[Owasp-Cluj] OWASP Budapesta live YouTube maine seara

Lucian Corlan OWASP lucian.corlan at owasp.org
Mon Mar 16 09:11:57 UTC 2015


Salutare,

Nu uitati de evenimentul din Budapesta: Internet of Things de maine seara, live pe YouTube!

Ps: Sper sa organizam si intalnirea membrilor OWASP Cluj foarte in curand.. Stay tuned!

Mersi,
Lucian

Begin forwarded message:

From: "Timur 'x' Khrotko (owasp)" <timur at owasp.org>
Date: 14 March 2015 22:52:01 EET
To: Wojciech Dworakowski <wojciech.dworakowski at owasp.org>, Oana Cornea <oana.cornea at owasp.org>, Jürgen Grieshofer <juergen.grieshofer at owasp.org>, Lucian Corlan <lucian.corlan at owasp.org>
Cc: Nazar Tymoshyk <root.nt at gmail.com>, Glib Pakharenko <glib.pakharenko at owasp.org>, Alexander Antukh <alexander.antukh at owasp.org>, vaagn tukharian <tuxarik at gmail.com>
Subject: Re: OWASP EEE #Piloting!?

Colleagues,

so the online owasp meeting from Budapest, Linz, LA, Boston, Toulouse and probably Moscow is coming Tuesday evening 1830 Vienna time (CET).

The online audience is to know these two links:
https://youtu.be/3OrKhLJJcaQ
http://goo.gl/Uvn20I

The speakers and others who come to the stage deals with this link only:
https://plus.google.com/hangouts/_/ytl/sSPRzi9D_lW1qKV1OjoePa-8MR4EyzdG-hkGPvkVGLw=
- it authorizes you to join the video chat,
- if opened on a mobile platform you can videochat,
- if opened on desktop chrome then presenters can screenshare their prezos,
- if opened by the organizer (whith some additional switches) he can choose who goes to the public stream, etc.

The broadcast will be recorded automatically in youtube, visitors can watch it live or with max 4hrs delay. Later you can cut the raw stream and publish a prettier version or pieces. (Not tested, but planned.)

Visitors on the yt are said to be able to comment the broadcast live. If possible I will try giving access for ppl to join the video chat in the Q/A section.

Feel free to follow the above hangouts link, it doesn't break.
 
I also encourage you to join the hangouts session with your video presence. For example there will be 10 min socializing gaps at the end of each hour, when we can occupy the live picture with you and discuss something interesting for online viewers. I don't think that there will be an online crowd watching, but at least for the sake of experiment we can try this.

My plan is that every hour contains 2x 20min presentations, every hour starts with a presentation, followed by a 5min q&a, then the next preso starts and ends with a q&a, and the hour is competed by a 10min socializing session. (And there will be the first preso starting at halfhour as an exception.)

For the promotion and registration we certainly deployed other landing sites also:
http://meetu.ps/2GGLhn
https://twitter.com/owasp_hu
https://www.eventbrite.com/e/owasp-hu-iot-security-tickets-16029195756
http://www.linkedin.com/groups?gid=4692397
https://www.facebook.com/events/802421783126743/
https://www.owasp.org/index.php/Hungary#IoT_Sec_150317_.40_LogMeIn

(For the current event the meetup.com worked, eb didn't.)

Wojciech, I encourage you to experiment with broadcasting on Wednesday, its easy and does not require any special hardware. Here I give you the preliminary howto based on everything google.))

1. Have a google plus page with a couple of managing accounts. 
(eg. https://plus.google.com/u/1/104775568539346911434/posts )
- for the google plus community we have a community, which is a different thing:
(http://plus.google.com/communities/101439162562517684078 )

2. Create a youtube account with that page account.
(ours: https://www.youtube.com/channel/UCz82feq2hvESJcw08DBf0RA )
- this can't have a pretty name, I made a short link to share: http://goo.gl/5Vu4oz (see: https://goo.gl/ )
- enable Live events

3. https://www.youtube.com/my_live_events >> Create a new event
- public, Type: Quick (using Google+ Hangouts On Air)
- set the time, etc, etc.
- you can change the settings later
- it will provide you two links:
-- the youtube stream link to share with visitors (an uglier one)
(go to that youtube stream page and pressing share gives you a prettier link like https://youtu.be/3OrKhLJJcaQ , see above)
-- the hangout link to share with presenters (see above, https://plus.google.com/hangouts/_/ytl/s...)

