Top AppSec Gurus on Twitter

Staying on top of the latest developments and innovation in application security is key. The following list of thought leaders is an excellent source of information that will help you implement a successful application security program.

Troy Hunt @TroyHunt
Sydney-based software architect, web security specialist and Microsoft MVP 4 years running.

Dan Cornell @danielcornell
AppSec expert with over 12 years of experience in developing and architecting secure software.

Rafay Baloch @rafaybaloch
Award winning AppSec expert and ethical hacker who specializes in Android and Chrome vulnerabilities.

Mark Dowd @Mdowd
AppSec researcher and pioneer. Co-written “The Art of Software Security Assessment”.

Aloria @Aloria
A security engineer, adjunct InfoSec professor and creator/curator of the hilarious @sec_reactions

Avram Marius @securityshell
Has found vulnerabilities that have earned him credit from Google, Facebook, Twitter and many others.

Dan Goodin @dangoodin001
Ars Technica has an excellent security section on their site, and that’s thanks in great part to Dan Goodin.

Parisa Tabriz @laparisa
Once a “part-time hacker”, Parisa now manages the Google Chrome security engineering team.

Robin Wood @DigiNinja
A security auditor specializing in web apps and Wi-Fi. Follow Robin for witty security musings and research.

Michael Zalewski @Icamtuf
Michael is on the Google Security Team, has been in the industry for over 20 years.

Graham Cluley @GCluley
An AppSec blogger since the early 90s, he now has his own blog and covers all the hot issues.

Mohit Kumar @unix_root
A security researcher and the editor-in-chief of The Hacker News, which he founded in 2010.

Malik Mesellem @MME_IT
An ethical hacker who also offers security training and education to help promote AppSec awareness.

Ashar Javed @soaj1664ashar
A web app sec researcher who found bugs in Google, Microsoft, Twitter, eBay and many more.

Michael Coates @_mwc
Chairman of the Board at OWASP’s and an ex-Mozilla Director of Security Assurance.

Rich Mogull @rmogull
A security analyst and CEO at Securosis and contributor to Dark Reading and TidBITS.

Mark Goodwin @mr_goodwin
Mark works on application security for Mozilla and spends his free time as the OWASP East Midlands.

Pierluigi Paganini @SecurityAffairs
Ethical hacker, editor-in-chief of Cyber Defense Magazine and a member of ENISA.

Maty Siman
Checkmarx CTO and Chief Researcher Maty Siman @Maty_Siman