[Global_conference_committee] GCC OWASP GCC 2011 Plan

Tom Brennan tomb at owasp.org
Mon Dec 20 19:08:57 EST 2010


Hey Mark,  

This is the use of the OWASP logo answer for 2011 at this time

http://www.owasp.org/index.php?title=OWASP_brand_usage_rules  so use it as a guide for the procedure.  Note, that logo usage is not only associated with events.


On Dec 20, 2010, at 6:59 PM, Mark Bristow wrote:

> Dinis,
> 
> Well the objective here was to create a rule that all OWASP events have to coordinate with the GCC.  If we can't even enforce this simple prerequisite of coordination, how does the board propose the GCC coordinate and oversee OWASP events?  We have tried the "please come tell us model" and that has basically completely failed.  At some point we have to impose some sort of structure.
> 
> -Mark
> 
> On Mon, Dec 20, 2010 at 6:49 PM, dinis cruz <dinis.cruz at owasp.org> wrote:
> Mark, the logic is actually that everybody is free to use our Logo/brand and not have to ask permission to do so., As long as they stick with the brand guidelines, it's all good
> 
> Our past strategy has been to only deal with the abuses, and so far, they have been very few.
> 
> We want our brand to be used AS MUCH AS possible. Any potential abuses are more that compensated by the empowerment that our community has when they don't have to ask permission and are free to execute their ideas
> 
> Dinis Cruz
> 
> On 20 Dec 2010, at 23:02, Mark Bristow <mark.bristow at owasp.org> wrote:
> 
>> Ralph,
>> 
>> I'd argue that this is covered under this board policy: http://www.owasp.org/index.php/OWASP_brand_usage_rules
>> 
>> What we don't want is events/conferences using the OWASP logo/name without permission.  Using the OWASP logo without permission has been a somewhat significant issue in the past.
>> 
>> On Mon, Dec 20, 2010 at 5:58 PM, Ralph Durkee <ralph.durkee at owasp.org> wrote:
>> The language only comprehends OWASP banding at chapter meetings and major OWASP conference events.  I don't think we want to say every other event can’t use the logo.  For example if they are attending an event, or presenting at an event or putting on conference and want to include OWASP as a track etc, then we don't want to say they can’t use the logo.  We all have different past experiences with different OWASP events, but there’s a lot of usage of OWASP logos at events that is a good thing for OWASP.
>> 
>> -- Ralph
>> 
>> On 12/20/2010 10:18 AM, Mark Bristow wrote:
>>> 
>>> 
>>> ===============================
>>> Goals
>>> 
>>>>>> Have a Global Appsec in NA,
>>>               SA, EU, Asia in 2011
>>> 
>>>>>> Promote OWASP
>>>               Projects/Initiatives at OWASP Conferences
>>> 
>>>>>> Enhance Services for
>>>               Conference Planners
>>> 
>>>>>> Reach out to developers (have
>>>               20% of attendees in a dev position)
>>> 
>>>>>> Reach out to non-members (have
>>>               70% of attendees at cons non-members)
>>> 
>>>>>> Bring more into the fold
>>>               (Generate 300 new/renewed members at conferences)
>>> 
>>>>>> Streamline Sponsorships
>>>               (Global Conference Sponsors, Targeted Conference Sponsors)
>>> 
>>> 	• Revise GCC Governance
>>>>>> Have a profit of $200k in 2011 across all
>>>               conferences
>>> 
>>> 
>>> Policy Changes
>>> 
>>>>>> Change
>>>             Conference Types to include:
>>> 
>>>>>> OWASP Global
>>>               AppSec Conferences (Currently
>>> 
>>> 
>>>               AppSec Conferences)
>>> 
>>>>>> OWASP
>>>               Regional/Theme Conference (currently
>>> 
>>> 
>>>               Regional, all regional cons will be encouraged have to
>>>               have a unique
>>> 
>>> 
>>>               
>>> 
>>> 
>>>               
>>> 
>>> 
>>>               theme, development, Research, PHP, Government, Browsers
>>>               …..)
>>> 
>>>>>> GCC Member attendance at
>>>             conferences Global AppSec
>>> 
>>> 
>>>             and Regional/Theme level cons (as available by GCC members
>>>             and budget)
>>> 
>>>>>> GCC
>>>               Representative shall not be intimately involved with the
>>>               conference planning to provide an objective assessment.
>>> 
>>>>>> Members will
>>>               have the opportunity to request travel to scheduled events
