My name is Jim Manico. Thank you for re-electing me as your Global Board Member. I start my second 2-year term as of January 1, 2015.
I've been an active member of OWASP since 2008. Professionally, I'm a secure coding instructor and author. I also do a great deal of OWASP-centric travel around the world. My main passion at OWASP is supporting projects and awareness efforts that help developers write secure code.
You can see my wiki contributions click here.
What are your most notable accomplishments over the past three years as an OWASP contributor?
- I am the project manager and founder of the OWASP Cheatsheet Series. I've personally worked on the XSS, DOM XSS, SQL Injection, Password Storage, Cryptographic Storage, Forgot Password and other cheat sheets in this series.
- I am also spearheading several ESAPI-like projects that provide modular single-use controls for ease of use. These include the OWASP Java Encoder, the and the OWASP HTML Sanitizer project.
- I recruited the team who created and maintain the OWASP Mobile Project.
- I have traveled to OWASP chapters all over the world providing free developer training
What are the most significant challenges OWASP is facing?
- Project management and quality assurance
- Keeping basic IT services running well and securely
- Vendor neutrality across the organization
If you become elected, what would the top three things be that you would focus on?
- Expand membership (developers).
- Content Reorganization. In order to support increased membership, we need to increase quality and remove old content that is not pertinent or out of date - make OWASP more consumable for the masses!
What do you want to do as a board member that you can't do as an OWASP leader or committee member?
- As a board member I will have more opportunities to serve as an ambassador for the organization evangelizing the importance to web security to both the security and the developer communities.
- One of a board members main roles is too maintain a vendor-neutral stance when representing OWASP. I feel I have demonstrated a commitment to putting the mission of OWASP before my personal and business interests.
How does your past experience relate to this position?
- Travel internationally speaking at 30+ OWASP chapters through much of Europe and the US
- Have had a chance to "hear out" and interface with OWASP members on a global scale
- Provide secure coding training as talks and free seminars emphasizing vendor neutral open source information
- Interaction with several OWASP projects and committees
- Worked with or partnered with several existing board members