Staying on top of the latest developments and innovation in application security is key. The following list of thought leaders is an excellent source of information that will help you implement a successful application security program.
|Troy Hunt @TroyHunt|
Sydney-based software architect, web security specialist and Microsoft MVP 4 years running.
|Dan Cornell @danielcornell|
AppSec expert with over 12 years of experience in developing and architecting secure software.
|Rafay Baloch @rafaybaloch|
Award winning AppSec expert and ethical hacker who specializes in Android and Chrome vulnerabilities.
|Mark Dowd @Mdowd|
AppSec researcher and pioneer. Co-written “The Art of Software Security Assessment”.
>A security engineer, adjunct InfoSec professor and creator/curator of the hilarious @sec_reactions
|Avram Marius @securityshell|
Has found vulnerabilities that have earned him credit from Google, Facebook, Twitter and many others.
|Dan Goodin @dangoodin001|
Ars Technica has an excellent security section on their site, and that’s thanks in great part to Dan Goodin.
|Parisa Tabriz @laparisa|
Once a “part-time hacker”, Parisa now manages the Google Chrome security engineering team.
|Robin Wood @DigiNinja|
A security auditor specializing in web apps and Wi-Fi. Follow Robin for witty security musings and research.
|Michael Zalewski @Icamtuf|
Michael is on the Google Security Team, has been in the industry for over 20 years.
|Graham Cluley @GCluley|
An AppSec blogger since the early 90s, he now has his own blog and covers all the hot issues.
|Mohit Kumar @unix_root|
A security researcher and the editor-in-chief of The Hacker News, which he founded in 2010.
|Malik Mesellem @MME_IT|
An ethical hacker who also offers security training and education to help promote AppSec awareness.
|Ashar Javed @soaj1664ashar|
A web app sec researcher who found bugs in Google, Microsoft, Twitter, eBay and many more.
|Michael Coates @_mwc|
Chairman of the Board at OWASP’s and an ex-Mozilla Director of Security Assurance.
|Rich Mogull @rmogull|
A security analyst and CEO at Securosis and contributor to Dark Reading and TidBITS.
|Mark Goodwin @mr_goodwin|
Mark works on application security for Mozilla and spends his free time as the OWASP East Midlands.
|Pierluigi Paganini @SecurityAffairs|
Ethical hacker, editor-in-chief of Cyber Defense Magazine and a member of ENISA.
Checkmarx CTO and Chief Researcher Maty Siman @Maty_Siman
Top 21 AppSec & Security Gurus – Follow our customized list on Twitter.
Continue to Chapter 8: AppSec Blogs to Learn From
Interested in trying CxSAST on your own code? You can now use Checkmarx's solution to scan uncompiled / unbuilt source code in 18 coding and scripting languages and identify the vulnerable lines of code. CxSAST will even find the best-fix locations for you and suggest the best remediation techniques. Sign up for your FREE trial now.
Checkmarx is now offering you the opportunity to see how CxSAST identifies application-layer vulnerabilities in real-time. Our in-house security experts will run the scan and demonstrate how the solution's queries can be tweaked as per your specific needs and requirements. Fill in your details and we'll schedule a FREE live demo with you.