>>>               and travel will be assigned based on proximity to the
>>>               event, cost and member availability.
>>> 
>>>>>> GCC member
>>>               shall interface with the local planning committee at least
>>>               1 month before trip (attend planning call)
>>> 
>>>>>> Interact
>>>               with planners/attendees while at conference
>>> 
>>>>>> Interact
>>>               with Sponsors
>>> 
>>>>>> At the next GCC meeting
>>>               the traveling member will be expected to provide an post
>>>               trip report covering
>>> 
>>>>>> Assessment
>>>                 of facility
>>> 
>>>>>> Event Marketing
>>>                 Strategy
>>> 
>>>>>> Examination
>>>                 of Event Budget
>>> 
>>>>>> Estimation
>>>                 of Speaker Quality
>>> 
>>>>>> Sponsor
>>>                 engagement/cost-effectiveness & feedback
>>> 
>>>>>> Any notable comments
>>>                 from planners/attendees
>>> 
>>>>>> Any unique
>>>                 outstanding elements
>>> 
>>> 			• Any issues
>>>>>> GCC Member
>>>             signature authority for OWASP
>>> 
>>> 
>>>             (Leverage By-Lawys Article VI Section 1 - Designate as
>>>             Agent)
>>> 
>>>>>> Alleviate
>>>               need of OWASP Board to sign contracts (currently a
>>>               significant bottleneck)
>>> 
>>>>>> All
>>>               conference related contracts will be required to go
>>>               through the GCC
>>> 
>>>>>> In general
>>>               will be responsibility of Chair, however all committee
>>>               members shall be authorized to sign on conference business
>>>               (no single point of failure) 
>>> 
>>>>>> GCC members
>>>               will not be permitted to sign contracts for conferences
>>>               they organize (except when signature is required
>>>               immediately)
>>> 
>>>>>> Will be
>>>               offered up before the board
>>> 
>>>>>> All OWASP
>>>             Branded events MUST use the new conference management system
>>> 
>>>>>> For OWASP
>>>               Events only, not applicable to regular chapter meetings
>>> 
>>>>>> It’s important to
>>>               manage the schedule and enforce brand management
>>> 
>>>>>> Any conference not
>>>               registered & approved will not receive OWASP funds or
>>>               support
>>> 
>>>>>> Will take effect once
>>>               system is in place
>>> 
>>>>>> All Global AppSec
>>>             conferences must accommodate
>>> 
>>> 
>>>             an OWASP Track
>>> 
>>>>>> Will not represent more
>>>               than 1/3 of content (can be half day, full day, full
>>>               conference as applies to the individual conference)
>>> 
>>> 		• Joint venture with Projects Committee
>>> 		• Regional/theme events will have this available to them
>>> Initiatives
>>> 
>>>>>> OWASP
>>>             Conference management system (Goal 1, 3)
>>> 
>>>>>> We need a
>>>               system to take in applications for events, vett them,
>>>               approve them, and schedule them.  The current process of
>>>               people emailing Kate, Me or the board is not acceptable
>>>               with the number of events we have
>>> 
>>>>>> I see this
>>>               as critical to establishing control over the OWASP
>>>               schedule and is a top priority
>>> 
>>>>>> OWASP AppSec
>>>             Track (Goal 2)
>>> 
>>>>>> Partnership
>>>               with projects committee
>>> 
>>>>>> Have a cadre
>>>               of speakers, ready to go with presentations about OWASP
>>>               projects/activities
>>> 
>>>>>> Require all
>>>               OWASP Regional and AppSec events to have an “OWASP Track”
>>>               of at least 6 presentations from this pool, managed,
>>>               selected, and funded by the GCC and the GPC
>>> 
>>>>>> OWASP Global
>>>             Conference Sponsors (Goal 3, 7)
>>> 
>>>>>> Provide
>>>               unified sponsorships for the Global AppSec Conferences
>>> 
>>>>>> Split
>>>               revenues among individual conferences budget
>>> 
>>>>>> Streamlines
>>>               our sponsorships
>>> 
>>>>>> Conference
>>>               planners are welcome to elicit additional sponsorships
