[Owasp-board] Fwd: Request for 150K USD seed fund for the OWASP-DevSecCon Summit in April 2017 in the UK

Tom Brennan tomb at owasp.org
Tue Nov 22 15:26:19 UTC 2016


Thanks, my only questions based on what I read so far is:

Is DecSecCon another registered non-profit business?

Will DevSecCon also be putting up 150k or is OWASP taking all the risk
here acting as the funding vehicle?



On Tue, Nov 22, 2016 at 9:52 AM, Seba <seba at owasp.org> wrote:
> Hi Tom
>
> Can the timing be adapted, I cannot make the middle of the night ?
>
> Yes, this is a joint organisation from OWASP & DevSecCon.
>
> I will reach out to Andrew with the draft budget (with our current
> assumptions)
>
> Seba
>
>
> On Tue, Nov 22, 2016 at 3:46 PM Tom Brennan <tomb at owasp.org> wrote:
>>
>> Next meeting is the 30th see:
>> https://www.owasp.org/index.php/Board#tab=Agenda_for_2016_Meetings
>>
>> re: the request this is a request for 150k from OWASP.  This
>> relationship with another legal entity sounds like a partnership not a
>> 100% summit or owasp regional event.. can you provide some clarity
>> around that?  Andrew is the treasurer you might want to start a thread
>> with him on it
>>
>> On Tue, Nov 22, 2016 at 2:58 AM, Seba <seba at owasp.org> wrote:
>> > hi Tom,
>> >
>> > I listened to the recording, my notes below
>> > recording -
>> > https://drive.google.com/file/d/0B0yxedKRQADib3RmSHBBMmVfMXM/view
>> > (starts
>> > around 13', ends at 18')
>> >
>> > notes board meeting 8  - Nov on summit, notes
>> >
>> > aim for revenue neutral?
>> > this is what owasp should be doing, but should be budget neutral
>> > need more details in writing for the next board meeting
>> > involve at least one board member to "own" this.
>> > start with a lower seed fund?
>> > chapter funds will also be called upon.
>> >
>> > As stated below, I am available for a call on the 30th (possibly joined
>> > by
>> > Dinis & Francois)
>> > I can do 20h30 CET -
>> >
>> > https://www.timeanddate.com/worldclock/fixedtime.html?msg=summit+seed+fund+call&iso=20161130T2030&p1=48&am=30
>> >
>> > regards
>> >
>> > Seba
>> >
>> > On Wed, Nov 9, 2016 at 7:58 AM Seba <seba at owasp.org> wrote:
>> >>
>> >> Hi Tom,
>> >>
>> >> I will listen to the recordings, respond to questions and push this
>> >> further towards a successful summit (together with the team).
>> >> I can join a call on the 30th, assuming it is on a CET-timezone
>> >> friendly
>> >> time :-)
>> >> Preferably 21h30 CEST / 3:30pm EST ?
>> >>
>> >> regards
>> >>
>> >> Seba
>> >>
>> >>
>> >>
>> >> On Wed, Nov 9, 2016 at 3:12 AM Tom Brennan - OWASP <tomb at owasp.org>
>> >> wrote:
>> >>>
>> >>> @ Dinis and Seba listen to the board meeting recording/mins., about
>> >>> the
>> >>> request for over 100k for joint effort with another business.  Based
>> >>> on the
>> >>> current model it actually falls under a joint-event and would require
>> >>> a
>> >>> co-marketing agreement and seed-money.
>> >>>
>> >>> https://www.owasp.org/index.php/November_8,_2016 (when link is
>> >>> available)
>> >>>
>> >>> You guys have been board members you know what it is like to have
>> >>> something vague on the agenda a motion to approve money and questions
>> >>> from
>> >>> attendees members of the public, staff and board on the submission.
>> >>> Without
>> >>> anyone from your team to speak to the initiative or a staff member or
>> >>> board
>> >>> member briefed it unfortunately gets pushed and without a motion, a
