[Owasp-board] Fwd: Request for 150K USD seed fund for the OWASP-DevSecCon Summit in April 2017 in the UK

Tom Brennan tomb at owasp.org
Tue Nov 22 14:46:30 UTC 2016


Next meeting is the 30th see:
https://www.owasp.org/index.php/Board#tab=Agenda_for_2016_Meetings

re: the request this is a request for 150k from OWASP.  This
relationship with another legal entity sounds like a partnership not a
100% summit or owasp regional event.. can you provide some clarity
around that?  Andrew is the treasurer you might want to start a thread
with him on it

On Tue, Nov 22, 2016 at 2:58 AM, Seba <seba at owasp.org> wrote:
> hi Tom,
>
> I listened to the recording, my notes below
> recording -
> https://drive.google.com/file/d/0B0yxedKRQADib3RmSHBBMmVfMXM/view (starts
> around 13', ends at 18')
>
> notes board meeting 8  - Nov on summit, notes
>
> aim for revenue neutral?
> this is what owasp should be doing, but should be budget neutral
> need more details in writing for the next board meeting
> involve at least one board member to "own" this.
> start with a lower seed fund?
> chapter funds will also be called upon.
>
> As stated below, I am available for a call on the 30th (possibly joined by
> Dinis & Francois)
> I can do 20h30 CET -
> https://www.timeanddate.com/worldclock/fixedtime.html?msg=summit+seed+fund+call&iso=20161130T2030&p1=48&am=30
>
> regards
>
> Seba
>
> On Wed, Nov 9, 2016 at 7:58 AM Seba <seba at owasp.org> wrote:
>>
>> Hi Tom,
>>
>> I will listen to the recordings, respond to questions and push this
>> further towards a successful summit (together with the team).
>> I can join a call on the 30th, assuming it is on a CET-timezone friendly
>> time :-)
>> Preferably 21h30 CEST / 3:30pm EST ?
>>
>> regards
>>
>> Seba
>>
>>
>>
>> On Wed, Nov 9, 2016 at 3:12 AM Tom Brennan - OWASP <tomb at owasp.org> wrote:
>>>
>>> @ Dinis and Seba listen to the board meeting recording/mins., about the
>>> request for over 100k for joint effort with another business.  Based on the
>>> current model it actually falls under a joint-event and would require a
>>> co-marketing agreement and seed-money.
>>>
>>> https://www.owasp.org/index.php/November_8,_2016 (when link is available)
>>>
>>> You guys have been board members you know what it is like to have
>>> something vague on the agenda a motion to approve money and questions from
>>> attendees members of the public, staff and board on the submission.  Without
>>> anyone from your team to speak to the initiative or a staff member or board
>>> member briefed it unfortunately gets pushed and without a motion, a second
>>> or a vote to make it happen.
>>>
>>> So that it can be approved by a majority vote (4) people for 2017 would
>>> someone from your team who is going to LEAD the effort answer questions and
>>> be available on the 30th?
>>>
>>> Would that person be Francois or one of you guys?
>>> https://www.linkedin.com/in/francoisraynaud
>>>
>>>
>>>
>>> On Tue, Nov 8, 2016 at 3:32 PM, Matt Konda <matt.konda at owasp.org> wrote:
>>>>
>>>> Seba,
>>>>
>>>> Is there someone attending the board meeting that can speak to this in
>>>> more detail?
>>>>
>>>> In general, I like the idea.  I have questions ...
>>>>
>>>> How many people do we expect to reach for the investment?
>>>> What would be the outcome?
>>>> What kind of organizational (events) support are you hoping for?
>>>>
>>>> As someone who was never part of the previous summits, I wonder if they
>>>> are as open and inclusive as we would need them to be to justify almost 10%
>>>> of our yearly budget to fund it.
>>>>
>>>> I definitely want to hear more - great work!
>>>>
>>>> Thanks,
>>>> Matt
>>>>
>>>> On Tue, Nov 8, 2016 at 2:13 PM, Tobias Gondrom
>>>> <tobias.gondrom at owasp.org> wrote:
>>>>>
>>>>> I support this initiative.
>>>>>
>>>>> This would be good to do!
>>>>>
>>>>> Best, Tobias
