Steve Kosten 2016 Bio & Why Me?

About Steve:

Steve Kosten has been working with application security for 15 years and has been involved with OWASP since 2007. He is currently the Denver OWASP chapter leader and has been the leader or on the board for this chapter since 2012. As chapter leader, he has seen membership increase over 250% with over 125 attendees at our last meeting. He was additionally co-chair of AppSec USA 2014 and has contributed in running multiple regional OWASP conferences (SNOWFROC).

Steve is an executive at a security firm. In the past, he has lead security teams and organizations across multiple industries. He is also a SANS instructor and teaches the SANS 541 (Secure Coding in Java/JEE). He has over 10 years development experience in Java and .NET.

EDUCATION

BS in Aerospace Engineering from the Pennsylvania State University

M.S. in Information Security from James Madison University.

Certifications: CISSP, CISM, GWAPT and GSSP-Java.

Outside of OWASP activities and work, Steve loves spending time with his wife, two kids and a dog. He enjoys camping, biking (road and mtn) and is continually seeking out ways to satisfy his aviation bug.

Why I would like to be elected to the Global OWASP Foundation Board of Directors

I am very passionate about application security and believe OWASP is so well-positioned to help all types of organizations to improve their application security. OWASP has many great projects, many great leaders and many great chapters, but we can do better.

OWASP as a security focused organization is an unusual one in that in addition to the normal local chapter with a centralized oversight board, we have our projects. So much of the awareness of OWASP has been due to the many OWASP projects and the volunteers that develop them. To continue to improve as an organization, I believe we have to do more to support these projects, both in improved funding but also to continue efforts to provide a maturation structure that facilitates creativity and freedom in developing new ideas at the lowest level but also allows for support to bring projects to their most mature state where they are readily accepted and trusted by industry.

This can be complemented by our chapters who can help provide some of the funding, some of the volunteers, and some of the marketing and outreach into the community. Additionally, our chapters are our means to extend the awareness of our projects and one of our mechanisms to educate the community on security. They are essential. As a chapter leader, I think we can do more to support our chapters. I think one of our biggest difficulties our chapters face is attracting good speakers and local sponsors. It is a boot strapping process, but with good support, we can better help our chapters grow, attract more volunteers, educate the community and evangelize for our projects. Additionally, growing our chapters helps attract local and global sponsors. Some efforts have been made to do this and I think we can do more.

In short, OWASP as a community has grown and done well, and I firmly we believe we can do better and I wish to extend beyond my current roles within the organization to help lead some of these efforts to support our projects and our chapters.