- title: WASPY type: category description: >- Each year there are many individuals who do amazing work, dedicating countless hours to share, improve, and strengthen the OWASP mission. Some of these individuals are well known to the community while others are not. The purpose of these awards is to bring recognition to those who "FLY UNDER THE RADAR". These are the individuals who are passionate about OWASP, who contribute hours of their own free time to the organization to help improve the cyber-security world, yet seem to go unrecognized. - title: Distinguished Lifetime Memberships type: category description: >- Awarded by the Board for outstanding involvement in the organization over the course of many years. - title: Project Person of the Year type: award category: WASPY year: 2025 winners: - name: Jannik Hollenbach image: /assets/images/people/jannik_hollenbach.jpg info: >- Jannik joined the OWASP around 2017 after being introduced to the Juice Shop project at university. He then became a regular contributor to the Juice Shop project and created the MultiJuicer project to enable people to run trainings and workshops with Juice Shop. He is now a project lead for both the OWASP Juice Shop and OWASP secureCodeBox projects. - title: Event Person of the Year type: award category: WASPY year: 2025 winners: - name: Jim Manico image: /assets/images/people/jim_manico.jpeg info: >- Jim Manico has been deeply involved in the OWASP community for more than two decades, beginning his volunteer journey in 2003. Over the years he has taken on a wide range of leadership and hands-on roles.

- Global Governance. Elected to OWASP’s Global Board of Directors (2011 – 2014), where he helped shape the foundation’s strategic direction, fundraising model, and community-driven governance.
- OWASP Cheat Sheet Series (2009 – present) - Co-founder and long-time project manager, coordinating dozens of security cheat sheets that distill complex topics into actionable, developer-friendly guidance.
- OWASP Application Security Verification Standard (ASVS) & Artificial Intelligence Security Verification Standard (AISVS) - Core contributor and project manager, ensuring that both standards remain technically rigorous, developer-centric, and mapped to modern threat landscapes.
- Regular contributor to other flagship initiatives, including the OWASP Top Ten and Proactive Controls.
- Community Building & Education. A frequent keynote speaker and trainer at AppSec USA, AppSec EU, and dozens of local OWASP chapters, Jim has delivered hundreds of secure-coding workshops worldwide, championing open knowledge and evidence-based practices.
- Recognition. Honored with OWASP’s Lifetime Achievement Award (2023) for sustained, high-impact service—a testament to his belief in the foundation’s mission of “making software security visible, so that individuals and organizations can make informed decisions.

A true believer in OWASP’s open, vendor-neutral ethos, Jim remains an active contributor, mentor, and evangelist—continuing to advance the state of software security through community-driven standards, education, and tooling. - title: Chapter Person of the Year type: award category: WASPY year: 2025 winners: - name: John DiLeo image: /assets/images/people/john_dileo.png info: >- John is a Lifetime Member of OWASP, having first joined in 2014, while living and working in Kansas City, Missouri. He has been active in the New Zealand Chapter since moving to Auckland in late 2017.

John took on a leadership role in the New Zealand Chapter in April 2018, restarting the Auckland Meetup, which he led until May 2024, when he moved to Hamilton. Once settled there, John launched the Hamilton Meetup, which is now going strong.

John became Chair of the annual OWASP New Zealand Day conference in 2019, keeping it going through COVID lockdowns, border closures, and travel bans. This year, he is coaching his successor, so he can 'retire' as conference chair after his seventh. John helped organize the student-focused security.ac.nz event, in 2019 and 2022. He also organizes OWASP Training Day events around New Zealand.

