Difference between revisions of "OWASP Summer of Code 2008 Projects Authors Status Target and Reviewers Marco M Morana Curriculum"

From OWASP
Jump to: navigation, search
(New page: '''Marco M. Morana''' Marco Morana serves as a leader of the OWASP Cincinnati Chapter where he is actively involved in evangelize on web application security through presentations at loca...)
 
 
(15 intermediate revisions by the same user not shown)
Line 1: Line 1:
 
'''Marco M. Morana'''
 
'''Marco M. Morana'''
  
Marco Morana serves as a leader of the OWASP Cincinnati Chapter where he is actively involved in evangelize on web application security through presentations at local chapter meetings as well as outside the USA. Marco is also active contributor to OWASP projects: he is currently contributing to write the OWASP threat modeling methodology for the source code review guide and the 2008 version of the OWASP security testing guide. Besides OWASP, Marco works as Technology Information Security Officer for a large financial organization with key roles in defining the web application security roadmap and activities, document security standards and guidelines, perform security assessments for software security as well as training software developers and project managers on the software security and information security processes.
+
Marco Morana is project leader and the primary author of the OWASP Application Security Guide for CISOs. Marco has been a member of the OWASP London chapter (since 2012) and was previously (between 2007 and 2011) leader of the OWASP Cincinnati Chapter. Marco has been an OWASP project contributor since 2006 and actively involved in evangelizing web application security by giving presentations at local OWASP in different cities in the USA: Cincinnati, Rochester, New York City, Los Angeles, Orange County and Atlanta. Marco also gave talks on application security at conferences in USA as well as Europe (Italy and Ireland) such as BlackHat, CSI and more recently, at the CISO Forums and CISOs E-Crime Series. Besides authoring the CISO guide, Marco authored the OWASP application threat modeling methodology and contributed to the OWASP security testing guide. In his current day job, Marco is senior VP at a large global financial organization with responsibility on managing technical risks for business critical applications. Marco is also a technical board member advisor of security start-ups in USA and of advisor of EU funded programs for cyber-crime research.
  
In the past, Marco served as senior security consultant and independent consultant where his responsibilities included providing software security services for several clients in the banking, telecommunication, computers and financial business sectors. Besides security consulting, Marco had a career in the software industry as security technologist with responsibility to design and to develop business critical security software products for several FORTUNE 500 companies as well for the US Government (i.e. NASA).
+
In the past, Marco was senior security consultant and provided software and application security services to several FORTUNE 500 clients in the banking, telecommunication, computers and financial business sectors. Besides consulting, Marco had a career in the software industry as security architect and software developer with responsibility to design and develop mission critical security software for private businesses as well for the US Government agencies.
  
Marco work on software security is referred in the 2007 State Of the Art report by the Information Assurance Technology Analysis Center (IATAC). For his computer security work on S/MIME secure email for NASA in 1999 Marco received the Space Act Award and a patent.
+
Marco work on software and application security is widely published with references in the 2007 State Of the Art report by the Information Assurance Technology Analysis Center (IATAC) and the Security in the SDLC document published by the US Department of Homeland Security (DHS). For his security research work on secure email for NASA in 1999, Marco received the Space Act Award.  
  
Marco strategic work on application and software security is widely published on In-secure magazine, Secure Enterprise, ISSA Journal and the C/C++ Users journal. Marco posts on software security strategies on his blog: http://securesoftware.blogspot.com.
+
Marco authored several articles on software security published by several publications such as in-secure magazine, Secure Enterprise, ISSA Journal and the C/C++ Users journal. More recently (2013) the OWASP Guide for CISO has been featured in the [http://www.csoonline.com/article/741100/attention-cisos-strategy-is-the-only-security- CSO magazine]. Today (November 2013) Marco is finishing the co-authoring of a book on a new methodology for analysing threats and modeling attacks against web applications that will be released in 2014.
 +
 +
Note: updated on 11/4/2013

Latest revision as of 16:31, 4 November 2013

Marco M. Morana

Marco Morana is project leader and the primary author of the OWASP Application Security Guide for CISOs. Marco has been a member of the OWASP London chapter (since 2012) and was previously (between 2007 and 2011) leader of the OWASP Cincinnati Chapter. Marco has been an OWASP project contributor since 2006 and actively involved in evangelizing web application security by giving presentations at local OWASP in different cities in the USA: Cincinnati, Rochester, New York City, Los Angeles, Orange County and Atlanta. Marco also gave talks on application security at conferences in USA as well as Europe (Italy and Ireland) such as BlackHat, CSI and more recently, at the CISO Forums and CISOs E-Crime Series. Besides authoring the CISO guide, Marco authored the OWASP application threat modeling methodology and contributed to the OWASP security testing guide. In his current day job, Marco is senior VP at a large global financial organization with responsibility on managing technical risks for business critical applications. Marco is also a technical board member advisor of security start-ups in USA and of advisor of EU funded programs for cyber-crime research.

In the past, Marco was senior security consultant and provided software and application security services to several FORTUNE 500 clients in the banking, telecommunication, computers and financial business sectors. Besides consulting, Marco had a career in the software industry as security architect and software developer with responsibility to design and develop mission critical security software for private businesses as well for the US Government agencies.

Marco work on software and application security is widely published with references in the 2007 State Of the Art report by the Information Assurance Technology Analysis Center (IATAC) and the Security in the SDLC document published by the US Department of Homeland Security (DHS). For his security research work on secure email for NASA in 1999, Marco received the Space Act Award.

Marco authored several articles on software security published by several publications such as in-secure magazine, Secure Enterprise, ISSA Journal and the C/C++ Users journal. More recently (2013) the OWASP Guide for CISO has been featured in the CSO magazine. Today (November 2013) Marco is finishing the co-authoring of a book on a new methodology for analysing threats and modeling attacks against web applications that will be released in 2014.

Note: updated on 11/4/2013