Achievements and Awards

OWASP recognizes the significant work that our volunteer community contributes regularly to help OWASP achieve its mission and remain a world leader in application security. OWASP grants financial and non-financial awards based on merit and community involvement. The following are current OWASP award initiatives:

WASPY

Each year there are many individuals who do amazing work, dedicating countless hours to share, improve, and strengthen the OWASP mission. Some of these individuals are well known to the community while others are not. The purpose of these awards is to bring recognition to those who “FLY UNDER THE RADAR”. These are the individuals who are passionate about OWASP, who contribute hours of their own free time to the organization to help improve the cyber-security world, yet seem to go unrecognized.

Distinguished Lifetime Memberships

Awarded by the Board for outstanding involvement in the organization over the course of many years.

Distinguished Lifetime Membership Awards

2025


  • OWASP Distinguished Lifetime Award

    • Seba Deleersnyder   Seba Deleersnyder
      Sebastien (Seba) Deleersnyder, co-founder and CTO of Toreon, combines software engineering expertise with a passion for holistic product security. After earning his Master’s in Software Engineering from the University of Ghent, he became a driving force in the security community as founder of the Belgian OWASP chapter, OWASP Foundation Board member, and co-founder of BruCON, Belgium’s annual security conference. His leadership of OWASP SAMM and decade-long role as a highly-rated Black Hat trainer have significantly impacted global software security.

    • Christian Folini   Christian Folini
      When Christian Folini made his debut at the OWASP AppSec conference in Milan in 2007, he quickly found himself invited to share his insights on a panel discussing the emerging PCI DSS Web Application Firewall (WAF) requirements. During the years, he has evolved into a cornerstone of the open-source WAF community. As the author of the second edition of the ModSecurity Handbook he is one of the go-to experts for all things rule language. Folini introduced groundbreaking concepts such as the OWASP CRS Paranoia Levels and the notion of strict siblings. His innovative spirit led to the design of the CRS plugin architecture and the inception of the CRS dev-on-duty program. Moreover, Folini played a key role in transitioning ModSecurity to become a part of the OWASP Foundation. Beyond his contributions to OWASP, Christian Folini is a member of the steering committee for the Swiss National Cyber Strategy. He is also the public face of the Swiss Cyber Storm conference and continues to shape the cybersecurity landscape both in Switzerland and on a global level.

    • Josh Grossman   Josh Grossman
      Outside of his day job as an AppSec practitioner, Josh has been involved with OWASP in many different roles. This includes serving as a co-leader of the Israel chapter (and co-organizing the legendary AppSecIL conference), serving as a member of the events committee, and also working as a co-leader of the OWASP ASVS project.

    • Andrew van der Stock   Andrew van der Stock

2024


  • OWASP Distinguished Lifetime Award

    • Daniel Cuthbert   Daniel Cuthbert
      From the early days of OWASP, Daniel has been on a relentless quest to build software so secure that even he might struggle to hack it (but don’t count on it). Self-diagnosed with an obsession for bugs and offensive operations, he’s turned his penchant for poking holes into a crusade for making vendors shape up. By channeling his mischief into the ASVS and other cunning initiatives, he’s been plotting to save the software world—one responsible vendor at a time.

    • Tanya Janca   Tanya Janca
      Tanya Janca, aka SheHacksPurple, is the best-selling author of ‘Alice and Bob Learn Secure Coding’, ‘Alice and Bob Learn Application Security’ and ‘Cards Against AppSec’. Over her 28-year IT career she has won countless awards (including OWASP Lifetime Distinguished Member and Hacker of the Year), spoken all over the planet, and is a prolific blogger. Tanya has trained thousands of software developers and IT security professionals, via her online academies (We Hack Purple and Semgrep Academy), and her live training programs. Having performed counter-terrorism, led security for the 52nd Canadian general election, developed or secured countless applications, Tanya Janca is widely considered an international authority on the security of software.

