[Owasp-board] Appsec USA 2014 Proposals
Sarah Baso
sarah.baso at owasp.org
Wed Jun 19 20:13:54 UTC 2013
Yes- both submitters were provided the budget actuals from last year
and projections for this year as a point of reference in putting their
proposals together.
Sarah
On Jun 19, 2013, at 1:06 PM, Dirk Wetter <dirk.wetter at owasp.org> wrote:
>
> Hi all,
>
> I am European, so probably my opinion probably doesn't count
> that much ;-)
>
> What would have helped us as we applied for AppSecEU 2013 would have been
> having budget sheets or insights from the previous years, i.e. not the proposals but
> more realistic numbers. That kind of learning effect would have been helpful.
>
> Is/Was there feedback loop in the US from previous years.?
>
> Cheers Dirk
>
>
>
> Am 06/19/2013 07:31 PM, schrieb Mark Major:
>> Please take all of the below with a grain of salt. I am a member of the Denver planning committee
>> and I want to be transparent about my bias. At the same time, I genuinely appreciate the
>> enthusiasm, energy, and ambition coming out of Omaha. Keep it up!
>>
>>> Venue and catering are ~160k for Omaha, Denver 277k. BTW:
>>> What's the venue for Denver?
>>
>> The Denver venue is under active negotiation with several locations. Catering costs used in the
>> budget are projected from the downtown Denver Marriott where SnowFROC 2013 was held.. These costs
>> are comparable to catering at similar venues in the area (notably the convention center). Also,
>> the numbers are somewhat inflated because they include Entertainment costs. By hosting a speaker
>> reception, VIP dinner, etc. at the conference venue, a good chunk of the expenditures apply toward
>> the venue's minimum catering obligation. In order to track all venue catering in the same place we
>> moved Entertainment catering costs into the Catering tab (see "Pre-conference").
>>
>> Conversely, the Omaha budget appears to feed 700 of the 1000 attendees and does not account for
>> tax or service fees (7% and 19%, respectively). I would guess their conservative catering numbers
>> should be around 258k (not including Entertainment catering). In fairness, they may have
>> negotiated around the service fee, in which case the conservative catering costs should be around
>> $217k (before Entertainment catering). It looks like a couple other expenditures in the Omaha
>> budget may suffer from scale problems related to per-person costs. Swag, for example, is based on
>> a conference with fewer attendees than projected for Omaha.
>>
>> Overall, I get the impression Omaha's convention center can provide a very cost-effective
>> conference. The CenturyLink Convention Center's catering menu is rather inexpensive for a venue of
>> its size, and catering is (by far) the largest cost in any AppSec budget. However, their overall
>> budget needs a lot of work before we can really compare apples-to-apples. In my opinion, hosting a
>> regional conference in 2014 would be a great way for Omaha to establish a baseline for a national
>> conference bid.
>>
>>
>>> Looking the the Denver proposal, a number of companies are mentioned.
>>>
>>> Are they going to sponsor the event?
>>
>> Each of the companies listed in the Denver proposal has sponsored SnowFROC in the past. Without
>> getting into specifics, yes, I do expect several of those companies listed will sponsor a Denver
>> AppSec.
>>
>>
>>
>> On Wed, Jun 19, 2013 at 5:59 AM, Eoin <eoin.keary at owasp.org <mailto:eoin.keary at owasp.org>> wrote:
>>
>> Looking the the Denver proposal, a number of companies are mentioned.
>>
>> Are they going to sponsor the event?
>>
>> Sponsorship is important IMHO.
>>
>>
>> Eoin Keary
>> Owasp Global Board
>> +353 87 977 2988
>>
>>
>> On 19 Jun 2013, at 12:24, Dirk Wetter <dirk.wetter at owasp.org <mailto:dirk.wetter at owasp.org>>
>> wrote:
>>
>>>
>>> Hi,
>>>
>>> don't know about the US conferences but Omaha seems more optimistic as Denver, as
>>> far as training revenue is concerned (100k vs 79k/39k) and number of participants.
>>> Numbers for the latter: 1500/1000 vs 1000/750 (optimistic/conservative).
>>>
>>> In the optimistic scenario the numbers for paid and total attendance are probably
>>> swapped.
>>>
>>> Venue and catering are ~160k for Omaha, Denver 277k. BTW:
>>> What's the venue for Denver?
