The (ISC)² — a not-for-profit membership body of certified information and software security professionals worldwide —announced on Monday (4 August 2014) the formation of its Application Security Advisory Council (ASAC).
In a press statement, (ISC)² said that the Advisory Council was established to encourage the adoption of secure software development best practices through professional certification.
"Our Certified Secure Software Lifecycle Professional (CSSLP) certification was developed with the mindset of changing the way the world looks at developing software, by building security in from the onset to help avoid the outrageous cost of bolting on security later," said W. Hord Tipton, CISSP, executive director, (ISC)2. "We must increase the level of awareness in this area, and I'm confident that this group will spearhead the cause to make software more secure throughout the entire development life cycle."
Consisting of 15 software security professionals from Asia Pacific and the Americas, ASAC's members include:
- Tony Vargas, CSSLP, CISSP-ISSAP, Security +, technical leader, Engineering, Cisco; co-founder, chairman & president, (ISC)2 Sacramento Chapter; chair, (ISC)2 Application Security Advisory Council
- Anthony Lim, CSSLP, FCITIL, Asia-Pacific director, WhiteHat Security Inc., vice-chair, (ISC)2 Application Security Advisory Council
- David Kennedy, CISSP, OSCP, OSCE, GSEC, MCSE, ISO 27001, founder & principal security consultant, TrustedSec
- David O'Berry, CSSLP, CISSP-ISSAP, ISSMP, CRISC, worldwide strategic technologies, Office of the CTO, McAfee
- Erin Jacobs, CEH, CISA, QSA, managing partner, Urbane Security
- Glenn Leifheit, CSSLP, CISSP, ACS, principal security architect, Microsoft
- Jacob West, CTO, Enterprise Security Products, HP
- Joe Jarzombek, CSSLP, PMP, director, Software & Supply Chain Assurance, SECIR/CS&C/NPPD, U.S. Department of Homeland Security
- Joshua Corman, CTO, Sonatype; founder, "Rugged Software" and "I am The Cavalry"
- Katie Moussouris, chief policy officer, HackerOne
- Mano Paul, CSSLP, CISSP, GWAPT, GSSP-.Net, MCAD, MCSD, CompTIA Network+, ECSA, founder and CEO, SecuRisk Solutions and Express Certifications; founder, HackFormers
- Mikko Varpiola, security researcher, Codenomicon
- Sean Mason, CSSLP, CISSP-ISSMP, CCFP, CISA, CISM, PMP, executive incident response leader, CSC
- Tom Brennan, CISSP, founder, proactiveRISK and CyberTOOLBELT; global vice chairman, OWASP Foundation
- Zachary Tudor, CISSP, CISM, CCP, program director, Computer Science Lab, SRI International
Sign up for CIO Asia eNewsletters.