WASPY Awards 2017

From OWASP
Jump to: navigation, search

WASPY 2017 Banner.jpg

Purpose of the Awards

Each year there are many individuals who do amazing work, dedicating countless hours to share, improve, and strengthen the OWASP mission. Some of these individuals are well known to the community while others are not. 

The purpose of these awards is to bring recognition to those who "FLY UNDER THE RADAR". These are the individuals who are passionate about OWASP, who contribute hours of their own free time to the organization to help improve the cyber-security world, yet seem to go unrecognized. 

Timeline

Call for Nominees Opens June 7, 2017

Call for Nominees Closes June 30, 2017 - CLOSED

Announcement of Nominees per Category July 5, 2017 - DONE

Deadline for Nominee Profile Picture and Bio to be created and added to the Nominees section July 10, 2017

Voting for Board & Staff Members Opens July 17, 2017

Voting for Board & Staff Members Closes July 24, 2017

Winners are Notified July 25, 2017

Announcement of Winners to the Community July 25, 2017

Award Ceremony at AppSecUSA 2017 in Orlando, FL September 21-22, 2017

New Voting for This Year

In the past, we have struggled with the WASPY Awards becoming a popularity contest with mainly only well known individuals winning.  Popularity contests alienate the work of the people we are trying to recognize for these awards.

This year, in an attempt to keep WASPYs from only going to high-profile community members and get back to the roots of the award--recognizing “unsung hero’s” for their contributions to the Foundation-- we have changed the way WASPYs are awarded.  

This year all community members were encouraged to nominate a person for each category whose awesome work makes OWASP a better place.  Then, members of the staff and Board will each get a vote for each category.  Our goal is that by avoiding the tendency to vote only for names you might have heard of, we will instead have votes cast solely on the merits that each person was nominated for.

Categories

The WASPYs celebrate the actors in our community who grow OWASP and drive innovation to the safety and security of the world’s software. This year we are excited to offer three categories.

Best Community Supporter - The WASPY for COMMUNITY honors members who create dynamic INTERACTION and LEARNING opportunities for the OWASP Community.  Nominees to the Community WASPY Award create collaborative and inclusive environments and grow the OWASP Community.  WASPYs focus on the unsung heros of the OWASP community.  Chapter Leaders and Community Members should especially consider leaders and volunteers who bring something extra to the environment, help the chapter reach out to new attendees, or carry out the tedious and repetitive tasks that make growing an OWASP Chapter possible.

Best Mission Outreach - The WASPY for Mission Outreach honors community members who help the community GROW.  Growth can happen inside the larger OWASP community or outside it in the broader AppSec and development communities.   Leaders and Members should especially consider volunteers who pushed the boundaries of the audience and reach of OWASP to provide new exposure for OWASP’s projects and chapters.  New leaders and volunteers who help bring more people to your chapter, project, or actively represent OWASP at non-OWASP events, gatherings, and activities to build an active OWASP community are ideal candidates for the Mission Outreach WASPY award.

Best Innovator - The WASPY for Innovation is given to a community member who has contributed to the TECHNICAL advancement of OWASP in the past year.  This advancement is usually through an OWASP Project and can be in the form of code, an application, or anything that materially makes the AppSec community better in a unique way.  WASPYs focus on the unsung heros of the OWASP community who quietly go about making the world a bit better for their work.  Project Leaders and Community Members should especially consider nominating new projects, projects that have recently graduated, and project contributors for this WASPY.

Rules

Remember the purpose of these awards is to recognize the UNSUNG HEROS out there, that are barely recognized for their contributions to the OWASP Foundation. 

1. Board members may not be nominated 

2. Employees & Contractors may not be nominated 

3. All nominees will remain anonymous until July 3, 2017

4. Anyone can nominate an "unsung hero" who has contributed in some way to OWASP who they feel best fits each category 

5. You may only nominate one person per category 

And the Nominees Are...

Name Category & Citation
Aatral Arasu Best Community Supporter

"A great leader always there to help responds to emails quickly loves his work works very hard every day very supportive never loses focus strong willed very technical and willing to do things himself to get the job done when asked for something he will get it to you ASAP constant learner open to suggestions and ideas on how to be better respectful honest caring and I am certain HRC will make it big very soon :)"

Sean Auriti Best Community Supporter

"Sean has not only worked as a volunteer in the local chapter building community, his code projects are useful to the mission and his outreach efforts have included funding requests for OWASP Foundation to grow its mission. Sean is a great example of a community member."

Nicole Becher Best Community Supporter

"Nicole has been an amazing chapter leader. She brings knowledge and experience teaching cybersecurity to the Mentor Initiative, WIA Committee, and projects."

