WASPY Awards 2013
Web Application Security People of the Year Awards 2013
Anyone in the Community
WASPY Awards 2013
Call for nominees http://www.tfaforms.com/284578
May 7 – Call for nominees http://www.tfaforms.com/284578
August 16 – Call for nominees closes
August 19 – Announcement of nominees per category
September 6 – Deadline for bio and profile picture to be submitted
September 30 – Paid member deadline Not sure if you are a current member? Member Directory
October 14 – October 25 – Voting process (will be included on the election ballot)
October 29 – Announcement of winners in Special Edition connector & recognition at AppSecUSA 2013
Every year a group of individuals including researchers, developers, security professionals and others work to ensure the security of web applications. Some of these individuals are featured in news stories or at conferences as recognized experts. But there are many other ‘unsung heroes’ that work every day to improve web application security and yet are rarely recognized.
- Best Chapter Leader
|Paul Scott||Houston||"Paul has taken the Houston chapter from non-existent to one of the best I've seen. Every month something is going on, whether it's a "mini-con", a hands-on workshop, or a happy hour. He is very organized and enthusiastic. This leads to having sponsors, which helps encourage attendance. I'm a former OWASP chapter leader in Kansas City and have attended OWASP chapter meetings in Houston, Denver, New York, and London."|
|Jonathan Marcil||Montreal||"Jonathan has been really active since he has been elected as the new chapter leader in Montreal. He has been able to reach a lot of developers that had no idea what was OWASP by simply going in event and talking to them one-o-one.
He's really dedicated to OWASP and his chapter, he spend at least 20 to 25 hours a week organizing, he also attended BlackHat and sat at the official OWASP booth to distribute and inform people about the wonderful organization that OWASP is.
I've never seen a chapter leader active like him, he definately deserve an award."
|Abbas Naderi||Iran||"Abbas Naderi, Chapter Leader in Iran is one of the most helpful person I know. I choose him above all others because of his dedication towards pulling forward the entire security community. He demonstrated this act when he agreed to help me in Google Summer of Code Project even when he knew that he was not going to gain money or knowledge out of this. He helped my project just because he wanted everyone in security community to move forward. While working with him, I realized the vast amount of knowledge he possesses. His ideas and his dedication inspires me and I am proud to say that I have set my goal to be like him one day."|
|John Wilander||Sweden||"John has shown that he is one of the best chapter leaders of OWASP. He recently stepped down, but I believe he should be given the award regardless."|
|Jack Mannino||Northern Virginia||"Jack Mannino has brought top-notch speakers from Jim Manico, to Dan Cornell, and the Twitter appsec team as well as secured an amazing spot with LivingSocial for our meetings. Jack is fostering not only interested speaking events but hackathons and code projects. He is definitely going above and beyond. Most importantly, this chapter is consistent and 100% vendor neutral! Under his leadership, things are already on the right path and headed for even greater destinations.
Lastly, Jack is one of the leaders of the OWASP Mobile project as well the sole developer for the OWASP project GoatDroid.
If anyone deserves my nomination, it's him!"
|Tin Zaw, Richard Greenberg, Kelly FitzGerald, Stuart Schwartz, Edward Bonver||Los Angeles||"Tin was the leader of OWASP for the last several years. During his tenure, Tin created a formal board, solidified partnerships with ISSA, SCALE, B-Sides, .Net users groups and CSA, helped other nearby chapters and, took a leading role in the organization of the 2010 Global OWASP AppSec conference in Irvine, presented in several OWASP conferences e chapters and served as a chair in Global Chapter Committees.
Under Tin's leadership, the chapter grew from an average attendance of ~20-30 security enthusiasts to ~60-100+ in every meetings. OWASP LA conducted meetings religiously every month and the board goes out of their way to screen and invite excellent speakers. In addition, the board does an excellent job communicating the meeting agenda on our OWASP wiki and other social networks besides taking care of the meeting logistics (quality free food, sponsorship and more). The quality of the talks is so consistent that even other security organizations in LA (informally) acknowledge that OWASP has the best technical talks about security in town!"
|Trenton Ivey||Milwaukee||"Prior to 2012 there was no OWASP chapter in the Milwaukee area. One man, Trenton Ivey, had a vision. That vision was to establish the Milwaukee OWASP chapter. Through his bold leadership and keen insight he worked with the national OWASP association. His tireless work resulted in a fully functional OWASP Milwaukee Chapter. The response from Information Security professionals in the area was overwhelming. He has provided the local Information Security community a means to learn new technologies and stay current with emerging trends. Most importantly, we have the opportunity to collaborate and share ideas with our peers.
