(ISC)²® Establishes New Application Security Advisory Council

Share Article

Council members consist of international software security experts from Cisco, McAfee, Microsoft, HP, DHS, and others

(ISC)²® (“ISC-squared”), the largest not-for-profit membership body of certified information and software security professionals with over 100,000 members worldwide, today announced the formation of its Application Security Advisory Council (ASAC), with representatives from Asia-Pacific and the Americas.

The Advisory Council was established to evangelize for the adoption of secure software development best practices through professional certification. The council consists of 15 software security professionals in senior roles at leading business and government agencies around the world, including:

•Tony Vargas, CSSLP, CISSP-ISSAP, Security +, technical leader, Engineering, Cisco; co-founder, chairman & president, (ISC)2 Sacramento Chapter; chair, (ISC)2 Application Security Advisory Council
•Anthony Lim, CSSLP, CISSP, FCITIL, Asia-Pacific director, WhiteHat Security Inc., vice-chair, (ISC)2 Application Security Advisory Council
•David Kennedy, CISSP, OSCP, OSCE, GSEC, MCSE, ISO 27001, founder & principal security consultant, TrustedSec
•David O’Berry, CSSLP, CISSP-ISSAP, ISSMP, CRISC, worldwide strategic technologies, Office of the CTO, McAfee
•Erin Jacobs, CEH, CISA, QSA, managing partner, Urbane Security
•Glenn Leifheit, CSSLP, CISSP, ACS, principal security architect, Microsoft
•Jacob West, CTO, Enterprise Security Products, HP
•Joe Jarzombek, CSSLP, PMP, director, Software & Supply Chain Assurance, SECIR/CS&C/NPPD, U.S. Department of Homeland Security
•Joshua Corman, CTO, Sonatype; founder, “Rugged Software” and “I am The Cavalry”
•Katie Moussouris, chief policy officer, HackerOne
•Mano Paul, CSSLP, CISSP, GWAPT, GSSP-.Net, MCAD, MCSD, CompTIA Network+, ECSA, founder and CEO, SecuRisk Solutions and Express Certifications; founder, HackFormers
•Mikko Varpiola, security researcher, Codenomicon
•Sean Mason, CSSLP, CISSP-ISSMP, CCFP, CISA, CISM, PMP, executive incident response leader, CSC
•Tom Brennan, CISSP, founder, proactiveRISK and CyberTOOLBELT; global vice chairman, OWASP Foundation
•Zachary Tudor, CISSP, CISM, CCP, program director, Computer Science Lab, SRI International

“We’re pleased to have some of the most prestigious names in the realm of application security on our new council,” said W. Hord Tipton, CISSP, executive director, (ISC)2. “Our Certified Secure Software Lifecycle Professional (CSSLP®) certification was developed with the mindset of changing the way the world looks at developing software, by building security in from the onset to help avoid the outrageous cost of bolting on security later. We must increase the level of awareness in this area, and I’m confident that this group will spearhead the cause to make software more secure throughout the entire development life cycle.”

The first ASAC meeting will take place on Friday, August 1 in Las Vegas, Nevada, prior to the Black Hat USA Conference. For more information on the ASAC members, including their bios, please visit: https://www.isc2.org/ASAC/default.aspx.

# # #

About (ISC)²
Formed in 1989 and celebrating its 25th anniversary, (ISC)² is the largest not-for-profit membership body of certified information and software security professionals worldwide, with over 100,000 members in more than 135 countries. Globally recognized as the Gold Standard, (ISC)² issues the Certified Information Systems Security Professional (CISSP®) and related concentrations, as well as the Certified Secure Software Lifecycle Professional (CSSLP®), the Certified Cyber Forensics Professional (CCFPSM), Certified Authorization Professional (CAP®), HealthCare Information Security and Privacy Practitioner (HCISPPSM), and Systems Security Certified Practitioner (SSCP®) credentials to qualifying candidates. (ISC)²’s certifications are among the first information technology credentials to meet the stringent requirements of ISO/IEC Standard 17024, a global benchmark for assessing and certifying personnel. (ISC)² also offers education programs and services based on its CBK®, a compendium of information and software security topics. More information is available at http://www.isc2.org.

© 2014, (ISC)² Inc., (ISC)², CISSP, ISSAP, ISSMP, ISSEP, CSSLP, CAP, SSCP and CBK are registered marks, and CCFP and HCISPP are service marks, of (ISC)², Inc.

Follow (ISC)² on Facebook, Twitter and YouTube.

Share article on social media or email:

View article via:

Pdf Print

Contact Author

Michelle Schafer
Merritt Group
+1 (703) 390-1525
Email >

Amanda D'Alessandro
Email >