[Owasp-board] BugCroud

Fabio Cerullo fcerullo at owasp.org
Tue Dec 23 15:32:44 UTC 2014


I like it... HITB, Infiltrate, BSides allow the attendees to select the
talks through a voting system.

Do we go for a spin with an OWASP conference?

Regards
Fabio

On Tue, Dec 23, 2014 at 1:07 AM, Jim Manico <jim.manico at owasp.org> wrote:

> Thanks for pointing this out, Tom. There is a trend here. The
> Hack-In-The-Box series is experimenting with the same thing.
>
> 1) Speakers submit talks as normal
> 2) Attendees are tasked to register early
> 3) Paid attendees use voting system to pick talks
> 4) Conference becomes 100% attendee driven
>
> This changes focus on security conferences dramatically. The number of
> "toasters getting hacked" talks drops off, and frankly the number of "elite
> only" talks drops off. The conference becomes more educational in nature;
> and more community driven.
>
> I would love to experiment with this at OWASP.
>
> - Jim
>
>
> On 12/22/14 5:01 PM, Tom Brennan wrote:
>
>> Related more to CFP but this is cool let the attendees pick the agenda
>>
>> https://www.syscan.org/index.php/sg/cfp/vote/
>>
>> Now that's transparency
>>
>> Tom Brennan
>> 973-202-0122
>>
>>  On Dec 22, 2014, at 6:25 PM, Eoin Keary <eoin.keary at owasp.org> wrote:
>>>
>>> +1
>>>
>>> Sent from my iPhone
>>>
>>>  On 20 Dec 2014, at 02:07, Michael Coates <michael.coates at owasp.org>
>>>> wrote:
>>>>
>>>> Hey Jim
>>>>
>>>> As someone who go is planning appsecusa 2015 here are my thoughts.
>>>>
>>>> 1. Open call for activities. So bugcrowd and anyone else can submit a
>>>> proposal for activity x.
>>>>
>>>> 2. Making it clear that this is an add on activity coordinated by
>>>> vendor x (e.g along the lines you mentioned if specifically vendor not
>>>> Owasp)
>>>>
>>>> And don't get me wrong, these companies are all great. But it's about
>>>> clearly delineating Owasp vs vendor items and making an open playing field
>>>> for all to submit.
>>>>
>>>>
>>>>
>>>>  On Dec 19, 2014, at 4:56 PM, Jim Manico <jim.manico at owasp.org> wrote:
>>>>>
>>>>> Board,
>>>>>
>>>>> BugCroud has been setting up events at OWASP conferences that concearn
>>>>> me. They are doing "bugbashes" which are CTF's that use the BugCroud
>>>>> closed-source commercial platform. These CTF's go after public websites
>>>>> that have open bug bounties, but still, it uses the BugCroud platform to
>>>>> track these efforts. Since this is a commercial platform, this falls under
>>>>> a vendor sponsorship program as opposed to an event they can host at our
>>>>> conference "for free".
>>>>>
>>>>> So I suggest we charge for vendor sponsorship fees and move the
>>>>> BugBash program to the vendor area so it's clear this is not an official
>>>>> OWASP program.
>>>>>
>>>>> If OWASP wants to do a "public conference" CTF in a more premium area
>>>>> of the conference, I'd like to see us using a platform that is open source
>>>>> like the OWASP CTF project. If a vendor wants to use their commercial
>>>>> platform to do a CTF at an official OWASP conference, that sounds like a
>>>>> vendor sponsorship event/opportunity.
>>>>>
>>>>> Aloha,
>>>>> Jim
>>>>>
>>>>> _______________________________________________
>>>>> Owasp-board mailing list
>>>>> Owasp-board at lists.owasp.org
>>>>> https://lists.owasp.org/mailman/listinfo/owasp-board
>>>>>
>>>> _______________________________________________
>>>> Owasp-board mailing list
>>>> Owasp-board at lists.owasp.org
>>>> https://lists.owasp.org/mailman/listinfo/owasp-board
>>>>
>>> _______________________________________________
>>> Owasp-board mailing list
>>> Owasp-board at lists.owasp.org
>>> https://lists.owasp.org/mailman/listinfo/owasp-board
>>>
>> _______________________________________________
>> Owasp-board mailing list
>> Owasp-board at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-board
>>
>
> _______________________________________________
> Owasp-board mailing list
> Owasp-board at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-board
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20141223/b0dacab0/attachment.html>


More information about the Owasp-board mailing list