4. https://www.youtube.com/my_live_events >> Start Hangout On Air
- do it in desktop chrome only,
- I recommend starting an incognito mode browser instance and login with the page manager account only, then switch to the page account,
- it brings you to the same hangout panel as the other presenters (actually the same url as the above but with additional params),
- there you can start broadcasting when time and others come.

5. Since we and presenters are not familiar with the broadcasting hangout webapp I am doing test calls with presenters using the above "production/stage" link and we test their ability of screensharing, just to realize that it needs practice.
- actually on macs I recommend using the multidesktops feature, using the hangouts webapp in one desktop and putting the presentation in fullscreen mode in an other desktop (shift-cmd-F), switching desktops by ctrl-arrows.

Hardwarewise:
a) The presenters laptops should contain very good microphones, if not then headphones with micros, or putting headsets micros to your mouth is the major prerequisite I see. Audio quality is crucial for presenting remotely, imo. Internet bandwidth is an issue but shouldn't be.

b) As in our case there will be the base (physical) event. There will be a laptop for the local presenters. The only difference I see is that you have to connect the local (professional) microphone so that it goes to the hangout event also (or goes only there, and the event output audio goes then to the local sound system visitors hear at the place). So I suggest connecting the micro to the presenters laptop (will not be the case if several local presenters change laptops).

c) There must be a laptop with the hangout webapp loaded via the youtube 'Start Hangout On Air' button, that is the editor/broadcaster laptop. There you can choose whose video is broadcasted, who to mute, etc. Obviously this role/workstation is to exist in the local event environment, that will be our setup. And we will connect a cheap webcam to it to have a picture of the event and return to it whenever there is no useful picture from the participants.

d) I also plan to have my colleague at an other place who can take over the above studio role if the 'c' workstation dies, etc. (Hangout does not die even if the organizer falls off.)

e) Anyone can join the hangout with the 'presenters/stage' link even from a mobile platform with the hangout app installed.

If interested, please ask. Probably the above howto will be changed when we went thru a live event. Please learn from our mistakes also ))

Cheers,

   
~timur
owasp hu chapter // appsec propagandist
+36309225777, +79217697577, +12318468790 
< w, g, f, l, t, m />
 

