WASPY Awards 2014

Web Application Security People of the Year Awards 2014

Every year a group of individuals including researchers, developers, security professionals and others work to ensure the security of web applications. Some of these individuals are featured in news stories or at conferences as recognized experts. But there are many other ‘unsung heroes’ that work every day to improve web application security and yet are rarely recognized.

1 Timeline
2 Categories
3 Rules:

4 Sponsorship Opportunities

5 And the Nominees Are...

Timeline

June 10 - Call for Nominees Now Open! Submit your nominee here
June 23 - Reminder Email Will be Sent For Call for Nominees
June 30 - Call for Nominees Closes
July 7 - Announcement of Nominees Per Category
July 15 - Deadline For Profile Picture and Bio to be Submitted
July 31 - Paid Membership Deadline - NOT SURE IF YOU ARE A CURRENT MEMBER?
August 8 - Voting Opens
August 26 - Voting Closes
August 27 - Announcement of Winners
September 16-19 - Awards Ceremony at AppSecUSA 2014 in Denver, CO

Categories

1. Best Chapter Leader - active chapter leader to be recognized for their contributions to the growth and organization of the chapter.
2. Best Project Leader - active project leader to be recognized for the development of their project.
3. Best Mission Outreach - individual who contributed to the growth of the organization through outreach to the community.
4. Best New Community Supporter "Rookie of the Year" - individual (no requirement to be a leader) who has contributed to any chapter, project, initiative, or other OWASP activity.
5. Best Platform Supporter - (OWASP Staff Vote) individual who positively contributes to the reinforcement of the OWASP platform.

Rules:

1. Board members can NOT be nominated
2. Paid staff can NOT be nominated
3. Must be a paid member to vote.
4. All nominees will remain anonymous until July 7, 2014
5. Anyone can nominate any individual
6. One person per category may be nominated

Sponsorship Opportunities

The support from our sponsors, is what makes these awards truly successful! To learn more about how you can support these awards please see our Sponsorship Opportunities.
Become involved and support the WASPY Awards today!

And the Nominees Are...

Categories:

Best Chapter Leader

Name Chapter Citation

Sen Ueno Japan "He is OWASP Japan Co-Chapter leader and leading OWASP AppSec APAC."

Tom Brennan New York City "Tom Brennan has consistently invested the time and effort into making the NYC chapter one of the best organizations to which I belong. Due to Tom's hard work there are regular chapter meetings with great speakers from whom to learn cutting edge techniques, free food, non-pushy sponsors, and networking opportunities. His passion for the industry, desire to make a difference, and inclusiveness comes through when you hear him speak at any chapter event. When I speak with colleagues in other OWASP chapters and other organizations (ISSA, ISACA, Infragard, Secret Service Electronic Crimes Task Force, etc.), they are amazed at the quantity and quality of OWASP NYC chapter events. This is why I think Tom Brennan deserves to be recognized as the Best Chapter Leader."

Riotaro Okada Japan "The foundation of the OWASP Japan local chapter, its rapid growth to reaching over 2,000 participants in local chapter meetings in the first 2 years and the massive success of AppSec APAC 2014 in Tokyo would not have been possible without the passion and full commitment to the OWASP cause demonstrated by Rio. He is definitely a role model for the OWASP community, especially in the Asia Pacific region which in general is lacking strong and effective leadership, and there is no doubt in my mind he is the most suited candidate for Best Chapter Leader based on the efforts he's contributed in the past few years as well as the success and results of those efforts."

"He holds local chapter meeting(we call OWASP Night), and every event is full capacity and good topics. And he organized successful event, which is OWASP APAC 2014 in this year."

"Rio has done an amazing job building up our Japan chapters. Over the last few years with huge community meetings, new chapters in Japan and a lot of community activity. This is truely outstanding!"

Ron Perris Orange County "Ron relaunched the OWASP Orange County Chapter. Grew the chapter leadership organization to five chapter leaders from three. Increased meeting frequency from bi-yearly to monthly. Held 13 meetings in the last twelve months. Attracted 140 new attendees to chapter meetings. Established a culture of vendor neutrality and speaker selection based on merit."

Sebastien Deleersnyder Belgium "He does a lot of work, not only for the chapter meetings but also for the BeNeLux days. He is very approachable and open for suggestions."

