Difference between revisions of "Marco Morana"

From OWASP
Jump to: navigation, search
Line 1: Line 1:
 
OWASP Bio - <br>
 
OWASP Bio - <br>
:At OWASP Marco Morana is actively involved in evangelize on web application security through presentations at local chapter meetings in USA as well as internationally. Besides being the [http://www.owasp.org/index.php/Cincinnati OWASP Cincinnati chapter lead], Marco also actively contributed to OWASP projects such as the [http://www.owasp.org/index.php/Application_Threat_Modeling application threat modeling methodology] of the [http://www.lulu.com/items/volume_64/5678000/5678680/13/print/5678680.pdf secure coding guide] and the [http://www.owasp.org/index.php/Testing_Guide_Introduction introduction to the security testing methodology] of the [http://www.owasp.org/index.php/Testing_Guide testing guide]. Marco Morana has been also one of the reviewers of the [http://www.owasp.org/index.php/Category:OWASP_Source_Code_Review_OWASP_Projects_Project OWASP Source Code Review Project] and is currently reviewing [http://www.owasp.org/index.php/Category:OWASP_Security_Analysis_of_Core_J2EE_Design_Patterns_Project OWASP Security Analysis of Core J2EE Design Patterns Project]. Besides contributing to OWASP, Marco works as Technology Information Security Officer for a large financial organization in North America with responsibilities in the definition of the organization web application security standards, management of [http://www.slideshare.net/marco_morana/rochester-security-summit-presentation application security assessments during the SDLC], threat analysis and training of software developers, project managers and architects on different topics related to application security. Marco research work on application and software security is widely published on several magazines such as [http://issuu.com/insecure/docs/insecure-17 In-secure magazine],[http://www.darkreading.com/ Secure Enterprise], [http://www.issa.org/Members/Journals-Archive/2006.html ISSA Journal] and the [http://portal.acm.org/citation.cfm?id=349060 C/C++ Users journal].  Marco's work is referred in [http://iac.dtic.mil/iatac/download/security.pdf DHS Software Security Assurance] Marco is currently working on co-authoring a book on [http://www.slideshare.net/marco_morana/application-threat-modeling-presentation Application Threat Modeling]. Marco’s ideas and strategies for writing secure software are posted on his blog: http://securesoftware.blogspot.com
+
:At OWASP Marco Morana is actively involved in evangelize on web application security through presentations at local chapter meetings in USA as well as internationally. Besides being the [http://www.owasp.org/index.php/Cincinnati OWASP Cincinnati chapter lead], Marco also actively contributed to OWASP projects such as the [http://www.owasp.org/index.php/Application_Threat_Modeling application threat modeling methodology] of the [http://www.lulu.com/items/volume_64/5678000/5678680/13/print/5678680.pdf secure coding guide] and the [http://www.owasp.org/index.php/Testing_Guide_Introduction introduction to the security testing methodology] and [http://www.owasp.org/index.php/How_to_value_the_real_risk_AoC value the real risk section] of the [http://www.owasp.org/index.php/Testing_Guide testing guide]. Marco Morana has been also one of the reviewers of the [http://www.owasp.org/index.php/Category:OWASP_Source_Code_Review_OWASP_Projects_Project OWASP Source Code Review Project] and is currently reviewing [http://www.owasp.org/index.php/Category:OWASP_Security_Analysis_of_Core_J2EE_Design_Patterns_Project OWASP Security Analysis of Core J2EE Design Patterns Project]. Besides contributing to OWASP, Marco works as Technology Information Security Officer for a large financial organization in North America with responsibilities in the definition of the organization web application security standards, management of [http://www.slideshare.net/marco_morana/rochester-security-summit-presentation application security assessments during the SDLC], threat analysis and training of software developers, project managers and architects on different topics related to application security. Marco research work on application and software security is widely published on several magazines such as [http://issuu.com/insecure/docs/insecure-17 In-secure magazine],[http://www.darkreading.com/ Secure Enterprise], [http://www.issa.org/Members/Journals-Archive/2006.html ISSA Journal] and the [http://portal.acm.org/citation.cfm?id=349060 C/C++ Users journal].  Marco's work is referred in [http://iac.dtic.mil/iatac/download/security.pdf DHS Software Security Assurance] Marco is currently working on co-authoring a book on [http://www.slideshare.net/marco_morana/application-threat-modeling-presentation Application Threat Modeling]. Marco’s ideas and strategies for writing secure software are posted on his blog: http://securesoftware.blogspot.com

Revision as of 16:51, 22 August 2009

OWASP Bio -

At OWASP Marco Morana is actively involved in evangelize on web application security through presentations at local chapter meetings in USA as well as internationally. Besides being the OWASP Cincinnati chapter lead, Marco also actively contributed to OWASP projects such as the application threat modeling methodology of the secure coding guide and the introduction to the security testing methodology and value the real risk section of the testing guide. Marco Morana has been also one of the reviewers of the OWASP Source Code Review Project and is currently reviewing OWASP Security Analysis of Core J2EE Design Patterns Project. Besides contributing to OWASP, Marco works as Technology Information Security Officer for a large financial organization in North America with responsibilities in the definition of the organization web application security standards, management of application security assessments during the SDLC, threat analysis and training of software developers, project managers and architects on different topics related to application security. Marco research work on application and software security is widely published on several magazines such as In-secure magazine,Secure Enterprise, ISSA Journal and the C/C++ Users journal. Marco's work is referred in DHS Software Security Assurance Marco is currently working on co-authoring a book on Application Threat Modeling. Marco’s ideas and strategies for writing secure software are posted on his blog: http://securesoftware.blogspot.com