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> From: owasp-board-bounces+tobias.gondrom=owasp.org at lists.owasp.org
>>>>> [mailto:owasp-board-bounces+tobias.gondrom=owasp.org at lists.owasp.org] On
>>>>> Behalf Of Seba
>>>>> Sent: Monday, November 7, 2016 09:17
>>>>> To: Michael Coates <michael.coates at owasp.org>
>>>>> Cc: dinis <dinis at owasp.org>; OWASP Foundation Board List
>>>>> <owasp-board at lists.owasp.org>; Francois <francois at devseccon.com>
>>>>> Subject: Re: [Owasp-board] Fwd: Request for 150K USD seed fund for the
>>>>> OWASP-DevSecCon Summit in April 2017 in the UK
>>>>>
>>>>>
>>>>>
>>>>> hi,
>>>>>
>>>>>
>>>>>
>>>>> I have added this as an extra topic on the agenda:
>>>>>
>>>>> https://www.owasp.org/index.php/November_8,_2016
>>>>>
>>>>>
>>>>>
>>>>> In the coming weeks I will create a detailed budget plan together with
>>>>> the team and Andrew/Laura.
>>>>>
>>>>> At this state we are looking for the approval under the condition that
>>>>> a detailed budget will be provided by the next board call.
>>>>>
>>>>>
>>>>>
>>>>> Available for questions on Skyp/mobile in the coming days.
>>>>>
>>>>> I will not be able to join the call, as it will be midnight for me then
>>>>> ...
>>>>>
>>>>>
>>>>>
>>>>> Kind regards,
>>>>>
>>>>>
>>>>>
>>>>> Seba
>>>>>
>>>>> On Tue, Oct 25, 2016 at 9:52 PM Michael Coates
>>>>> <michael.coates at owasp.org> wrote:
>>>>>
>>>>> Acknowledged. We've got it now via the thread history.
>>>>>
>>>>>
>>>>>
>>>>> The correct list is
>>>>>
>>>>> OWASP Foundation Board List <owasp-board at lists.owasp.org>
>>>>>
>>>>>
>>>>>
>>>>> In a previous email you sent it to a defunct owasp.org address that I
>>>>> believe was created as part of gmail. I don't recall why.
>>>>>
>>>>>
>>>>>
>>>>> --
>>>>> Michael Coates | @_mwc
>>>>>
>>>>> OWASP Global Board
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> On Tue, Oct 25, 2016 at 2:40 AM, Seba <seba at owasp.org> wrote:
>>>>>
>>>>> Got an email that this is the correct email address?
>>>>> Weird, as I already sent this to the email below.
>>>>> Can hou confirm reception of this email?
>>>>>
>>>>> Thx!
>>>>> Seba
>>>>>
>>>>>
>>>>>
>>>>> ---------- Forwarded message ---------
>>>>> From: Seba <seba at owasp.org>
>>>>>
>>>>> Date: Mon, 24 Oct 2016 at 14:00
>>>>> Subject: Request for 150K USD seed fund for the OWASP-DevSecCon Summit
>>>>> in April 2017 in the UK
>>>>> To: Laura Grau <laura.grau at owasp.org>, owasp-board at owasp.org
>>>>> <owasp-board at owasp.org>
>>>>> Cc: dinis <dinis at owasp.org>, psiinon <psiinon at gmail.com>, Francois
>>>>> <francois at devseccon.com>
>>>>>
>>>>>
>>>>>
>>>>> Dear Laura, Board,
>>>>>
>>>>>
>>>>>
>>>>> Last week I attended DevSecCon in London together with a couple of
>>>>> other OWASP leaders (Dinis, Simon) and was excited about the positive
>>>>> atmosphere, content, workshops and attendees (both from development as from
>>>>> security backgrounds).
>>>>>
>>>>>
>>>>>
>>>>> Together with Francois Raynaud (founder of DevSecCon, in cc) we would
>>>>> like to organise a summit with as main focus and theme: grouping the DevOps,
>>>>> Security and OWASP communities to work on actionable and automated solutions
>>>>> for secure development and operations of software.
>>>>>
>>>>>
>>>>>
>>>>> We submitted the following event as Summit in OCMS as proposal for next
>>>>> year.
>>>>>
>>>>>
>>>>>
>>>>> Owasp-DevSecCon Summit, England, April 2017
>>>>>
>>>>>
>>>>>
>>>>> OWASP is joining forces with DevSecCon to create a Summit focused on
>>>>> the collaboration between
>>>>>
>>>>> Developers and Application Security.
>>>>>
>>>>> This is not a conference with uni-directional presentations, this is a
>>>>> working summit with working sessions on areas like: Secure Coding, Security
>>>>> Testing/TDD, DevOps, Threat Modeling, Mobile Security, IoT, Risk &
>>>>> Governance, Privacy & CTO/CISO requirements, Secure Design, Bug-bounties,
