Thursday, July 28, 2016

WELCOME to Matt Tesauro, OWASP’s New Senior Project Engineer!




We are thrilled to announce that Matt Tesauro has joined the OWASP Foundation staff as our Senior Project Engineer.  Matt has been involved in InfoSec for more than 15 years and a volunteer with OWASP since 2008 when he created the OWASP Live CD Project for the first OWASP Summer of Code.  He evolved this project into the OWASP WTE flagship project which he still runs.  Additionally, Matt also co-leads the OWASP AppSec Pipeline project and is a  former OWASP Foundation Board member.


The primary focus of his new role is to reinvigorate the OWASP Projects and bring automation and workflow improvements based on Agile and DevOps principles.  Matt will be splitting his time 60/40 between proactive process improvements and operational items. As part of his interview process, Matt was asked to provide his preliminary thoughts on improving OWASP projects; check out his Vision for Change. The end goal is a healthy stable of projects which are simple for project leaders to contribute to and easy for the AppSec community at large to use.

Matt comes to us from Pearson where as a Senior Software Security Engineer he improved his team’s throughput 5x by implementing DevOps and agile principles to increase automation and improve workflow. Matt carved a career that straddles operations and development since the early aughts. Often, his role was to be the AppSec department as well as run security operations, which meant that Matt adopted DevOps while DevOps principles were still being solidified. This perspective allowed him to see both the run and write of application development providing a comprehensive view of Secure SDLCs. His focus on improving security workflows throughout his career so endeared him to developers that upon leaving Rackspace his dev team abandoned traditional biases against security and mourned his absence.

In addition to growing agile AppSec departments, Matt honed his skills teaching at conferences and universities including Texas A&M and University of Texas at Austin, where he was a professor in the undergraduate and graduate departments. (You can learn how to create your own AppSec Pipeline from him at AppSecUSA!)

You can follow Matt on Linkedin or Twitter, collaborate with him on GitHub, and learn from him on Slide Share. If you are a project leader, a user of OWASP projects, or someone who wants to see AppSec progress, drop comment below.  

Monday, July 25, 2016

Deadlines are approaching this week!

Deadlines are quickly approaching!  


2016 WASPY Awards
  • Call for Nominees - The deadline to submit your nominees is July 28, 2016.  Each year there are many individuals who do amazing work, dedicating countless hours to share, improve, and strengthen the OWASP mission. Some of these individuals are well known to the community while others are not. The purpose of these awards is to bring recognition to those who "FLY UNDER THE RADAR". These are the individuals who are passionate about OWASP, who contribute hours of their own free time to the organization to help improve the cyber-security world, yet seem to go unrecognized. We all know these people, so why not recognize them today!  Please take a few minutes to nominate who you feel best fits the purpose of these awards.  SUBMIT YOUR NOMINEES HERE

2016 Global BoD Election
https://www.owasp.org/index.php/2016_Global_Board_of_Directors_Election

  • Call for Candidates - The deadline to submit your candidacy is July 31, 2016If you are interested in helping lead a global community that strives on making the world a safer place, then please consider running for a seat on the OWASP Global Board of Directors. .https://www.owasp.org/index.php/2016_Global_Board_of_Directors_Election#Eligibility_Requirements_for_Board_Candidates
  • Call for Questions - The deadline to submit your questions is July 31, 2016.  In mid-August all of the individuals who submitted a candidaicy will be interviewed, and asked a series of questions about why they fell they should be elected. The questions they are asked come from you! We will take the top 5-6 questions and those will be the questions used during the candidate interviews. Now is the time to SUBMIT YOUR QUESTIONS! You may submit your own question(s) and/or give a "thumbs up" to any existing question previously submitted by your fellow community members.



Tuesday, July 12, 2016

Volunteer Opportunities at B-Sides and BlackHat

If you will be in the Las Vegas area Tuesday, August 2 - Thursday, August 4 and want to donate some time at the OWASP expo areas, we would love your help!  

BSides - if you donate a total of 8 hours over the two days at the OWASP BSides booth you will receive a complimentary Supporting Charity Badge to BSides.  Badges are limited and are on a first come first serve basis.  Sign up here!

BlackHat - if you donate a total of 9 hours over the two days at the OWASP BlackHat booth you will receive a complimentary conference pass.  Passes are limited and are on a fist come first serve basis.  Sign up here!  

-OR-  
you can donate a total of 6 hours over the two days at the OWASP BlcakHat booth and receive a complimentary expo pass. Passes are limited and are on a fist come first serve basis.  Sign up here!  

Time is Running Out! Submit Your WASPY Nominees NOW!!!




We all know some really special & dedicated people who have and continue to do great things for OWASP, yet very rarely do they get the recognition they deserve.  

By taking a few minutes and submitting them as a nominee for the WASPY Awards, we can show them how much the community values their time and contributions! https://www.owasp.org/index.php/WASPY_Awards_2016