This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "User:Tony UcedaVelez"

From OWASP
Jump to: navigation, search
(Created page with ' == Tony UcedaVelez (a.k.a Tony UV/ Username: versprite) == In the realm of application security, Tony is a threat modeling evangelist and has provided numerous talks domestical…')
 
m (bio)
 
(10 intermediate revisions by the same user not shown)
Line 1: Line 1:
 
+
== Tony UV ==
== Tony UcedaVelez (a.k.a Tony UV/ Username: versprite) ==
+
<p>
 
+
Tony is the founder and CEO of VerSprite - a global security consulting firm based in Atlanta, GA. He is also the author of Wiley's <i>Risk Centric Threat Modeling</i>, a book endorsed by the late Cyber Security Coordinator for the White House, Howard SchmidtThe book has been used in universities and enterprises world wide as a means to apply a risk centric approach to application threat modeling. Tony has spoken at numerous OWASP, ISACA, ASIS, ISC2, ISSA, BSides conferences across four continents on the topics of cloud security, risk management, threat modeling, secure-SDLC implementationHe also has provided global training to both development groups and company executives who need to understand the impact of security programs to products and business services. Before starting VerSprite, Tony's worked at various large multi-national companies, some of which includes GE Capital, UBS, Morgan Stanley, SunTrust Bank, Equifax, Symantec and SecureworksToday, his organization performs varied security consulting services worldwide for both Fortune 50, global companies as well as technology startups .
In the realm of application security, Tony is a threat modeling evangelist and has provided numerous talks domestically and globally on its many benefits and applicationHe has served as a guest mentor to teams participating in Kennesaw State University’s annual Cybercrime capture the flag event as well as a Cybercrime speaker for Southern Polytechnic University in Atlanta (2009). He has also served as a guest speaker on the subject of application threat modeling during ISACA’s annual Geek Week event and has also served as a keynote speaker on the subject for ISACA’s Global Symposium web cast series He frequently speaks at various ISACA and OWASP based events nationwide.  Additional publications include articles related to CoBIT and the ValIT model (ISACA’s Journal), application threat modeling within the SDLC (InSecureMagazine), and security process engineering for a ROSI (return on security investment) (Journal of Finance)His book on Application Threat Modeling is due to be published in late 2011 along with his co-author and Cincinatti Chapter Lead, [User:Marco_Morana].
+
</p><p>
 
+
Tony is also well known for his leadership role in the Open Web Application Security Project (OWASP) where he runs the OWASP Atlanta Chapter and manages monthly workshops and events for Atlanta's AppSec community.   </p>
Tony is also well regarded in the field of FISMA compliance, having worked with various federal entities and their respective certification & accreditation groups in order to manage compliance requirements against both NIST and FIPS requirements for ensuring data and system level security. NIST has invited Tony to speak twice at their annual SCAP conference in Baltimore on the subject of sustaining compliance across large federal information enterprises.
 
 
 
Tony is the founder and managing partner at VerSprite in Atlanta - a strategic, security pro service firm that is known for their hybrid approach to security service delivery. Prior to VerSprite, Tony served as Sr. Director of Security Risk Management to a Fortune 50 organization where he led security assessments against global application environments.  His work encompassed web application security testing, security architecture reviews, and analysis for business logic exploitsPrevious to this role, he spent more than 5 years in the field of application security across other Fortune 500 organizations within the banking, telecom, and information service industry segments.  
 
 
 
Since late 2007, Tony leads the OWASP Atlanta Chapter, where he manages monthly workshops and events for the Atlanta web application security community. He is also serves on the OWASP Global Membership Board and regularly provides talks to other chapters nationwide, primarily on the topic of application threat modeling. Aside from the OWASP organization, Tony has helped to organize BSides Atlanta – an underground grassroots effort aimed at providing 100%, unsolicited security content to Atlanta Information Security professionals – for free.
 

Latest revision as of 04:12, 7 December 2018

Tony UV

Tony is the founder and CEO of VerSprite - a global security consulting firm based in Atlanta, GA. He is also the author of Wiley's Risk Centric Threat Modeling, a book endorsed by the late Cyber Security Coordinator for the White House, Howard Schmidt. The book has been used in universities and enterprises world wide as a means to apply a risk centric approach to application threat modeling. Tony has spoken at numerous OWASP, ISACA, ASIS, ISC2, ISSA, BSides conferences across four continents on the topics of cloud security, risk management, threat modeling, secure-SDLC implementation. He also has provided global training to both development groups and company executives who need to understand the impact of security programs to products and business services. Before starting VerSprite, Tony's worked at various large multi-national companies, some of which includes GE Capital, UBS, Morgan Stanley, SunTrust Bank, Equifax, Symantec and Secureworks. Today, his organization performs varied security consulting services worldwide for both Fortune 50, global companies as well as technology startups .

Tony is also well known for his leadership role in the Open Web Application Security Project (OWASP) where he runs the OWASP Atlanta Chapter and manages monthly workshops and events for Atlanta's AppSec community.