>>>
>>> BR, Dirk
>>>
>>> Am 06/18/2013 10:56 PM, schrieb Sarah Baso:
>>>> Checklist version 1 is available
>>>> here: https://www.owasp.org/index.php/Conference_Planning_Table and overview of tasks
>>>> here: https://www.owasp.org/images/2/2a/Conference_Timeline_Overview.pdf
>>>>
>>>> This definitely could use some work but it is a starting place for now ;-0
>>>>
>>>>
>>>> On Tue, Jun 18, 2013 at 1:55 PM, Fabio Cerullo <fcerullo at owasp.org
>>>> <mailto:fcerullo at owasp.org>> wrote:
>>>>
>>>> Agree with Tom.
>>>>
>>>> For an Appsec Conference there should be a track record of at least one regional event
>>>> being held by the soliciting chapter.
>>>>
>>>> A scoring criteria for proposals will definitely help. Also, a checklist of "things to
>>>> be done" once the proposal has been selected with time frames, etc.
>>>>
>>>> Fabio
>>>>
>>>> Sent from my iPhone
>>>>
>>>> On 18 Jun 2013, at 21:42, Tom Brennan <tomb at owasp.org <mailto:tomb at owasp.org>> wrote:
>>>>
>>>>> Denver has been kicking ass and taking names at FROC proven team and experience.
>>>>>
>>>>> I would love to see a Nebraska event however is there a track record? I would like to
>>>>> see a active chapter, a active regional event that makes OCMS before the investment of
>>>>> time energy and effort.
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> On Tue, Jun 18, 2013 at 3:45 PM, Sarah Baso <sarah.baso at owasp.org
>>>>> <mailto:sarah.baso at owasp.org>> wrote:
>>>>>
>>>>> All -
>>>>> We have received an additional proposal for AppSec USA 2014 from the Omaha,
>>>>> Nebraska Chapter. So, now that we have 2 proposals to consider (Denver and Omaha)
>>>>> I think it is appropriate to have an open comment and vote on the about the two
>>>>> proposals.
>>>>>
>>>>> In the future, as Eoin noted in his original email, we need to develop some scoring
>>>>> criteria for proposals. Since time is of the essence though with the AppSec USA
>>>>> proposals and I don't think it is fair to set scoring criteria AFTER the
>>>>> submissions have been received, I think the best way to handle this is to have an
>>>>> open voting. I have included some previous AppSec conference hosts on this thread
>>>>> hoping they will weigh in on any considerations or thoughts on the proposals, base
>>>>> on their past experiences.
>>>>>
>>>>> *I have set up this google moderator page for
>>>>> voting https://www.google.com/moderator/#15/e=20c908&t=20c908.41 *
>>>>> *
>>>>> *
>>>>> *We will be accepting votes until the end of the day FRIDAY, JUNE 21.*
>>>>>
>>>>> *Information on the two proposals:*
>>>>>
>>>>> *DENVER, CO*
>>>>> *Submission from Snofroc Team (Denver & Boulder Chapters) -
>>>>> *https://ocms.owasp.org/events/230/
>>>>>
>>>>> * Team leads: Mark Major & Steve Kosten
>>>>> * Presentation (Why Denver?)
>>>>> https://docs.google.com/a/owasp.org/file/d/0B5cq5xuMqNYSRWlUbUZSckhNMlk/edit?usp=sharing
>>>>> * Budget
>>>>> - https://docs.google.com/a/owasp.org/spreadsheet/ccc?key=0Apcq5xuMqNYSdHMyUnAwaDBlQ1Nxa3AyWDEwN0Zya3c#gid=0
>>>>>
>>>>>
>>>>> *OMAHA, NE*
>>>>> Submission from Omaha Chapter -- https://ocms.owasp.org/events/231/
>>>>>
>>>>> * Team leads: Fred Donovan and Rob Temple
>>>>> * Presentation (Why Omaha?)
>>>>> https://docs.google.com/a/owasp.org/file/d/0B6ftS9CyBPmqYThQR1NPYko4Yjg/edit?usp=sharing
>>>>> * Budget
>>>>> - https://docs.google.com/a/owasp.org/file/d/0B6ftS9CyBPmqaTgwdXdteWpzd2c/edit?usp=sharing
>>>>>
>>>>>
>>>>> Looking forward to hearing everyone's thoughts and feedback!
