[Owasp-board] AppSec DC presentation - pick your topic now

Dave Wichers dave.wichers at owasp.org
Wed Nov 10 03:31:06 UTC 2010


Jeff, Tom, Matt,

 

Are there any of these topics in particular that you wish to talk about?

 

I think I would prefer to talk about the evolving Knowledgebase with the Top
10, new Coding Guideline, Guide Updates, and alignment to ASVS.

 

-Dave

 

From: Jeff Williams [mailto:jeff.williams at owasp.org] 
Sent: Sunday, November 07, 2010 8:14 PM
To: 'Dave Wichers'; 'OWASP Foundation Board List'
Subject: RE: [Owasp-board] AppSec DC presentation - pick your topic now

 

Thanks Dave.  Anyone else have ideas, topics, metrics, etc. that we should
announce?  I'm starting to get these organized into a few key messages..  We
have two days to get this hammered out and assigned to board members.

 

Send me your topic ideas right away!  Let me know which area you want to
talk about.

 

Who is going to attend?   Do I have this right? 

 

Attending: Dave, Jeff, Tom, Seba, Matt

 

Not attending: Dinis, Eoin

 

.         OWASP is getting outside the choir and reaching developers!

o   Recent articles in developer press

o   Samy's tour results!

o   College chapters program

o    

.         OWASP knowledgebase is continuing to evolve

o   New Risk-Based OWASP T10

o   New testing guide and code review guide this year aligned to OWASP
numbering system

o   New secure coding guideline

o    

.         OWASP ecosystems are blossoming

o   New ecosystems around technologies (PythonSecurity.org)

o   New mobile group just getting started

o   OWASP facilitating browser security with Mozilla

o   Dozens of contributors now working on ESAPI in various languages

o    

.         OWASP membership is growing

o   Lots of new corporate members (Mozilla, Microsoft, Oracle, IBM, HP,
Amazon, Adobe, and Symantec)

o   People are joining as a way to demonstrate their commitment to appsec to
staff and customers

o   <Insert subtle advertisement here>

o    

.         OWASP is continuing to innovate

o   AppSensor

o   O2

o   New ESAPI project to build a "Coherent Web Policy Framework"

o    

 

 

--Jeff

 

 

From: Dave Wichers [mailto:dave.wichers at owasp.org] 
Sent: Saturday, November 06, 2010 3:54 PM
To: 'Jeff Williams'; 'OWASP Foundation Board List'
Subject: RE: [Owasp-board] AppSec DC presentation - pick your topic now

 

Jeff,

 

I think talking about actual stats from the ESAPI and the new Python
Security Ecosystems would be interesting. # of contributors, # of languages,
etc.

 

I think the new college chapters program should be mentioned. Have any been
launched?

 

We've hired a person to help with OWASP Training - so we should announce
that and talk about the plan for a training road show.

 

Seems like we are at least starting to building relationships with the
browser vendors like Mozilla. Mozilla, Microsoft, Oracle, IBM, HP, Amazon,
Adobe, and Symantec are all now sponsors. That seems to say something right
there. Do we have any real success stories related to actually changing
security in widely used technologies which help the entire world? If we
don't I really wish we did. Seems like we should dust off/promote the
Intrinsic Security Working Group.

 

Seems like there is A LOT more OWASP activity going on now even without the
seasons of code as an impetus. Can we measure/talk about that in some way?

 

-Dave

 

From: owasp-board-bounces at lists.owasp.org
[mailto:owasp-board-bounces at lists.owasp.org] On Behalf Of Jeff Williams
Sent: Friday, October 29, 2010 6:07 PM
To: 'OWASP Foundation Board List'
Subject: [Owasp-board] AppSec DC presentation - pick your topic now

 

All,

 

We have 30 minutes at the beginning of the conference to talk from the Board
perspective.  I do not want to do a monologue this year.  So I would like
some proposals of topics or messages that *we* will present during this
time.

 

Anything boring will start the conference off with a fizzle.   I want to
highlight OWASP successes around the world.  Some possible ideas.

 

.         Samy's tour results!

.         OWASP in China highlights

.         A few statistics about our best stuff

.         A few key new members (Oracle, JPMC, .)

.         Our key focus areas for 2011

 

Everyone on the board will present for a STRICT 5 minutes - no monologuing.
Send me your top few ideas for topics you would like to cover and I'll work
out the agenda.  Any boring topics will be nuked.

 

Remember the point of this time is to get people excited and proud to be a
member of the OWASP Ecosystem.

 

--Jeff

 

Jeff Williams, CEO

Aspect Security

work: 410-707-1487

main: 301-604-4882

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20101109/f56fe0db/attachment-0002.html>


More information about the Owasp-board mailing list