OWASP Summer of Code 2008 Projects Authors Status Target and Reviewers Nguyen Curriculum

About myself:

I've been a Python user for five years so I guess I can definitely help with 4. I love reading books and teaching. I have done various technical reviews, among them the CISSP All In One by Shon Harris. I myself is a CISSP. In OWASP, I'm a Chapter leader for Vietnam Chapter.

Marco M. Morana
Marco Morana serves as a leader of the OWASP Cincinnati Chapter where he is actively involved in evangelize on web application security through presentations at local chapter meetings as well as outside the USA. Marco is also active contributor to OWASP projects: he is currently contributing to write the OWASP threat modeling methodology for the source code review guide and the 2008 version of the OWASP security testing guide. Besides OWASP, Marco works as Technology Information Security Officer for a large financial organization with key roles in defining the web application security roadmap and activities, document security standards and guidelines, perform security assessments for software security as well as training software developers and project managers on the software security and information security processes.

In the past, Marco served as senior security consultant and independent consultant where his responsibilities included providing software security services for several clients in the banking, telecommunication, computers and financial business sectors. Besides security consulting, Marco had a career in the software industry as security technologist with responsibility to design and to develop business critical security software products for several FORTUNE 500 companies as well for the US Government (i.e. NASA).

Marco work on software security is referred in the 2007 State Of the Art report by the Information Assurance Technology Analysis Center (IATAC). For his computer security work on S/MIME secure email for NASA in 1999 Marco received the Space Act Award and a patent.

Marco strategic work on application and software security is widely published on In-secure magazine, Secure Enterprise, ISSA Journal and the C/C++ Users journal. Marco posts on software security strategies on his blog: http://securesoftware.blogspot.com.