This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "User:Mchalmers"

From OWASP
Jump to: navigation, search
m
m (OWASP Chapters)
 
(319 intermediate revisions by the same user not shown)
Line 1: Line 1:
<div align="right" style="float: right; margin: 0 0 0 4px; padding: 4px; border: 1px solid #aaa">http://g-images.amazon.com/images/G/01/v9/communities/falling.gif</div>Matthew Chalmers is no one of consequence but has been involved with [[Main_Page|OWASP]] since about 2001 or so, before this fine wiki existed. He can be reached at '''matthew''' ''dot'' '''chalmers''' ''at'' '''owasp''' ''dot'' '''org''' or by using the link at the bottom of this page.
+
<div align="left" style="float: left; margin: 0 4px 0 0; padding: 1px; border: 1px solid #aaa;">[[File:Chalmers,_Matthew.jpg|174px]]</div>Matthew Chalmers has been involved with OWASP since about 2002 and can be reached at matthew ''dot'' chalmers ''at'' owasp ''dot'' org.
<br/>
+
 
 +
<br style="clear: both;">
 +
 
 
==OWASP Involvement==
 
==OWASP Involvement==
 
===OWASP Wiki===
 
===OWASP Wiki===
[[:Special:Contributions/Mchalmers|Click here]] to see my wiki contributions.
+
* [https://www.owasp.org/index.php?limit=500&tagFilter=&title=Special%3AContributions&contribs=user&target=Mchalmers&namespace=0&year=&month=-1 My wiki contributions]
  
 
===OWASP Projects===
 
===OWASP Projects===
* OWASP brand/image
+
* [[:Category:OWASP_Chapter|Local Chapter Resources]]
* OWASP awareness
+
* [[:Category:OWASP_Certification_Project|Certification Project]] (content owner/reviewer)
* [[:Category:OWASP_Chapter|Local Chapters]]
 
* [[:Category:OWASP_Certification_Project|Certification Project]]
 
 
* [[:Category:OWASP Application Security Requirements Project|Application Security Requirements Project]] (interim project manager)
 
* [[:Category:OWASP Application Security Requirements Project|Application Security Requirements Project]] (interim project manager)
* [[ESAPI]]
 
 
* [[OWASP EU Summit 2008]]
 
* [[OWASP EU Summit 2008]]
* OWASP PR Project
+
** [http://lists.owasp.org/mailman/listinfo/owasp_pr_project OWASP PR Project]
* [[Global Chapter Committee]] ([[Global_Chapter_Committee_-_Application_2|pending]])
+
* [[Global Chapter Committee]]
 +
* [[Summit 2011|OWASP Global Summit 2011]]
 +
** [[Summit_2011_Working_Sessions/Session082|Audit Working Session Chair]]
 +
** [[Summit_2011_Working_Sessions/Session080|PCI Working Session Co-Chair]]
 +
** [[Summit_2011/Funding/Matt_Chalmers|Fundraising Appeal]]
 +
** [[Summit_2011_Attendee_Bios#Chalmers.2C_Matthew|Attendee bio]]
 +
* [http://lists.owasp.org/mailman/listinfo/governance OWASP Governance Task Force]
 +
* [[OWASP Codes of Conduct]]
 +
** [https://www.owasp.org/index.php/OWASP_Codes_of_Conduct#tab=Certifying_Bodies Certifying Bodies]
  
 
===OWASP Chapters===
 
===OWASP Chapters===
* Founding member of the original DC Local Chapter (now the [[Washington_DC|DC-Maryland]] chapter).
+
* Founding member of the original DC Local Chapter (which became the DC-Maryland chapter, then the [[Washington_DC|Washington DC]] and [[Baltimore]] chapters)
** Active member from 2004-2005.
+
* Founder and former chapter leader of the original [[Milwaukee]] chapter
** Recorded meeting minutes and maintained the chapter's web pages.
+
* Member
* "Member-at-Large" of the [[Chicago]] and [[Madison]] Local Chapters.
+
** [[Chicago]] chapter (2005-2012)
* Presently organising a new chapter in [[Milwaukee]].
+
** [[Milwaukee]] chapter (2005-2016)
 
+
** [[Madison]] chapter (2012-2016)
 +
** [[Minneapolis_St_Paul|Minneapolis-St. Paul]] chapter (2016-Present)
 +
<!--
 
