[Owasp-board] [Owasp-leaders] Reaching developers = cooperative hackathons

dinis cruz dinis.cruz at owasp.org
Mon Sep 6 06:49:09 UTC 2010


(CCing the Board)
That really annoys me that after all you've done for OWASP in 2010 you are
not able to participate in the AppSec USA due to a financial reason (and
ultimately OWASP's lack of focus in managing their leaders)

Of course that now is too late (and 20k is a bit over OWASP's budget :)  ),
but we need to learn from this case so that we can deal with issues like
this before they become a problem.

On the topic of local funds:

   - I just noticed that the Local Sweden chapter has 4kUSD
   http://spreadsheets.google.com/pub?key=p6IFyntQTi7t-yH-peiD8Aw (was this
   money available when you had to make your decision to not go?)
   - After the success of the last EU conference, did the Swedish (or
   stockholm) chapter received any share of the conference profits?

Dinis Cruz

On 5 September 2010 21:28, John Wilander <john.wilander at owasp.org> wrote:

> Hi Dinis!
>
> Ha, ha! But funding *is* an excuse since I did not have any funding back
> when I should have made the plans to be able to fit it into my customer's
> schedule.
>
> I don't think I'll make it to California for <= $20,000 either. I'm not
> even sure how OWASP could fund this? I appreciate the welcoming though!
>
>    /John
>
>
> 2010/9/5 dinis cruz <dinis.cruz at owasp.org>
>
> Hey John, (as I mention on the chat) don't use the funding as an excuse :)
>>
>> If you're busy, well ... that's fair enough
>>
>> But if you can find the time, see you in Irvine :)
>>
>> Dinis
>>
>> On 5 Sep 2010, at 21:00, John Wilander <john.wilander at owasp.org> wrote:
>>
>> Dear OWASP leaders,
>>
>> At last year's AppSec USA I had several interesting discussions with you
>> on OWASP's inability to reach developers. We've been stuck in "Preaching for
>> the choir" far too long. The "Bring a developer" at this year's conference
>> will hopefully make a difference.
>>
>> But we can make a difference on a regional level too, especially all of us
>> who are chapter leaders! I have really been thinking "What can my chapter do
>> to reach out to more developers?"
>>
>> The solution was cooperation.
>>
>> This weekend OWASP Sweden successfully held "Community Hack" – a two-day
>> *hackathon* – together with the regional FOSS community (FOSS = Free Open
>> Source Software). A majority of the attendees were developers. Developers
>> who now know about OWASP. Many of them also joined our chapter.
>>
>> So what's the trick? Well, developers like to *do* things, such as
>> develop software. During hackathons you bring your computer and you *do*things. You learn new tools, try out new languges and frameworks, develop
>> new applications, and investigate the unknown. In other words appsec and
>> foss communities have much in common! During a hackathon you can always mix
>> in technical talks, demos and discussions. It's the perfect way of reaching
>> developers. We did it and it was a blast.
>>
>> If you'd like to have a Community Hack in your region or country, this is
>> what we did:
>>
>>    1. Make contact with the regional or national open source movement.
>>    They're good guys. Try to set up a cooperation for hack.
>>    2. Set up a wiki page where attendees can post which projects they're
>>    going to work on. This helps to inspire others who want to come but don't
>>    have a project yet.
>>    3. Get sponsoring for breakfast, soft drinks, snacks etc. It's easy
>>    since all the software companies want to sponsor. We had to reject a handful
>>    of sponsoring offers!
>>    4. Get a venue with office tables and a decent wireless network. We
>>    cooperated with academia who provided us with a place free of charge.
>>    5. Start the hackathon with a "stand up" where everybody gets to
>>    introduce themselves and their project during ~20 seconds.
>>    6. Hack away. Have breakout sessions with talks or workshops.
>>    Socialize. Tell non-chapter members about OWASP.
>>    7. End with a round of summaries or demos of what people have done.
>>
>> Please let me know if you try this out or if you already are running
>> hackathons.
>>
>>    Kind regards, John
>>
>>
>> PS.  I won't be attending the AppSec US in Irvine :(. Too busy and no
>> funding. Hope you all have a great time!  DS.
>>
>> PPS.  Swedish blog entry with pictures from the Community Hack: <http://owaspsweden.blogspot.com/2010/09/cmtyhack-ii-ar-over.html>
>> http://owaspsweden.blogspot.com/2010/09/cmtyhack-ii-ar-over.html .  DS.
>>
>> --
>> John Wilander
>> Chapter leader OWASP Sweden, <http://owaspsweden.blogspot.com>
>> http://owaspsweden.blogspot.com
>> Conference chair OWASP AppSec Research 2010, <http://owasp.se>
>> http://owasp.se
>>
>> _______________________________________________
>> OWASP-Leaders mailing list
>> OWASP-Leaders at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>
>>
>> _______________________________________________
>> OWASP-Leaders mailing list
>> OWASP-Leaders at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>
>>
>
>
> --
> John Wilander
> Chapter leader OWASP Sweden, http://owaspsweden.blogspot.com
> Conference chair OWASP AppSec Research 2010, http://owasp.se
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20100906/afa353f4/attachment-0002.html>


More information about the Owasp-board mailing list