    • Martin Knobloch   Martin Knobloch
      2006: Attending my first OWASP AppSec conference, the OWASP AppSec in Belgium (and only missed two since)
      2007: Joining the OWASP Netherlands Chapter Board
      2008: First time presenting at an OWASP conference, the OWASP Australia Security Conference at Gold Coast, Queensland, Australia
      2008: Chairing the OWASP Education committee, as result of attending the first OWASP Summit in Portugal
      2009: Co-organizing the first OWASP BeNeLux-Day, and all of them since
      2010: First active involvement in an OWASP AppSec conference, hosting the CTF in Sweden
      2011: Co-organizing the OWASP Summit 2011
      2015: Conference Chair of the OWASP Global AppSec EU in Amsterdam
      2017: Joining the OWASP Global Foundation Board of DIrectors, until 2022
      2019: Joining the OWASP Europe Board

      Over the years, I have been promoting, mentoring and supporting OWASP in general; the various projects, chapters and events. The leaders, organizers, members and volunteers. Anyone trying to find their way into AppSec.

    • Riotaro OKADA   Riotaro OKADA
      Executive Director of Asterisk Research, Inc., OWASP Lifetime Member, a Japan Chapter Lead, Contributor, MBA, CISA, CSA holder

2023


  • OWASP Distinguished Lifetime Award

    • Simon Bennetts   Simon Bennetts

    • Ricardo Pereira   Ricardo Pereira

    • Rick Mitchell   Rick Mitchell

    • Jim   Jim

2021


  • OWASP Distinguished Lifetime Award

    • Dave Wichers   Dave Wichers
      See his interview here

    • Fiona Collins   Fiona Collins

    • Jeff Williams   Jeff Williams
      See his interview here

    • Mark Curphey   Mark Curphey

    • Matteo Meucci   Matteo Meucci

WASPY Awards

2025


  • Chapter Person of the Year

    • John DiLeo   John DiLeo
      John is a Lifetime Member of OWASP, having first joined in 2014, while living and working in Kansas City, Missouri. He has been active in the New Zealand Chapter since moving to Auckland in late 2017.

      John took on a leadership role in the New Zealand Chapter in April 2018, restarting the Auckland Meetup, which he led until May 2024, when he moved to Hamilton. Once settled there, John launched the Hamilton Meetup, which is now going strong.

      John became Chair of the annual OWASP New Zealand Day conference in 2019, keeping it going through COVID lockdowns, border closures, and travel bans. This year, he is coaching his successor, so he can ‘retire’ as conference chair after his seventh. John helped organize the student-focused security.ac.nz event, in 2019 and 2022. He also organizes OWASP Training Day events around New Zealand.

      Beyond the chapter, John has been a member of the OWASP SAMM Project’s core team since 2018, has been part of the Chapters and Education and Training Committees, and has founded a number of small OWASP projects.


  • Event Person of the Year

    • Jim Manico   Jim Manico
      Jim Manico has been deeply involved in the OWASP community for more than two decades, beginning his volunteer journey in 2003. Over the years he has taken on a wide range of leadership and hands-on roles.

      - Global Governance. Elected to OWASP’s Global Board of Directors (2011 – 2014), where he helped shape the foundation’s strategic direction, fundraising model, and community-driven governance.
      - OWASP Cheat Sheet Series (2009 – present) - Co-founder and long-time project manager, coordinating dozens of security cheat sheets that distill complex topics into actionable, developer-friendly guidance.
      - OWASP Application Security Verification Standard (ASVS) & Artificial Intelligence Security Verification Standard (AISVS) - Core contributor and project manager, ensuring that both standards remain technically rigorous, developer-centric, and mapped to modern threat landscapes.
      - Regular contributor to other flagship initiatives, including the OWASP Top Ten and Proactive Controls.
      - Community Building & Education. A frequent keynote speaker and trainer at AppSec USA, AppSec EU, and dozens of local OWASP chapters, Jim has delivered hundreds of secure-coding workshops worldwide, championing open knowledge and evidence-based practices.
      - Recognition. Honored with OWASP’s Lifetime Achievement Award (2023) for sustained, high-impact service—a testament to his belief in the foundation’s mission of “making software security visible, so that individuals and organizations can make informed decisions.

