Sherif comes from a software development background where he designed, implemented and led software teams for 9 years. His journey with application security started back in 2006 where he kicked off the OWASP Chapter in Ottawa, followed by leading a major release for WebGoat v5.0 by adding over 12 new lessons. In addition, Sherif helped SANSGIAC kick off the GSSP-NET and GSSP-JAVA exams. He is also leading the Static Code Analysis Evaluation Criteria (SATEC) project by WASC. Sherif works now as Principal Application Security at Software Secured where he performs source code driven security assessments for major financial institutions, healthcare organizations and startups.