Ken Belva Best Community Supporter

"Ken is a long time chapter leader of the NYC chapter and a former chapter leader of the Brooklyn Chapter. Ken is always willing to step in and volunteer to help with OWASP initiatives and is a frequent participant in OWASP events as both a volunteer and speaker. Ken has spoken at AppSec USA on XSS techniques (https://www.youtube.com/watch?v=G539NwvpL3I) and is the project lead for the Basic Expression and Lexicon Variation Algorithms project (https://www.owasp.org/index.php/OWASP_Basic_Expression_%26_Lexicon_Variation_Algorithms_(BELVA)_Project)."

Tony Clarke Best Community Supporter

"Tony has selflessly brought the OWASP dublin chapter to great nights. He has nurtured the chapter to be inclusive and open whilst growing the average attendee count to hundreds. He has spread the word across both security industry and developer industry and has also managed to get various organisations to work together such as ISACA, IISF, ISSA and ISC2. He is a great leader and despite detractors has built the chapter and awareness of software security issues in a strong vendor neutral manner to a great place. Tony is a great example of OWASP and industry leadership."

Dinis Cruz Best Community Supporter

"Diniz is a fantastic innovator and motivator. As the mastermind and organizer behind the OWASP Summit he has managed to re-energize the OWASP community - many interesting projects would not have happened (or at least, not been that successful) without his passionate work. Besides organizing the event, he also consistently supported project leaders with his experience and ideas."

2nd Citation: Dinis put ridiculous effort (https://github.com/OWASP/owasp-summit-2017/commits?author=DinisCruz) into the OWASP Summit 2017 and didn't tire promoting this event!

Christian Folini Best Community Supporter

"Christian Folini is very active in the Core Rule Set project community. He responds to a ton of questions submitted by newcomers when they are stuck and he answers expert level questions with stunning detail. He joined Chaim and Walter when they revived the project in 2016 and I heard he had the idea for the famous CRS3 release poster https://modsecurity.org/crs/poster that was shared all over the net. I think it's people like him that give OWASP a human face."

Joaquin Fuentes Best Community Supporter

"In 2015, Joaquin took it upon himself to revive the OWASP Phoenix Chapter. He created a meet-up group to gain broader visibility. Since 2015, the meeting attendance has grown from an average of 15 attendees to over 60! Joaquin dedicates a lot of time and effort into scheduling an impressive variety of presentation topics including safe hacking, vulnerability scanner deep dives, hands on web exploitation CTF, video game hacking and more. I learn something new and cool at every event.

More importantly, Joaquin works hard to foster a friendly, inclusive environment. During our hands-on web exploitation session, Joaquin recruited co-works to assist participants with the Security Shephard challenges so no one felt overwhelmed or impossibly stuck. He always takes the time meet and welcome new members. For example, my 17-year-old son attends meetings with me. He looks up to Joaquin as a mentor for a future information security career because Joaquin encourages his learning and offers career guidance.

I highly recommend Joaquin for a WASPY award!! He is a kind, soft spoken person with a passion for sharing information security and helping others!"

2nd Citation: "He resurrected the Phoenix chapter and has kept it going with great content."

3rd Citation: "For all he has done to build up the Phoenix OWASP community. Prior to Joaquin taking point the community in Phoenix was dead. Meetings weren't happening on a regular basis. The prior leaders had done a great job but I think they had burnt out. Joaquin started the community back up and got corporate support from his employer to facilitate not only regular meetings but great meetings with great content. He also implemented MeetUp. I'm not a consistent attendee because of my work/life schedule but I always know when the meetings are happening and what the subject matter will be because of Joaquin utilizing MeetUp."

4th Citation: "Put simply, due to the efforts of Joaquin Fuentes, the Phoenix chapter has risen from the ashes (some pun intended). Before Joaquin took over the chapter there were consistently between 5-10 persons in attendance, Joaquin himself being one of them, and the chapter only met about every 3 months or so. Since Joaquin took over the chapter, we have had fantastic presenters each month, paid for dinners, along with a collaborative, comfortable, and engaging environment to meet in. Even more impressive the attendance has grown to 60+ consistently. Joaquin isn't even done yet! He is more great ideas and plans for the chapter that will undoubtedly contribute to the continued growth and over all quality of this once fallen chapter. When he speaks of where this chapter has come from and his plans for the future, it is undeniable to all that he does so with the passion that a leader must possess to accomplish that which Joaquin has."

5th Citation: "I am sure someone else will write in with Joaquin's email, but I felt the need to second his name on the list. The events he puts together are top notch, have excellent speakers, always have things to eat, and are generally excellent. I almost never miss them. He is actually so gracious about the entire chapter that I am sure he does not get the credit he deserves... the whole show is put on by just him, I think. Yay Joaquin!"

