Justin Derry

Job: CEO/Managing Partner Appsecure (Australia)

OWASP Involvement:
I've been involved with OWASP for nearly 10 years, and have worked within the organisation in many roles. Recently for a number of years, i've been the conference chair and organiser of the OWASP Asia Pacific/Australia conferences (most years). I worked extensively on the OpenSAMM project with Pravir, and have reviewed other recent projects. Previously i've written and run the Interceptor project for OWASP, and have been a chapter leader and organised many chapter and conference sessions across Australia and Asia Pacific. I've also presented at conferences around the world on Application Security, and spoken and been an evangelist for OWASP and Application Security at many conferences.

LinkedIn Profile: Click Here

My OWASP Objective:
To ensure OWASP continues to grow and is a transparent and Open organisation that has global reach across the Information Security and Development Communities.

My Vision for OWASP
I’ve been working with OWASP since 2002. During this time, I’ve seen a dramatic rise in the need for Application Security within the global industry. OWASP plays a critical role as an independent advisor to the community on topics of Application Security. I firmly believe that OWASP is the leading and only truly open resource on application security topics. It is the most globally trusted brand in this field. Historically, OWASP has tried to become a global organisation with some success. To be a truly global brand, we need to significantly increase our focus within the Asia Pacific Rim. This can be achieved through a top-down approach of representation on the board and core committees within the region.

The Asia Pacific region has a number of unique challenges. These include language, cultural and distance issues. The majority of OWASP members are from the US or UK geographies. To ensure a global reach, OWASP must meet these challenges head on. This involves growing local, country, and regional chapters. A program must be built to help language-specific translation of key OWASP project resources. OWASP must assist local chapters with planning local conferences, events, and coordinating international speakers. OWASP must also aide in evangelising the mission throughout the region.

We know that the OWASP brand is one of the most trusted brands in Application Security. It is critical that OWASP maintains transparency and be open to members and the community at large.

My key focus statements for OWASP are as follows:

• Global Outreach - Expanding Asia Pacific

To ensure adequate representation of Asia Pacific region within OWASP, OWASP should assist local regions with chapters, conferences and language translation.

* OWASP - Application Security Evangelism

I firmly believe that OWASP needs to spend more time with developers, project owners and businesses to deliver a few key messages. These messages emphasize that application security is relevant and important. The messages also need to illustrate the current threat landscape. We need to take our wealth of experience and information to the wider community by attending and presenting OWASP to the community outside of the Application/Information Security forum.