Difference between revisions of "Marco Morana"

From OWASP
Jump to: navigation, search
Line 8: Line 8:
 
[http://www.owasp.org/index.php/Application_Threat_Modeling application threat modeling methodology] of the [http://www.lulu.com/items/volume_64/5678000/5678680/13/print/5678680.pdf OWASP secure coding guide] the [http://www.owasp.org/index.php/Testing_Guide_Introduction introduction to the security testing methodology] the [http://www.owasp.org/index.php/Testing_Guide OWASP security testing guide] the [http://www.owasp.org/index.php/Category:OWASP_Source_Code_Review_OWASP_Projects_Project OWASP Source Code Review Project] and [http://www.owasp.org/index.php/Category:OWASP_Security_Analysis_of_Core_J2EE_Design_Patterns_Project OWASP Security Analysis of Core J2EE Design Patterns Project] and most recently the OWASP [https://www.owasp.org/index.php/Global_Initiatives/Cyber_Security_Pre-accelerator_Initiative cyber-security startup accelerator initiative]
 
[http://www.owasp.org/index.php/Application_Threat_Modeling application threat modeling methodology] of the [http://www.lulu.com/items/volume_64/5678000/5678680/13/print/5678680.pdf OWASP secure coding guide] the [http://www.owasp.org/index.php/Testing_Guide_Introduction introduction to the security testing methodology] the [http://www.owasp.org/index.php/Testing_Guide OWASP security testing guide] the [http://www.owasp.org/index.php/Category:OWASP_Source_Code_Review_OWASP_Projects_Project OWASP Source Code Review Project] and [http://www.owasp.org/index.php/Category:OWASP_Security_Analysis_of_Core_J2EE_Design_Patterns_Project OWASP Security Analysis of Core J2EE Design Patterns Project] and most recently the OWASP [https://www.owasp.org/index.php/Global_Initiatives/Cyber_Security_Pre-accelerator_Initiative cyber-security startup accelerator initiative]
  
Mr. Morana is known public speaker and has presented on the topic of software and application security at several [http://www.owasp.org/index.php/Cincinnati#2009_Presentations_.28Archived.29 local chapter meetings] and  [https://soundcloud.com/owasp-podcast/appsecusa2013-cisoguide AppSec USA conferences] and summits in [http://www.slideshare.net/marco_morana/rochester-security-summit-presentation USA] and [http://www.owasp.org/index.php?title=Italy_OWASP_Day_2&setlang=es Italy] as well as at [http://www.slideshare.net/marco_morana/secure-code-reviews-presentation CSI] and [http://www.slideshare.net/marco_morana/software-security-business-case-presentation Blackhat] security conferences.  His most recent (2010-2014) speaking engagements are at the [http://www.ciso-summit.com MIS CISO Summits] and the [http://www.ciso-summit.com e-crime crime congress conferences].
+
Mr. Morana is known public speaker and has presented on the topic of software and application security at several [http://www.owasp.org/index.php/Cincinnati#2009_Presentations_.28Archived.29 local chapter meetings] and  [https://soundcloud.com/owasp-podcast/appsecusa2013-cisoguide AppSec USA conferences] and summits in [http://www.slideshare.net/marco_morana/rochester-security-summit-presentation USA] and AppSec [https://www.owasp.org/index.php/AppSecEU2011 Europe] and summits in [http://www.owasp.org/index.php?title=Italy_OWASP_Day_2&setlang=es Italy]. Besides OWASP conferences Mr. Morana gave talks at [http://www.slideshare.net/marco_morana/secure-code-reviews-presentation CSI] and [http://www.slideshare.net/marco_morana/software-security-business-case-presentation Blackhat] security conferences.  His most recent (2010-2014) speaking engagements are at the [http://www.ciso-summit.com MIS CISO Summits] and the [http://www.ciso-summit.com e-crime crime congress conferences].
  
 
Mr Morana work on application and software security has been widely published on [http://issuu.com/insecure/docs/insecure-17 In-secure magazine],[http://www.darkreading.com/ Secure Enterprise], [http://www.issa.org/Members/Journals-Archive/2006.html ISSA Journal] and the [http://portal.acm.org/citation.cfm?id=349060 C/C++ Users journal] as well as [http://iac.dtic.mil/iatac/download/security.pdf DHS Software Security Assurance] Mr Morana most recent published article (October 2013) on CIO Magazine can be found [http://www.cio.in/content/attention-cisos-strategy-only-security here]
 
Mr Morana work on application and software security has been widely published on [http://issuu.com/insecure/docs/insecure-17 In-secure magazine],[http://www.darkreading.com/ Secure Enterprise], [http://www.issa.org/Members/Journals-Archive/2006.html ISSA Journal] and the [http://portal.acm.org/citation.cfm?id=349060 C/C++ Users journal] as well as [http://iac.dtic.mil/iatac/download/security.pdf DHS Software Security Assurance] Mr Morana most recent published article (October 2013) on CIO Magazine can be found [http://www.cio.in/content/attention-cisos-strategy-only-security here]
  
 
Mr. Morana most recent (July 2014) publication is the [http://www.slideshare.net/marco_morana/application-threat-modeling-presentation Application Threat Modeling] book published by Wiley Blackwell.
 
Mr. Morana most recent (July 2014) publication is the [http://www.slideshare.net/marco_morana/application-threat-modeling-presentation Application Threat Modeling] book published by Wiley Blackwell.

Revision as of 02:48, 31 May 2014

OWASP Bio -
Mr. Morana serves the OWASP organization as project lead of the application security guide for CISOs and is member OWASP London U.K. chapter. He was previously the chapter leader and founder of the OWASP chapter in Cincinnati U.S.A.

In his professional role, Mr. Morana is SVP at large Financial Institution in London, U.K. where he is responsible of managing the architecture risk analysis program globally. Mr. Morana is also one of the mentors at the FINTech level 39 campus and startup-incubator in London and is member of the advisory boards of the cyber-security start ups Nok Nok Labs Inc in Palo Alto, CA and Confer Technologies in Boston, MA.

Mr. Morana has been a contributor to OWASP since 2005 for the following projects: application security guide for CISOs as main author the application threat modeling methodology of the OWASP secure coding guide the introduction to the security testing methodology the OWASP security testing guide the OWASP Source Code Review Project and OWASP Security Analysis of Core J2EE Design Patterns Project and most recently the OWASP cyber-security startup accelerator initiative

Mr. Morana is known public speaker and has presented on the topic of software and application security at several local chapter meetings and AppSec USA conferences and summits in USA and AppSec Europe and summits in Italy. Besides OWASP conferences Mr. Morana gave talks at CSI and Blackhat security conferences. His most recent (2010-2014) speaking engagements are at the MIS CISO Summits and the e-crime crime congress conferences.

Mr Morana work on application and software security has been widely published on In-secure magazine,Secure Enterprise, ISSA Journal and the C/C++ Users journal as well as DHS Software Security Assurance Mr Morana most recent published article (October 2013) on CIO Magazine can be found here

Mr. Morana most recent (July 2014) publication is the Application Threat Modeling book published by Wiley Blackwell.