Eoin Keary

OWASP board member since 2009. Elected to position of global Vice Chair, September 2011.

A long time member of OWASP. Based in Dublin and director of BCC Risk Advisory Ltd.

LinkedIn profile click here

Eoin Keary has been with OWASP since 2004. He is based in Ireland and runs a software security practice, bccriskadvisory.com.

He is currently on the global board of the OWASP foundation, he was elected to the board in 2009. During this time Eoin assisted in founding the OWASP legal entity in Europe and has helped provide structure to OWASPs finances and strategy.

Eoin currently leads the reboot project which aims to improve current OWASP projects and start new ones.

Eoin believes the projects OWASP delivers are a key aspect of the foundation and also very important in helping both developers and security professionals in building more secure software.

Eoin previously lead the OWASP Testing Guide and  currently the OWASP Code Review Guide and also contributed to other OWASP projects such as OWASP SAMM, OWASP CISO Guide & CISO Survey, OWASP Cheat sheets, and the OWASP ASVS & ZAP as a reviewer.

Eoin also founded the OWASP Dublin chapter in 2006 and the OWASP Ireland event in 2008 which is in its 4th year and also hosted OWASP EU in 2011.

Eoin believes OWASP needs to focus more on outreach to the software development community and also involve itself more with the industries which rely on software to achieve business and social goals by assisting organisations, CISO's and security communities in writing and defending software infrastructure.

To this end,  Eoin frequently delivers free technical and executive awareness workshops to help organisations achieve their goals in a secure manner.

My involvement in OWASP to date.............

OWASP Ireland Chapter leader and founder since 2004

Have held regular meetings, promoted OWASP and application security in general. I have developed a stong community within Ireland in terms of secure development such that large organisations are aware of OWASP and invite me for comment and involvement in application security awareness efforts. I am involved in ongoing efforts to consolidate the security community with groups such as IISF, IAI and ISSA.

OWASP Testing guide leader (2005-2007)

Handed over from Daniel Cuthbert in 2005. Lead the testing guide effort, transferred it to wiki from word document in 2006. Wrote significant portions of the guide. Handed guide to Matteo Meucci in 2007

Code review guide (V1.1) leader - "Worlds first open source code review guide"

Lead and founder of guide. Authored 70% of currrent code review guide. Considered the most comprehensive code review guide on the web. Ongoing project currently at V1.1 Tools such as OWASP code crawler are inspired by the guide. Used by US Gov agencies, Insustry Security standards etc.

OWASP ASVS Reviewer

Reviewed and supplied suggestions for most recent release of ASVS. Presented viability of ASVS to industry leads in terms of integration of standard into strategic direction.

OWASP SAMM Contributor

Along with team members, suggested rewrite of SAMM questionaire based on experience of using in the field. With the aim of overall maturity of the SAMM document and process. I have fostered the SAMM approach into a number of large european organisations.

OWASP Ireland 2009,2010,OWASP EU 2011 Organiser of successful event which has made a large impact on local application security community. Event covered costs and was within budget. Achieved media coverage with many local and business "broad sheet" newspapaers. Managed to gather an impressive panel of speakers for such a modest event.

OWASP Cheat Sheet Author and reviewer -2011/2012 OWASP Workshop Trainer - 2010/2012 OWASP Reboot project leader 2012