      A true believer in OWASP’s open, vendor-neutral ethos, Jim remains an active contributor, mentor, and evangelist—continuing to advance the state of software security through community-driven standards, education, and tooling.


  • Project Person of the Year

    • Jannik Hollenbach   Jannik Hollenbach
      Jannik joined the OWASP around 2017 after being introduced to the Juice Shop project at university. He then became a regular contributor to the Juice Shop project and created the MultiJuicer project to enable people to run trainings and workshops with Juice Shop. He is now a project lead for both the OWASP Juice Shop and OWASP secureCodeBox projects.

2024


  • Chapter Person of the Year

    • Martin Knobloch   Martin Knobloch
      2006: Attending my first OWASP AppSec conference, the OWASP AppSec in Belgium (and only missed two since)
      2007: Joining the OWASP Netherlands Chapter Board
      2008: First time presenting at an OWASP conference, the OWASP Australia Security Conference at Gold Coast, Queensland, Australia
      2008: Chairing the OWASP Education committee, as result of attending the first OWASP Summit in Portugal
      2009: Co-organizing the first OWASP BeNeLux-Day, and all of them since
      2010: First active involvement in an OWASP AppSec conference, hosting the CTF in Sweden
      2011: Co-organizing the OWASP Summit 2011
      2015: Conference Chair of the OWASP Global AppSec EU in Amsterdam
      2017: Joining the OWASP Global Foundation Board of DIrectors, until 2022
      2019: Joining the OWASP Europe Board

      Over the years, I have been promoting, mentoring and supporting OWASP in general; the various projects, chapters and events. The leaders, organizers, members and volunteers. Anyone trying to find their way into AppSec.


  • Event Person of the Year

    • Shruti Kulkarni   Shruti Kulkarni
      Shruti Kulkarni is a cyber security / enterprise security architect with experience in ISO27001, PCI-DSS, policies, standards, security tools, threat modeling, risk assessments. Shruti works on security strategies and collaborates with cross-functional groups to implement information security controls in software development life-cycle, service operations, service delivery such that security controls support business requirements. An ardent fan, Shruti joined OWASP in 2013 and is currently project leader for Developer Guide and is the Secretary of the Education Committee.


  • Project Person of the Year

    • Felipe Zipitria   Felipe Zipitria
      Felipe Zipitria is an expert in computer security, graduated with an MSc from the Universidad de la República in Uruguay. With over 20 years of experience in SRE, DevOps, and SysAdmin roles, Felipe has transitioned into specialized areas, dedicating the past 5 years to AppSec and Cloud SecOps. His extensive expertise spans security consulting for over a decade. Passionate about education, Felipe instructs pregraduate students in Computer Security Fundamentals and guides postgraduates in Web Application Security at the local public University, with the help of OWASP published materials. He started as the Uruguay Co-Chapter Leader in 2013, and started engaging in projects with global outreach. He is a longstanding contributor to OWASP CRS, serving as a developer and co-leader since 2021 and he is part of the OWASP Coraza leadership team, focusing on the development of new Web Application Firewalls (WAFs). Committed to fostering open-source engagement, he has served as a Google Summer of Code mentor for four consecutive years, nurturing students involvement in open-source and OWASP initiatives.

2023


  • Chapter Person of the Year

    • Sam Stepanyan   Sam Stepanyan
      Sam Stepanyan is an Independent Application Security Consultant and Security Architect with over 20 years of experience in the IT industry with a background in software engineering and web application development. Sam has worked for various financial services institutions in the City of London specialising in Application Security consulting, Secure SoftwareDevelopment Lifecycle (SDLC), developer training, source code reviews and vulnerability management. He is also a Subject MatterExpert in Web Application Firewalls (WAF) and SIEM systems. Sam holds a Master’s degree in Software Engineering and a CISSP certification. Sam has been serving as an OWASP London Chapter Leader since November 2015 (with Sherif Mansour) and as OWASP Chapter Committee Chair since August 2020. Sam is also a Project Leader of OWASP Nettacker and a co-leader of OWASP WAFEC project. Sam is a frequent speaker at several BSides conferences as well as OWASP Global AppSec conferences.