6th Citation: "A few years ago, the Phoenix (AZ) OWASP group was basically defunct. As the leader of the Phoenix OWASP group, not only has Joaquin helped to resurrect the group, but we've had great presentations on reverse engineering, secure coding, a hands-on CTF contest with Security Shepherd, etc. Joaquin is a very visible member of the security community being an employee at Early Warning, which not only hosts the OWASP meetings, but also is a sponsor and makes a strong showing at CactusCon every year, the biggest security conference in Arizona.

Our local OWASP group is not strong, going from being non-existent a few years ago to now getting a regular attendance of 40-80 people. I've gotten to know Joaquin through OWASP meetings and other security events in the area I have crossed paths with him, and he is a fine representative and evangelist for the OWASP organization."

7th Citation: "Joaquin is the Phoenix OWASP Chapter leader and regularly plans amazing talks with great speakers for the Phoenix Community. Frequently, the Phoenix OWASP talks will have over 50 attendees which Joaquin manages without a problem! Joaquin also pushes for candidates he is interviewing to be familiar with OWASP before their interview."

8th Citation: "Joaquin is the leader for the Phoenix OWASP, and it is clear that through his leadership the Phoenix OWASP thrives. Joaquin organizes all the meetings, and is constantly working with folks to create an excellent sense of community in the Phoenix area."

9th Citation: "Joaquin has taken the Phoenix OWASP chapter that had not been managed for years and brought it back to life. We consistently see 50+ members coming to our Meetups to talk about AppSec related topics. Joaquin is well connected to the InfoSec groups and has had great success in pulling in new speakers, we have already had a few speakers who are prepping their BlackHat and DefCon talks by giving their presentations to our local chapter. Finally Joaquin does a great job by reaching out to the local colleges and supporting CTF activities to garner interest in pen-testing and the OWASP community. He is a true community supporter and fully deserves a WASPY for his efforts..."

10th Citation: "Joaquin has been leading the OWASP Phoenix chapter and due to his initiative, has placed Phoenix on the map as a hub for application security. I would like to nominate him because he is always bringing in new and interesting speakers that provide great content. The most recent OWASP chapter meeting had over 60 attendees!"

11th Citation: "As a leader of Phoenix OWASP chapter, Joaquin strives to organize talks and trainings to make people in the valley learn InfoSec and AppSec from experienced individuals. He has always gone a step ahead to conduct OWASP meetings that are informative and hands on. Right from giving Arizona State University (ASU) students an overview of basic InfoSec and career opportunities to organizing a hands on hacking workshop for people in the community, Joaquin has always demonstrated passion and determination to take Phoenix to a better place in the field of Cyber Security."

12th Citation: "I've attended and participated in three OWASP meetings lead by Joaquin. They are always well organized, offer a great learning experience and considerably contribute to the community. His continuous interest and dedication to the Phoenix chapter do not go unnoticed and are appreciated by all who attend."

13th Citation: "Joaquin restarted the OWASP chapter in Phoenix/Scottsdale. Chapter meetings have grown significantly to where there were about 65 attendees at the most recent meeting with hundreds more on the mailing list (I was at the meeting, but I've only heard about the mailing list). As someone who works with him, I know how dedicated he is to the work of IT security and he's been able to attract top-notch speakers for OWASP meetings.'

14th Citation: "Joaquin had successfully revived the Phoenix OWASP Chapter. Since, the chapter has excelled from zero to filled audience bringing security talent from all around to speak and educate to security professionals on the many facets of security domains.

Additionally, this has provided a great forum to network with the many security professionals around the community and share their knowledge and strengthen the security community.

Joaquin has provided his unselfish time as an OWASP Chapter leader, and has breathed new life into the Chapter."

15th Citation: "Joaquin does a bang up job of running the Phoenix OWASP chapter. He does a great job of raising awareness and bringing folks from the infosec community into the fold."

16th Citation: "Joaquin Fuentes has had a big impact in raising attendance at the Phoenix meetings to more than 100 people monthly. The quality has gotten significantly better under his leadership. He has organized many speakers, including recruiting speakers from out of the area that have significantly developed the knowledge base of the community. Joaquin is a pen testing manager at Early Warning and he shares his professional knowledge to help us all become better in the practice of information security."

17th Citation: No citation was submitted

Brian Glas Best Community Supporter

"Brian has been paramount in 2 very strategic initiatives for OWASP. He is not only a Project Leader for the OWASP SAMM project but he has been instrumental in revamping the call for data and reorganizing the flagship OWASP Top Ten. Brian continues to support and speak about the benefits of supporting OWASP especially projects and participating in the Summit. Please consider Brian Glas as the Best Community Supporter for this year."

