[Global_chapter_committee] Idea for local chapters: providing locally delivered training sessions
dinis cruz
dinis.cruz at owasp.org
Fri Mar 6 03:38:57 EST 2009
Yo, Chapter, Education and Project Committees
Before these committees were formed there was an idea that we talked about
which was for OWASP to organize regular training events (outside our
conferences) for example once a quarter in the USA, Europe, Asia.
For a number of reasons this never happened, but now that we have these
super-powerful and motivated committees, I think we should revise this idea
and create a model where it is very easy to organize and deliver OWASP
training sessions at our local chapter locations.
What we need are rules-of-engagement, so here is my first proposed set of
rules:
- This training would be delivered OUTSIDE the scope and timing of OWASP
conferences (since they have already their own organization model)
- The training should be organized by local OWASP projects (and I would
expect that it would be the bigger one and most organized to lead the way)
- The student cost per day should be similar to what we do at our
conferences. In the US that was (2-Days - $1350 1 day $675) and in Europe
(910 Euros (2 days) - 455 Euros (1 day))
- We need to clarify the payment rules for the trainer (individual or
company). In the past this was either a flat 2000 USD per day of training or
a percentage (15% to 30%) of the profits. I think we should propose a couple
models and let the local chapter leaders negotiate this
- The process of organizing the courses is actually quite simple:
- Find the instructors and agree with them on the course
topic, curriculum, duration and financial model
- Find a venue (ideally one that has NO upfront costs and can easily
scale). For example I have been organizing some courses in
London with the
help of a UK developer group (see details here
http://www.nxtgenug.net/Course.aspx?CourseID=5) and it very easy to do
this using local 4+ Star hotels with minimum risk in case the number of
students is not very high
- Advertise the course to the local OWASP community
- Set-up a CVENT payment page (or they could use the 'donation' button
at each chapter page)
- Sort out the logistics of the day (projector, who needs to be where
and when, lunches, dinners, coffees,etc...)
- Deliver the course (and collect feedback comments)
- Only OWASP Members or active OWASP Project leaders can apply for
training
- The revenue split for the profits is the same as the one used for
locally driven memberships (60/40).
- There should be NO costs for OWASP mothership in the cases where the
course is not profitable (lets say there was not enough students or the
costs (flight+accommodation) for the guest trainer were higher than
expected).
- But, for the local chapters that have already some money accrued
from local memberships, they could use this money to pay for those extra
costs (i.e. run a course at a 'loss', if that adds value to the
local OWASP
community)
- In fact, I think it would be a great IDEA to provide 'free' training
tickets to people/companies the local chapter thinks deserve one:
- the local chapter leaders (nice perk for all the hard work)
- local corporate members (who contributed to that chapter's
budget)
- local media contacts
- specific key individuals that the local chapter wishes should
attract to OWASP (possible corporate sponsors, local
politicians, etc...)
- The rules for being a trainer should be the same that we use for
our conferences, and we should promote both AppSec courses and OWASP
Specific courses
- On the topic of OWASP-specific courses, we need to leverage the amazing
OWASP resources we have at :
- OWASP Projects
- Some tools and Documents are perfect targets for 1/2 day, 1 day or 2
day training (specially the ones have books now)
- At the summit we experimented with the idea to have OWASP
specific courses and we come up with a great list of courses:
http://www.owasp.org/index.php/OWASP_EU_Summit_2008_Former_Agenda lets
reuse that work and allow local chapters to deliver courses based on
(and taught by) our project leaders hard work
- OWASP Education Committee - check out these amazing resources
that they are working on (from
https://www.owasp.org/index.php/Global_Education_Committee )
-
-
- 3.2 Train the trainers (Teach the
teachers)<https://www.owasp.org/index.php/Global_Education_Committee#Train_the_trainers_.28Teach_the_teachers.29>
- 3.3 Create an online assessment and training
portal<https://www.owasp.org/index.php/Global_Education_Committee#Create_an_online_assessment_and_training_portal>
- 3.4 OWASP Boot Camp
Project<https://www.owasp.org/index.php/Global_Education_Committee#OWASP_Boot_Camp_Project>
- 3.5 OWASP CTF
event<https://www.owasp.org/index.php/Global_Education_Committee#OWASP_CTF_event>
- 3.6 Speakers Bureau
Project<https://www.owasp.org/index.php/Global_Education_Committee#Speakers_Bureau_Project>
- 3.7 Marketing
efforts<https://www.owasp.org/index.php/Global_Education_Committee#Marketing_efforts>
- 3.8 Internationalization of the training
materials<https://www.owasp.org/index.php/Global_Education_Committee#Internationalization_of_the_training_materials>
- 3.9 Education
material<https://www.owasp.org/index.php/Global_Education_Committee#Education_material>
- 3.10 Academic Educational
Services<https://www.owasp.org/index.php/Global_Education_Committee#Academic_Educational_Services>
-
- Finally we will need to have a central point of contact for
this type of training activities. I think it would make sense to be the
Global Chapter Committee since would be a chapter lead initiative
What do you guys think?
The good news of this type of model is that all the work will need to be
done by the local chapter, all we are doing is saying, hey, here is an idea,
go and implement it :)
Dinis Cruz
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/global_chapter_committee/attachments/20090306/261f3507/attachment.html
More information about the Global_chapter_committee
mailing list