>>> 
>>>>>> Central
>>>             conference support services
>>> 
>>> 
>>>              (Goal 3)
>>> 
>>>>>> Investigate
>>>               for-hire international conference support companies
>>> 
>>>>>> Event
>>>                 logistics companies
>>> 
>>>>>> Investigate
>>>               costs for hiring conference organizer
>>> 
>>>>>> Foundation
>>>                 Employee
>>> 
>>>>>> Conference
>>>             Marketing (Goal 3)
>>> 
>>>>>> OWASP
>>>               Conference Twitter accounts
>>> 
>>>>>> OWASP
>>>               Conference Domain Names
>>> 
>>>>>> Register
>>>                 Names only
>>> 
>>>http://www.AppSecNA.org
>>>http://www.AppSecUS.org
>>>http://www.AppSecEU.org
>>>http://www.AppSecAsia.org
>>>http://www.AppSecSA.org
>>>>>> If already owned by a
>>>                   conference, buy them out
>>> /transfer to GCC Control
>>>>>> GCC will
>>>                 re-direct to any hosting service once the conference has
>>>                 been assigned
>>> 
>>>>>> Conference
>>>                 can still register 
>>> AppSecXX2011.org
>>>  and we can just
>>>                 redirect as appropriate
>>> 
>>>>>> Helps
>>>                 maintain consistency in URLs between years
>>> 
>>>>>> Conference
>>>               Twitter Accounts
>>> 
>>>>>> Like
>>>                 domains, turned over to planners for their use as
>>>                 appropriate
>>> 
>>>>>> @OWASPConfrences
>>>                 – held by the GCC for announcements
>>> 
>>>>>> @OWASPAppSec
>>>                 – held by the GCC for announcements
>>> 
>>> 			• @AppSecNA
>>> 			• @AppSecUS
>>> 			• @AppSecEU
>>> 			• @AppSecAsia
>>> 			• @AppSecSA
>>>>>> Use of Short
>>>               URLS on the 
>>> owasp.org
>>> 
>>>               website
>>> 
>>> 			• ex https://owasp.org/AppSecBR
>>> 
>>>                 points to the wiki page for this year’s conference
>>> 
>>>>>> Regional
>>>               Targeted Mailing Lists
>>> 
>>>>>> To reduce
>>>                 OWASP All traffic
>>> 
>>>>>> OWASP
>>>             Merchandise Model(Goal 3, Goal9) 
>>> 
>>>>>> A shippable
>>>               “OWASP Store” with OWASP branded items for sale at
>>>               conferences
>>> 
>>>>>> Already
>>>               exists, just need to formalize
>>> 
>>>>>> OWASP
>>>             Conference Marketing (global, regional, electronic, print)
>>>             (Goal 4,5,6)
>>> 
>>>>>> Procure
>>>               Booth space at developer focused conferences
>>> 
>>>>>> Provide
>>>               budget for OWASP Schwag for use at OWASP Booths in other
>>>               conferences
>>> 
>>>>>> Evaluate
>>>               other advertising mechanisms for conferences
>>> 
>>> Budget
>>> 
>>>>>> $7500 for conference support
>>>               (schwag/tables) targeting developer conferences
>>> 
>>>>>> $500 OWASP GCC Technology
>>>               Needs
>>> 
>>> 		• Domain Names
>>>>>> Other tech solutions +
>>>                 planning tools
>>> 
>>> 
>>>                 
>>> 
>>> 
>>>                 
>>> 
>>> 
>>>               
>>> 
>>>>>> $15,000, OWASP Track Travel
>>>               expenses (cap, will try and get indv company sponsorships)
>>> 
>>>>>> $10,000 GCC Member at all
>>>               conferences (approx $1500/AppSec, $800 Regional)
>>> 
>>> 	• Budget requires board approval
>>> 
>> 
>> 
>> 
>> -- 
>> Mark Bristow
>> (703) 596-5175
>> mark.bristow at owasp.org
>> 
>> OWASP Global Conferences Committee Chair - http://is.gd/5MTvF
>> OWASP DC Chapter Co-Chair - http://is.gd/5MTwu
>> AppSec DC Organizer - https://www.appsecdc.org
>> 
>> _______________________________________________
>> Global_conference_committee mailing list
>> Global_conference_committee at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/global_conference_committee
> 
> 
> 
> -- 
> Mark Bristow
> (703) 596-5175
> mark.bristow at owasp.org
> 
> OWASP Global Conferences Committee Chair - http://is.gd/5MTvF
> OWASP DC Chapter Co-Chair - http://is.gd/5MTwu
> AppSec DC Organizer - https://www.appsecdc.org
> 
> _______________________________________________
> Global_conference_committee mailing list
> Global_conference_committee at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/global_conference_committee



More information about the Global_conference_committee mailing list