Difference between revisions of "Marco Morana"

From OWASP
Jump to: navigation, search
(New page: Bio - <br> Marco Morana serves as one of the leaders of OWASP (Open Web Application Security Project) organization where he is actively involved in evangelize on web application security t...)
 
Line 1: Line 1:
 
Bio - <br>
 
Bio - <br>
Marco Morana serves as one of the leaders of OWASP (Open Web Application Security Project) organization where he is actively involved in evangelize on web application security through presentations at local chapter meetings in USA as well as internationally. Marco has recently been awarded a contract from Wiley Publishing to co-author a book on Application Threat Modeling.<br>
+
:Marco Morana serves as one of the leaders of OWASP organization where he is actively involved in evangelize on web application security through presentations at local chapter meetings in USA as well as internationally. Besides being the OWASP Cincinnati chapter lead, Marco also actively contributed to OWASP projects such as the [http://www.owasp.org/index.php/Application_Threat_Modeling application threat modeling methodology] of the [http://www.lulu.com/items/volume_64/5678000/5678680/13/print/5678680.pdf secure coding guide] and the introduction to the security testing methodology  of the [http://www.owasp.org/index.php/Testing_Guide_Introduction security testing guide]. Besides contributing to OWASP, Marco works as Technology Information Security Officer for a large financial organization in North America with responsibilities in the definition of the organization web application security standards, management of [http://www.slideshare.net/marco_morana/rochester-security-summit-presentation application security assessments during the SDLC], threat analysis and training of software developers, project managers and architects on different topics related to application security. Marco research work on application and software security is widely published on several magazines such as [http://issuu.com/insecure/docs/insecure-17 In-secure magazine],[http://www.darkreading.com/ Secure Enterprise], [http://www.issa.org/Members/Journals-Archive/2006.html ISSA Journal] and the [http://portal.acm.org/citation.cfm?id=349060 C/C++ Users journal].  Marco's work is referred in [http://iac.dtic.mil/iatac/download/security.pdf DHS Software Security Assurance] Marco is currently working on co-authoring a book on [http://www.slideshare.net/marco_morana/application-threat-modeling-presentation Application Threat Modeling]. Marco’s ideas and strategies for writing secure software are posted on his blog: http://securesoftware.blogspot.com
<br>
+
Besides being the OWASP Cincinnati chapter lead, Marco is also active contributor to OWASP projects such as the application threat modeling methodology for secure coding guideline and the security testing guide (ver. 2 and 3). Besides contributing to OWASP, Marco works as Technology Information Security Officer for a large financial organization in North America with responsibilities in the definition of the organization web application security standards, management of application security assessments during the SDLC, threat-fraud analysis and training of software developers, project managers and architects on different topics related to application security. <br><br>
+
In the past, Marco served as senior security consultant and independent consultant where his responsibilities included providing software security services for several clients in the financial and banking, telecommunications and commercial sector industry. Besides security consulting, Marco had a career as technologist in the security industry where he contributed to the design business critical security products currently being used by several FORTUNE 500 companies as well by the US Government. <br><br>
+
Marco work on software security is referred in the 2007 State Of the Art report by the Information Assurance Technology Analysis Center (IATAC). Marco received the NASA’s Space Act Award in 1999 for the patenting the S/MIME SEP (Secure Email Plug-in) application. <br><br>
+
Marco research work on application and software security is widely published on several magazines such as In-secure magazine, Secure Enterprise, ISSA Journal and the C/C++ Users journal. Marco’s ideas and strategies for writing secure software are posted on his blog: http://securesoftware.blogspot.com. <br><br>
+

Revision as of 21:04, 20 August 2009

Bio -

Marco Morana serves as one of the leaders of OWASP organization where he is actively involved in evangelize on web application security through presentations at local chapter meetings in USA as well as internationally. Besides being the OWASP Cincinnati chapter lead, Marco also actively contributed to OWASP projects such as the application threat modeling methodology of the secure coding guide and the introduction to the security testing methodology of the security testing guide. Besides contributing to OWASP, Marco works as Technology Information Security Officer for a large financial organization in North America with responsibilities in the definition of the organization web application security standards, management of application security assessments during the SDLC, threat analysis and training of software developers, project managers and architects on different topics related to application security. Marco research work on application and software security is widely published on several magazines such as In-secure magazine,Secure Enterprise, ISSA Journal and the C/C++ Users journal. Marco's work is referred in DHS Software Security Assurance Marco is currently working on co-authoring a book on Application Threat Modeling. Marco’s ideas and strategies for writing secure software are posted on his blog: http://securesoftware.blogspot.com