[Owasp-leaders] (Not at OWASP Conference / January 2011) Re: Global Summit and AppSec USA

Brad Causey bradcausey at owasp.org
Thu Jul 29 13:58:17 EDT 2010 

My only request is that it isn't in CA, NJ, or NY.
Can't carry there. ;-)


On 7/29/10, John Wilander <john.wilander at owasp.org> wrote:
> Great idea/input, Dinis. I second having separate summits. Perhaps we can
> get some dedicated sponsoring for that? We could have a hosting company or
> such.
>
> And btw, count me in when it comes to organizing/planning. As long as we're
> a team and not a one man show :).
>
>    /John
>
> 2010/7/29 Paulo Coimbra <paulo.coimbra at owasp.org>
>
>>  All,
>>
>>
>>
>> I also support the idea of having a summit event outside of OWASP
>> conferences and believe January 2011 would be the ideal date to set it up.
>>
>>
>>
>> However, if we don’t re-decide otherwise, the next summit is planned to be
>> held at AppSecDC 2010 on November 8th through 11th 2010.
>>
>>
>>
>> Also, for your information, I am only one within a group of people that
>> have begun thinking about the event and in fact I am very far from leading
>> it. The provisional Summit 2010 Team is being carbon copied.
>>
>>
>>
>> Thanks,
>>
>>
>>
>> Paulo Coimbra,
>>
>> OWASP Project Manager <https://www.owasp.org/index.php/Main_Page>
>>
>>
>>
>> *From:* owasp-leaders-bounces at lists.owasp.org [mailto:
>> owasp-leaders-bounces at lists.owasp.org] *On Behalf Of *Brad Causey
>> *Sent:* quinta-feira, 29 de Julho de 2010 16:45
>>
>> *To:* owasp-leaders at lists.owasp.org
>> *Subject:* Re: [Owasp-leaders] (Not at OWASP Conference / January 2011)
>> Re: Global Summit and AppSec USA
>>
>>
>>
>> Martin, I totally agree. Count me in.
>>
>>
>>
>>
>> -Brad Causey
>> CISSP, MCSE, C|EH, CIFI, CGSP
>>
>> http://www.owasp.org
>> --
>> "Si vis pacem, para bellum"
>> --
>>
>>  On Thu, Jul 29, 2010 at 10:37 AM, Martin Knobloch <
>> martin.knobloch at owasp.org> wrote:
>>
>> I absolutely support the idea of having a summit event, outside of OWASP
>> conferences!
>>
>> That was the power and success of the Portugal Summit!
>>
>>
>>
>> If I am not mistaken, this has not been continued due to the lack
>> of financial resources of OWASP caused by the international financial
>> crisis, what caused the shrinking OWASP budgets.
>>
>>
>>
>> In his earlier email, Dinis asked who to help Paulo with organizing the
>> future summits.
>>
>> Those questions will be part of the assignment:
>>
>> - find out what the community feels like
>>
>>            (where, when, separate from or as part of OWASP conferences)
>>
>> - getting budget form the board
>>
>> - finding a suitable location
>>
>> - make the summit happen!
>>
>>
>>
>> Myself, I have volunteered helping Paulo, who is in, too? ;-)
>>
>> ..let's make the summit a annual, accessible, successful event!
>>
>>
>>
>> On Thu, Jul 29, 2010 at 4:43 PM, dinis cruz <dinis.cruz at owasp.org> wrote:
>>
>> I think that the Summit should actually be done OUTSIDE an OWASP
>> conference.
>>
>> The only benefit of doing it at an OWASP conference is that we might get a
>> couple more attendees, BUT in fact I think the lack of focus that an
>> conference brings is also a problem.
>>
>> Also it is not fair to those conference organizers since they will not be
>> able to participate in the Summit.
>>
>> So, if you like this idea, we need to find a time where there are NO OWASP
>> conferences, and I belive the next slot is January 2011 (which is not a
>> bad
>> idea to have regular OWASP Summits in January).
>>
>> I also think that we should always take advantage of local gatherings of
>> OWASP leaders at our conferences, and where possible we should be doing
>> mini-summits that focus on a particular Project, Commitee or industry
>> sector
>> (for example I was promoting to Matteo the idea to do an 'Testing Guide
>> mini-summit' at the next US AppSec)
>>
>> Dinis Cruz
>>
>>  On 29 July 2010 13:10, Venkatesh Jagannathan <venki at owasp.org> wrote:
>>
>> Or how about at Chennai? :)
>>
>>
>>
>> I have a feeling that Asia has felt the need of such leadership meetings
>> to
>> happen (at least as frequently as Europe/the US). If not India, any other
>> location in the Asian continent is a good one :)
>>
>>
>>
>> Thanks & Regards,
>>
>> ~Venk!
>>
>>
>>
>>
>>
>> On Thu, Jul 29, 2010 at 12:25 AM, John Wilander <john.wilander at owasp.org>
>> wrote:
>>
>> The summit should not be in the US two years in a row IMHO. OWASP is
>> already very US-centric (naturally since it was founded there). But if we