>>>>>
>>>>> Regards,
>>>>> Sarah Baso
>>>>>
>>>>> On Fri, Jun 7, 2013 at 5:54 PM, Sarah Baso <sarah.baso at owasp.org
>>>>> <mailto:sarah.baso at owasp.org>> wrote:
>>>>>
>>>>> Hi Eoin (and OWASP community members)
>>>>>
>>>>> Great questions ;-)
>>>>>
>>>>> First the specifics for next year's events:
>>>>>
>>>>> We have received one proposal for each AppSec USA 2014 (Denver CO) and AppSec
>>>>> Europe (Cambridge UK) - so there is no selection as much as an open opportunity
>>>>> for anyone to voice any objections before I approve these two great proposals
>>>>> so they can get planning.
>>>>>
>>>>> AppSec EU/Research for 2014 is proposed for the end of June in Cambridge, UK --
>>>>> details here: https://ocms.owasp.org/events/220/
>>>>>
>>>>> AppSec USA 2014 is proposed for Q3 (September ideally) for Denver, Colorado --
>>>>> details here: https://ocms.owasp.org/events/230/
>>>>>
>>>>> So, please take this opportunity to voice any questions, objections, support
>>>>> and barring no big issues, I will go forward with approving the events in OCMS
>>>>> on next Friday, the 14th.
>>>>>
>>>>>
>>>>> -----
>>>>> In terms of a transparent and audit-able selection process - when there is only
>>>>> one proposal received for the event (as has been the case for all the Global
>>>>> appsecs last year and most of them the year before that, and so far for next
>>>>> year) - there really is no "selection process" as much as an opportunity to
>>>>> review the budget, discuss expectations with the local team proposing to host,
>>>>> and barring no issues "approve". The Global Conference Committee previously
>>>>> conducted this process and there was not a scoring, but they just voted on the
>>>>> location if there was more than one submitted.
>>>>>
>>>>> If you would like to put together a process or outline for what you would like
>>>>> to see, I think that would be great. Otherwise, we will put it on the wish list
>>>>> and when we get someone new hired for the conferences position the staff,
>>>>> community, and that person can work on putting something together.
>>>>>
>>>>> Open to other feedback you have!
>>>>>
>>>>> Best,
>>>>> Sarah Baso
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> On Fri, Jun 7, 2013 at 6:14 AM, Eoin <eoin.keary at owasp.org
>>>>> <mailto:eoin.keary at owasp.org>> wrote:
>>>>>
>>>>> May I ask when venues for 2014 shall be selected and also how is the
>>>>> selection process conducted.
>>>>>
>>>>> Who makes the choice, how is the panel made up?
>>>>>
>>>>> I really want a transparent an auditable selection process. What scoring
>>>>> mechanism is being used?
>>>>>
>>>>> For me this is a staff decision coupled with our (to be hired) conference
>>>>> manager.
>>>>>
>>>>>
>>>>>
>>>>> Eoin Keary
>>>>> Owasp Global Board
>>>>> +353 87 977 2988 <tel:%2B353%2087%20977%202988>
>>>>>
>>>>> _______________________________________________
>>>>> Owasp-board mailing list
>>>>> Owasp-board at lists.owasp.org <mailto:Owasp-board at lists.owasp.org>
>>>>> https://lists.owasp.org/mailman/listinfo/owasp-board
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> --
>>>>> Executive Director
>>>>> OWASP Foundation
>>>>>
>>>>> sarah.baso at owasp.org <mailto:sarah.baso at owasp.org>
>>>>> +1.312.869.2779 <tel:%2B1.312.869.2779>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> --
>>>>> Executive Director
>>>>> OWASP Foundation
>>>>>
>>>>> sarah.baso at owasp.org <mailto:sarah.baso at owasp.org>
>>>>> +1.312.869.2779 <tel:%2B1.312.869.2779>
>>>>
>>>>
>>>>
>>>> --
>>>> Executive Director
>>>> OWASP Foundation
>>>>
>>>> sarah.baso at owasp.org <mailto:sarah.baso at owasp.org>
>>>> +1.312.869.2779
>>>
>>>
>>> --
>>> German OWASP Board, Conference Chair AppSec EU 2013
>>> http://appsec.eu/ | @appseceu
>>> skype://drwetter.de | tel:+49-40-2442035-1
>>
>>
>> --
>> Mark
>> OWASP Boulder
>
>
> --
> German OWASP Board, Conference Chair AppSec EU 2013
> http://appsec.eu/ | @appseceu
> skype://drwetter.de | tel:+49-40-2442035-1
>
More information about the Owasp-board
mailing list