[Owasp-board] AppSec DC presentation - pick your topic now

Seba seba at owasp.org
Thu Nov 11 09:34:39 UTC 2010


Paulo,

Great overview!
can you share this on the leader mailing list?

regards

--Seba

On Thu, Nov 11, 2010 at 1:22 AM, Paulo Coimbra <paulo.coimbra at owasp.org>wrote:

>  Hello Board,
>
>
>
> A bit late I am sending off a quick overview of OWASP Projects – roughly
> last 4 months.
>
>
>
> Thanks,
>
> - Paulo
>
>
>
>
>
> Paulo Coimbra,
>
> OWASP Project Manager <http://www.owasp.org/index.php/User:Paulo_Coimbra>
>
>
>
> *From:* owasp-board-bounces at lists.owasp.org [mailto:
> owasp-board-bounces at lists.owasp.org] *On Behalf Of *Dave Wichers
> *Sent:* quarta-feira, 10 de Novembro de 2010 03:31
>
> *To:* 'Jeff Williams'; 'OWASP Foundation Board List'
> *Subject:* Re: [Owasp-board] AppSec DC presentation - pick your topic now
>
>
>
> Jeff, Tom, Matt,
>
>
>
> Are there any of these topics in particular that you wish to talk about?
>
>
>
> I think I would prefer to talk about the evolving Knowledgebase with the
> Top 10, new Coding Guideline, Guide Updates, and alignment to ASVS.
>
>
>
> -Dave
>
>
>
> *From:* Jeff Williams [mailto:jeff.williams at owasp.org]
> *Sent:* Sunday, November 07, 2010 8:14 PM
> *To:* 'Dave Wichers'; 'OWASP Foundation Board List'
> *Subject:* RE: [Owasp-board] AppSec DC presentation - pick your topic now
>
>
>
> Thanks Dave.  Anyone else have ideas, topics, metrics, etc… that we should
> announce?  I’m starting to get these organized into a few key messages….  We
> have two days to get this hammered out and assigned to board members.
>
>
>
> Send me your topic ideas right away!  Let me know which area you want to
> talk about.
>
>
>
> Who is going to attend?   Do I have this right?
>
>
>
> *Attending: Dave, Jeff, Tom, Seba, Matt*
>
> * *
>
> *Not attending: Dinis, Eoin*
>
>
>
> ·        OWASP is getting outside the choir and reaching developers!
>
> o   Recent articles in developer press
>
> o   Samy’s tour results!
>
> o   College chapters program
>
> o
>
> ·        OWASP knowledgebase is continuing to evolve
>
> o   New Risk-Based OWASP T10
>
> o   New testing guide and code review guide this year aligned to OWASP
> numbering system
>
> o   New secure coding guideline
>
> o
>
> ·        OWASP ecosystems are blossoming
>
> o   New ecosystems around technologies (PythonSecurity.org)
>
> o   New mobile group just getting started
>
> o   OWASP facilitating browser security with Mozilla
>
> o   Dozens of contributors now working on ESAPI in various languages
>
> o
>
> ·        OWASP membership is growing
>
> o   Lots of new corporate members (Mozilla, Microsoft, Oracle, IBM, HP,
> Amazon, Adobe, and Symantec)
>
> o   People are joining as a way to demonstrate their commitment to appsec
> to staff and customers
>
> o   <Insert subtle advertisement here>
>
> o
>
> ·        OWASP is continuing to innovate
>
> o   AppSensor
>
> o   O2
>
> o   New ESAPI project to build a “Coherent Web Policy Framework”
>
> o
>
>
>
>
>
> --Jeff
>
>
>
>
>
> *From:* Dave Wichers [mailto:dave.wichers at owasp.org]
> *Sent:* Saturday, November 06, 2010 3:54 PM
> *To:* 'Jeff Williams'; 'OWASP Foundation Board List'
> *Subject:* RE: [Owasp-board] AppSec DC presentation - pick your topic now
>
>
>
> Jeff,
>
>
>
> I think talking about actual stats from the ESAPI and the new Python
> Security Ecosystems would be interesting. # of contributors, # of languages,
> etc.
>
>
>
> I think the new college chapters program should be mentioned. Have any been
> launched?
>
>
>
> We’ve hired a person to help with OWASP Training – so we should announce
> that and talk about the plan for a training road show.
>
>
>
> Seems like we are at least starting to building relationships with the
> browser vendors like Mozilla. Mozilla, Microsoft, Oracle, IBM, HP, Amazon,
> Adobe, and Symantec are all now sponsors. That seems to say something right
> there. Do we have any real success stories related to actually changing
> security in widely used technologies which help the entire world? If we
> don’t I really wish we did. Seems like we should dust off/promote the
> Intrinsic Security Working Group.
>
>
>
> Seems like there is A LOT more OWASP activity going on now even without the
> seasons of code as an impetus. Can we measure/talk about that in some way?
>
>
>
> -Dave
>
>
>
> *From:* owasp-board-bounces at lists.owasp.org [mailto:
> owasp-board-bounces at lists.owasp.org] *On Behalf Of *Jeff Williams
> *Sent:* Friday, October 29, 2010 6:07 PM
> *To:* 'OWASP Foundation Board List'
> *Subject:* [Owasp-board] AppSec DC presentation - pick your topic now
>
>
>
> All,
>
>
>
> We have 30 minutes at the beginning of the conference to talk from the
> Board perspective.  I do not want to do a monologue this year.  So I would
> like some proposals of topics or messages that **we** will present during
> this time.
>
>
>
> Anything boring will start the conference off with a fizzle.   I want to
> highlight OWASP successes around the world.  Some possible ideas…
>
>
>
> ·        Samy’s tour results!
>
> ·        OWASP in China highlights
>
> ·        A few statistics about our best stuff
>
> ·        A few key new members (Oracle, JPMC, …)
>
> ·        Our key focus areas for 2011
>
>
>
> Everyone on the board will present for a STRICT 5 minutes – no monologuing.
>   Send me your top few ideas for topics you would like to cover and I’ll
> work out the agenda.  Any boring topics will be nuked.
>
>
>
> Remember the point of this time is to get people excited and proud to be a
> member of the OWASP Ecosystem.
>
>
>
> --Jeff
>
>
>
> Jeff Williams, CEO
>
> Aspect Security
>
> work: 410-707-1487
>
> main: 301-604-4882
>
>
>
> _______________________________________________
> Owasp-board mailing list
> Owasp-board at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-board
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20101111/c271d9ed/attachment-0002.html>


More information about the Owasp-board mailing list