Jonathan Marcil Montreal ""I would like to nominate Jonathan for his involvement in:
1) Successfully leading the Montreal Chapter. Even when personally absent and traveling on another continent, Jonathan has remotely managed the overall execution of the local chapter meetings. 2) His valuable contribution to the OWASP Media project, that undoubtedly brings the ""O"" of OWASP to audiences unable to attend meetings 3) Jonathan has contributed and invested efforts on the ""outreach"" objective, announced by the board as a core objective for 2013-2014."

Best Project Leader

Name Project Citation

Jeremy Long OWASP Dependency Check "Reasons Jeremy Long and his Dependency Check deserve a WASPY award:
- His OWASP Dependency Check is a solution to the problem of third party libraries that needed to be solved. - Jeremy's work on D.C. is steady. He has put a lot of work into this project - Jeremy has successfully involved others to help work on the project. It is a model open source project. - He has been responsive and helpful to questions and created a nice community of users."

Achim Hoffmann OWASP O-Saft "Achim is the project leader of O-Saft (https://www.owasp.org/index.php/O-Saft). O-Saft is a tool to analyze the SSL configuration of a web or mail server. It is a tool with a very specific focus, not a swiss army knife but there is a need for exactly this tool. Achim started the development at the beginning of the big SSL-crisis (concerns about weak ciphers, cipher orders, perfect forward secrecy, ). Without a specialized tool it is impossible to find out the SSL behaviour of a given server. Achim's interest was focused on facts only. The outcome of the tool is not a subjective rating, score or grade, only facts about the config. Achim goals were exactness, comprehensiveness and impartiality which he achieved with his project. He was open to suggestions and could win additional highly motivated and skilled contributors. He is not a marketing driven project leader instead of that he gives talks and trainings about SSL and O-Saft (Munich Chapter, OWASP AppSec EU 2014 Cambridge) to share his knowledge.
I would like to nominate Achim for the OWASP Project Leader 2014 because his project fulfills the OWASP mission in a perfect way. It makes the security of SSL servers visible. There is no free avaiblabe tool beside O-Saft with a comparable comprehensive scope and ability to execute. It is completely free of commercial interests or commercial ""added values"", distributed under a GPL."

Tokuji Akamine OWASP XSecurity Project "The idea(feature) of this security tool is excellent, especially these two points below.
Usually security is difficult and burdensome. But this security tool makes security much easier and less burdensome to iOS app developers. 1. Provide developer friendly security features on top of Xcode to assist developers to learn iOS app security.(Quick Security Help with built-in Security Guidelines) 2. Avoid making vulnerabilities during development.(Real-time Vulnerability Notifications)"

"He provides to assist iOS developers to develop secure iOS apps and a security plugin for Xcode plus clang static analyzer checkers for iOS application development. This plugin will be to reduce the vulnerability made during development by detecting the vulnerability."

Matteo Meucci OWASP Testing Project "Matteo collaborates in OWASP from 2002.He founded the Italian Chapter in 2005.He candidates for the Autum of Code in 2006 to start a new project regarding the Testing Guide. He leads the OWASP Testing from 2006 (v2) to now with the publishing of Testing Guide v4 in the next weeks. He was capable to attract and manage more than 50 people to create the new Guide. Nowadays the Testing Guide is the most recognized project of OWASP with great contents and high quality delivery."

John Melton OWASP AppSensor "John has working tirelessly, and mostly invisible behind the scenes in developing the OWASP AppSensor project. While others have lead the charge on the OWASP AppSensor documentation project, for the most part, John has been the sole contributor to the OWASP AppSensor source code."

Spyros Gasteratos OWASP Hackademic Challenges Project "Spyros has been involved in OWASP since 2010, contributing more and more time as years go by. He began by volunteering for OWASP AppSec Research 2012, where he was in charge for coordinating a team of more than 20 volunteers. For the past 1.5 year he as been co-leading the OWASP Hackademic Challenges Project. During that time he has managed to take the project into the next level both by producing code and by mentoring GSOC students. Spyros has spent a tremendous amount of time in coding, fixing bugs, setting up and maintaining a live version of Hackademic. Undoubtedly, without his efforts the project would have become dormant.Furthermore, he is also helping in other OWASP initiatives, e.g. by participating in the Open Source Showcase, presenting Hackademic and OWASP at the FOSDEM conference in Belgium and by setting up the new ""OWASP Code Wind"" project that aims to bring more student contributions to OWASP."