>> >>> second
>> >>> or a vote to make it happen.
>> >>>
>> >>> So that it can be approved by a majority vote (4) people for 2017
>> >>> would
>> >>> someone from your team who is going to LEAD the effort answer
>> >>> questions and
>> >>> be available on the 30th?
>> >>>
>> >>> Would that person be Francois or one of you guys?
>> >>> https://www.linkedin.com/in/francoisraynaud
>> >>>
>> >>>
>> >>>
>> >>> On Tue, Nov 8, 2016 at 3:32 PM, Matt Konda <matt.konda at owasp.org>
>> >>> wrote:
>> >>>>
>> >>>> Seba,
>> >>>>
>> >>>> Is there someone attending the board meeting that can speak to this
>> >>>> in
>> >>>> more detail?
>> >>>>
>> >>>> In general, I like the idea.  I have questions ...
>> >>>>
>> >>>> How many people do we expect to reach for the investment?
>> >>>> What would be the outcome?
>> >>>> What kind of organizational (events) support are you hoping for?
>> >>>>
>> >>>> As someone who was never part of the previous summits, I wonder if
>> >>>> they
>> >>>> are as open and inclusive as we would need them to be to justify
>> >>>> almost 10%
>> >>>> of our yearly budget to fund it.
>> >>>>
>> >>>> I definitely want to hear more - great work!
>> >>>>
>> >>>> Thanks,
>> >>>> Matt
>> >>>>
>> >>>> On Tue, Nov 8, 2016 at 2:13 PM, Tobias Gondrom
>> >>>> <tobias.gondrom at owasp.org> wrote:
>> >>>>>
>> >>>>> I support this initiative.
>> >>>>>
>> >>>>> This would be good to do!
>> >>>>>
>> >>>>> Best, Tobias
>> >>>>>
>> >>>>>
>> >>>>>
>> >>>>>
>> >>>>>
>> >>>>> From: owasp-board-bounces+tobias.gondrom=owasp.org at lists.owasp.org
>> >>>>>
>> >>>>> [mailto:owasp-board-bounces+tobias.gondrom=owasp.org at lists.owasp.org] On
>> >>>>> Behalf Of Seba
>> >>>>> Sent: Monday, November 7, 2016 09:17
>> >>>>> To: Michael Coates <michael.coates at owasp.org>
>> >>>>> Cc: dinis <dinis at owasp.org>; OWASP Foundation Board List
>> >>>>> <owasp-board at lists.owasp.org>; Francois <francois at devseccon.com>
>> >>>>> Subject: Re: [Owasp-board] Fwd: Request for 150K USD seed fund for
>> >>>>> the
>> >>>>> OWASP-DevSecCon Summit in April 2017 in the UK
>> >>>>>
>> >>>>>
>> >>>>>
>> >>>>> hi,
>> >>>>>
>> >>>>>
>> >>>>>
>> >>>>> I have added this as an extra topic on the agenda:
>> >>>>>
>> >>>>> https://www.owasp.org/index.php/November_8,_2016
>> >>>>>
>> >>>>>
>> >>>>>
>> >>>>> In the coming weeks I will create a detailed budget plan together
>> >>>>> with
>> >>>>> the team and Andrew/Laura.
>> >>>>>
>> >>>>> At this state we are looking for the approval under the condition
>> >>>>> that
>> >>>>> a detailed budget will be provided by the next board call.
>> >>>>>
>> >>>>>
>> >>>>>
>> >>>>> Available for questions on Skyp/mobile in the coming days.
>> >>>>>
>> >>>>> I will not be able to join the call, as it will be midnight for me
>> >>>>> then
>> >>>>> ...
>> >>>>>
>> >>>>>
>> >>>>>
>> >>>>> Kind regards,
>> >>>>>
>> >>>>>
>> >>>>>
>> >>>>> Seba
>> >>>>>
>> >>>>> On Tue, Oct 25, 2016 at 9:52 PM Michael Coates
>> >>>>> <michael.coates at owasp.org> wrote:
>> >>>>>
>> >>>>> Acknowledged. We've got it now via the thread history.
>> >>>>>
>> >>>>>
>> >>>>>
>> >>>>> The correct list is
>> >>>>>
>> >>>>> OWASP Foundation Board List <owasp-board at lists.owasp.org>
>> >>>>>
>> >>>>>
>> >>>>>
>> >>>>> In a previous email you sent it to a defunct owasp.org address that
>> >>>>> I
>> >>>>> believe was created as part of gmail. I don't recall why.
>> >>>>>
>> >>>>>
>> >>>>>
>> >>>>> --
