[Owasp-board] Fwd: owasp training ideas.

Jeff Williams jeff.williams at owasp.org
Thu Mar 22 02:42:57 UTC 2007

I agree with your point.   But just so everyone is clear - we almost never
get this kind of request.  I'd prefer that the request went to a mailing
list, forum, blog, or wiki.  The only thing that comes from owasp at owasp.org
is spam.




From: owasp-board-bounces at lists.owasp.org
[mailto:owasp-board-bounces at lists.owasp.org] On Behalf Of Dinis Cruz
Sent: Wednesday, March 21, 2007 7:31 PM
To: OWASP Board
Subject: [Owasp-board] Fwd: owasp training ideas.


We really need to sort out our training model, since more and more companies
want something like this.


I know/guess that you guys at Aspect do benefit a lot from OWASP leads, but
in the name of OWASP openess we must make this process as transparent as


Basically we should be answering this emails with a link to a WIKI page that
would have that information. the issue is how do training companies become
'recommended by OWASP'



---------- Forwarded message ----------
From: Ashok Misra <amisra at real.com>
Date: Mar 21, 2007 9:21 PM 
Subject: Re: owasp training ideas.
To: mikede at mde-dev.com
Cc: Dinis Cruz <dinis at ddplus.net>, vanderaj at owasp.org,
jeff.williams at owasp.org

Hi Mike,

Thanks for your reply.

I am looking at this from a PCI perspective, to have developers educated 
& trained in the development of secure systems , coding vulnerabilities
in the dev process, etc.

But I do not want the training to be limited to PCI. I wanted it to
cover all secure coding principles. 

Trust this helps for the background.


