[GPC] protocol with Portuguese government

Jeff Williams jeff.williams at aspectsecurity.com
Fri Mar 11 16:35:09 EST 2011


I support spending some of Paulo's time on this effort.  I suggest that the conferences committee should lead the effort to set up the event, as it is more like a conference than the other things we do.  Agree?

 

--Jeff

 

 

From: global-projects-committee-bounces at lists.owasp.org [mailto:global-projects-committee-bounces at lists.owasp.org] On Behalf Of Paulo Coimbra
Sent: Thursday, March 10, 2011 5:46 PM
To: 'Konstantinos Papapanagiotou'
Cc: 'OWASP Foundation Board List'; 'Global Projects Committee'
Subject: Re: [GPC] protocol with Portuguese government

 

Hello Kostas,

 

I thank your efforts to spread OWASP's word and congratulate you on the progresses made towards fortifying the links with the Greek government. It feels good to see that the perspectives we exchanged during the summit are already being translated into very concrete actions. 

 

As for the support you are looking for to organize the referred training session, I am gladly available to step in but, prior to assume the task, I need to consult with the Board and the Global Projects Committee. In this context, I am already carbon copying them to ask whether or not I can commit time to push this initiative forward. 

 

Thanks,

- Paulo

 

Paulo Coimbra,

OWASP Project Manager <http://www.owasp.org/index.php/User:Paulo_Coimbra> 

 

From: Konstantinos Papapanagiotou [mailto:conpap at gmail.com] 
Sent: quinta-feira, 10 de Março de 2011 16:10
To: Paulo Coimbra
Cc: Jeff Williams; dinis cruz; Carlos Serrão; jason.li at owasp.org; Kate Hartmann
Subject: Re: protocol with Portuguese government

 

Paulo and all,

 

I met today with the General Secretary of Information Systems (this is an "agency" that belongs to the Greek Ministry of Finance) and he agreed to the following that I proposed to him:

 

We will have an OWASP Training Day in Greece according to the OWASP Training Model (http://www.owasp.org/index.php/OWASP_Training) which I briefly described to him.

 

This will take place in the audiotium of the General Secretariat building (it can hold approx. 200 people, maybe more) which they will provide for free. In "exchange" the General Secretary himself will select certain, limited number of General Secratariat staff (e.g. 10 people) that are members of the development team which will attend the Training Day for free.

 

The Training Day will be open for anyone else to attend according to the $50 membership model.

 

Sponsorship for travel costs will be covered by a local company (I have alredy done some talks and we're at the final stage to reach an agreement)

 

I think that such an event will be of a great value towards OWASP collaborating with governments. Of course I mentioned to him the protocol with the Portuguese government that we are currently working on. In addition I think that this model perfectly fits Paulo's vision as we have the government interacting with OWASP and  through OWASP with private companies towards the same goal: AppSec! This will also give us an opportunity to follow up with the GSIS, expand the same model to other agencies and also create demand and enthusiasm for OWASP and AppSec from within the GSIS.

 

The event can happen either in mid-April (until the 15th) or early May. 

Ideally the course agenda will ideally include: Top10, ASVS, Testing Guide, AppSensor, OpenSAMM, ESAPI and WebGoat/WebScarab. I mentioned these projects to him, especially ASVS and ESAPI and they are very interested to integrate ASVS in their procurement procedures. 

 

Of course I can cover some of these courses myself but we will definitely need some of those training volunteers to come in. The exact date of the Training Day actually depends on the availability of volunteers to come to Greece.

The training page says that I should contact Sandra but I now that she's no longer involved so... what's the next step to organize the training?

 

Kostas



On Wed, Mar 9, 2011 at 5:36 PM, Paulo Coimbra <paulo.coimbra at owasp.org> wrote:

Hello Konstantinos,

 

Hope you are ok. As for the Portuguese protocol I have only translated the very initial draft that had been sent off by Luís Magalhães, the Portuguese government representative that you met in the Summit. Currently, it is only kind of a skeleton produced solely by UMIC from its own experience in building other protocols with organizations like CISCO and Microsoft. Being so, the entire and actual protocol between OWASP and UMIC is still to be written down. I've tried and work on it by exchanging point of views with Dinis and Carlos Serrão but the overall concept is still to be designed. Also, Jeff has already read the draft that I am now sending attached and suggested 'we focus on the obligations there first'. I have been a bit swamped with projects' stuff but I am doing my best to return to this issue as soon as possible. Meanwhile, it goes without saying, any contribution you may give to push this issue forward is as always very welcomed.

 

Please keep in touch and update us on the progresses made with the Greek's government officials. If needed, my Skype contact is  'paulocoimbra7'.

Thanks,

- Paulo

 

 

Paulo Coimbra,

OWASP Project Manager <http://www.owasp.org/index.php/User:Paulo_Coimbra> 

 

From: Konstantinos Papapanagiotou [mailto:conpap at gmail.com] 
Sent: terça-feira, 8 de Março de 2011 23:12
To: Paulo Coimbra
Subject: protocol with Portuguese government

 

Hi Paulo,

Hope you're doing well.
Dinis was telling me the other day that you got the OWASP protocol with the Portuguese government translated in English. Can you please send it to me? Or even the Portuguese version (I'll google translate it just to get the gist of it).
I'm meeting today with quite a few government officials at an event organized by the British embassy so I'm sure it will come in handy. I want to have a solid proposal to present them!

Thanks,
Kostas

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/mailman/private/global-projects-committee/attachments/20110311/a23955b3/attachment-0001.html 


More information about the Global-projects-committee mailing list