My name is Jim Manico.
I'm the VP of Security Architecture at WhiteHat Security. I've been an active member of OWASP since 2008. My main passion is supporting projects that help developers write secure code. You can reach me on twitter @manicode or via @owasp_podcast for OWASP Podcast updates. I also manage the @owasp twitter feed.
I am running for the 2012 OWASP board! Here are a few questions and answers regarding my board candidacy.
What are your most notable accomplishments over the past three years as an OWASP contributor?
- I am the founder, producer and host of the OWASP Podcast Series. As of May 2011 I have published 84 shows and have spent over 500 hours making the OWASP Podcast a reality. I am grateful to my many guests who have made the show a success.
- I am also the chair of the OWASP Connections Committee where I manage the OWASP Blog, twitter feed and press communications for OWASP. I feel that these activities are directly inline with the OWASP core mission of spreading awareness.
- I am also spearheading several ESAPI-like projects that provide modular single-use controls for ease of use. I have only begun these efforts, but have started to manage the OWASP Encoder , the OWASP validator and the OWASP HTML Sanitizer project with a variety of very talented developers.
- I am also the project manager and significant contributor of the OWASP Cheatsheet Series. I've worked on the XSS, DOM XSS, SQL Injection, Cryptographic Storage, Forgot Password and other topics in this series.
- I recruited the team who created and maintain the OWASP Mobile Project.
- I have raveled to OWASP chapters all over the world providing free developer training
What are the most significant challenges OWASP is facing?
- Keeping basic IT services running well and securely
- vendor neutrality
If you become elected, what would the top three things be that you would focus on? =
- Expand membership (developers).
- Content Reorganization. In order to support increased membership, we need to increase quality and remove old content that is not pertinent or out of date - make OWASP more consumable for the masses!
What do you want to do as a board member that you can't do as an OWASP leader or committee member?
- As a board member I will have more opportunities to serve as an Ambassador for the organization.
- One of a board members main roles is too maintain a vendor-neutral stance when representing OWASP.
How does your past experience relate to this position?
- travel internationally speaking at 30+ OWASP chapters through much of Europe and the US
- provide secure coding training as talks and free seminars emphasizing vendor neutral open source information
- have had a chance to "hear out" and interface with OWASP members on a global scale
- interaction with several OWASP projects and committees
- Worked with or partnered with several existing board members
Please drop me a line if I can be of assistance.