Brendan Gormley Best Community Supporter

"Throughout the Brendan has not only assisted in making the dublin chapter events happen but taken a lead role. Brendan has organised venues and speakers for these events often going above and beyond to ensure success. Brendan has also been involved in some of the outreach programs the Dublin chapter had been involved in. No task is too big or too small for Brendan and without him I don't believe the Dublin chapter would be what it is."

Tanya Janca Best Community Supporter

"Tanya Janca has been performing “outreach” and “recruitment of women” as her main chapter leader responsibilities for the Ottawa chapter since 2015. The chapter has not only grown by over 500% in that time, but female membership has grown from 2 female members to over 70 (the chapter has grown for many reasons, some of which are her promotional efforts). Activities include starting a mentoring program that matches senior AppSec members of the community with juniors or people who are hoping to get into Application Security; attending all sorts of technology meetups (but especially female-centric ones) to talk about OWASP and personally invite them to attend; bringing OWASP products, concepts and resources to the Canadian Government (and is currently attempting to sway policy to be more application security focused as we speak); as well as performing over 40 public speaking engagements that describe OWASP as “Your new BFF” as part of the application security lesson she has taught. She has also begun speaking at conferences semi-regularly, singing OWASP’s praises as part of every presentation. She also forms female groups to attend events together, to make them more accessible, such as her all-female team for the Ottawa iHack CTP and “Learn by Breaking things” event in June 2017 and her all female CTF team for OWASP Ottawa’s first CTF in 2015. Her claim of being an “application security evangelist” certainly seems fitting."

Jeremy Long Best Community Supporter

"Jeremy is a dedicated security engineer who contributes to the community as a developer, mentor, contributor and leader. He's one of the smartest people I know - and one of the few who has patience with "the rest of us". He is generous with his time and knowledge, helping not only to contribute apps and resources, but to build up the community itself."

Akash Mahajan Best Community Supporter

"Akash has been backbone of OWASP bangalore chapter he has done lot of work for evangelizing OWASP. For more than 7 years now he has been working with the chapter and mentored lot of folks. No wonder he is called "the web app security guy"."

Dhiraj Mishra Best Community Supporter

"Dhiraj Mishra - has been contributed and volunteered to, OWASP Mumbai Student chapter and Mumbai local chapter.

He has endorse students to be part of multiple open community, however been an Sudent Chapter leader for OWASP he has discussed and shared multiple Information Security topics start from the scratch and spreading the idea's and awareness via chapter Meets, he has taken multiple session in NULL as well which runs with OWASP local chapter Mumbai, recently he invited Mozilla Club Mumbai to student chapter so that students can go to their area of interest, he always pushup/boost women in infosec. Apart from this he has taken various sessions in different colleges and have shared knowledge about Cyber Security."

Denise Murtagh-Dunne Best Community Supporter

"Denise has been a hugely active member of the Dublin chapter and has been involved in all chapter meeting throughout the year and is ever keen to role up her sleeves and get stuck into work that others shy away from. This includes everything from setting up the meeting tools, organising venues, working with sponsors, getting speakers and assisting speakers in the run up and during events. She's been a very positively influence on the community and chapter and has encouraged other people to get involved. She's constantly updating and posting content on our social media accounts and making sure our members get relevant and interesting content. While in full time employment, Denise gives up family time to contribute to the chapter and ensure OWASP Dublin remains a vibrant and relevant group that engages the developer and security community locally."

Owen Pendlebury Best Community Supporter

"Owen Pendlebury has been a key local OWASP volunteer over the last number of years. From being on the local Dublin chapter board to leading the Dublin chapter he regularly hosted and spoke at numerous collaborative and insightful security meetups.

He has also been involved in organising AppSec EU in Rome and more recently co-organised the Belfast conference which was the biggest ever EU conference. As part of organising the conference in Belfast he negotiated that all chapters within Ireland would benefit financially getting a percentage of the conference profits to allow the chapters to bring bigger, better and more collaborative meetings to the Irish OWASP community and grow the communities across the country.

I don’t know where he has found the time but has also been part of the Women in AppSec committee mentoring a number of individuals throughout the year. He took part in the Women in AppSec events in Belfast giving some insightful opinions into how improve attendees career. Owen is an asset that helps to improve Ireland's security community’s capabilities with a real can-do attitude."

Mick Ryan Best Community Supporter

"Mick always assists with chapter meetings and works to ensure we give the community good quality sessions. Mick assists will all areas including reaching out to potential speakers, getting info and bios from them, arranging dates and venues, posting on social media and the logistics of the meetings and ensuring speakers have the right cables, meetings run to time, that speakers are happy with everything, taking photos to promote the chapter on social media, encouraging people to speak, printing the chapter and getting people to events! Thanks Mick for your contribution in 2017!"