His dedication to the field of information security and passion for spreading knowledge has enriched the lives of chapter members."
|David Hughes||Austin||"David is the current leader of the OWASP Austin Chapter and has done an amazing job over the past year and a half to continue what makes Austin the best chapter in the country. Under his leadership, the chapter meetings have grown significantly in size, we have monthly sponsored happy hours, we do weekly study groups, and we hosted the single largest fundraiser for OWASP with 750 attendees at AppSec USA 2012. David has expanded our leadership team to include several new members and he has set us up for success for many years to come. OWASP Austin is the best chapter on the planet and David is the best active chapter leader hands down. He truly deserves this award."|
|Dhruv Soi||India||"My journey with OWASP started in the year 2006 when I formally started the chapter activities in New Delhi, India. Online mailing list had merely 10-20 subscribers and the visibility in different sectors on local industry was too low. There weren't even other active regional chapters in India.
We started with the chapter meets at very large software development companies in India which started providing visibility to the OWASP as a brand. In 2008, after 2 years of ground work, I announced the very first OWASP conference in the region. Holding a conference for the first time was a challenge but it went very well with participation from around 400 professionals. Our this year's event is lined up for August 2013.
Later, I was promoted by OWASP Foundation as Chair - OWASP India to promote OWASP activities nation wide. Today, we have got 10 active chapters in India and I was instrumental in formation of many new chapters by coordinating with OWASP Foundation US and mentoring the new chapter leads. Our local New Delhi OWASP Mailing list has grown to nearly 800 subscribers which is amongst largest OWASP mailing lists and we have thus far organized 3 OWASP conferences. Good thing has been that OWASP's conferences in India are the largest cyber security events in the region.
I even took an initiative to bring OWASP India to social media by creating LinkedIn profile, Facebook, Twitter and Googleplus pages and am actively maintaining all of these for promotion of local activities. Our LinkedIn and Facebook pages have more than 450 Fans/Followers which I see as a considerable number from a region.
I also facilitated alliances with other not-for-profit organizations to gain further visibility in other communities.
In most of our past events, I invited top brass from Government which helped in gaining more outreach into Government sector. We even included professors from Universities to make students also aware about OWASP. Total 500+ companies have so far participated in our last conferences.
We always kept focus on quality and branding in our events which was lauded by a representative from OWASP Foundation in our 2012 event which is also mentioned in the post-event report.
In these 7 years of my association, I have tried to promote OWASP in the region by all kind of promotional methods online, social media, private meetings, chapter meets, conferences, industry alliances etc.
Wikipedia history, owasp.in website, OWASP Foundation report on 2012 OWASP India event, owasp-delhi mailing list subscriber list can be looked as supporting documents."
- Best Project Leader
|Abbas Naderi||PHP Security Project||I have known Abbas since last 4 months. Within this time I had the opportunity to see this person in action. He is one of the most dynamic, helpful and knowledgeable persons I know. I met him during Google Summer of Code. He is one of the mentors in this program. I have seen him help the people and the community even when things were out of reach. His breadth of knowledge in PHP is quite outstanding and his appeal to knowledge and security is quite inspiring for a lot of people including me. I wish him luck and I truly believe that this person deserves the WASPY award."
"Abbas is doing an excellent work promoting tools and helping the community with his knowledge and inspiration"
|Andrew van der Stock||Developer Guide||"Recognition outside community by AusCERT, development of
- Application Security Verification Standard 2.0 - OWASP Developer Guide 2013 with a lot of others - OWASP Proactive Controls 2013 with Jim Manico - and support of other projects like Coding and Testing Guides. "
|Simon Bennetts||ZAP||"For his work on ZAP and the constant effort he makes to improve and market the project."