>> want to be a a global community we need to spread out the summits and make
>> them more accessible.
>>
>> The 2010 summit was intended for AppSec in Stockholm but board members
>> didn't have time to organize it. Moving it to the US is not the right
>> solution according to me. Doing that will just copy the problem to 2001
>> "Well, we had a summit in November last year so we can't have it already
>> in
>> Dublin. That's too close in time.". During summer 2011 we'll think "Hmm
>> ...
>> it's time for another summit and hey, AppSec in the US seems like a
>> perfect
>> fit!"
>>
>> For me, the best choice for the next summit is AppSec in Dublin next year.
>> Reusing the previous arguments I'd say it's close to the US so it'll be
>> easier for Americans to show up ;).
>>
>> I second Martin's comment on AppSec USA vs AppSec DC. I have more problems
>> to motivate attending a regional event overseas than the "big" AppSec USA.
>> So I think having the summit in DC will lower the number of European
>> attendees.
>>
>> Those are my 50 cents.
>>
>>    Regards, John
>>
>>  2010/7/27 Eoin <eoin.keary at owasp.org>
>>
>>
>>
>> count all the board members in (I assume)
>>
>>
>>
>> On 27 July 2010 14:47, Paulo Coimbra <paulo.coimbra at owasp.org> wrote:
>>
>> All,
>>
>> I am here, following attentively the thread.
>>
>> Thanks,
>>
>> Paulo Coimbra,
>> OWASP Project Manager
>>
>>
>>
>> > >-----Original Message-----
>> > >From: owasp-leaders-bounces at lists.owasp.org [mailto:owasp-leaders-
>>
>> > >bounces at lists.owasp.org] On Behalf Of Justin Clarke
>> > >Sent: terça-feira, 27 de Julho de 2010 14:38
>> > >To: owasp-leaders at lists.owasp.org
>> > >Subject: Re: [Owasp-leaders] Global Summit and AppSec USA
>> > >
>> > >$ ping paulo
>> > >ping: cannot resolve paulo: Unknown host
>> > >
>> > >On 27 Jul 2010, at 14:37, Martin Knobloch wrote:
>> > >
>> > >> Ping!
>> > >>
>> > >> On Tuesday, July 27, 2010, dinis cruz <dinis.cruz at owasp.org> wrote:
>> > >>> The big problem is lack of time to organize it properly.In fact (at
>> > >the current (slow) speed of preparation work) we are already very late
>> > >in the planning of the Summit for November (we could really do with
>> > >help here!)
>> > >>>
>> > >>> Note that one of the things we have NOT done is to figure out who
>> > >can make it to the proposed Summit date and location. This is critical
>> > >since the point of the Summit is to get as many OWASP Leaders and
>> > >Committee members in one place so that we can look at what has been
>> > >done, discuss the next steps and create a roadmap for 2010.
>> > >>>
>> > >>> Ping Paulo if you want to be involved in this event.
>> > >>>
>> > >>> Dinis Cruz
>> > >>>
>> > >>>
>> > >>> On 27 July 2010 13:58, Martin Knobloch <martin.knobloch at owasp.org>
>> > >wrote:
>> > >>> Understanding the first reason, I don't see the second.
>> > >>> People have to choose what conference, both conferences will be
>> > >impossible for the most.
>> > >>> Flying 8 or 10 hours make no difference and (at least for me / in
>> > >my opinion) it is easier to get time off for the AppSec-US with a more
>> > >international character then for conference what seams to have a more
>> > >local focus.
>> > >>>
>> > >>>
>> > >>> The Ireland conference is indeed quite long to wait for. Further,
>> > >how many from the US do you expect to be there...?
>> > >>>
>> > >>> On Mon, Jul 26, 2010 at 10:52 PM, Dave Wichers
>> > ><dave.wichers at owasp.org> wrote:
>> > >>> I think two of the reasons we are thinking about DC (again) is:
>> > >>>
>> > >>> 1) it gives us more time to plan it, and
>> > >>> 2) Its closer to Europe which makes it easier for people in Europe
>> > >to
>> > >>> attend.
>> > >>>
>> > >>> I simply don't think there is any feasible way to move it up to the
>> > >Irvine
>> > >>> conference because it's simply too soon.
>> > >>>
>> > >>> But I do share your concerns as well. There really is no ideal
>> > >solution to
>> > >>> this issue. We could wait until OWASP Ireland next year, but that
>> > >is
>> > >>> probably too far away.
>> > >>>
>> > >>> -Dave
>> > >>>
>> > >>> -----Original Message-----
>> > >>> From: owasp-leaders-bounces at lists.owasp.org
>> > >>> [mailto:owasp-leaders-bounces at lists.owasp.org] On Behalf Of Tin Zaw
>> > >>> Sent: Monday, July 26, 2010 1:34 PM
>> > >>> To: owasp-leaders at lists.owasp.org
>> > >>> Subject: Re: [Owasp-leaders] Global Summit and AppSec USA
>> > >>>
>> > >>> Michael,
>> > >>>