Beyond the chapter, John has been a member of the OWASP SAMM Project's core team since 2018, has been part of the Chapters and Education and Training Committees, and has founded a number of small OWASP projects. - title: Project Person of the Year type: award category: WASPY year: 2024 winners: - name: Felipe Zipitria image: /assets/images/people/felipe_zipitria.jpg info: >- Felipe Zipitria is an expert in computer security, graduated with an MSc from the Universidad de la República in Uruguay. With over 20 years of experience in SRE, DevOps, and SysAdmin roles, Felipe has transitioned into specialized areas, dedicating the past 5 years to AppSec and Cloud SecOps. His extensive expertise spans security consulting for over a decade. Passionate about education, Felipe instructs pregraduate students in Computer Security Fundamentals and guides postgraduates in Web Application Security at the local public University, with the help of OWASP published materials. He started as the Uruguay Co-Chapter Leader in 2013, and started engaging in projects with global outreach. He is a longstanding contributor to OWASP CRS, serving as a developer and co-leader since 2021 and he is part of the OWASP Coraza leadership team, focusing on the development of new Web Application Firewalls (WAFs). Committed to fostering open-source engagement, he has served as a Google Summer of Code mentor for four consecutive years, nurturing students involvement in open-source and OWASP initiatives. - title: Event Person of the Year type: award category: WASPY year: 2024 winners: - name: Shruti Kulkarni image: /assets/images/people/shruti_kulkarni.jpeg info: >- Shruti Kulkarni is a cyber security / enterprise security architect with experience in ISO27001, PCI-DSS, policies, standards, security tools, threat modeling, risk assessments. Shruti works on security strategies and collaborates with cross-functional groups to implement information security controls in software development life-cycle, service operations, service delivery such that security controls support business requirements. An ardent fan, Shruti joined OWASP in 2013 and is currently project leader for Developer Guide and is the Secretary of the Education Committee. - title: Chapter Person of the Year type: award category: WASPY year: 2024 winners: - name: Martin Knobloch image: /assets/images/people/board_martin2.png info: >- 2006: Attending my first OWASP AppSec conference, the OWASP AppSec in Belgium (and only missed two since)
2007: Joining the OWASP Netherlands Chapter Board
2008: First time presenting at an OWASP conference, the OWASP Australia Security Conference at Gold Coast, Queensland, Australia
2008: Chairing the OWASP Education committee, as result of attending the first OWASP Summit in Portugal
2009: Co-organizing the first OWASP BeNeLux-Day, and all of them since
2010: First active involvement in an OWASP AppSec conference, hosting the CTF in Sweden
2011: Co-organizing the OWASP Summit 2011
2015: Conference Chair of the OWASP Global AppSec EU in Amsterdam
2017: Joining the OWASP Global Foundation Board of DIrectors, until 2022
2019: Joining the OWASP Europe Board

Over the years, I have been promoting, mentoring and supporting OWASP in general; the various projects, chapters and events. The leaders, organizers, members and volunteers. Anyone trying to find their way into AppSec. - title: Project Person of the Year type: award category: WASPY year: 2023 winners: - name: Brian Glas image: /assets/images/people/brian_glas_photo.jpg info: >- Brian has more than 22 years of experience in various roles in IT with the majority of that in application development and security. His day job is serving as Department Chair and Assistant Professor teaching a full load of Computer Science and Cybersecurity classes at Union University. He helped build the FedEx AppSec team, worked on the Trustworthy Computing team at Microsoft, consulted on software security, and served as a project lead and active contributor for SAMM v1.1-2.0+ and OWASP Top 10 2017, 2021, and 2024. Brian is a contributor to the RABET-V Program for assessing non-voting election technology. He holds several Cybersecurity and IT certifications and is working on his Doctor of Computer Science in Cybersecurity and Information Assurance. - title: Event Person of the Year type: award category: WASPY year: 2023 winners: - name: Meghan Jacquot image: /assets/images/people/meghan_jacquot-photo.jpg info: >- Meghan Jacquot is a Security Engineer with Inspectiv and focuses on vulnerabilities and attack surface