==Non-OWASP Involvement==
 
==Non-OWASP Involvement==
* [http://www.acfei.com/ ACFEI] (American College of Forensic Examiners Institute)
+
* [http://www.acm.org/ ACM] (Association for Computing Machinery)
* [http://www.eccouncil.org/ EC-Council] (International Council of Electronic Commerce Consultants)
+
** [http://www.sigact.org/ SIGACT] (Special Interest Group on Algorithms and Computation Theory)
 +
** [http://www.sigcas.org/ SIGCAS] (Special Interest Group on Computers and Society)
 +
** [http://www.sigchi.org/ SIGCHI] (Special Interest Group on Computer-Human Interaction)
 +
** [http://www.sigsac.org/ SIGSAC] (Special Interest Group on Security, Audit, and Control)
 +
* [http://www.word-detective.com/2013/03/scuttlebutt/ CANOE] (Committee to Ascribe a Nautical Origin to Everything)
 +
* [http://www.cloudsecurityalliance.org/ CSA] (Cloud Security Alliance)
 +
* [http://www.eff.org/ EFF] (Electronic Frontier Foundation)
 +
** [https://www.eff.org/about/opportunities/volunteer Cooperating Tech]
 +
* [https://www.fsisac.com/ FS-ISAC] (Financial Services Information Sharing and Analysis Center)
 +
** [https://www.fsisac.com/about/committees Research Survey Committee]
 +
* [http://www.iacr.org/ IACR] (International Association for Cryptologic Research)
 
* [http://csrc.nist.gov/nissc/1999/program/isso/sld077.htm IATFF] (Information Assurance Technical Framework Forum)
 
* [http://csrc.nist.gov/nissc/1999/program/isso/sld077.htm IATFF] (Information Assurance Technical Framework Forum)
* [http://www.ieee-security.org/ IEEE CS TCSP] (IEEE Computer Society Technical Committee on Security &amp; Privacy)
+
* [http://www.ieee.org/ IEEE] (Institute of Electrical & Electronics Engineers)
* [http://tools.ietf.org/area/sec/trac/wiki IETF SAAG] (Internet Engineering Task Force Security Area Advisory Group)
+
** [http://www.comsoc.org/ Communications Society]
* [http://www.theiia.org/ IIA] (Institute of Internal Auditors) - Board of Governors, [http://www.theiia.org/chapters/index.cfm/home.page/cid/19 Milwaukee Chapter]
+
*** [http://cms.comsoc.org/eprise/main/SiteGen/TC_CIS/Content/Home.html Communications and Information Security Technical Committee]
 +
** [http://www.computer.org/ Computer Society]
 +
*** [http://cybersecurity.ieee.org/ Cybersecurity Community]
 +
*** [http://www.ieee-security.org/ Technical Committee on Security & Privacy]
 +
** [http://www.itsoc.org/ Information Theory Society]
 +
** [http://www.signalprocessingsociety.org/technical-committees/list/ifs-tc/ Signal Processing Society Information Forensics and Security Technical Committee]
 +
* [http://www.theiia.org/ IIA] (Institute of Internal Auditors)
 +
** [https://chapters.theiia.org/milwaukee/Pages/default.aspx Milwaukee Chapter] Member, 2006-2012 & 2015-2016; Secretary of the Board, 2009-2011
 +
** [https://chapters.theiia.org/madison/Pages/default.aspx Madison Chapter] Member, 2012-2015; Invited Speaker, 2016
 +
* [http://www.identitymanagementinstitute.org/ IMI] (Identity Management Institute)
 
* [http://www.isaca.org/ ISACA] (Information Systems Audit and Control Association)
 