Sriram Best Community Supporter

"Sriram has been conducting awareness program to the college students. Sriram has created awareness among 12000 Students without the support of anyone. Sriram has been tremendously supporting the OWASP Chapter by giving trainings to various college student, corporates and various chapters.."

Michelle Simpson Best Community Supporter

"Michelle has done an amazing job with the Belfast chapter and works tirelessly to improve the OWASP community and advocate strong app sec practices. This is very evident from the people attending the chapter events, organisations participating and the very successful AppSecEU conference that was held in Belfast in 2017. Michelle put a huge amount of work and effort into planning and preparation for AppSecEU to ensure the conference was of a high calibre. This was a sustained commitment over the majority of 2017 on top of local chapter commitments. I'd like to nominate Michelle for all the hard work and effort she puts into the chapter. Thanks Michelle!"

Steve Springett Best Community Supporter

"Steve has been a tremendous supporter of the OWASP dependency-check project and leader on the related dependency-track platform. He is quick to respond to community question, answering with insightful and accurate responses assisting the community in their use of the dependency-check suite of tools."

John Vargas Best Community Supporter

"During the last 9 years John, together with a very small group of volunteers, has been making efforts to keep the chapter of Lima, Peru. Performing activities such as monthly meetings, internal trainings and participating actively in the OWASP Latam Tour. For the chapters in Latin America to keep afloat these activities with few resources is something very complicated and deserves recognition."

Tara Williams Best Community Supporter

"Tara cares about integrity, inclusion and transparency, she is passionate about making OWASP a better place for all members of the community. With her talents in communications, she is getting the word out about OWASP's benefits to community members and attracting new members to chapter meetings, especially identifying successful pathways to transition meetup members to full members."

Aatral Arasu Best Mission Outreach

"A great leader always there to help responds to emails quickly loves his work works very hard every day very supportive never loses focus strong willed very technical and willing to do things himself to get the job done when asked for something he will get it to you ASAP constant learner open to suggestions and ideas on how to be better respectful honest caring and I am certain HRC will make it big very soon :)"

Sean Auriti Best Mission Outreach

"Sean mentors, is a speaker, leads projects, is an active chapter leader and chapter Treasurer, participating in meetup events and a great representative at global, regional and external events."

Tony Clarke Best Mission Outreach

"Tony has grown the chapter over the last year to a point where hundreds of people are attending meetings. The meetings are organised in advance now and have a theme. There were some really interesting people speaking at the chapter meetings including Simon Singh, James Lyne, Brian Honan and Jane Franklin. He has also engaged support from local companies with a lot more attending and sponsoring the chapter. There is a real buzz at chapter meetings and they're not just death by PowerPoint which they had been in the past."

Christopher Frenz Best Mission Outreach

"Christopher Frenz should be nominated for the Best Mission Outreach WASPY for his work as the Project Lead for the OWASP Anti-Ransomware Guide Project and the OWASP Secure Medical Device Deployment Standard Project. In the wake of WannaCry, anti-ransomware guidance has become more pertinent than ever and the project is regularly updated to keep abreast of the latest ransomware adaptations. Chris regularly shares his anti-ransomware knowledge with the security and healthcare communities and is an advocate for organizations conducting mock ransomware incidents. Chris has shared his knowledge of ransomware protections and of pertinent OWASP resources in numerous venues including articles (https://iapp.org/news/a/why-the-wannacry-outbreak-should-be-a-wake-up-call/) and conference presentations at both the local and international level (https://iapp.org/conference/iapp-canada-privacy-symposium/sessions/?id=a191a000000zrqPAAQ). A Spanish version of the guidance is also available. In addition, he has worked to call attention to the need for healthcare facilities to improve the security of their medical device implementations and is responsible for authoring version 1 of the OWASP Secure Medical Device Deployment Standard. The project has really worked to raise awareness of these issues and has been covered by CSO magazine (http://www.csoonline.com/article/3188230/security/how-to-securely-deploy-medical-devices.html) and other news sources. Chris has given interviews on medical device security for the Cloud Security Alliance and others and will be speaking on medical device security at the Defcon BioHacking Village. Chris is always willing to share his knowledge with all who ask and is an active member of the NYC and Brooklyn OWASP chapters."

Joaquin Fuentes Best Mission Outreach

"For all he has done to build up the Phoenix OWASP community. Prior to Joaquin taking point the community in Phoenix was dead. Meetings weren't happening on a regular basis. The prior leaders had done a great job but I think they had burnt out. Joaquin started the community back up and got corporate support from his employer to facilitate not only regular meetings but great meetings with great content. He also implemented MeetUp. I'm not a consistent attendee because of my work/life schedule but I always know when the meetings are happening and what the subject matter will be because of Joaquin utilizing MeetUp."