management. She is particularly interested in application security, threat intelligence, investigating vulnerabilities, and the ethical use of data. Meghan shares her research via conferences and publications. Throughout the year, she helps a variety of organizations and folks including DEF CON as a SOC GOON, Diana Initiative, OWASP, SANS, and WiCyS. To relax she also spends time visiting national parks, gardening, and hanging with her chinchilla. She’s happy to connect with others on LinkedIn and Mastodon and her handle is CarpeDiemT3ch. - title: Chapter Person of the Year type: award category: WASPY year: 2023 winners: - name: Sam Stepanyan image: /assets/images/people/board_sam_stepanyan.jpg info: >- Sam Stepanyan is an Independent Application Security Consultant and Security Architect with over 20 years of experience in the IT industry with a background in software engineering and web application development. Sam has worked for various financial services institutions in the City of London specialising in Application Security consulting, Secure SoftwareDevelopment Lifecycle (SDLC), developer training, source code reviews and vulnerability management. He is also a Subject MatterExpert in Web Application Firewalls (WAF) and SIEM systems. Sam holds a Master’s degree in Software Engineering and a CISSP certification. Sam has been serving as an OWASP London Chapter Leader since November 2015 (with Sherif Mansour) and as OWASP Chapter Committee Chair since August 2020. Sam is also a Project Leader of OWASP Nettacker and a co-leader of OWASP WAFEC project. Sam is a frequent speaker at several BSides conferences as well as OWASP Global AppSec conferences. - title: Project Person of the Year type: award category: WASPY year: 2022 winners: - name: Nancy Gariche image: /assets/images/people/nancy_gariche_photo.jpeg info: >- Nancy is a Senior Developer Advocate for the GitHub Security Lab, where she helps security researchers and developers collaborate and communicate better. In her spare time co-leads the OWASP DevSlop Project and is a member of the AWS Community Builder group. Nancy was named one of the Top 20 Women Leaders in Cyber in Canada, 2021. - title: Event Person of the Year type: award category: WASPY year: 2022 winners: - name: Izar Tarandach image: /assets/images/people/izar_tarandach.jpg info: >- Izar Tarandach is the Principal Security Engineer at Squarespace, a published author and presenter on Threat Modeling. With past tenures in leadership security positions at Autodesk, in a major hedge fund, DellEMC, RSA, IBM and others, he was a core contributor to SAFECode and a founding contributor to the IEEE Center for Security Design. He holds a masters degree in Computer Science/Security from Boston University and has served as an instructor in Digital Forensics and in Secure Development in grad-level courses. He co-leads the development of pytm, a threat-modeling-with-code OWASP Incubator project. - title: Chapter Person of the Year type: award category: WASPY year: 2022 winners: - name: Thomas Ljungberg Kristensen image: /assets/images/people/thomas_ljungberg_kristensen photo.jpg info: >- Thomas has been developing secure software since graduating with a master's degree in computer science from Aarhus University in 2006. He has created and tested software, tools and processes in and for large corporations in the finance, energy, and military sectors. Thomas currently runs his independent security consulting firm, WelcomeSecurity based in Silkeborg, Denmark, where he helps people and businesses view security as a business enabler and a value improvement instead of a cost and a pain – To welcome security in software development!
Since 2019, Thomas has been an active volunteer with the OWASP Aarhus, Denmark, chapter as co-chapter lead trying to make people aware of the excellent free resources from OWASP and providing a meeting place for people to talk about it-security and to network. - title: Oustanding Innovator type: award category: WASPY year: 2021 winners: - name: Bjoern Kimminich image: /assets/images/people/Bjoern_Kimminich.jpg info: >- See his interview [here](https://www.youtube.com/watch?v=CMA5lWAJI8Q) - title: Outstanding Community Supporter type: award category: WASPY year: 2021 winners: - name: Tanya Janca image: /assets/images/people/Tanya_Janca.jpg info: >- See interview [here](https://www.youtube.com/watch?v=dVDVcLyrnr4) - title: Outstanding Educator type: award category: WASPY year: 2021 winners: - name: Tanya Janca image: /assets/images/people/Tanya_Janca.jpg info: >- See interview [here](https://www.youtube.com/watch?v=dVDVcLyrnr40) - title: Outstanding Project - OWASP ZAP type: award category: WASPY year: 2021 winners: - name: ZAP image: /assets/images/logos/zap256x256.png info: >- See Simon (psiinon) and Rick's interview [here](https://www.youtube.com/watch?v=iz1EAwaV0gI) - name: Rick Mitchell (kingthorin) image: /assets/images/people/Rick_Mitchell.jpg info: >- Rick's focus on Web Application Security represents more than half of his 20+ year IT career. You may know him for his work as a co-lead of the ZAP project, however Rick can also be credited for his contributions to the Open Source Security Testing Methodology Manual (OSSTMM), Web Security Testing Guide (WSTG), Vulnerable Web Applications Directory (VWAD), and OWASP community content. Rick is a security assessment and testing trainer for part of his work, a lightning talk presenter at the Ottawa OWASP chapter meetings and AppSec USA, OWASP Ottawa volunteer, and has helped with project promotion assessments during previous AppSec USA conferences. Rick enjoys helping others learn and challenge themselves, and strongly believes that together we can and do make the industry better. - name: Ricardo Pereira image: /assets/images/people/wasp_circle_black.png info: - title: Best Community Supporter type: award category: WASPY year: 2017 winners: - name: Nicole Becher image: /assets/images/people/Nicole_Becher.jpg info: - name: Dinis Cruz image: /assets/images/people/Dinis_Cruz.jpg info: - name: Jeremy Long image: /assets/images/people/Jeremy_Long.png info: - title: Best Mission Outreach type: award category: WASPY year: 2017 winners: - name: Mark Miller image: /assets/images/people/Mark_Miller.png info: - title: Best Innovator type: award category: WASPY year: 2017 winners: - name: Seba Deleersnyder image: /assets/images/people/Seba_Deleersnyder.png info: - title: Open/Leading Category type: award category: WASPY year: 2016 winners: - name: Dinis Cruz image: /assets/images/people/Dinis_Cruz.jpg info: - title: Integrity/Learning Category type: award category: WASPY year: 2016 winners: - name: Eoin Keary image: /assets/images/people/Eoin_Keary.jpg info: - title: Innovation/Sharing Category type: award category: WASPY year: 2016 winners: - name: Owen Pendlebury image: /assets/images/people/Owen_Pendlebury.jpg info: - title: Global/Growing Category type: award category: WASPY year: 2016 winners: - name: Kathy Thaxton image: /assets/images/people/Kathy_Thaxton.jpg info: - title: Open/Leading Category for the European Region type: award category: WASPY year: 2015 winners: - name: Eoin Keary image: /assets/images/people/Eoin_Keary.jpg info: - title: Open/Leading Category for the United States Region type: award category: WASPY year: 2015 winners: - name: Jeremiah Grossman image: /assets/images/people/no-person.png info: - title: Open/Leading Category for the Latin American Region type: award category: WASPY year: 2015 winners: - name: Mateo Martinez image: /assets/images/people/no-person.png info: - title: Open/Leading Category for the Caribbean Region type: award category: WASPY year: 2015 winners: - name: Johanna Curiel image: /assets/images/people/no-person.png info: - title: Integrity/Learning Category for the European Region type: award category: WASPY year: 2015 winners: - name: OWASP Student Chapters Program Leaders (Antonis Manaras & Mateo Martinez) image: /assets/images/people/no-person.png info: - title: Integrity/Learning Category for the United States Region type: award category: WASPY year: 2015 winners: - name: Pedro Peralta image: /assets/images/people/no-person.png info: - title: Integrity/Learning Category for the Asia/Pacific/Middle East Region type: award category: WASPY year: 2015 winners: - name: John Patrick Lita image: /assets/images/people/no-person.png info: - title: Integrity/Learning Category for the Caribbean Region type: award category: WASPY year: 2015 winners: - name: Johanna Curiel image: /assets/images/people/no-person.png info: - title: Innovation/Sharing Category for the Africa Region type: award category: WASPY year: 2015 winners: - name: Munir Njiru image: /assets/images/people/no-person.png info: - title: Innovation/Sharing Category for the European Region type: award category: WASPY year: 2015 winners: - name: Fiona Collins image: /assets/images/people/no-person.png info: - title: Innovation/Sharing Category for the Latin American Region type: award category: WASPY year: 2015 winners: - name: Diego Ademir image: /assets/images/people/no-person.png info: - title: Innovation/Sharing Category