  • Event Person of the Year

    • Meghan Jacquot   Meghan Jacquot
      Meghan Jacquot is a Security Engineer with Inspectiv and focuses on vulnerabilities and attack surface management. She is particularly interested in application security, threat intelligence, investigating vulnerabilities, and the ethical use of data. Meghan shares her research via conferences and publications. Throughout the year, she helps a variety of organizations and folks including DEF CON as a SOC GOON, Diana Initiative, OWASP, SANS, and WiCyS. To relax she also spends time visiting national parks, gardening, and hanging with her chinchilla. She’s happy to connect with others on LinkedIn and Mastodon and her handle is CarpeDiemT3ch.


  • Project Person of the Year

    • Brian Glas   Brian Glas
      Brian has more than 22 years of experience in various roles in IT with the majority of that in application development and security. His day job is serving as Department Chair and Assistant Professor teaching a full load of Computer Science and Cybersecurity classes at Union University. He helped build the FedEx AppSec team, worked on the Trustworthy Computing team at Microsoft, consulted on software security, and served as a project lead and active contributor for SAMM v1.1-2.0+ and OWASP Top 10 2017, 2021, and 2024. Brian is a contributor to the RABET-V Program for assessing non-voting election technology. He holds several Cybersecurity and IT certifications and is working on his Doctor of Computer Science in Cybersecurity and Information Assurance.

2022


  • Chapter Person of the Year

    • Thomas Ljungberg Kristensen   Thomas Ljungberg Kristensen
      Thomas has been developing secure software since graduating with a master’s degree in computer science from Aarhus University in 2006. He has created and tested software, tools and processes in and for large corporations in the finance, energy, and military sectors. Thomas currently runs his independent security consulting firm, WelcomeSecurity based in Silkeborg, Denmark, where he helps people and businesses view security as a business enabler and a value improvement instead of a cost and a pain – To welcome security in software development!
      Since 2019, Thomas has been an active volunteer with the OWASP Aarhus, Denmark, chapter as co-chapter lead trying to make people aware of the excellent free resources from OWASP and providing a meeting place for people to talk about it-security and to network.


  • Event Person of the Year

    • Izar Tarandach   Izar Tarandach
      Izar Tarandach is the Principal Security Engineer at Squarespace, a published author and presenter on Threat Modeling. With past tenures in leadership security positions at Autodesk, in a major hedge fund, DellEMC, RSA, IBM and others, he was a core contributor to SAFECode and a founding contributor to the IEEE Center for Security Design. He holds a masters degree in Computer Science/Security from Boston University and has served as an instructor in Digital Forensics and in Secure Development in grad-level courses. He co-leads the development of pytm, a threat-modeling-with-code OWASP Incubator project.


  • Project Person of the Year

    • Nancy Gariche   Nancy Gariche
      Nancy is a Senior Developer Advocate for the GitHub Security Lab, where she helps security researchers and developers collaborate and communicate better. In her spare time co-leads the OWASP DevSlop Project and is a member of the AWS Community Builder group. Nancy was named one of the Top 20 Women Leaders in Cyber in Canada, 2021.

2021


  • Outstanding Project - OWASP ZAP

    • ZAP   ZAP
      See Simon (psiinon) and Rick’s interview here

    • Rick Mitchell (kingthorin)   Rick Mitchell (kingthorin)
      Rick’s focus on Web Application Security represents more than half of his 20+ year IT career. You may know him for his work as a co-lead of the ZAP project, however Rick can also be credited for his contributions to the Open Source Security Testing Methodology Manual (OSSTMM), Web Security Testing Guide (WSTG), Vulnerable Web Applications Directory (VWAD), and OWASP community content. Rick is a security assessment and testing trainer for part of his work, a lightning talk presenter at the Ottawa OWASP chapter meetings and AppSec USA, OWASP Ottawa volunteer, and has helped with project promotion assessments during previous AppSec USA conferences. Rick enjoys helping others learn and challenge themselves, and strongly believes that together we can and do make the industry better.

