Wendy Segura

About Me

If I had to sum up what I dedicate myself to outside of work, it’s volunteering my time. With organizations such as OWASP, DayofShecurity, BSides S.F., Merrit College, BangNullClub, GirlGeek X and most recently ThreatModCon. I enjoy helping others in the same way in which I was supported when I first got into tech. I might not have as many years or experience in tech as others but my way of giving back is by being involved in the same organizations that dedicated their time and effort towards my own career. I am passionate about helping and supporting others as that was huge in my career and still is. The path foward is to build others and to elevate each other to accomplish our goals career or otherwise. Currently I am a Security Engineer at Sage, I work accross multiple teams within security from compliance, to business information security, and application security. I recognize the importance of communication and building relationships within one’s own organization to effectively implement changes which is what I would do as an OWASP board member.

Watch the video

Questions

What unique strategic goal do you intend to bring on board, if you are elected?

I plan to bring in more cross collaborations with other organizations involving Developers as a means and way to create more visibility to OWASP. One of the issues that we faced this year was having to cancel OWASP Dev Day. I’d like to work on that by reaching out to a few groups that are Developer focused and doing cross-collabs as a means to get OWASP noticed more by that particular community.

What is your vision for OWASP over the next three to five years?

My vision for OWASP is to expand presence and growth through partnerships with groups/conferences such as DeveloperWeek and collaborations with other organizations that are like minded in order to grow and further diversify the OWASP community.

What contributions have you personally made to OWASP or other open source projects?

My contributions to OWASP have been primarily focused on community building, event management, and local chapter leadership. While these contributions may not be project-centered in the traditional sense, they are crucial for OWASP’s growth, visibility, and impact. Specifically:

  • Global Conference Leadership: I dedicate a full week annually to lead volunteers at the San Francisco Global OWASP Conference. This role involves coordinating a team of 20+ volunteers, ensuring smooth operations across multiple conference tracks and workshops.
  • Bay Area OWASP Chapter Leadership: As an active member and leader of the Bay Area OWASP chapter, I’ve been instrumental in: Organizing monthly meetups and securing high-profile speakers from major tech companies, enhancing the chapter’s reputation
  • Advocacy and Outreach: Regularly represent OWASP at local tech events and conferences, promoting our mission and resources.

What strategies would you implement to increase community engagement and participation in OWASP?

By doing more collaborations with other organizations that might have never heard of us we can increase outreach to other communities. Also to the exisiting community we can re-evaluate the topics that we think will generate more attendance and that people want to hear about in order to bring meaningful meetups throughout our chapters.

What will be your efforts to ensure OWASP continues to be a centerpiece in software security?

To focus on strategies that align with OWASP’s core values and existing strengths while addressing emerging challenges in the field such as:

  • Strengthening Open Source Projects by creating mentorship programs pairing experienced contributors with newcomers.
  • Expanding educational initiatives like developing more specialized training tracks for different roles (developers and managers).
  • Improving community engagement by developing more interactive discussions for knowledge sharing and collaboration. and creating targeted initiatives to increase diversity in the OWASP community.

What should OWASP stop doing and why?

OWASP should phase out reliance on outdated communication channels and shift towards more modern, interactive platforms for community engagement. I don’t feel like we do enough community engagement even with tools like slack, twitter, linkedin maybe it’s time to expand and think about how we can reach out to the new generation of Security experts.

Watch Star