Best Mission Outreach

Name Citation

Tom Brennan New York City AppSecUSA 2013 "Tom has worked very hard and exceptionally successful on bring OWASP to the community in his role as chapter lead for NYC and running the biggest and most successful AppSecUS in all times. With exceptionally strong local chapter meetings in NY area."

Mostafa Siraj Cairo Chapter "Mostafa did a great job helping our chapter (Cairo Chapter), here are summary of his contribution: - He had a great talk in the latest chapter event, he talk about AppSec US summarizing the conference technical sessions (Mostafa attended the 2013 conference and won the technical competition there), - Mostafa is one of the main members of a small group of AppSec expertise from Cairo chapter, this group is engaged now for preparing security awareness training program for all governmental developers in Egypt, I highly recommend him,"

Jonathan Marcil OWASP Videos "Because he is helping spread OWASP message through this videos and live streaming events"

Eoin Keary Project 2012 Reboot "Eoin has had a busy year: Said NO to RSA and took a stand against erosion of software security. Donated training to OWASP and delivered training to 100's of people. Raised funds via Project Reboot to help many projects."

Best New Community Supporter

Name Citation

AppSec APAC 2014 Team AppSec Asia Pac 2014 "Despite it being the first time that AppSec was held in Japan and despite the lack of experience in planning and organizing a large scale international conference, the volunteers on the AppSec APAC 2014 team came together and went above and beyond their responsibilities to make AppSec APAC 2014 in Tokyo a stunning success. It was by far the most successful AppSec in the Asia Pacific region and achieved an unprecedented level of profitability. The vast majority of the sponsors were Japanese companies and many of the attendees were Japanese. The ability to achieve this despite the relatively low level of awareness of the OWASP brand in Japan was definitely due to the hard work and dedication of the AppSec APAC 2014 team who worked around the clock to make the event a success. Considering that there were no applicants to hold AppSec APAC 2015 despite the tremendous success in Tokyo, recognizing the contributions of the AppSec APAC 2015 team would definitely give a strong message motivating the Asia Pacific community and facilitate future OWASP initiatives in the region."

Robert Dracea AppSec Asia Pac 2014 Japan "His contribution has been excellent, since we have started preparation for the Global AppSec APAC2014. Based on his passion to promote valuable information regards to information security in Japan, he contributed his bilingual ability to prepare and preside AppSec APAC in Tokyo. He committed the local committee by attended every weekly meeting for more than 9 months from his office and his home. Surely, thanks to his help, potential language barrier were completely broken in the conference. This experience of us will be a good example for OWASP organizers especially in Asia Pacific area."

Takanori Nakanowatari AppSec Asia Pac 2014 Japan "His contribution has been awesome, since we have started preparation for the Global AppSec APAC2014. His experience which attended a few AppSecs were very helpful to organize the newly AppSec in Tokyo, and he committee the local committee by attended every weekly meeting for more than 9 months from his office and his home. Moreover, thanks to his advice, 2 OWASP ZAP evangelists were born in Japan at the timing of AppSec APAC 2014."

Beth Guth South New Jersey "She started South New Jersey chapter with energy and enthusiasm bringing together people from builders, breakers and defenders. Self-starter"

WASPY Awards 2014

Timeline

Categories

Rules:

Sponsorship Opportunities

And the Nominees Are...

