[Global_conference_committee] Invites to AppSecDC

Tue Sep 21 21:35:56 EDT 2010

So just make sure to get some framework people there. Its one thing to talk
about what they should do, its another to have the discussion with the
framework folks and actually get the ball rolling.

I'd like to see some people from django, jsp folks,  spring. What else,
somebody from .net framework of some sort.

Michael

On Sep 21, 2010 6:10 PM, "Mark Bristow" <mark.bristow at owasp.org> wrote:
> Actually, funny you should mention this.
>
> Josh Abrahms, Kevin Johnson, Raf Los and some others actually got into a
> twitter discussion about how we should help build security into
frameworks.
> If they can get it together, we are planning to offer them a BoF session
> during one of the lunches (there was little other time left on the
schedule)
> to have a discussion about frameworks. It would be great if we could get
> some key people there to help facilitate that.
>
> I've looped in some more people to the discussion :)
>
> On Tue, Sep 21, 2010 at 8:59 PM, dinis cruz <dinis.cruz at owasp.org> wrote:
>
>> Hey Mark, I think Framework presence is CRITCAL for OWASP.
>>
>> I know a couple guys from the SpringFramework and I'm sure amongst us we
>> can reach most key Framework developers.
>>
>> The question is: What is the message for them?
>>
>> For example an interesting concept that was talked about in the Irvine
>> Browser meeting was how can Frameworks add support to browser technology
>> like https://wiki.mozilla.org/Security/CSP/Specification so that the
>> developers don't have to think about it (imagine if JSP TagLibs or Spring
>> Framework were CSP aware and could be used to automatically (or via
>> config/annotations) create policy files).
>>
>> Mark, can you guys organize a number of Working Session at DC conference
so
>> that we can use those as part of our outreach/invitation to the Framework
>> guys? (for example I could ping the Spring guy, but what would I be
asking
>> him to do?
>>
>> Can we come up with 2 to 4 ideas for what these Working Sessions should
be
>> about?
>>
>> Dinis Cruz
>>
>>
>>
>> On 22 September 2010 01:46, Mark Bristow <mark.bristow at owasp.org> wrote:
>>
>>> Michael,
>>>
>>> I know that as an AppSec DC Organizer, we've been reaching out to some
>>> relevant organizations. Mozilla for example will be an organizational
>>> sponsor this year, and we've been trying to reach out to the framework
>>> guys.
>>>
>>> At the OWASP level I'm not sure what outreach has been done here, what
>>> specific companies were you thinking?
>>>
>>>
>>> On Tue, Sep 21, 2010 at 5:13 PM, Michael Coates <
michael.coates at owasp.org
>>> > wrote:
>>>
>>>> I was curious if we are contacting key organizations and inviting them
>>>> to OWASP DC. I'm thinking that we should take a look at the major
>>>> companies that could either heavily leverage OWASP resources or make
>>>> dramatic impacts on the security landscape.
>>>>
>>>> Not only should we make them aware of the conference, but I think we
>>>> should take it a step further and pay the expenses for a representative
>>>> from these companies to attend. In many cases OWASP will take off
>>>> within a company if you just get the right persons attention.
>>>>
>>>> Its great to preach to the security choir, but we really need to get
>>>> other big players involved.
>>>>
>>>> Here are some people that I think should be at our OWASP conferences:
>>>> Framework Designers
>>>> Browsers
>>>> Major Development Companies
>>>>
>>>>
>>>> --
>>>> Michael Coates
>>>> OWASP
>>>>
>>>> _______________________________________________
>>>> Global_conference_committee mailing list
>>>> Global_conference_committee at lists.owasp.org
>>>> https://lists.owasp.org/mailman/listinfo/global_conference_committee
>>>>
>>>
>>>
>>>
>>> --
>>> Mark Bristow
>>>
>>> OWASP Global Conferences Committee Chair - http://is.gd/5MTvF
>>> AppSec DC 2010 Organizer - https://www.appsecdc.org
>>> OWASP DC Chapter Co-Chair - http://is.gd/5MTwu
>>>
>>> _______________________________________________
>>> Global_conference_committee mailing list
>>> Global_conference_committee at lists.owasp.org
>>> https://lists.owasp.org/mailman/listinfo/global_conference_committee
>>>
>>>
>>
>
>
> --
> Mark Bristow
>
> OWASP Global Conferences Committee Chair - http://is.gd/5MTvF
> AppSec DC 2010 Organizer - https://www.appsecdc.org
> OWASP DC Chapter Co-Chair - http://is.gd/5MTwu
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/global_conference_committee/attachments/20100921/48c9807d/attachment.html 