>>>>> Browser Security, AI for Attack & Defence, DDoS, Cyber Warfare, AppSec
>>>>> Standards; and of course, working sessions on popular OWASP projects (lead
>>>>> by its leaders) such as: Zap, Top 10, Dependency Checker, OwaspSAMM, OWASP
>>>>> Guides (Testing, ASVS, Core Review), AppSensor and dozens more.
>>>>>
>>>>>
>>>>>
>>>>> Using the same model as the past two OWASP Summits in Portugal, this 5
>>>>> day event will be a 16h day high energy experience, where the attendees are
>>>>> expected to work and collaborate really hard. Every working session will be
>>>>> thoroughly prepared and focused on actionable outcomes.
>>>>>
>>>>>
>>>>>
>>>>> If you care about Application Security and want to collaborate with the
>>>>> key players in this industry, this is the event to be.
>>>>>
>>>>>
>>>>>
>>>>> The Summit will occur in England, April 2017, with an entry ticket of
>>>>> $2000 (covering travel + hotel + accommodation + event fee). OWASP is
>>>>> funding a large number of its leaders and other deserving individuals to
>>>>> attend, so if you feel you can't afford this fee, or your company is not in
>>>>> a position to sponsor you, please contact the event organisers.
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> In terms of budget we ask for a seed fund of 150K USD (first draft
>>>>> budget attached in the OCMS request).
>>>>>
>>>>>
>>>>>
>>>>> Our objective is to lower the financial impact (and possibly get this
>>>>> to 0 or even make it a budget positive event) through sponsoring (externally
>>>>> and from projects/chapters) and have participant's organisations cover the
>>>>> costs.
>>>>>
>>>>> Nevertheless, we ask this seed fund to get the ball rolling and focus
>>>>> on content, speakers, workshops and tracks. In parallel we will involve
>>>>> Laura, the staff and our community to co-organize this as a professional
>>>>> event and submit a detailed budget in the following cycles.
>>>>>
>>>>>
>>>>>
>>>>> Our main question is:
>>>>>
>>>>> 1) your approval to reserve this summit seed fund (either by email or
>>>>> on your next board meeting 9-November).
>>>>>
>>>>> + your support to make this a great summit!
>>>>>
>>>>>
>>>>>
>>>>> Available for any questions/remarks thru email or other means.
>>>>>
>>>>>
>>>>>
>>>>> Thank you
>>>>>
>>>>>
>>>>>
>>>>> Kind regards
>>>>>
>>>>>
>>>>>
>>>>> Seba
>>>>>
>>>>> OWASP SAMM project
>>>>>
>>>>> OWASP Belgium chapter
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> _______________________________________________
>>>>> Owasp-board mailing list
>>>>> Owasp-board at lists.owasp.org
>>>>> https://lists.owasp.org/mailman/listinfo/owasp-board
>>>>>
>>>>>
>>>>> _______________________________________________
>>>>> Owasp-board mailing list
>>>>> Owasp-board at lists.owasp.org
>>>>> https://lists.owasp.org/mailman/listinfo/owasp-board
>>>>>
>>>>
>>>>
>>>> _______________________________________________
>>>> Owasp-board mailing list
>>>> Owasp-board at lists.owasp.org
>>>> https://lists.owasp.org/mailman/listinfo/owasp-board
>>>>
>>>
>>>
>>> The information contained in this message and any attachments may be
>>> privileged, confidential, proprietary or otherwise protected from
>>> disclosure. If you, the reader of this message, are not the intended
>>> recipient, you are hereby notified that any dissemination, distribution,
>>> copying or use of this message and any attachment is strictly prohibited. If
>>> you have received this message in error, please notify the sender
>>> immediately by replying to the message, permanently delete it from your
>>> computer and destroy any
>>> printout._______________________________________________
>>> Owasp-board mailing list
>>> Owasp-board at lists.owasp.org
>>> https://lists.owasp.org/mailman/listinfo/owasp-board



-- 
Tom Brennan
973-202-0122


More information about the Owasp-board mailing list