SpoC 007 - OWASP Corporate Application Security Rating Guide

Revision as of 09:52, 8 October 2007 by Egeirnaert (Talk | contribs)

Jump to: navigation, search

Back to SpoC 007 Selection page

AoC Candidate: Erwin Geirnaert

Project coordinator: Mandeep Khera

Project Progress: 0% Complete, Progress Page

Erwin Geirnaert - OWASP Corporate Application Security Rating Guide

Executive Summary

This is a very interesting opportunity to study the software development market and their commitment to application security. I hope that the results will show to business people that they need to think about security when selecting a product and also vendors should implement a SDL like Microsoft.

The main challenge here is to contact the right people at the organizations that are selected and be able to get the right information. People like CISOs must be able to give input or at least consider the lack of application security.

Objectives and Deliverables

Why I should be sponsored for the project

I have more then 10 years experience in Java and J2EE and the last 6 years I have tested and broke a lot of web applications. I gave also some very successful J2EE security courses and web security courses. I spoke at different conferences about application security in Europe. And I am responsible for the security track at Javapolis, one of the biggest Jave conferences in Europe. I am the co-founder of ZION SECURITY where we do security testing, code review, design reviews, training,... I'm also member of the OWASP Belgium board that started in March 2007.

Back to SpoC 007 Selection page