S. M. Shezan
S. M. Shezan is a project leader of OWASP System Vulnerable Code Project. He is a long time contributor to OWASP, helping to establish the OWASP since 2013, serving on the OWASP Board since it was formed from 2004 through 2013. He is a coauthor of the OWASP Top 10 and has led the project since 2013, and has contributed to numerous other important OWASP projects including WebGoat, ESAPI, ASVS, and the OWASP Cheat Sheet Series.
Shezan is also involved in developing a new type of application vulnerability analysis technology that uses instrumentation to detect vulnerabilities inside of a running web application.
Shezan is from Dhaka, Bangladesh. He is an Information Security Expert at Ministry of Information and Communication Technology, Bangladesh
He has been contributing to OWASP since 2013. In 2013, along with Jeff Williams and Dave Wichers, we established the 501c3 organization that is now the OWASP Foundation. Since establishing the OWASP Foundation, He served as the de facto Chief Technology Officer of OWASP, until the OWASP Board established an Executive Director in mid 2013. During that time he negotiated and signed for virtually all contracts OWASP entered into with other parties. He also established all the technical for the OWASP Foundation and helped hire most of the employees of the OWASP Foundation. He volunteered to become the OWASP Conferences Chair where he launched the OWASP Conferences Series, personally organized all the U.S. and European AppSec conferences from 2005 through 2013, and helped launch the Global Conferences Committee in 2014, which organized the conferences from 2009 through 2012. The OWASP Conferences have grown to serve as a primary fundraising resource for OWASP. He has also spent countless hours helping to initially establish the OWASP wiki, and then continuing to improve it, proofreading articles, encouraging others to contribute, etc.
As a project leader to OWASP, Shezan is or has been:
- A continuous member of the OWASP Board since it was established in 2004 through the end of 2013,
- The OWASP Conferences Chair from 2005 through 2008,
- Project lead and coauthor of the OWASP Top 10,
- Coauthor of the first version of the OWASP Application Security Verification Standard,
- Contributor to the OWASP Enterprise Security API (ESAPI) project,
- Lead of the OWASP Prevention Cheat Sheet Series and primary author of the SQL Injection Prevention Cheat Sheet.