>> > >>> I totally share your concern and I am glad you raised the issue.
>> > >>>
>> > >>> If you have time, let's chat around 4:30 today?
>> > >>>
>> > >>> Thanks.
>> > >>>
>> > >>> On Mon, Jul 26, 2010 at 9:25 AM, Michael Coates
>> > >>> <michael.coates at owasp.org> wrote:
>> > >>>>  All,
>> > >>>>
>> > >>>> I was a bit surprised to see that the global summit for 2010 is
>> > >not
>> > >>>> going to be held at 2010 AppSec USA (Irvine). Instead it appears
>> > >the
>> > >>>> summit will be at the regional conference - AppSec DC 2010 in
>> > >November.
>> > >>>>
>> > >>>> http://www.owasp.org/index.php/Category:OWASP_AppSec_Conference
>> > >>>>
>> > >>>> I raised the concern a few months back about the proximity of two
>> > >major
>> > >>>> OWASP conferences in the same region. The "big" US conference is
>> > >AppSec
>> > >>>> USA and held in September while AppSec DC is being held in
>> > >November.
>> > >>>> Aside from the potential concern of splitting attendees, I'm also
>> > >a bit
>> > >>>> concerned that the global summit event may not be as well attended
>> > >since
>> > >>>> many OWASP'ers have already committed to AppSec USA.
>> > >>>>
>> > >>>> Perhaps this isn't yet set in stone. If not, I would recommend
>> > >>>> considering holding the global summit in Irvine.  Also, this would
>> > >be
>> > >>>> the second year in a row that the global summit is in the US. We
>> > >should
>> > >>>> be careful to not become too geographically restricted in these
>> > >events.
>> > >>>> Holding the summit in various locations throughout the world
>> > >increases
>> > >>>> our commitment to a worldwide organization.
>> > >>>>
>> > >>>>
>> > >>>> Any thoughts from others?
>> > >>>>
>> > >>>> --
>> > >>>> Michael Coates
>> > >>>> OWASP
>> > >>>>
>> > >>>> _______________________________________________
>> > >>>> OWASP-Leaders mailing list
>> > >>>> OWASP-Leaders at lists.owasp.org
>> > >>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>> > >>>>
>> > >>>
>> > >>>
>> > >>>
>> > >>> --
>> > >>> Tin Zaw, CISSP, CSSLP
>> > >>> Chapter Leader and President, OWASP Los Angeles Chapter
>> > >>> Co-Chair, AppSec USA 2010 Program Committee --
>> > >>> www.appsecUSA.org<http://www.appsecusa.org/>
>> > >>> Google Voice: (213) 973-9295
>> > >>> LinkedIn:  <http://www.linkedin.com/in/tinzaw>
>> > >> _______________________________________________
>> > >> OWASP-Leaders mailing list
>> > >> OWASP-Leaders at lists.owasp.org
>> > >> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>> > >
>> > >_______________________________________________
>> > >OWASP-Leaders mailing list
>> > >OWASP-Leaders at lists.owasp.org
>> > >https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>
>> _______________________________________________
>> OWASP-Leaders mailing list
>> OWASP-Leaders at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>
>>
>>
>>    --
>> Eoin Keary
>> OWASP Global Board Member
>> OWASP Code Review Guide Lead Author
>>
>> Sent from my i-Transmogrifier
>> http://asg.ie/
>> https://twitter.com/EoinKeary
>>
>>
>> _______________________________________________
>> OWASP-Leaders mailing list
>> OWASP-Leaders at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>
>>
>>
>>
>> --
>> John Wilander
>> Chapter leader OWASP Sweden, http://owaspsweden.blogspot.com
>> Conference chair OWASP AppSec Research 2010, http://owasp.se
>>
>> _______________________________________________
>> OWASP-Leaders mailing list
>> OWASP-Leaders at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>
>>
>>
>>
>> _______________________________________________
>> OWASP-Leaders mailing list
>> OWASP-Leaders at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>
>>
>>
>> _______________________________________________
>> OWASP-Leaders mailing list
>> OWASP-Leaders at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>
>>
>>
>>
>> _______________________________________________
>> OWASP-Leaders mailing list
>> OWASP-Leaders at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>
>>
>>
>> _______________________________________________
>> OWASP-Leaders mailing list
>> OWASP-Leaders at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>
>>
>
>
> --
> John Wilander
> Chapter leader OWASP Sweden, http://owaspsweden.blogspot.com
> Conference chair OWASP AppSec Research 2010, http://owasp.se
>

-- 
Sent from my mobile device

-Brad Causey
CISSP, MCSE, C|EH, CIFI, CGSP

http://www.owasp.org
--
"Si vis pacem, para bellum"
--

More information about the OWASP-Leaders mailing list