2nd Citation: "Joaquin has been leading the OWASP Phoenix chapter and due to his initiative, has placed Phoenix on the map as a hub for application security. I would like to nominate him because he is always bringing in new and interesting speakers that provide great content. The most recent OWASP chapter meeting had over 60 attendees!"

3rd Citation: "Joaquin Fuentes has had a big impact in raising attendance at the Phoenix meetings to more than 100 people monthly. The quality has gotten significantly better under his leadership. He has organized many speakers, including recruiting speakers from out of the area that have significantly developed the knowledge base of the community. Joaquin is a pen testing manager at Early Warning and he shares his professional knowledge to help us all become better in the practice of information security."

4th Citation: "My job takes me to many different OWASP Chapters, along with ISSA, CSA, ISACA, etc. The Phoenix OWASP Chapter was DEAD before Joaquin volunteered to lead the Chapter a few years ago. It is now consistently one of the BEST ITSec community gatherings, and I go out of my way to be in Phoenix for their meetings. To put it a different way, at my first Phoenix OWASP meeting there were less than 12 attendees, including myself and the speaker. Last week it was standing room only (75+) *and* there would have been more if Interstate 17 hadn't been closed in both directions at the start of rush-hour. Part of the reason Joaquin deserves this award is that he is EXTREMELY knowledgeable about AppSec and many other aspects of data security and he is ALWAYS friendly and willing to share. His day-job is no picnic, but he finds the time to put together great meetings and do it in a way that everybody has a good time."

Tanya Janca Best Mission Outreach

"Tanya has been instrumental in outreach in the Ottawa Ontario Canada region building membership and participation in the local OWASP chapter, as well as building bridges with other local organizations (Python user group, Ruby Rails user group, WIA, etc.). Tanya has also been a driver in getting a mentoring program setup via the Ottawa chapter. She has also encouraged participation in local CTF events, presented at local conferences (BSides, etc). Tanya's enthusiasm, support, and interaction is often contagious (in a good way :) ). Lastly, Tanya is a strong advocate or evangelist for OWASP projects, promoting such as appropriate per audience/presentation (including, but not limited to: ZAP, Top 10, SKF)."

2nd Citation: "Tanya Janca is an excellent ambassador for OWASP. Since her entry into the lead team of the OWASP Ottawa chapter, she has doubled the size of the chapter and developed the chapter into a meeting place for dozens of women interested in Application Security. Tanya Janca is an energetic speaker who held a fantastic presentation at AppSecEU in Belfast. https://www.youtube.com/watch?v=mPTmuaC2lOI She was subsequently invited to the Swiss Cyberstorm Conference where her addition to the rooster was explained in an admiring blogpost https://swisscyberstorm.com/2017/05/23/Introducing_Tany_Janca.html Tanya Janca has the ability to talk security to techies and management alike. She is pushing for the adoption of OWASP practices and project by the government of Canada her employer. Having been nominated for the Government of Canada’s CIO Award for “Excellent in Security” in 2016 she refused to move into the private sector, but continues to support the security community inside the public sector, where her excellent know-how is very important."

3rd Citation: "Tanya Janca has been performing “outreach” and “recruitment of women” as her main chapter leader responsibilities for the Ottawa chapter since 2015. The chapter has not only grown by over 500% in that time, but female membership has grown from 2 female members to over 70 (the chapter has grown for many reasons, some of which are her promotional efforts). Activities include starting a mentoring program that matches senior AppSec members of the community with juniors or people who are hoping to get into Application Security; attending all sorts of technology meetups (but especially female-centric ones) to talk about OWASP and personally invite them to attend; bringing OWASP products, concepts and resources to the Canadian Government (and is currently attempting to sway policy to be more application security focused as we speak); as well as performing over 40 public speaking engagements that describe OWASP as “Your new BFF” as part of the application security lesson she has taught. She has also begun speaking at conferences semi-regularly, singing OWASP’s praises as part of every presentation. She also forms female groups to attend events together, to make them more accessible, such as her all-female team for the Ottawa iHack CTP and “Learn by Breaking things” event in June 2017 and her all female CTF team for OWASP Ottawa’s first CTF in 2015. Her claim of being an “application security evangelist” certainly seems fitting."

Kitisak Jirawannakool Best Mission Outreach

"Web security is notoriously bad in Thailand, so an actives security community is sorely needed. Kitisak is a central figure in that community. He has worked on establishing the OWASP Bangkok chapter for the past six years, organizing meetups, community outreach and engaging with security experts internationally. His work has played a pivotal role in creating IT security awareness in the fast-growing South-East-Asian country."

James Manico Best Mission Outreach

"Jim's influence on OWASP materials (and therefore on application security) is amazing - he's cited on nearly every cheat sheet on OWASP Top 10 document. His name is synonymous with application security."

