Andrew van der Stock
Andrew van der Stock has over 20 years experience as a developer, system administrator, security architecture and integration, and is now a leader of the application security field. He has worked extensively in Australia and in the USA.
Andrew joined OWASP in late 2002/early 2003, and continued sharing his passion for information sharing by participating in and then leading the Developer Guide project, culminating in the OWASP Guide to Building Secure Software 2.0 in 2005. Andrew has previously held the Executive Director position at OWASP, and was a member of the OWASP Global Chapters Committee. He wrote the OWASP Top 10 2007, initiated and led the OWASP ESAPI for PHP effort, currently leads the OWASP Developer Guide and OWASP Proactive Controls projects, and is an author of the forthcoming OWASP Application Security Verification Standard 2.0. He is the long time moderator of the Symantec SecurityFocus webappsec mailing list.
Andrew has unparalleled technical knowledge to delve as deep as it takes, whilst being able to explain technical risks in a strategic business context to boards and senior executives. Andrew prides himself on being a secure business enabler, producing innovative ideas and solutions that create competitive advantage whilst meeting difficult regulatory and compliance requirements.
For my professional background (not OWASP related), please see my LinkedIn page. I am the technical lead for the national security practice at KPMG Australia.
For additional information, please see my User page.