Navigation menu

Personal tools

Namespaces

Variants

Views

More

Search

Navigation

Reference

Tools

Name	Chapter	Citation
Sen Ueno	Japan	"He is OWASP Japan Co-Chapter leader and leading OWASP AppSec APAC."
Tom Brennan	New York City	"Tom Brennan has consistently invested the time and effort into making the NYC chapter one of the best organizations to which I belong. Due to Tom's hard work there are regular chapter meetings with great speakers from whom to learn cutting edge techniques, free food, non-pushy sponsors, and networking opportunities. His passion for the industry, desire to make a difference, and inclusiveness comes through when you hear him speak at any chapter event. When I speak with colleagues in other OWASP chapters and other organizations (ISSA, ISACA, Infragard, Secret Service Electronic Crimes Task Force, etc.), they are amazed at the quantity and quality of OWASP NYC chapter events. This is why I think Tom Brennan deserves to be recognized as the Best Chapter Leader."
Riotaro Okada	Japan	"The foundation of the OWASP Japan local chapter, its rapid growth to reaching over 2,000 participants in local chapter meetings in the first 2 years and the massive success of AppSec APAC 2014 in Tokyo would not have been possible without the passion and full commitment to the OWASP cause demonstrated by Rio. He is definitely a role model for the OWASP community, especially in the Asia Pacific region which in general is lacking strong and effective leadership, and there is no doubt in my mind he is the most suited candidate for Best Chapter Leader based on the efforts he's contributed in the past few years as well as the success and results of those efforts." "He holds local chapter meeting(we call OWASP Night), and every event is full capacity and good topics. And he organized successful event, which is OWASP APAC 2014 in this year." "Rio has done an amazing job building up our Japan chapters. Over the last few years with huge community meetings, new chapters in Japan and a lot of community activity. This is truely outstanding!"
Ron Perris	Orange County	"Ron relaunched the OWASP Orange County Chapter. Grew the chapter leadership organization to five chapter leaders from three. Increased meeting frequency from bi-yearly to monthly. Held 13 meetings in the last twelve months. Attracted 140 new attendees to chapter meetings. Established a culture of vendor neutrality and speaker selection based on merit."
Sebastien Deleersnyder	Belgium	"He does a lot of work, not only for the chapter meetings but also for the BeNeLux days. He is very approachable and open for suggestions."
Jonathan Marcil	Montreal	""I would like to nominate Jonathan for his involvement in: 1) Successfully leading the Montreal Chapter. Even when personally absent and traveling on another continent, Jonathan has remotely managed the overall execution of the local chapter meetings. 2) His valuable contribution to the OWASP Media project, that undoubtedly brings the ""O"" of OWASP to audiences unable to attend meetings 3) Jonathan has contributed and invested efforts on the ""outreach"" objective, announced by the board as a core objective for 2013-2014."

Name	Project	Citation
Jeremy Long	OWASP Dependency Check	"Reasons Jeremy Long and his Dependency Check deserve a WASPY award: - His OWASP Dependency Check is a solution to the problem of third party libraries that needed to be solved. - Jeremy's work on D.C. is steady. He has put a lot of work into this project - Jeremy has successfully involved others to help work on the project. It is a model open source project. - He has been responsive and helpful to questions and created a nice community of users."
Achim Hoffmann	OWASP O-Saft	"Achim is the project leader of O-Saft (https://www.owasp.org/index.php/O-Saft). O-Saft is a tool to analyze the SSL configuration of a web or mail server. It is a tool with a very specific focus, not a swiss army knife but there is a need for exactly this tool. Achim started the development at the beginning of the big SSL-crisis (concerns about weak ciphers, cipher orders, perfect forward secrecy, ). Without a specialized tool it is impossible to find out the SSL behaviour of a given server. Achim's interest was focused on facts only. The outcome of the tool is not a subjective rating, score or grade, only facts about the config. Achim goals were exactness, comprehensiveness and impartiality which he achieved with his project. He was open to suggestions and could win additional highly motivated and skilled contributors. He is not a marketing driven project leader instead of that he gives talks and trainings about SSL and O-Saft (Munich Chapter, OWASP AppSec EU 2014 Cambridge) to share his knowledge. I would like to nominate Achim for the OWASP Project Leader 2014 because his project fulfills the OWASP mission in a perfect way. It makes the security of SSL servers visible. There is no free avaiblabe tool beside O-Saft with a comparable comprehensive scope and ability to execute. It is completely free of commercial interests or commercial ""added values"", distributed under a GPL."
Tokuji Akamine	OWASP XSecurity Project	"The idea(feature) of this security tool is excellent, especially these two points below. Usually security is difficult and burdensome. But this security tool makes security much easier and less burdensome to iOS app developers. 1. Provide developer friendly security features on top of Xcode to assist developers to learn iOS app security.(Quick Security Help with built-in Security Guidelines) 2. Avoid making vulnerabilities during development.(Real-time Vulnerability Notifications)" "He provides to assist iOS developers to develop secure iOS apps and a security plugin for Xcode plus clang static analyzer checkers for iOS application development. This plugin will be to reduce the vulnerability made during development by detecting the vulnerability."
Matteo Meucci	OWASP Testing Project	"Matteo collaborates in OWASP from 2002.He founded the Italian Chapter in 2005.He candidates for the Autum of Code in 2006 to start a new project regarding the Testing Guide. He leads the OWASP Testing from 2006 (v2) to now with the publishing of Testing Guide v4 in the next weeks. He was capable to attract and manage more than 50 people to create the new Guide. Nowadays the Testing Guide is the most recognized project of OWASP with great contents and high quality delivery."
John Melton	OWASP AppSensor	"John has working tirelessly, and mostly invisible behind the scenes in developing the OWASP AppSensor project. While others have lead the charge on the OWASP AppSensor documentation project, for the most part, John has been the sole contributor to the OWASP AppSensor source code."
Spyros Gasteratos	OWASP Hackademic Challenges Project	"Spyros has been involved in OWASP since 2010, contributing more and more time as years go by. He began by volunteering for OWASP AppSec Research 2012, where he was in charge for coordinating a team of more than 20 volunteers. For the past 1.5 year he as been co-leading the OWASP Hackademic Challenges Project. During that time he has managed to take the project into the next level both by producing code and by mentoring GSOC students. Spyros has spent a tremendous amount of time in coding, fixing bugs, setting up and maintaining a live version of Hackademic. Undoubtedly, without his efforts the project would have become dormant.Furthermore, he is also helping in other OWASP initiatives, e.g. by participating in the Open Source Showcase, presenting Hackademic and OWASP at the FOSDEM conference in Belgium and by setting up the new ""OWASP Code Wind"" project that aims to bring more student contributions to OWASP."

