[Owasp-leaders] OWASP board foundation

Boberski, Michael [USA] boberski_michael at bah.com
Wed Nov 18 12:58:04 EST 2009

If memory serves, and as documentation acknowledgements reveal, Eoin you also supported the development of ASVS as a reviewer.

+1 as they say on the ESAPI mailing list.

Mike B.

From: owasp-leaders-bounces at lists.owasp.org [mailto:owasp-leaders-bounces at lists.owasp.org] On Behalf Of Eoin
Sent: Wednesday, November 18, 2009 12:27 PM
To: owasp-leaders at lists.owasp.org
Subject: Re: [Owasp-leaders] OWASP board foundation

Eoin here, the only candidate from the other side of the Atlantic ocean.
Current employer:
Ernst & Young, Ireland. I run the attack and penetration service (Security architecture, Code review, SDLC, Pentest, deployment etc...) for Ireland and allot of Europe.
Prior to that I worked in Fidelity Investments as a developer and founded the Irish application security group team there.
I have also worked for a number of smaller local Irish consultancies.

- Philosophies on things like marketing of OWASP, industry evangelism,
other demographics such as Business Analysts, Project Managers, CIOs and
the value they should receive from OWASP, etc

My platform is based industry adoption of OWASP in order for it to grow.
We need to make projects more mature such that industry can rely on them from documents/books to tools.
In order for us to "fight the causes of insecurity in web applications" we need to target the predominant developers of systems on the Internet visa vie Industry ;(Financial, Transport, Government, Academia etc). I also believe that producing leading class guidance shall assist us with penetration of academic institutions.
As a member of the industry committee this was also my goal, to listen to industry and focus on the big issues they have with application development, and attempt to focus our efforts on some of these issues.
I am a supporter of research support from OWASP also, something we do not do so much of. I believe we need to research ways to apply our collective knowledge. I believe marketing in security is still immature but has moved forward somewhat. We see more demand for "security @ source" solutions rather than sexy pen testing. Spin and FUD is still an issue but most people can see through this.

- More Builder or More Breaker
Both, but I am more on the side of building stuff in a secure manner rather than testing ourselves secure. (But i did lead the testing guide!)
The code review guide is a reflection of my passion on this subject.

in order to balance the global presence on the board, vote for me! Vote for the Irish man.

best regards,


2009/11/17 McGovern, James F. (eBusiness) <James.McGovern at thehartford.com<mailto:James.McGovern at thehartford.com>>
Could the candidates describe other characteristics about themselves
such as:

- Current employer: I have a think for enterprisey types :-)
- Philosophies on things like marketing of OWASP, industry evangelism,
other demographics such as Business Analysts, Project Managers, CIOs and
the value they should receive from OWASP, etc
- More Builder or More Breaker

This communication, including attachments, is for the exclusive use of addressee and may contain proprietary, confidential and/or privileged information.  If you are not the intended recipient, any use, copying, disclosure, dissemination or distribution is strictly prohibited.  If you are not the intended recipient, please notify the sender immediately by return e-mail, delete this communication and destroy all copies.

OWASP-Leaders mailing list
OWASP-Leaders at lists.owasp.org<mailto:OWASP-Leaders at lists.owasp.org>

Eoin Keary

OWASP Code Review Guide Lead Author
OWASP Ireland Chapter Lead
OWASP Global Committee Member (Industry)

-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-leaders/attachments/20091118/5c3b66b2/attachment.html 

More information about the OWASP-Leaders mailing list