for the United States Region type: award category: WASPY year: 2015 winners: - name: Jeremy Long image: /assets/images/people/Jeremy_Long.png info: - title: Global/Growing for the African Region type: award category: WASPY year: 2015 winners: - name: Munir Njiru image: /assets/images/people/no-person.png info: - title: Global/Growing for the Asia/Pacific/Middle East Region type: award category: WASPY year: 2015 winners: - name: John Patrick Lita image: /assets/images/people/no-person.png info: - title: Global/Growing for the European Region type: award category: WASPY year: 2015 winners: - name: Jason Alexander image: /assets/images/people/no-person.png info: - title: Global/Growing for the Latin American Region type: award category: WASPY year: 2015 winners: - name: John Vargas image: /assets/images/people/no-person.png info: - title: Global/Growing for the United States Region type: award category: WASPY year: 2015 winners: - name: Jerry Hoff image: /assets/images/people/no-person.png info: - title: Best Chapter Leader type: award category: WASPY year: 2014 winners: - name: Japan Chapter Leaders image: /assets/images/people/no-person.png info: - title: Best Project Leader type: award category: WASPY year: 2014 winners: - name: Simon Bennetts image: /assets/images/people/Simon_Bennetts.jpg info: - title: Best Mission Outreach type: award category: WASPY year: 2014 winners: - name: AppSecUSA 2013 Team image: /assets/images/people/no-person.png info: - title: Best New Community Supporter type: award category: WASPY year: 2014 winners: - name: AppSecAPAC 2014 Team image: /assets/images/people/no-person.png info: - title: Best Platform Supporter type: award category: WASPY year: 2014 winners: - name: Johanna Curiel image: /assets/images/people/no-person.png info: - title: Best Chapter Leader type: award category: WASPY year: 2013 winners: - name: Tin Zaw, Richard Greenberg, Kelly Fitzgerald, Stuart Schwarz, & Edward Bonver (LA Chapter Leaders) image: /assets/images/people/no-person.png info: - title: Best Project Leader type: award category: WASPY year: 2013 winners: - name: Simon Bennetts image: /assets/images/people/Simon_Bennetts.jpg info: - title: Best Community Supporter type: award category: WASPY year: 2013 winners: - name: Fabio Cerullo image: /assets/images/people/no-person.png info: - title: Best Mission Outreach type: award category: WASPY year: 2013 winners: - name: Martin Knobloch image: /assets/images/people/no-person.png info: - title: Best Innovator type: award category: WASPY year: 2013 winners: - name: Abbas Naderi image: /assets/images/people/no-person.png info: - title: WASPY Award type: award category: WASPY year: 2012 winners: - name: Helen Gao image: /assets/images/people/Helen_Gao.jpg info: Helen received a certificate, a $1000 gift card, an iPad and a trophy. - title: OWASP Distinguished Lifetime Award type: award category: Distinguished Lifetime year: 2021 winners: - name: Dave Wichers image: /assets/images/people/dave_wichers.jpg info: >- See his interview [here](https://www.youtube.com/watch?v=nM3ABhcrS7c) - name: Fiona Collins image: /assets/images/people/fiona_collins.jpg info: - name: Jeff Williams image: /assets/images/people/jeff_williams.jpg info: See his interview [here](https://www.youtube.com/watch?v=ojJY8ysK-Tw) - name: Mark Curphey image: /assets/images/people/mark_curphy_headshot.jpeg info: - name: Matteo Meucci image: /assets/images/people/matteo_meucci.jpg info: - title: OWASP Distinguished Lifetime Award type: award category: Distinguished Lifetime year: 2023 winners: - name: Simon Bennetts image: /assets/images/people/Simon_Bennetts.jpg info: - name: Ricardo Pereira image: /assets/images/people/no-person.png info: - name: Rick Mitchell image: /assets/images/people/Rick_Mitchell.jpg info: - name: Jim image: /assets/images/people/leader_.jpg info: - title: OWASP Distinguished Lifetime Award type: award category: Distinguished Lifetime year: 2024 winners: - name: Daniel Cuthbert image: /assets/images/people/daniel_cuthbert.jpg info: From the early days of OWASP, Daniel has been on a relentless quest to build software so secure that even he might struggle to hack it (but don't count on it). Self-diagnosed with an obsession for bugs and offensive operations, he's turned his penchant for poking holes into a crusade for making vendors shape up. By channeling his mischief into the ASVS and other cunning initiatives, he's been plotting to save the software world—one responsible vendor at a time. - name: Tanya Janca image: /assets/images/people/tanya_janca_photo.jpeg