ABOUT THE AUTHORS

Vinod Vasudevan, CISSP, is the Director of Managed Risk Services at Paladion. He is the co-author of Enhancing Computer Security with Smart Technology, published by Auerbach. Prior to co-founding Paladion, Vinod worked with Microsoft. He wrote the chapter ‘Application Security and ISO27001’.

Anoop Mangla is a risk specialist in banking and finance. Previously with PCQuest, Anoop is an expert on the effectiveness of security technologies in an organisation’s security. He wrote the chapter on ‘Introduction to Application Security Threats’.

Firosh Ummer, CISA, ISO27001 LA, CBCP, BS15000 LA, is co-founder of Paladion and head of the ISO27001 consulting practice. Firosh advises Fortune 500 companies on their ISMS strategy and helps them get certified to the new ISO standard. Firosh wrote the chapter ‘Threat Profiling and Security Testing’.

Sachin Shetty, CISSP, is a senior application security engineer. Sachin’s work on fighting keyloggers has been published in Securityfocus. Sachin wrote the chapter ‘Attacks on Applications’.

Sangita Pakala, GCIH, has experience of more than fifty application security projects. She is the lead author of the OWASP Application Security FAQ. Sangita’s work was presented at RSA Conference 2006 and ISACA Europe 2005. She wrote the chapter ‘Secure Development Lifecycle’.

Siddharth Anbalahan is a senior application security engineer with experience of more than twenty penetration tests. Siddharth has developed anti-phishing toolkits to enable banks to detect phishing attacks in real time. He is the editor of Palisade, the application security magazine. Siddharth wrote the chapter ‘Secure Coding Guidelines’.