About the author
Manoranjan (Mano) Paul is the Software Assurance Advisor for (ISC)2, the global leader in information security education and certification, representing and advising the organization on software assurance strategy, training, education, and certification. He is also a member of the Application Security Advisory Board. He is the winner of the first Information Security Leadership Awards (ISLA) as a practitioner in the Americas region. His information security and software assurance experience includes designing and developing security programs from compliance-to-coding, security in the SDLC, writing secure code, risk management, security strategy, and security awareness training and education.
Paul started his career as a shark researcher in the Bimini Biological Field Station, Bahamas. His educational pursuit took him to the University of Oklahoma where he received his Business Administration degree in Management Information Systems (MIS) with various accolades and the coveted 4.0 GPA. Following his entrepreneurial acumen, he founded and serves as the CEO and President of Express Certifications, a professional certification assessment and training company that developed studISCope, (ISC)2’s official self-assessment offering for their certifications. Express Certifications is also the self-assessment testing company behind the US Department of Defense certification education program as mandated by the 8570.1 directive. He also founded SecuRisk Solutions, a company that specializes in security product development and consulting. Before Express Certifications and SecuRisk Solutions, Paul played several roles from software developer, quality assurance engineer, logistics manager, technical architect, IT strategist, and security engineer/program manager/strategist at Dell, Inc.
Paul is the author of the Official Guide to the CSSLP (Certified Secure Software Lifecycle Professional) and is a contributing author to the Information Security Management Handbook, and has contributed to several security topics for the Microsoft Solutions Developer Network (MSDN). He has served as Vice-President, industry representative, and an appointed faculty member of the Capitol of Texas Information System Security Association (ISSA) chapter and vice president of the cloud Security Alliance (CSA), Austin chapter. He has been featured in various domestic and international security conferences and is an invited speaker and panelist, delivering talks, training, and keynotes at conferences such as the SANS, OWASP, ASIS, CSI, Gartner Catalyst, and SC World Congress. Paul holds the following professional certifications: CSSLP, CISSP, AMBCI, MCSD, MCAD, CompTIA Network+, and ECSA certification.
In the press
This will be required reading for my executives, security team, software architects and lead developers.
—David W. Stender, CISSP, CSSLP, CAP, CISO of the US Internal Revenue Service
Developing highly secure software should be at the forefront of organizational strategy and this book provides a framework to do so.
—Troy Leach, CTO, PCI Security Standards Council
This book will teach you the core, critical skills needed to raise the security bar on the attackers and swing the game in your favor.
—Michael Howard, Principal Cyber Security Program Manager, Microsoft
As a penetration tester, my job will be a lot harder as people read this book!
—Kevin Johnson, Security Consultant, Secure Ideas
At 130 pages, the book quickly focuses on the core points of the issue. Paul writes in an easy to read and understand style. With the use of various stories and examples; the need for secure software development is undeniable. ... The 7 Qualities of Highly Secure Software highlights the qualities that are essential and critical to stop insecure code. This is a highly valuable book that can be of significant use to every stakeholder—from those in the boardroom to the developers and head of application development. Ultimately, this is a book you want all of your software developers to read.
—Ben Rothke, CISSP, CISA, Information Security Manager, Wyndham Worldwide