2nd Citation: "While Jim may not be the "unsung hero" - he is the first and foremost cheerleader/champion of OWASP. His efforts and contributions are innumerable. As anyone who knows Jim - he is not a reserved individual when touting the resources available via OWASP. He has likely done more then anyone else working with OWASP to bring together, motivate, and get individuals to contribute to OWASP. From the immensely popular checklists to motivating individuals to contribute. OWASP would not be nearly as successful as it has been without Jim."

Mateo Martinez Best Mission Outreach

"Mateo is one of the leaders in Latin America more recognized, during the last years his efforts to join the chapters chapter along with other leaders of Latam made that the community grew and that today the Latam Tour 2017 has more than 15 participating countries. He also managed to spread the spirit of owasp and help establish new chapters in the region. The effort to maintain more communication between OWASP GLobal and local communities is reflected in each activity that encourages other leaders to ensure that they strive every day to spread Owasp projects and to grow the community."

Mark Miller Best Mission Outreach

"The OWASP Podcast is a effort that is in line with the mission of OWASP raising visability for software security. This is a VERY powerful voice in the community globally and Mark Miller should be applauded for his efforts on this https://www.owasp.org/index.php/OWASP_Podcast"

Dhiraj Mishra Best Mission Outreach

"Dhiraj was nominated for WASPY 2016, his contribution to the community is from past one 'n half year in various areas, start from the projects, local volunteering and what not, he was also listed in OWASP Hall Of Fame."

Owen Pendlebury Best Mission Outreach

"Owen is an active participator in OWASP meetings and has been a great inspiration to me. He has shown himself to be a great leader and OWASP advocate. Owen has recommended other AppSec communities in which I have become involved in since moving to Dublin. He is an evangelist for women in technology and I have witnessed this first hand. I don't hesitate to recommend Owen for this award."

2nd Citation: "Owen has introduced me to the OWASP Community in Ireland and EU. Help me to get involve with Women in AppSec and participate in the AppSec EU event in Belfast. He is a great leader, who enjoys talking about OWASP and the great community behind it. I've moved to Ireland a couple of months ago, and getting to know Owen and the OWASP community has completely changed my life, both professionally and personally. So, yes, I would like to nominate Owen Pendlebury because he the proof that Women in AppSec is not just a women matter. :)"

Sriram Shyam Best Mission Outreach

"Sriram has been conducting awareness program to the college students. Sriram has created awareness among 12000 Students without the support of anyone."

Noreen Whysel Best Mission Outreach

"Noreen is helping each day to improve OWASP members' experiences bringing her expertise and knowledge as a mentor and projects as a Chapter Leader, one member at a time. She understands what members want, how to improve member benefits and is applying that knowledge to improving local and global member experiences from the ground up. Her efforts are multiplied by her sharing of knowledge and grassroots approach creating a membership groundswell."

Aatral Arasu Best Innovator

"A great leader always there to help responds to emails quickly loves his work works very hard every day very supportive never loses focus strong willed very technical and willing to do things himself to get the job done when asked for something he will get it to you ASAP constant learner open to suggestions and ideas on how to be better respectful honest caring and I am certain HRC will make it big very soon :)"

Sean Auriti Best Innovator

"Sean leads the BLT Project and is a Team Leader for the Learning Gateway project. He has helped improve the quality of web experiences, including OWASP.org ."

Glenn & Riccardo ten Cate Best Innovator

"I am hereby nominating the brothers Glenn & Riccardo ten Cate from the Netherlands for the WASPY award in this category. They are known for their work on the open-source project SKF (Security Knowledge Framework). These are two guys who are dedicated to spreading security knowledge trough the means OWASP has to offer. You might have encountered them talking at seminars, promoting their project and OWASP, or different companies where they teach development teams how to integrate the OWASP core principles in their workflow using their project. Not only professional development teams but also students of security can only be amazed at the sheer knowledge they gathered and contribute to the global OWASP community trough open source. The sheer effort they put in this project teaches, guides, structures and shows by example how to test and write secure applications by design. There is no other software out there that does this. And that is why they deserve this nomination for best innovator 2017."

Mark Deenihan Best Innovator

"Mark for his constant devotion and work on the OWASP security shepherd project and continuing to develop it and teach people globally about app sec."

Seba Deleersnyder Best Innovator

"One of the main projects to date is SAMM. Seba with the support of project colliders has made this a flagship project of OWASP. The level of maturity and the number of improvements obtained indicates that this project is one of the most mature and a great projection to the future."

Christopher Frenz Best Innovator

"Chris' projects are opening doors for OWASP in the standards development and getting the word out about important IoT with his Medical Device Deployment Standard: https://www.owasp.org/index.php/OWASP_Secure_Medical_Device_Deployment_Standard which already has a Turkish translation and attracted attention from the Turkish public health department. He has delivered presentations at meetups, and presenting to the IDESG, www.idesg.org in July. He has a "soup label" tool that gives simple guidance for the implementation of the OSMDDS. This is not Chris' first project but it is surely one of the best OWASP innovations of the year."