"Simon has superbly led the ZAP project through 2012 and into 2013. The project is the most healthy ongoing OWASP project and continues to be updated. It also participated successfully in the GSoC 2012 initiative. Simon has also managed to attract non-coder contributors such as for the translation of the tools content."
|R. Mérida "psy"||XSSer||From hackers database: http://www.soldierx.com/hdb/psy-epsylon
-OWASP XSSer Founder and project leader. -GSoC 2013 proposed Mentor -Developer of: XSSer (http://xsser.sf.net) -Developer of: CIntruder (http://cintruder.sf.net) -Developer of: AnonTwi (http://anontwi.sf.net) -Developer of: UFOnet (http://ufonet.sf.net) -Different contributions to free software applications such as: Seeks-Project (http://www.seeks-project.info), Elgg (http://elgg.org), Lorea (http://lorea.org), etc... -OWASP Spain contributor.
Epsylon has talked about OWASP XSSer at both security and not security events around in Europe: Spain, France, Netherlands and Germany. He is involved in some different social projects giving an important technical support and is doing a good job leading some security educational communities.
- Best Community Supporter – contributor to chapter, project or initiative
|Jason Montgomery||"Jason has organized and run several training sessions for OWASP Columbus chapter in 2013. His training sessions help OWASP members better understand how to integrate security into the software development lifecycle."|
|Fabio Cerullo||"Fabio's work on:
Google Season of Code Latam OWASP Tour EU OWASP Tour"
|John Wilander||"John has done so much for OWASP over the years. He deeply supports our international community.
- Best Mission Outreach – grow the OWASP community
|Martin Knobloch||"Martin tirelessly attends every OWASP conference and supports the OWASP booth. But he also does this at many, many conferences. For example at this year's FOSDEM, Blackhat EU and Hack in the Box Amsterdam. These efforts take a lot of personal time, as well as effort transporting OWASP materials to and from venues."|
|Fabio Cerullo||"Fabio has been doing an amazing work for OWASP for so many years now, silently, without asking anything in return. I first met him at Appsec EU 2011, which was a great success. We then worked together during OWASP's first year as a GSoC organization, an initiative that Fabio put a lot of effort in and was a great success. He has also successfully run the LatAm tour and now the EU tour, a couple of very large and complex events, with amazing success in spreading the OWASP word in the corresponding areas.
I believe that Fabio has provided amazing value to OWASP's mission, in an altruistic way, without pursuing promotion for himself or any other benefits. He's the most fitting for the "Best mission outreach" award."
"For his effort in the Latam Tour, spreading OWASP brand and awareness in Latin America and the OWASP European Tour!"
|John Wilander||"John managed to stay a developer and had a massive influence on the developer community with his security knowledge.
He did this next to his OWASP global involvement at various OWASP conferences of one he organized himself and leading the Swedish chapter."
- Best Innovator – willingness to try new ideas
|Tanoh Aka Marcellin||"la raison est que je voudrais lui faire gagner ce prix afin de pouvoir avoir accÃ¨s aux nouveaux outils et surtout pour ce faire des contacts avec le groupe OWASP et pourquoi pas si possible, travailler avec ce groupe merci."|
|Abbas Naderi||"Abbas is developing a new php security library which seems very promising. There is no such a library yet and during the GSOC Abbas is working hard to implement this together as project leader with the student and volunteers "|
1. Board members can NOT be nominated
2. Paid staff can NOT be nominated
3. Must be a paid member to vote Not sure if you are a current member? Member Directory
4. All nominees will remain anonymous until August 19, 2013
5. Anyone can nominate any individual
6. One person per category may be nominated
Sponsorship Opportunities: Please see our Sponsorship Document
These awards are funded solely by sponsors. If you or your company are interested in sponsoring this years WASPY Awards, please let us know by contacting us
Information about last years WASPY Awards including our winner Helen Gao and our sponsors Qualys and Trustwave can be found here: https://www.owasp.org/index.php/WASPY_Awards