Name		Citation
Tom Brennan	New York City AppSecUSA 2013	"Tom has worked very hard and exceptionally successful on bring OWASP to the community in his role as chapter lead for NYC and running the biggest and most successful AppSecUS in all times. With exceptionally strong local chapter meetings in NY area."
Mostafa Siraj	Cairo Chapter	"Mostafa did a great job helping our chapter (Cairo Chapter), here are summary of his contribution: - He had a great talk in the latest chapter event, he talk about AppSec US summarizing the conference technical sessions (Mostafa attended the 2013 conference and won the technical competition there), - Mostafa is one of the main members of a small group of AppSec expertise from Cairo chapter, this group is engaged now for preparing security awareness training program for all governmental developers in Egypt, I highly recommend him,"
Jonathan Marcil	OWASP Videos	"Because he is helping spread OWASP message through this videos and live streaming events"
Eoin Keary	Project 2012 Reboot	"Eoin has had a busy year: Said NO to RSA and took a stand against erosion of software security. Donated training to OWASP and delivered training to 100's of people. Raised funds via Project Reboot to help many projects."

Name		Citation
AppSec APAC 2014 Team	AppSec Asia Pac 2014	"Despite it being the first time that AppSec was held in Japan and despite the lack of experience in planning and organizing a large scale international conference, the volunteers on the AppSec APAC 2014 team came together and went above and beyond their responsibilities to make AppSec APAC 2014 in Tokyo a stunning success. It was by far the most successful AppSec in the Asia Pacific region and achieved an unprecedented level of profitability. The vast majority of the sponsors were Japanese companies and many of the attendees were Japanese. The ability to achieve this despite the relatively low level of awareness of the OWASP brand in Japan was definitely due to the hard work and dedication of the AppSec APAC 2014 team who worked around the clock to make the event a success. Considering that there were no applicants to hold AppSec APAC 2015 despite the tremendous success in Tokyo, recognizing the contributions of the AppSec APAC 2015 team would definitely give a strong message motivating the Asia Pacific community and facilitate future OWASP initiatives in the region."
Robert Dracea	AppSec Asia Pac 2014 Japan	"His contribution has been excellent, since we have started preparation for the Global AppSec APAC2014. Based on his passion to promote valuable information regards to information security in Japan, he contributed his bilingual ability to prepare and preside AppSec APAC in Tokyo. He committed the local committee by attended every weekly meeting for more than 9 months from his office and his home. Surely, thanks to his help, potential language barrier were completely broken in the conference. This experience of us will be a good example for OWASP organizers especially in Asia Pacific area."
Takanori Nakanowatari	AppSec Asia Pac 2014 Japan	"His contribution has been awesome, since we have started preparation for the Global AppSec APAC2014. His experience which attended a few AppSecs were very helpful to organize the newly AppSec in Tokyo, and he committee the local committee by attended every weekly meeting for more than 9 months from his office and his home. Moreover, thanks to his advice, 2 OWASP ZAP evangelists were born in Japan at the timing of AppSec APAC 2014."
Beth Guth	South New Jersey	"She started South New Jersey chapter with energy and enthusiasm bringing together people from builders, breakers and defenders. Self-starter"