info: Tanya Janca, aka SheHacksPurple, is the best-selling author of 'Alice and Bob Learn Secure Coding', 'Alice and Bob Learn Application Security’ and ‘Cards Against AppSec'. Over her 28-year IT career she has won countless awards (including OWASP Lifetime Distinguished Member and Hacker of the Year), spoken all over the planet, and is a prolific blogger. Tanya has trained thousands of software developers and IT security professionals, via her online academies (We Hack Purple and Semgrep Academy), and her live training programs. Having performed counter-terrorism, led security for the 52nd Canadian general election, developed or secured countless applications, Tanya Janca is widely considered an international authority on the security of software. - name: Martin Knobloch image: /assets/images/people/board_martin2.png info: >- 2006: Attending my first OWASP AppSec conference, the OWASP AppSec in Belgium (and only missed two since)
2007: Joining the OWASP Netherlands Chapter Board
2008: First time presenting at an OWASP conference, the OWASP Australia Security Conference at Gold Coast, Queensland, Australia
2008: Chairing the OWASP Education committee, as result of attending the first OWASP Summit in Portugal
2009: Co-organizing the first OWASP BeNeLux-Day, and all of them since
2010: First active involvement in an OWASP AppSec conference, hosting the CTF in Sweden
2011: Co-organizing the OWASP Summit 2011
2015: Conference Chair of the OWASP Global AppSec EU in Amsterdam
2017: Joining the OWASP Global Foundation Board of DIrectors, until 2022
2019: Joining the OWASP Europe Board

Over the years, I have been promoting, mentoring and supporting OWASP in general; the various projects, chapters and events. The leaders, organizers, members and volunteers. Anyone trying to find their way into AppSec. - name: Riotaro OKADA image: /assets/images/people/riotaro_okada.jpg info: Executive Director of Asterisk Research, Inc., OWASP Lifetime Member, a Japan Chapter Lead, Contributor, MBA, CISA, CSA holder - title: OWASP Distinguished Lifetime Award type: award category: Distinguished Lifetime year: 2025 winners: - name: Seba Deleersnyder image: /assets/images/people/seba_deleersnyder.png info: Sebastien (Seba) Deleersnyder, co-founder and CTO of Toreon, combines software engineering expertise with a passion for holistic product security. After earning his Master's in Software Engineering from the University of Ghent, he became a driving force in the security community as founder of the Belgian OWASP chapter, OWASP Foundation Board member, and co-founder of BruCON, Belgium's annual security conference. His leadership of OWASP SAMM and decade-long role as a highly-rated Black Hat trainer have significantly impacted global software security. - name: Christian Folini image: /assets/images/people/christian-folini-wearing-helmet.jpeg info: When Christian Folini made his debut at the OWASP AppSec conference in Milan in 2007, he quickly found himself invited to share his insights on a panel discussing the emerging PCI DSS Web Application Firewall (WAF) requirements. During the years, he has evolved into a cornerstone of the open-source WAF community. As the author of the second edition of the ModSecurity Handbook he is one of the go-to experts for all things rule language. Folini introduced groundbreaking concepts such as the OWASP CRS Paranoia Levels and the notion of strict siblings. His innovative spirit led to the design of the CRS plugin architecture and the inception of the CRS dev-on-duty program. Moreover, Folini played a key role in transitioning ModSecurity to become a part of the OWASP Foundation. Beyond his contributions to OWASP, Christian Folini is a member of the steering committee for the Swiss National Cyber Strategy. He is also the public face of the Swiss Cyber Storm conference and continues to shape the cybersecurity landscape both in Switzerland and on a global level. - name: Josh Grossman image: /assets/images/people/josh_grossman_headshot.jpg info: Outside of his day job as an AppSec practitioner, [Josh](https://joshcgrossman.com) has been involved with OWASP in many different roles. This includes serving as a co-leader of the [Israel chapter](https://owasp.org/israel) (and co-organizing the legendary [AppSecIL](https://appsecil.org) conference), serving as a member of the [events committee](https://owasp.org/www-committee-events/), and also working as a co-leader of the [OWASP ASVS project](https://asvs.owasp.org). - name: Andrew van der Stock image: /assets/images/people/staff_andrew.jpg info: