[Owasp-board] AppSec DC presentation - pick your topic now

Tom Brennan tomb at owasp.org
Mon Nov 8 18:42:15 UTC 2010


.pdf due to size of photos...

Personally, I have heard during 2010 in Denver, Mexico, Sweden, China,
Germany and DC (today) was Global Committees and LACK of regional
representatives.  Reinforcement of what owasp is about - our mission and
milestones (as outlined below by Jeff below is great as well as the 2011
summit slides)

So I would like to ensure we (the board) sets the tone and reminds
attendees/press/new people of the basic concepts of this GLOBAL
organization.  One of the areas we need more focus on is global committees.
The concept of global committees by designed in 2008 Portugal was to take a
region lets use USA as a example but you can use China, Germany, South
America, you get the point...   and then the region would nominate/appoint 7
members for Projects, Membership, Education, Conferences, Industry, Chapters
and Connections as a regional seat at the owasp table/voice. Everyone knows
we have have lost some energy and people and we need to inject some new
blood.

As a result of the German and China regional events as a example I witnessed
very unique cultural issues (Taking Money, Membership, Conference
Management, Projects, Website complaints....)  a bit more these regions will
now submit folks for appointment and as pre-req's to be elected to the OWASP
Foundation Board (BTW we need to address this at the 2011 Summit)

In general it is accepted that we are a professional association:

Lets finalize the final slide Tuesday night or sooner - giving a global
update and then we can keep it updated for 2011 and include it as part of
the annual report of 2010.

Everyone would agree that we have GROWN and that was not by mistake - how we
steer the ship for the future is why we need a approved plan (coming from
committees with consideration of our global association)

BTW membership information below broken out by country about 1200 members

*Primary Country: *Argentina* (7 records)*    *Primary Country:
*Australia*(38 records)
*    *Primary Country: *Austria* (1 record)*    *Primary Country:
*Bahrain*(1 record)
*    *Primary Country: *Belgium* (16 records)*    *Primary Country:
*Brasil*(2 records)
*    *Primary Country: *Brazil* (7 records)*    *Primary Country:
*Canada*(30 records)
*    *Primary Country: *Chile* (2 records)*    *Primary Country:
*Colombia*(2 records)
*    *Primary Country: *Cote d'Ivoire* (1 record)*    *Primary Country: *
Cyprus* (1 record)*    *Primary Country: *Czech Republic* (1 record)*
  *Primary
Country: *Denmark* (3 records)*    *Primary Country: *Dominican Republic* (1
record)*    *Primary Country: *Egypt* (2 records)*    *Primary Country: *
Finland* (9 records)*    *Primary Country: *France* (5 records)*    *Primary
Country: *Germany* (26 records)*    *Primary Country: *Great Britain* (1
record)*    *Primary Country: *Greece* (1 record)*    *Primary Country: *
Guatemala* (2 records)*    *Primary Country: *Hong Kong* (1 record)*
 *Primary
Country: *India* (19 records)*    *Primary Country: *Ireland* (54 records)*
   *Primary Country: *Israel* (3 records)*    *Primary Country: *Italy* (11
records)*    *Primary Country: *Japan* (1 record)*    *Primary Country: *
Jordan* (1 record)*    *Primary Country: *Luxembourg* (1 record)*    *Primary
Country: *Malaysia* (2 records)*    *Primary Country: *Malta* (1 record)*
*Primary Country: *Mexico* (10 records)*    *Primary Country: *Nepal* (1
record)*    *Primary Country: *Netherlands* (11 records)*    *Primary
Country: *New Zealand* (4 records)*    *Primary Country: *Nigeria* (2
records)*    *Primary Country: *Norway* (12 records)*    *Primary Country: *
Pakistan* (1 record)*    *Primary Country: *Peru* (3 records)*    *Primary
Country: *Poland* (11 records)*    *Primary Country: *Portugal* (3 records)*
   *Primary Country: *Romania* (2 records)*    *Primary Country: *Russia* (2
records)*    *Primary Country: *Saudi Arabia* (6 records)*    *Primary
Country: *Singapore* (5 records)*    *Primary Country: *Slovakia* (1 record)
*    *Primary Country: *South Africa* (2 records)*    *Primary Country: *South
Korea* (1 record)*    *Primary Country: *Spain* (7 records)*    *Primary
Country: *Sweden* (29 records)*    *Primary Country: *Switzerland* (16
records)*    *Primary Country: *Taiwan* (2 records)*    *Primary Country: *
Turkey* (1 record)*    *Primary Country: *United Arab Emirates* (1 record)*
   *Primary Country: *United Kingdom* (93 records)*    *Primary Country: *
USA* (705 records)*


On Sun, Nov 7, 2010 at 8:14 PM, Jeff Williams <jeff.williams at owasp.org>wrote:

> Thanks Dave.  Anyone else have ideas, topics, metrics, etc… that we should
> announce?  I’m starting to get these organized into a few key messages….  We
> have two days to get this hammered out and assigned to board members.
>
>
>
> Send me your topic ideas right away!  Let me know which area you want to
> talk about.
>
>
>
> Who is going to attend?   Do I have this right?
>
>
>
> *Attending: Dave, Jeff, Tom, Seba, Matt*
>
> * *
>
> *Not attending: Dinis, Eoin*
>
>
>
> ·        OWASP is getting outside the choir and reaching developers!
>
> o   Recent articles in developer press
>
> o   Samy’s tour results!
>
> o   College chapters program
>
> o
>
> ·        OWASP knowledgebase is continuing to evolve
>
> o   New Risk-Based OWASP T10
>
> o   New testing guide and code review guide this year aligned to OWASP
> numbering system
>
> o   New secure coding guideline
>
> o
>
> ·        OWASP ecosystems are blossoming
>
> o   New ecosystems around technologies (PythonSecurity.org)
>
> o   New mobile group just getting started
>
> o   OWASP facilitating browser security with Mozilla
>
> o   Dozens of contributors now working on ESAPI in various languages
>
> o
>
> ·        OWASP membership is growing
>
> o   Lots of new corporate members (Mozilla, Microsoft, Oracle, IBM, HP,
> Amazon, Adobe, and Symantec)
>
> o   People are joining as a way to demonstrate their commitment to appsec
> to staff and customers
>
> o   <Insert subtle advertisement here>
>
> o
>
> ·        OWASP is continuing to innovate
>
> o   AppSensor
>
> o   O2
>
> o   New ESAPI project to build a “Coherent Web Policy Framework”
>
> o
>
>
>
>
>
> --Jeff
>
>
>
>
>
> *From:* Dave Wichers [mailto:dave.wichers at owasp.org]
> *Sent:* Saturday, November 06, 2010 3:54 PM
> *To:* 'Jeff Williams'; 'OWASP Foundation Board List'
> *Subject:* RE: [Owasp-board] AppSec DC presentation - pick your topic now
>
>
>
> Jeff,
>
>
>
> I think talking about actual stats from the ESAPI and the new Python
> Security Ecosystems would be interesting. # of contributors, # of languages,
> etc.
>
>
>
> I think the new college chapters program should be mentioned. Have any been
> launched?
>
>
>
> We’ve hired a person to help with OWASP Training – so we should announce
> that and talk about the plan for a training road show.
>
>
>
> Seems like we are at least starting to building relationships with the
> browser vendors like Mozilla. Mozilla, Microsoft, Oracle, IBM, HP, Amazon,
> Adobe, and Symantec are all now sponsors. That seems to say something right
> there. Do we have any real success stories related to actually changing
> security in widely used technologies which help the entire world? If we
> don’t I really wish we did. Seems like we should dust off/promote the
> Intrinsic Security Working Group.
>
>
>
> Seems like there is A LOT more OWASP activity going on now even without the
> seasons of code as an impetus. Can we measure/talk about that in some way?
>
>
>
> -Dave
>
>
>
> *From:* owasp-board-bounces at lists.owasp.org [mailto:
> owasp-board-bounces at lists.owasp.org] *On Behalf Of *Jeff Williams
> *Sent:* Friday, October 29, 2010 6:07 PM
> *To:* 'OWASP Foundation Board List'
> *Subject:* [Owasp-board] AppSec DC presentation - pick your topic now
>
>
>
> All,
>
>
>
> We have 30 minutes at the beginning of the conference to talk from the
> Board perspective.  I do not want to do a monologue this year.  So I would
> like some proposals of topics or messages that **we** will present during
> this time.
>
>
>
> Anything boring will start the conference off with a fizzle.   I want to
> highlight OWASP successes around the world.  Some possible ideas…
>
>
>
> ·        Samy’s tour results!
>
> ·        OWASP in China highlights
>
> ·        A few statistics about our best stuff
>
> ·        A few key new members (Oracle, JPMC, …)
>
> ·        Our key focus areas for 2011
>
>
>
> Everyone on the board will present for a STRICT 5 minutes – no monologuing.
>   Send me your top few ideas for topics you would like to cover and I’ll
> work out the agenda.  Any boring topics will be nuked.
>
>
>
> Remember the point of this time is to get people excited and proud to be a
> member of the OWASP Ecosystem.
>
>
>
> --Jeff
>
>
>
> Jeff Williams, CEO
>
> Aspect Security
>
> work: 410-707-1487
>
> main: 301-604-4882
>
>
>
> _______________________________________________
> Owasp-board mailing list
> Owasp-board at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-board
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20101108/a020f569/attachment-0002.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OWASP-DC-2010.pdf
Type: application/pdf
Size: 1888922 bytes
Desc: not available
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20101108/a020f569/attachment-0002.pdf>


More information about the Owasp-board mailing list