members
| |