Josh Grossman

CTO

Description

Josh has worked as a consultant in IT/Application Security and Risk for 15 years now as well as a Software Developer. In that time he has seen the good, the bad and the stuff which is sadly/luckily still covered by an NDA.

He previously spent time acting as a consultant and team leader for various security consultancies including AppSec Labs, Comsec Global and KPMG Somekh Chaikin where his speciality has been helping organisations improve and get better value from their Secure Development processes and providing specialist Application Security advice. He also has experience with application penetration testing, cloud security and evaluation and implementation of software security tools.

In his spare time he co-leads the OWASP Application Security Verification Standard project and is on the OWASP Israel chapter board.


Back to Our Team

Josh Grossman's upcoming events:

Training at OWASP Global AppSec Lisbon 2024

Building a High-Value AppSec Scanning Programme

Josh Grossman - June 25th-26th, 2024
(Read more about this course)
Event Link

Training at BlackHat USA 2024

Accelerated AppSec – Hacking your Product Security Programme for Velocity and Value (Virtual)

Josh Grossman - August 5rd-6th, 2024
(Read more about this course)
Event Link

Josh Grossman's previous appearances:

BrakeSec Education Podcast

Building AppSec programs and bridging security and developer gaps

Josh Grossman - 15th April, 2024
Event Link

Cyber Security Virtual Meetups

Talk title: The Real AppSec Issues

Josh Grossman - March 06, 2024
Event Link

NDC Security 2024 (Conference)

Tune your Toolbox for Velocity and Value

Josh Grossman - January 11, 2024
Event Link

NDC Security 2024 (Conference)

Discover your inner security engineer with this one weird trick (hackers hate it!)

Josh Grossman - January 11, 2024
Event Link

NDC Security 2024 (Workshops)

Building a High-Value AppSec Scanning Programme

Josh Grossman - January 8-9th, 2024
(Read more about this course)
Event Link

DeveloperWeek Enterprise 2023

Discover Your Inner Security Engineer with This One Weird Trick (Hackers Hate It!)

Josh Grossman - November 16, 2023
Event Link

Training at BlackHat USA 2023

Building a High-Value AppSec Scanning Programme (SCA, SAST, DAST and More)

Josh Grossman - August 7-8th, 2023
Event Link

Livestream at BlackHat USA 2023

Dark Reading News Desk

Josh Grossman - August 06, 2023
Event Link

PyCon Israel 2023

Omniscient AppSec- Custom, Continuous Security Verification of Python Code

Michal Kamensky and Josh Grossman - July 4th, 2023
Event Link

DevTalks Romania

Building a Sustainable Security Requirements Process With the ASVS

Josh Grossman - June 22nd, 2023
Event Link

OWASP 2023 Virtual June Training

Application Security Awareness and Security Requirements with the OWASP ASVS

Josh Grossman - June 6-7th, 2023
Event Link

OWASP Netherlands

The Rise of the Security Verification Standard

Josh Grossman - April 20, 2023
Event Link

QCon London 2023

Sustainable Security Requirements with the ASVS

Josh Grossman - March 27, 2023
Event Link

Security Weekly

The OWASP ASVS and Sustainable Software Security Practices

Josh Grossman - March 13th, 2023
Event Link

OWASP Global AppSec Dublin 2023

Building a High-Value AppSec Scanning Programme - (Training)

Josh Grossman - February 13-14th, 2023
Event Link

(ISC)2 Meetup February 2023

Talk title: The Real AppSec Issues

Josh Grossman - February 02, 2023
Event Link

NDC Security 2023 (Conference)

Building a sustainable security requirements process with the ASVS

Josh Grossman - January 19, 2023
Event Link

OWASP Oslo

Tune your Toolbox for Velocity and Value

Josh Grossman - January 17, 2023
Event Link

Down the Security Rabbithole Podcast (DtSR)

Episode 534 - The AppSec is Still a Mess

Josh Grossman - January 17th, 2023
Event Link

OWASP Global AppSec San Francisco 2022

The Rise of the Security Verification Standard

Josh Grossman - November 18th, 2022
Event Link

OWASP Global AppSec San Francisco 2022

Building a High-Value AppSec Scanning Programme (Training)

Josh Grossman - November 15-16th, 2022
Event Link

AppSecEU 2022

OWASP ASVS Project

Josh Grossman - June 8th, 2022
Event Link

Application Security podcast

Building a High-Value AppSec Scanning Program

Josh Grossman - April 20th, 2022
Event Link

DevSec For Scale Podcast

Proactively Building Secure Software

Josh Grossman - April 12th, 2022
Event Link

OWASP Morocco

Introduction to the ASVS

Josh Grossman - April 12th, 2022
Event Link

Open Security Summit

Tune Your Toolbox for Velocity and Value (SCA)

Josh Grossman - March 15th, 2022
Event Link

OWASP Luxembourg

What's New in the ASVS 4.0?

Josh Grossman - March 8th, 2022
Event Link

DevSecCon Lightning

Count Up From Zero Day - when a critical vulnerability takes you by surprise

Josh Grossman - November 18th, 2020
Event Link

MyDevSecOps Livestream

What's new in the ASVS 4.0?

Josh Grossman - January 30th, 2020
Event Link

OWASP Helsinki

What's new in the ASVS 4.0?

Josh Grossman - September 3rd, 2019
Event Link

MyDevSecOps Livestream

Panel - The State of Open-Source Security

Josh Grossman - March 14th, 2019
Event Link

OWASP AppSec USA 2018

How to get the best AppSec test of your life

Josh Grossman - October 11th, 2018
Event Link

OWASP AppSec Israel 2017

How to get the best AppSec test of your life

Josh Grossman - October 28th, 2017
Event Link