    • Ricardo Pereira   Ricardo Pereira


  • Outstanding Educator

    • Tanya Janca   Tanya Janca
      See interview here


  • Outstanding Community Supporter

    • Tanya Janca   Tanya Janca
      See interview here


  • Oustanding Innovator

    • Bjoern Kimminich   Bjoern Kimminich
      See his interview here

2017


  • Best Innovator

    • Seba Deleersnyder   Seba Deleersnyder


  • Best Mission Outreach

    • Mark Miller   Mark Miller


  • Best Community Supporter

    • Nicole Becher   Nicole Becher

    • Dinis Cruz   Dinis Cruz

    • Jeremy Long   Jeremy Long

2016


  • Global/Growing Category

    • Kathy Thaxton   Kathy Thaxton


  • Innovation/Sharing Category

    • Owen Pendlebury   Owen Pendlebury


  • Integrity/Learning Category

    • Eoin Keary   Eoin Keary


  • Open/Leading Category

    • Dinis Cruz   Dinis Cruz

2015


  • Global/Growing for the United States Region

    • Jerry Hoff   Jerry Hoff


  • Global/Growing for the Latin American Region

    • John Vargas   John Vargas


  • Global/Growing for the European Region

    • Jason Alexander   Jason Alexander


  • Global/Growing for the Asia/Pacific/Middle East Region

    • John Patrick Lita   John Patrick Lita


  • Global/Growing for the African Region

    • Munir Njiru   Munir Njiru


  • Innovation/Sharing Category for the United States Region

    • Jeremy Long   Jeremy Long


  • Innovation/Sharing Category for the Latin American Region

    • Diego Ademir   Diego Ademir


  • Innovation/Sharing Category for the European Region

    • Fiona Collins   Fiona Collins


  • Innovation/Sharing Category for the Africa Region

    • Munir Njiru   Munir Njiru


  • Integrity/Learning Category for the Caribbean Region

    • Johanna Curiel   Johanna Curiel


  • Integrity/Learning Category for the Asia/Pacific/Middle East Region

    • John Patrick Lita   John Patrick Lita


  • Integrity/Learning Category for the United States Region

    • Pedro Peralta   Pedro Peralta


  • Integrity/Learning Category for the European Region

    • OWASP Student Chapters Program Leaders (Antonis Manaras & Mateo Martinez)   OWASP Student Chapters Program Leaders (Antonis Manaras & Mateo Martinez)


  • Open/Leading Category for the Caribbean Region

    • Johanna Curiel   Johanna Curiel


  • Open/Leading Category for the Latin American Region

    • Mateo Martinez   Mateo Martinez


  • Open/Leading Category for the United States Region

    • Jeremiah Grossman   Jeremiah Grossman


  • Open/Leading Category for the European Region

    • Eoin Keary   Eoin Keary

2014


  • Best Platform Supporter

    • Johanna Curiel   Johanna Curiel


  • Best New Community Supporter

    • AppSecAPAC 2014 Team   AppSecAPAC 2014 Team


  • Best Mission Outreach

    • AppSecUSA 2013 Team   AppSecUSA 2013 Team


  • Best Project Leader

    • Simon Bennetts   Simon Bennetts


  • Best Chapter Leader

    • Japan Chapter Leaders   Japan Chapter Leaders

2013


  • Best Innovator

    • Abbas Naderi   Abbas Naderi


  • Best Mission Outreach

    • Martin Knobloch   Martin Knobloch


  • Best Community Supporter

    • Fabio Cerullo   Fabio Cerullo


  • Best Project Leader

    • Simon Bennetts   Simon Bennetts


  • Best Chapter Leader

    • Tin Zaw, Richard Greenberg, Kelly Fitzgerald, Stuart Schwarz, & Edward Bonver (LA Chapter Leaders)   Tin Zaw, Richard Greenberg, Kelly Fitzgerald, Stuart Schwarz, & Edward Bonver (LA Chapter Leaders)

2012


  • WASPY Award

    • Helen Gao   Helen Gao
      Helen received a certificate, a $1000 gift card, an iPad and a trophy.
Watch Star