* [http://www.isaca.org/ ISACA] (Information Systems Audit and Control Association)
* [http://www.sans.org/ SANS Institute] (System administration, Audit, Networking and Security Institute) - [http://www.sans.org/mentor/ Mentor] for courses [http://www.sans.org/training/description.php?mid=98 SEC-508]: Computer Forensics, Investigation, and Response; and [http://www.sans.org/training/description.php?mid=6 AUD-507]: Auditing Networks, Perimeters & Systems
+
** [http://isaca-km.org/ Kettle Moraine Chapter] Member, 2006-2016; Invited Speaker, 2014
 +
* [http://www.isoc.org/ ISoc] (Internet Society)
 +
** [http://www.ietf.org/ IETF] (Internet Engineering Task Force)
 +
*** [http://tools.ietf.org/area/sec/trac/wiki SAAG] (Security Area Advisory Group)
 +
** [https://irtf.org/ IRTF] (Internet Research Task Force)
 +
*** [https://irtf.org/cfrg CFRG] (Crypto Forum Research Group)
 +
* [http://www.nist.gov/ NIST] (National Institute of Standards and Technology)
 +
** [http://www.nist.gov/itl/ ITL] (Information Technology Laboratory)
 +
*** [http://www.nist.gov/itl/csd/ CSD] (Computer Security Division)
 +
**** [http://www.nist.gov/itl/csd/ct/ CTG] (Cryptographic Technology Group)
 +
***** [http://csrc.nist.gov/groups/ST/key_mgmt/ Cryptographic Key Management Project]
 +
* [http://www.sans.org/ SANS Institute] (System administration, Audit, Networking and Security Institute)
 +
** [http://www.sans.org/mentor/ Mentor] Program
 
* [http://www.webappsec.org/ WASC] (Web Application Security Consortium)
 
* [http://www.webappsec.org/ WASC] (Web Application Security Consortium)
 +
** [http://projects.webappsec.org/w/page/13246984/WASC-Community Articles Peer Review Team]
  
 
=="Credentials"==
 
=="Credentials"==
 
===Certifications===
 
===Certifications===
* CISA - Certified Information Systems Auditor
+
* [http://www.identitymanagementinstitute.org/cdp/ CDP] - Certified in Data Protection
* GSNA - GIAC Certified Systems and Network Auditor
+
* [http://www.identitymanagementinstitute.org/ciam/ CIAM] - Certified Identity and Access Manager
* GCFA - GIAC Certified Forensic Analyst
+
* [http://www.identitymanagementinstitute.org/cirm/ CIRM] - Certified Identity Risk Manager
* CEH - Certified Ethical Hacker
+
* [http://www.accessdata.com/training/certifications  ACE] - AccessData Certified Examiner
* CHS - Certified in Homeland Security (Level III)
+
* [http://www.eccouncil.org/ciso/ CCISO] - Certified Chief Information Security Officer
 
+
* [http://www.isaca.org/cism CISM] - Certified Information Security Manager
===Training Courses===
+
* [http://cloudsecurityalliance.org/education/ccsk/ CCSK] - Certified in Cloud Security Knowledge
* SOScorp - ITIL v3 Foundation Course (9/2008)
+
* [http://na.theiia.org/certification/crma-certification CRMA] - Certified in Risk Management Assurance
* SANS – Computer Forensics, Investigation, and Response (4/2008)
+
* [http://www.giac.org/certifications/forensics/gcfa.php GCFA] - GIAC Certified Forensic Analyst
* Entellus Technology Group – SAP ERP Basis Auditing & Security Risks (12/2007)
+
* [http://www.itil-officialsite.com/Qualifications/ITILQualificationLevels/ITILFoundation.aspx ITIL] Foundation Certified
* SAP America – Virsa Compliance Calibrator Training (10/2006)
+
* [http://www.isaca.org/cisa CISA] - Certified Information Systems Auditor
* IIA/Deloitte – SAP ERP Technical Audit (8/2006)
+
* [http://www.abchs.com/certification/chsiii.php CHS] - Certified in Homeland Security
* SPI Dynamics – Web Application Security Assessment with WebInspect (11/2005)
+
* [http://www.eccouncil.org/certification/certified_ethical_hacker.aspx CEH] - Certified Ethical Hacker
* SANS – Hacker Techniques, Exploits and Incident Handling (10/2005)
+
* [http://www.giac.org/certifications/audit/gsna.php GSNA] - GIAC-certified Systems and Network Auditor
* Infosec Institute – Advanced Ethical Hacking: Expert Penetration Testing (1/2005)
+
* [https://www.microsoft.com/en-us/learning/microsoft-certified-professional.aspx MCP] - Microsoft Certified Professional
* EC-Council/Mile2 – Certified Ethical Hacker Training (7/2004)
 
* Foundstone – Ultimate Web Hacking (9/2003)
 
* Siegeworks – Advanced AppAuditor Training (12/2002)
 
* SANS – Auditing Networks, Perimeters, and Systems (4/2002)
 
* Sanctum – AppScan AppAuditor Training (5/2001)
 
* Bank One University (1/2001 – 2/2005)
 
** Numerous soft skills courses including Planning and Executing Projects, Understanding Personality Styles, Incident Management, Presentation Skills, SMART Goals, and Using the Gallup Q12
 
* National Cryptologic School (2/1997 – 11/2000)
 
** Over 45 classified & unclassified courses including Information Systems Security Engineering, Technical Writing & Documentation, Encryption Key Management, Operational Information Systems Security, Computer Network Exploitation, and Operations Security
 
  
==Miscellany==
+
===Training===
[http://www.linkedin.com/in/mchalmers http://www.linkedin.com/img/webpromo/btn_linkedin_120x30.gif] [http://www.xing.com/profile/Matthew_Chalmers http://www.xing.com/img/buttons/10_en_btn.gif]
+
* CoalFire - Adaptive Penetration Testing (5/2018)
[http://www.dopplr.com/traveller/mchalmers http://blogs.zdnet.com/social/images/dopplr_logo.png]
+
* CITI - Human Subjects Research (10/2014)
[http://www.geni.com/profile/index/5694624893540027648 http://assets0.geni.com/images/Geni.jpg]
+
* IIA - Risk-Based, Process-Oriented & Performance-Driven Operational Auditing (6/2013)
 +
* IIA - Antifraud Controls using Data Mining and Continuous Monitoring Techniques (8/2011)
 +
* ISACA - Auditing & Securing Cloud-Based Services (1/2011)
 +
* ISACA - Information Security Management & Strategies for Implementing IT Governance (12/2010)
 +
* PDS/SOScorp - ITIL v3 Foundation Course (9/2008)
 +
* SANS - Computer Forensics, Investigation, and Response (4/2008)
 +
* Entellus Technology Group - SAP ERP Basis Auditing & Security Risks (12/2007)
 +
* SAP America - Virsa Compliance Calibrator Training (10/2006)
 +
* IIA - SAP ERP Technical Audit (8/2006)
 +
* SPI Dynamics - Web Application Security Assessment with WebInspect (11/2005)
 +
* SANS - Hacker Techniques, Exploits and Incident Handling (10/2005)
 +
* Infosec Institute - Advanced Ethical Hacking: Expert Penetration Testing (1/2005)
 +
* Mile2 - Certified Ethical Hacker Training (7/2004)
 +
* Foundstone - Ultimate Web Hacking (9/2003)
 +
* Siegeworks - Advanced AppAuditor Training (12/2002)
 +
* SANS - Auditing Networks, Perimeters, and Systems (4/2002)
 +
* Sanctum - AppScan AppAuditor Training (5/2001)
 +
* National Cryptologic School - Information Systems Security Engineering (2/2000)
 +
* National Cryptologic School - Operational Information Systems Security (11/1998)
  
I have a [http://thegrumpyhacker.blogspot.com/ blog] under a pseudonym but it's not strictly about web application security. Or any security.
+
===Education===
 +
* Doctor of Science (Candidate for the Degree), Cybersecurity, [http://capitol.technology.university/ Capitol Technology University]
 +
** Dissertation (WIP): User Perception of Utility Constraints in End-to-End Email Encryption Solutions
 +
* Master of Science, Information Assurance, [http://capitol.technology.university/ Capitol Technology University]
 +
* Bachelor of Arts, Psychology & Philosophy, [http://www.mst.edu/ Missouri University of Science & Technology]
 +
* Associate of Arts, Russian, [http://www.dliflc.edu/ Defense Language Institute]
 +
-->
  
{{user new message|Mchalmers}}
+
==LinkedIn==
 +
[http://linkedin.com/in/mdc http://instructor.mstc.edu/instructor/mchalmers/linkedin-find-me-button.gif]

Latest revision as of 19:34, 25 October 2019

Chalmers, Matthew.jpg
Matthew Chalmers has been involved with OWASP since about 2002 and can be reached at matthew dot chalmers at owasp dot org.


OWASP Involvement

OWASP Wiki

OWASP Projects

OWASP Chapters

LinkedIn

linkedin-find-me-button.gif

Retrieved from "https://wiki.owasp.org/index.php?title=User:Mchalmers&oldid=255748"