>> >>>>> Michael Coates | @_mwc
>> >>>>>
>> >>>>> OWASP Global Board
>> >>>>>
>> >>>>>
>> >>>>>
>> >>>>>
>> >>>>>
>> >>>>>
>> >>>>>
>> >>>>>
>> >>>>>
>> >>>>> On Tue, Oct 25, 2016 at 2:40 AM, Seba <seba at owasp.org> wrote:
>> >>>>>
>> >>>>> Got an email that this is the correct email address?
>> >>>>> Weird, as I already sent this to the email below.
>> >>>>> Can hou confirm reception of this email?
>> >>>>>
>> >>>>> Thx!
>> >>>>> Seba
>> >>>>>
>> >>>>>
>> >>>>>
>> >>>>> ---------- Forwarded message ---------
>> >>>>> From: Seba <seba at owasp.org>
>> >>>>>
>> >>>>> Date: Mon, 24 Oct 2016 at 14:00
>> >>>>> Subject: Request for 150K USD seed fund for the OWASP-DevSecCon
>> >>>>> Summit
>> >>>>> in April 2017 in the UK
>> >>>>> To: Laura Grau <laura.grau at owasp.org>, owasp-board at owasp.org
>> >>>>> <owasp-board at owasp.org>
>> >>>>> Cc: dinis <dinis at owasp.org>, psiinon <psiinon at gmail.com>, Francois
>> >>>>> <francois at devseccon.com>
>> >>>>>
>> >>>>>
>> >>>>>
>> >>>>> Dear Laura, Board,
>> >>>>>
>> >>>>>
>> >>>>>
>> >>>>> Last week I attended DevSecCon in London together with a couple of
>> >>>>> other OWASP leaders (Dinis, Simon) and was excited about the
>> >>>>> positive
>> >>>>> atmosphere, content, workshops and attendees (both from development
>> >>>>> as from
>> >>>>> security backgrounds).
>> >>>>>
>> >>>>>
>> >>>>>
>> >>>>> Together with Francois Raynaud (founder of DevSecCon, in cc) we
>> >>>>> would
>> >>>>> like to organise a summit with as main focus and theme: grouping the
>> >>>>> DevOps,
>> >>>>> Security and OWASP communities to work on actionable and automated
>> >>>>> solutions
>> >>>>> for secure development and operations of software.
>> >>>>>
>> >>>>>
>> >>>>>
>> >>>>> We submitted the following event as Summit in OCMS as proposal for
>> >>>>> next
>> >>>>> year.
>> >>>>>
>> >>>>>
>> >>>>>
>> >>>>> Owasp-DevSecCon Summit, England, April 2017
>> >>>>>
>> >>>>>
>> >>>>>
>> >>>>> OWASP is joining forces with DevSecCon to create a Summit focused on
>> >>>>> the collaboration between
>> >>>>>
>> >>>>> Developers and Application Security.
>> >>>>>
>> >>>>> This is not a conference with uni-directional presentations, this is
>> >>>>> a
>> >>>>> working summit with working sessions on areas like: Secure Coding,
>> >>>>> Security
>> >>>>> Testing/TDD, DevOps, Threat Modeling, Mobile Security, IoT, Risk &
>> >>>>> Governance, Privacy & CTO/CISO requirements, Secure Design,
>> >>>>> Bug-bounties,
>> >>>>> Browser Security, AI for Attack & Defence, DDoS, Cyber Warfare,
>> >>>>> AppSec
>> >>>>> Standards; and of course, working sessions on popular OWASP projects
>> >>>>> (lead
>> >>>>> by its leaders) such as: Zap, Top 10, Dependency Checker, OwaspSAMM,
>> >>>>> OWASP
>> >>>>> Guides (Testing, ASVS, Core Review), AppSensor and dozens more.
>> >>>>>
>> >>>>>
>> >>>>>
>> >>>>> Using the same model as the past two OWASP Summits in Portugal, this
>> >>>>> 5
>> >>>>> day event will be a 16h day high energy experience, where the
>> >>>>> attendees are
>> >>>>> expected to work and collaborate really hard. Every working session
>> >>>>> will be
>> >>>>> thoroughly prepared and focused on actionable outcomes.
>> >>>>>
>> >>>>>
>> >>>>>
>> >>>>> If you care about Application Security and want to collaborate with
>> >>>>> the
>> >>>>> key players in this industry, this is the event to be.
>> >>>>>
>> >>>>>
>> >>>>>
>> >>>>> The Summit will occur in England, April 2017, with an entry ticket
