Frank Catucci is an Analyst in the Gartner for Technical Professionals Security and Risk Management Strategies team. He covers Software/Application Security Practices, DevSecOps, Mobile Application Security, API security, SCA, SAST, DAST, IAST, RASP, and WAF.
Previously, Mr. Catucci led a team of Application Security consultants to perform application security management, assessments and security architecture projects. Prior to that, he was a Director of Application Security for large cloud based security innovator, as well as experience that includes consulting and positions within technology solutions, enterprise, financial services, university/higher education, government, healthcare, legal, start-up businesses, public and private industries.
He is a global speaker and evangelist for infosec and appsec industry as well. From consultant to pentester, to CIO/CISO, to advisor, subject matter expert and back again, he is an industry leading professional.
Mr. Catucci conducts security research, penetration testing, and often speaks at information security conferences and events worldwide. Free time is often dedicated to research and bug bounty initiatives.
He is an OWASP Chapter President and an active part of the OWASP bug bounty initiative and frequent contributor to other OWASP wiki and cheatsheet content and security projects and initiatives.
Prior to this, Mr. Catucci was a Director of Application Security.
Director, Application Security and DevSecOps
Director, Application Security, Product and Research
Senior IT Security and AppSec Consultant and Mgr.
Security of Applications and Data for Technical Professionals
Mr. Catucci has a Bachelor's Degree in Business Administration and Management from Newberry College. He graduated Magna Cum Laude.
1DevSecOps - Developing and maturing practices
2Web Application Firewalls - Deployments, configurations and implementations
3Application Security - From program development to maturity to testing methodologies
4AST (Application Security Testing) - SAST, DAST, IAST
5SCA (Software Composition Analysis) and open-source software components and security