Marco Morana

OWASP Bio - Mr. Morana serves the OWASP organization as project lead of the application security guide for CISOs and is member OWASP London U.K. chapter. He was previously the chapter leader and founder of the OWASP chapter in Cincinnati U.S.A.

In his professional role, Mr. Morana is SVP at large Financial Institution in London, U.K. where he is responsible for managing the architecture risk analysis program. Mr. Morana is also one of the mentors at the FINTech level 39 campus and startup-incubator in London and has directorship interest as technical advisor of the cyber-security start ups Nok Nok Labs Inc in Palo Alto, CA and Confer Technologies in Boston, MA. In his distinguished 15+ years of career in application security Mr. Morana held roles of consultant, application security architect, professional trainer and program manager. As cyber-security technologist Mr. Morana most important contributions is the invention of the first secure email plug-in using SMIME protocol that was patented for NASA in 1996.

Mr. Morana has been a contributor to OWASP since 2005 for the following projects: application security guide for CISOs as main author the application threat modeling methodology of the OWASP secure coding guide the introduction to the security testing methodology the OWASP security testing guide the OWASP Source Code Review Project and OWASP Security Analysis of Core J2EE Design Patterns Project and most recently the OWASP cyber-security startup accelerator initiative

Mr. Morana is known public speaker and has presented on the topic of software and application security at several local chapter meetings and AppSec USA conferences and summits in USA and AppSec Europe and summits in Italy. Besides OWASP conferences Mr. Morana gave talks at CSI and Blackhat security conferences. His most recent (2010-2014) speaking engagements are at the MIS CISO Summits and the e-crime crime congress conferences.

Mr Morana work on application and software security has been widely published on In-secure magazine,Secure Enterprise, ISSA Journal and the C/C++ Users journal as well as DHS Software Security Assurance Mr Morana most recent published article (October 2013) on CIO Magazine can be found here

Mr. Morana most recent (July 2014) publication is the Application Threat Modeling book published by Wiley Blackwell.