>> >>>>> of
>> >>>>> $2000 (covering travel + hotel + accommodation + event fee). OWASP
>> >>>>> is
>> >>>>> funding a large number of its leaders and other deserving
>> >>>>> individuals to
>> >>>>> attend, so if you feel you can't afford this fee, or your company is
>> >>>>> not in
>> >>>>> a position to sponsor you, please contact the event organisers.
>> >>>>>
>> >>>>>
>> >>>>>
>> >>>>>
>> >>>>>
>> >>>>> In terms of budget we ask for a seed fund of 150K USD (first draft
>> >>>>> budget attached in the OCMS request).
>> >>>>>
>> >>>>>
>> >>>>>
>> >>>>> Our objective is to lower the financial impact (and possibly get
>> >>>>> this
>> >>>>> to 0 or even make it a budget positive event) through sponsoring
>> >>>>> (externally
>> >>>>> and from projects/chapters) and have participant's organisations
>> >>>>> cover the
>> >>>>> costs.
>> >>>>>
>> >>>>> Nevertheless, we ask this seed fund to get the ball rolling and
>> >>>>> focus
>> >>>>> on content, speakers, workshops and tracks. In parallel we will
>> >>>>> involve
>> >>>>> Laura, the staff and our community to co-organize this as a
>> >>>>> professional
>> >>>>> event and submit a detailed budget in the following cycles.
>> >>>>>
>> >>>>>
>> >>>>>
>> >>>>> Our main question is:
>> >>>>>
>> >>>>> 1) your approval to reserve this summit seed fund (either by email
>> >>>>> or
>> >>>>> on your next board meeting 9-November).
>> >>>>>
>> >>>>> + your support to make this a great summit!
>> >>>>>
>> >>>>>
>> >>>>>
>> >>>>> Available for any questions/remarks thru email or other means.
>> >>>>>
>> >>>>>
>> >>>>>
>> >>>>> Thank you
>> >>>>>
>> >>>>>
>> >>>>>
>> >>>>> Kind regards
>> >>>>>
>> >>>>>
>> >>>>>
>> >>>>> Seba
>> >>>>>
>> >>>>> OWASP SAMM project
>> >>>>>
>> >>>>> OWASP Belgium chapter
>> >>>>>
>> >>>>>
>> >>>>>
>> >>>>>
>> >>>>>
>> >>>>>
>> >>>>>
>> >>>>>
>> >>>>>
>> >>>>> _______________________________________________
>> >>>>> Owasp-board mailing list
>> >>>>> Owasp-board at lists.owasp.org
>> >>>>> https://lists.owasp.org/mailman/listinfo/owasp-board
>> >>>>>
>> >>>>>
>> >>>>> _______________________________________________
>> >>>>> Owasp-board mailing list
>> >>>>> Owasp-board at lists.owasp.org
>> >>>>> https://lists.owasp.org/mailman/listinfo/owasp-board
>> >>>>>
>> >>>>
>> >>>>
>> >>>> _______________________________________________
>> >>>> Owasp-board mailing list
>> >>>> Owasp-board at lists.owasp.org
>> >>>> https://lists.owasp.org/mailman/listinfo/owasp-board
>> >>>>
>> >>>
>> >>>
>> >>> The information contained in this message and any attachments may be
>> >>> privileged, confidential, proprietary or otherwise protected from
>> >>> disclosure. If you, the reader of this message, are not the intended
>> >>> recipient, you are hereby notified that any dissemination,
>> >>> distribution,
>> >>> copying or use of this message and any attachment is strictly
>> >>> prohibited. If
>> >>> you have received this message in error, please notify the sender
>> >>> immediately by replying to the message, permanently delete it from
>> >>> your
>> >>> computer and destroy any
>> >>> printout._______________________________________________
>> >>> Owasp-board mailing list
>> >>> Owasp-board at lists.owasp.org
>> >>> https://lists.owasp.org/mailman/listinfo/owasp-board
>>
>>
>>
>> --
>> Tom Brennan
>> 973-202-0122



-- 
Tom Brennan
973-202-0122


More information about the Owasp-board mailing list