Joaquin Fuentes Best Innovator

"Joaquin has been leading the OWASP Phoenix chapter and due to his initiative, has placed Phoenix on the map as a hub for application security. I would like to nominate him because he is always bringing in new and interesting speakers that provide great content. The most recent OWASP chapter meeting had over 60 attendees!"

2nd Citation: "Joaquin Fuentes has had a big impact in raising attendance at the Phoenix meetings to more than 100 people monthly. The quality has gotten significantly better under his leadership. He has organized many speakers, including recruiting speakers from out of the area that have significantly developed the knowledge base of the community. Joaquin is a pen testing manager at Early Warning and he shares his professional knowledge to help us all become better in the practice of information security."

Evin Hernandez Best Innovator

"Evins focus on the core of the information security platform with Virtual Village has provided the global community with a place to experiment and leverage for testing... https://www.owasp.org/index.php/OWASP_Virtual_Village_Project"

Jeremy Long Best Innovator

"Considering how often projects have a great start and plateau, we should recognize the ongoing effort and dedication given to one of the Flagship projects in our community. Jeremy Long has continued to not only maintain the Dependency Check project but develop and improve it each year. This year he added Improvements in the core dependency-check platform in terms of code quality, achieved 100% for the CII Best Practices for dependency-check, continued to develop the ODC community with several contributors submitting PRs, and over the last several months he's been working on platform maturity and will be releasing 2.0.0 in the first half of July 2017. After 2.0 is released he has planned work on Python support and expanding the tool by integrating additional data-sources such as Artifactory, Redhat Victim's, OSS-Index, etc."

2nd Citation: "Jeremy has been an avid contributor/leader for the OWASP dependency-check project. Under his leadership the project has garnered substantial community support in terms of pull requests, improved code quality via Sonarcloud, Coverity, Codacy, and CII Best Practices. While the last six months have been primarily around code quality and bug fixes; these improvements are setting the dependency-check project up for major enhancements over the coming months!"

Daniel Miessler Best Innovator

"Daniel seems to be everywhere at once - despite have a full-time job, he is leading or co-leading several OWASP projects, has created ideas for groups out of thin air, and has performed work in much needed areas. This year, Daniel has lead or co-lead the Internet of Things security project, completed an IoT: Medical Devices attack surface overview, and created the Game Security project."

Dhiraj Mishra Best Innovator

"Dhiraj is one of the top contributor in OWASP Cheat Sheet Project, which have security guidance in an easy read format, his contribution for SQL Injection WAF Bypass and XSS Evasion - OWASP, was mostly recommended and used by Cyber Security professional, dhiraj has contributed to Benchmark project by contributing SQLi/XSS fuzz vectors as initial contribution towards adding support for WAF/RASP scoring and many such projects."

Bernhard Mueller Best Innovator

"During the last 18 months Bernhard has been spearheading the OWASP Mobile Testing Guide Project. He has invested several man-months of writing, editing, reviewing, rallying authors, and pushing the project into new directions. This also resulted in the novel agile book writing process and book production pipeline which enables OWASP to produce a professional tech book. The project has produced a security standard and early-release ebook, and is on track become one of OWASP's main flagship projects."

Steve Springett Best Innovator

"Steve's work on dependency-track is fantastic - he's moved forward to address the next round of issues, with an innovative solution all companies can leverage."

thc202 Best Innovator

"Simon Bennets "wingman" in the ZAP project, by now even the top committer in the project! (https://github.com/zaproxy/zaproxy/graphs/contributors) So "unsung of" that I do not even know his real name!"

Results

Congratulations to all of the individuals who were nominated! The results are in and we would like to congratulate the following individuals:

Best Community Supporter - 3 way tie
Nicole Becher Nicole Becher
Dinis Cruz Dinis Cruz
Jeremy Long Jeremy Long

Best Mission Outreach
Mark Miller Mark Miller

Best Innovator
Seba Deleersnyder Seba Deleersnyder

Sponsorship Opportunities

The support from our sponsors, is what makes these awards truly successful!

Thank you to Qualys for supporting the WASPY Awards as a Platinum Sponsor

300px90px      

Communication

  1. June 7, 2017 Email to the Leaders & Community list. Posted to the OWASP Blog
  2. June 30, 2017 Email to the Leaders & Community list.
  3. July 5, 2017 Email to the Nominees
  4. July 5, 2017 Email to the Leaders & Community list, and Blog post announcing the nominees have been announced.

Past WASPY Awards

2016
2015
2014
2013
2012