mikede at mde-dev.com wrote:
> Ashok,
>   What are you looking for in the way of training in regards to OWASP? 
>   Thanks,
>   Mike de Libero
> Quoting Ashok Misra <amisra at real.com>:
>> Adding Mike, Jeff and Andrew,
>> I hope this does not go to your junk folder. 
>> Regards
>> Ashok
>> Ashok Misra wrote:
>>> Hi Dinis,
>>> I do not believe I have met you but I've seen your postings.
>>> I am a Lead Program Manager for ecommerce at Real Networks, Seattle. I
>>> was wondering if you knew any consultants who could give my dev group
>>> training on owasp.
>>> I can provide more details for what I was looking for. Please let me
>>> know if you had any ideas on where I should start.
>>> Regards
>>> Ashok
>>> Dinis Cruz wrote:
>>>> Hello OWASP
>>>> Following the success of last year's Autumn of Code (AoC 06) we are
>>>> are now launching the OWASP Spring of Code 2007 (SpoC 007) with more 
>>>> budget, more energy and more expectations :)
>>>> Here are the main links for this initiative:
>>>>     * *OWASP Spring Of Code 2007* 
>>>>       <http://www.owasp.org/index.php/OWASP_Spring_Of_Code_2007> -
>>>>       main page
>>>>     * OWASP Spring Of Code 2007 : Press Release 
>>>>       - The press release
>>>>     * OWASP Spring Of Code 2007 Project Ideas
>>>> <
>>>>       - If you are looking for projects to do
>>>>     * OWASP Spring Of Code 2007 Applications 
>>>> <http://www.owasp.org/index.php/OWASP_Spring_Of_Code_2007_Applications>
>>>>       - Where to submit Applications
>>>>     * OWASP Spring Of Code 2007 : Selection
>>>> <
>>>>       - The selection criteria and links to each selected project page
>>>> At the end of this email is the press release that we will publish via 
>>>> PR Newswire tomorrow, and I would like to ask every single one of you
>>>> to also distribute this localy as much as you can ( i.e. post it on
>>>> mailing lists, blog about it, (if you can) issue a Press Release about 
>>>> it, talk to your colleagues, etc...)
>>>> Of course that everybody is invited to submit an application and use
>>>> this opportunity to work on a OWASP project, increase knowledge and 
>>>> create a great tool / document (submission period ends on the 30th of
>>>> March).
>>>> If you are thinking of joing OWASP as a member, then use this
>>>> opportunity to do so and allocate your membership fees to project(s)
>>>> you are interested in.
>>>> As always, I am here to help, so feel free to contact me. 
>>>> Best regards
>>>> Dinis Cruz
>>>> Chief OWASP Evangelist
>>>> http://www.owasp.org 
>>>> For Immediate Release 
>>>> *OWASP Spring Of Code 2007 sponsorship initiative and Membership
>>>> Drive*
>>>> *London, United Kingdom, March 14, 2007*
>>>> The OWASP Spring of Code 2007
>>>> <http://www.owasp.org/index.php/OWASP_Spring_Of_Code_2007> (SpoC 007)
>>>> aims to financially sponsor contributions to OWASP Projects. /SpoC 007
>>>> / follows up the successful AoC 06 (OWASP Autumn of Code 2006
>>>> < <http://www.owasp.org/index.php/OWASP_Autumn_Of_Code_2006>
http://www.owasp.org/index.php/OWASP_Autumn_Of_Code_2006>) in which 9
>>>> projects were sponsored and greatly improved.
>>>> The objective of /SpoC 007/ is to allow contributors to allocate 
>>>> considerable resources on (existent or new) OWASP projects which are
>>>> relevant and beneficial to the OWASP community.
>>>> The initial Budget for /SpoC 007/ will be $110,000 USD, and it is 
>>>> funded by OWASP (using current membership fees and profits from past
>>>> conferences) and newly joined members (currently SPI Dynamics and
>>>> EDS). In parallel with the /Request for Proposals/, OWASP would like 
>>>> to invite individuals and companies that benefit from OWASP projects
>>>> to join OWASP as a member. In addition to the current Membership
>>>> benefits, the new OWASP members will be able to allocate membership 
>>>> fees to SpoC 007 projects they are interested in (for example SPI
>>>> Dynamics is sponsoring the OWASP SiteGenerator project).
>>>> The /SpoC 007/ structure and organization is very similar to the very 
>>>> successful OWASP Autumn Of Code 2006 (AoC 06), whereby the major
>>>> changes are: Bigger budget (with a $20,000 USD sponsorship), the
>>>> special project: "10 Donations to Open Source projects" and an 
>>>> Internship
>>>> There are no geographical, age or any other form of restrictions of
>>>> who can apply for an "OWASP Spring of Code 2007" sponsorship. The only 
>>>> requirement is that the candidate shows the potential to accomplish
>>>> the project's objectives and the commitment to dedicate the time
>>>> required to complete it in the allocated time frame (projects must be 
>>>> completed by 9th July 2007).
>>>> Prospective candidates should visit the
>>>> http://www.owasp.org/index.php/Owasp_Spring_Of_Code_2007 
>>>> <http://www.owasp.org/index.php/Owasp_Spring_Of_Code_2007> page for
>>>> SpoC 007 information (rules & how to apply) and the 
>>>> http://www.owasp.org/index.php/OWASP_Spring_Of_Code_2007_Project_Ideas
>>>> page for project ideas.
>>>> *Schedule:*
>>>>     * 14th March - OWASP Spring of Code 2007 initiative is officially
>>>>       launched
>>>>     * 30th March - Deadline for project proposals 
>>>>     * 9th April - Publish of selected projects and start of SpoC
>>>> projects
>>>>     * 17th May - Announcement of the winners of the '10 Donations to
>>>>       Open Source projects' on OWASP Conference in Italy 
>>>>     * 9th July - Project Completion, participants to deliver final
>>>>       project report
>>>> The special SpoC 007 project "10 Donations to Open Source projects" 
>>>> will be made of 10 $1,000 USD grants to the top 10 Open Source
>>>> projects which OWASP members use regularly and really find useful. The
>>>> payment would be a no-strings attached "Thanks for the hard work in 
>>>> creating this tool (which is widely used and appreciated in the OWASP
>>>> community) and please keep working on the next version".
>>>> The OWASP Spring Of Code 2007 is not connected to the Google Summer of 
>>>> Code.
>>>> The "OWASP Spring of Code 2007" project leader is Dinis Cruz (based in
>>>> London, UK) who can be contacted for further details. 
>>>> *About OWASP*
>>>> The Open Web Application Security Project (OWASP) is a 501c3
>>>> not-for-profit foundation dedicated to enabling organizations to 
>>>> develop, purchase, and maintain applications that can be trusted.
>>>> OWASP's open source projects and local chapters produce free,
>>>> unbiased, open-source documentation and tools. The OWASP community 
>>>> also facilitates conferences, local chapters, papers, presentations,
>>>> and mailing lists. More information can be found at www.owasp.org
>>>> < http://www.owasp.org>.
>>>> *Contacts*
>>>> Dinis Cruz, Chief OWASP Evangelist
>>>> E-mail: dinis.cruz at owasp.net <mailto:dinis.cruz at owasp.net>
>>>> Andrew van der Stock, OWASP Executive Director, 
>>>> E-mail: vanderaj at owasp.org <mailto:vanderaj at owasp.org>
>>>> Jeff Williams, OWASP Chair (Alternative contact for all OWASP 
>>>> matters),
>>>> E-mail:jeff.williams at owasp.org <mailto:jeff.williams at owasp.org>
>> --
>> Ashok Misra
>> Lead Program Manager - Media Applications Platform
>> RealNetworks
>> (206) 892 6254

Ashok Misra
Lead Program Manager - Media Applications Platform
(206) 892 6254

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20070321/4c58ad11/attachment-0002.html>

More information about the Owasp-board mailing list