[Owasp-board] Guidelines for OWASP leaders attendance of OWASP Conferences

Jeff Williams jeff.williams at owasp.org
Mon Sep 28 17:05:26 UTC 2009

Hi - this is great.  I'm really glad we can do this for the leaders in our


Since anyone can start an OWASP project by creating a web page, we're
probably going to have to limit it somehow. We absolutely want to encourage
anyone to start a project anytime.  Like venture capitalists we can nurture
these along and some may grow to greatness.  But I don't want people to
abuse the benefit by creating a project just to get free conference


I believe the answer is in the project health and project release criteria.
I suggest that we limit it to projects with Level 2 health or "Stable"
release quality releases. We should reserve the right to change this in the
future. This is a very nice incentive to get people to move up the criteria





From: owasp-board-bounces at lists.owasp.org
[mailto:owasp-board-bounces at lists.owasp.org] On Behalf Of dinis cruz
Sent: Monday, September 28, 2009 12:06 PM
To: OWASP Foundation Board List
Cc: Global Projects Committee
Subject: [Owasp-board] Guidelines for OWASP leaders attendance of OWASP


Ok, guys following the AppSec DC threads around members/leaders/etc. here is
what I propose (first draft for your comments)



Title: Guidelines for OWASP leaders attendance of OWASP Conferences

In recognition of the enormous value provided to OWASP by its leaders
(projects, chapters, committee & board members) , and the fact that it is
beneficial for all that these leaders actively participate on one or more
conferences (16 in 2009), OWASP would like to propose the following
'operation guidelines' for facilitating the leaders participation at OWASP

*	All leaders who currently enjoy an 'OWASP Honorary individual
membership' (see details below) apply for a 'FREE' participation on as many
Conferences he/she is able to attend
*	By 'FREE' we mean that there is NO (i.e. zero) cost for the OWASP
leader, but internally OWASP is marking up this cost between $100 USD and
$300 USD (depending on the conference) which cover the 'participation costs'
of a conference attendee (vunue, refreshments, lunch,etc..) .
*	In order to simplify the process and to remove the potential
financial burden, this cost will NOT be allocated/paid by the Conference
Organizers, but will be covered by (in order of preference):

*	a local chapter that has funds and wants to 'sponsor' a particular
leader to attend a conference (in most cases this should be in 'exchange' of
a chapter presentation of a debrief of what happened at the conference). See
'Notes for chapter with budgets' below
*	a direct sponsorship of the leader's main employer or 3rd party
company that wishes to sponsor OWASP leaders
*	OWASP on the Move funds

*	In order to maximize OWASP resources and efforts, the following
would be expected from the OWASP Leader:

*	Submit a presentation proposal with the conference RFP time period
(note that a separate thread (& guidelines) will be required to define the
recommended process (for conference organizers) to deal with these OWASP
Leaders presentations)
*	Allow the conference to include the leader name in its marketing
efforts, i.e.: "...come to the XYZ conference where you will be able to meet
personally the following OWASP leaders: {name - project}, {name - project},
{name - project}, {name - project} .."
*	Help as much as possible the local organization team (conferences
are a LOT of work, and extra pair of hands are always necessary)
*	If there is an OWASP-Stand, help with the 'manning the stand'
*	Actively promote the conference in Blogs, Tweets, local chapters and

*	To help with the OWASP Leader participation, and if required, OWASP
central (i.e. Kate) can send an 'official invitation letter' requesting that
the leader's employer allows the conference participation under company's
time (versus holiday time)

*	Depending on the level of sponsorship given to the leader by its
employer, the conference organizers should add the leader's employer as a
conference sponsor (note: at the moment there is no standard name for these
type of sponsorships)

Notes for chapter with budgets: 

The chapters that currently have budget available (see this document for the
<http://spreadsheets.google.com/pub?key=p6IFyntQTi7t-yH-peiD8Aw&pli=1>  list
of funds available to local chapters),  can and is encouraged (at the
discretion of the chapter leader AND its local community) to use its funds

*	'Pay' the OWASP internal conference participation cost (100 USD to
300 USD) of the current Chapter Leader(s)
*	Cover part of the current Chapter Leader(s) travel expenses to
attend the conference (the current guidelines are 250 USD for local travel
(in US or in Europe) and 500 for International Travel (Europe-> US, in Asia,
*	'Sponsor' a particular OWASP Project leader to attend the OWASP
conference in exchange for a participation at their chapter (this could be a
presentation, a training session, etc...)

Notes on "Who is eligible for OWASP Honorary individual membership'

Contributions to OWASP are highly valuable, so in order to recognize its
effort OWASP is allocating 'Honorary Individual Memberships' (i.e. Free
memberships) to:

*	OWASP Board Members
*	OWASP Committee Members
*	OWASP Chapter Leaders*
*	OWASP Projects Leaders*
*	Individuals with Special Contributions to OWASP*

* The allocation of  'Honorary Individual Memberships' is going to be
implemented in two phases

*	'pre AppSec DC conference' (i.e. now) - For historical reasons OWASP
chapter and projects leaders were not made OWASP Members in the past. So in
an effort to clean up the past and start with a clean state, the OWASP
Projects and Membership Committees is currently creating a list of ALL
active and past project and chapter leaders who will be given a Free 1 Year
OWASP Individual Membership
*	'post AppSec DC conference' - from Nov 09, and once a year there
after, the OWASP Chapter and Project Committees will be expected to first
create a criteria to allocate memberships (based on they contributions over
the past year) and then use it to produce an annual list of Individuals who
should be allocated an Free 1 Year 'Honorary Individual Membership'. This
list should then be submitted for vote and approval



OK, guys, what do you think? 


I'm taking this opportunity to create a set of guidelines to handle all
similar type of requests.


Note that I'm involving the Owasp on The Move (OoTM) as the clearing house
for OWASP Leaders sponsorships since that program is still quite under-used
and fits nicely with what we are trying to do here (the only change is that
for 'OWASP leaders participation at OWASP conferences', the OnTM funds are
ONLY used to cover the OWASP internal conference participation cost (100 USD
to 300 USD) )





-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20090928/94542a04/attachment-0002.html>

More information about the Owasp-board mailing list