My name is Jim Manico. Thank you for electing me as your Global Board Member as of January 1, 2013.
I've been an active member of OWASP since 2008. Professionally, I'm the VP of Security Architecture at WhiteHat Security, who sponsor a great deal of my OWASP-centric travel. My main passion at OWASP is supporting projects that help developers write secure code.
What are your most notable accomplishments over the past three years as an OWASP contributor?
- I am the project manager and significant contributor of the OWASP Cheatsheet Series. I've worked on the XSS, DOM XSS, SQL Injection, Cryptographic Storage, Forgot Password and other topics in this series.
- I am the founder, producer and host of the OWASP Podcast Series. As of May 2011 I have published 84 shows and have spent over 500 hours making the OWASP Podcast a reality. I am grateful to my many guests who have made the show a success.
- I am also the chair of the OWASP Connections Committee where I manage the OWASP Blog, twitter feed and press communications for OWASP. I feel that these activities are directly inline with the OWASP core mission of spreading awareness.
- I am also spearheading several ESAPI-like projects that provide modular single-use controls for ease of use. I have only begun these efforts, but have started to manage the OWASP Encoder , the OWASP validator and the OWASP HTML Sanitizer project with a variety of very talented developers.
- I recruited the team who created and maintain the OWASP Mobile Project.
- I have traveled to OWASP chapters all over the world providing free developer training
What are the most significant challenges OWASP is facing?
- Keeping basic IT services running well and securely
- vendor neutrality
If you become elected, what would the top three things be that you would focus on?
- Expand membership (developers).
- Content Reorganization. In order to support increased membership, we need to increase quality and remove old content that is not pertinent or out of date - make OWASP more consumable for the masses!
What do you want to do as a board member that you can't do as an OWASP leader or committee member?
- As a board member I will have more opportunities to serve as an ambassador for the organization evangelizing the importance to web security to both the security and the developer communities.
- One of a board members main roles is too maintain a vendor-neutral stance when representing OWASP. I feel I have demonstrated a commitment to putting the mission of OWASP before my personal and business interests.
How does your past experience relate to this position?
- Travel internationally speaking at 30+ OWASP chapters through much of Europe and the US
- Have had a chance to "hear out" and interface with OWASP members on a global scale
- Provide secure coding training as talks and free seminars emphasizing vendor neutral open source information
- Interaction with several OWASP projects and committees
- Worked with or partnered with several existing board members