> On Wed, Mar 11, 2015 at 4:33 PM, Wojciech Dworakowski <wojciech.dworakowski at owasp.org> wrote:
> Wow - quite impresive agenda! Very interesting.
> I have forwarded info to our mailing list and Linkedin Group.
> Day after - 18.03 we are organizing joint event with local DevOps community. This time we will rather not be able to stream but please share your experiences (especially hw setup).
> 
> Regarding EEE event. Do you have any new thoughts / news? As Polish Chapter Leader I am still interested in organizing it.
> 
> Meanwhile:
> 
> 1. CONFidence conference is talking with us about organizing "OWASP" or "AppSec" track during CONFidence 2015.
> Do you have any experiences with organizing owasp events joined with commercial conference?
> Are you interested in talking at CONFidence?
> 
> 2. My proposal was selected to AppSec EU in Amsterdam. Topic:
> E-banking transaction authorization – common vulnerabilities, security verification and best practices for implementation,
> + colleagues from my team will be presenting at Black Hat Asia:
> blackhat.com/asia-15/briefings.html#bypassing-malware-detection-mechanisms-in-online-banking
> Let me know if those topics will be interested to your chapters. If so we could arrange speakers exchange or something like that.
> 
> Best Regards
> 
> Wojtek Dworakowski
> OWASP Poland Chapter Leader
> 
>> On Tue, Mar 10, 2015 at 6:55 PM, Timur 'x' Khrotko (owasp) <timur at owasp.org> wrote:
>> Hello, all,
>> 
>> we will be holding a meetup next Tuesday evening, on the 17th -- completely in English and also will experiment with broadcasting it live via YouTube. It was not planned as such, but now we have this international and online thing coming. See:
>> http://meetu.ps/2GGLhn
>> 
>> Topic: Security of the Internet of things.
>> 
>> OWASP Austria (Jürgen) and Romania (Oana) were already helping us with the event, so offering their chapters to attend remotely occurred naturally, so we already expect some folks from our neighboring chapters to watch the talks live via YouTube:
>> https://www.youtube.com/channel/UCz82feq2hvESJcw08DBf0RA
>> 
>> If you find the topic interesting and the talks worth watching, please advertise it among your members! We can not guarantee that the show will be perfect in terms of our handling the Hangout conference and the YouTube broadcast, since we experiment with both for the first time, but we hope to make it right.
>> 
>> With the above said I would like to take on the topic of the joint regional events we started to discuss in this circle in January. If you feel like joining this event with some of your members by saying live hello from your location via hangout, please express your support, you are welcome. Probably we can make it the first/pilot virtual event of the OWASP CEE/EEE.
>> 
>> (I will share our experience of making an online event later next week.)
>> 
>> I also cc-d Jürgen (Austria) and Vaagn (Armenia).
>> 
>> Cheers,
>> 
>> Timur
>>> On Jan 13, 2015 5:17 PM, "Timur 'x' Khrotko (owasp)" <timur at owasp.org> wrote:
>>> Hey, a related thread on the leader's list just brought a collection of links we may read tru too.
>>> 
>>> (Actually we will need to contact Noreen, when we moved our concept to a sort of beta stage.))
>>> 
>>> ~timur
>>> 
>>> ####
>>> 
>>> Hi Prakhar,
>>> 
>>> You might find a lot of information you need to develop your conference in Chapter 7 of the Leader Handbook:
>>> 
>>> https://www.owasp.org/index.php/Chapter_Handbook/Chapter_7:_Organizing_Chapter_Meetings
>>> 
>>> It contains information on promotion, engaging speakers and running the meeting itself.
>>> 
>>> 
>>> 
>>> There is an entire section on How to Host a Conference with details on planning, budgeting, roles/responsibilities, content, promotion, social media, on-site logistics, etc.:
>>> 
>>> 
>>> 
>>> https://www.owasp.org/index.php/How_to_Host_a_Conference
>>> 
>>> 
>>> 
>>> 
>>> The OWASP Speakers Project was set up specifically to help chapters find speakers and presentations to bring to their events:
>>> 
>>> https://www.owasp.org/index.php/Category:OWASP_Speakers_Project
>>> 
>>> 
>>> The OWASP On the Move Program also has information about how to request additional funding:
>>> 
>>> https://www.owasp.org/index.php/OWASP_on_the_Move
>>> 
>>> 
>>> Let me know if you have any questions about these materials
>>> 
>>> ####
>>> 
>>>    
>>> ~timur
>>> owasp hu chapter // appsec propagandist
>>> +36309225777, +79217697577, +12318468790 
>>> < w, g, f, l, t, m />
>>>>>> 
>>>> On Sun, Jan 11, 2015 at 5:22 PM, Oana Cornea <oana.cornea at owasp.org> wrote:
>>>> Hello everyone,
>>>> 
>>>> I've added Lucian Corlan, the chapter leader of OWASP Cluj-Napoca which was recently reactivated. Now in Romania there are two OWASP chapters: in Bucharest and in Cluj. 
>>>> 
>>>> Lucian, we were speaking about OWASP EEE (Eastern European Event) - if you like the idea, join us and feel free to comment.
>>>> 
>>>> I agree with the ideas presented so far: 
>>>> - a regional event for developers and application security people in Eastern Europe 
>>>> - I agree that the conference should be free and eventual workshops should be paid. (I think we should work with OWASP Global and also try to find sponsors in our region). 
>>>> - regarding speakers and content - I think it won't be an issue to find good speakers and topics. I'll also comment on the other thread.
>>>> 
>>>> Best regards,
>>>> Oana
>>>> 
>>>>> On Wed, Jan 7, 2015 at 7:42 PM, Timur 'x' Khrotko (owasp) <timur at owasp.org> wrote:
>>>>> Hello, happy new year all!)
>>>>> 
>>>>> inline:
>>>>> 
>>>>>> On Wed, Jan 7, 2015 at 4:45 PM, Wojciech Dworakowski <wojciech.dworakowski at owasp.org> wrote:
>>>>>> Hi All,
>>>>>> Sorry for being quiet for so long. End of the year is always busy in pentesting business ;)
>>>>>> 
>>>>>> I think, that before we will start discussing form, funding, locations, scope, logistics etc we should align our goals regarding this event. Local chapters goals and (maybe) also personal goals. Organizing such as event always take a lot of time and effort so without motivation it will be difficult to keep momentum.
>>>>>> 
>>>>>> So:
>>>>>> 
>>>>>> 1. Target audience:
>>>>>> Builders, breakers or defenders?
>>>>>> From my point of view we should especially reach out to developers or rather people responsible for security in dev teams.
>>>>>> Nowadays EE is "new India" in world of software development. Many of software vendors are moving their development operations to Poland, Ukraine, Romania, Hungary (I don't know if this trend is also valid for Russia?). This could be some kind of differentiator if we would like to justify to OWASP Global why we want to organize EE Event and why we need funding.
>>>>> 
>>>>> dev and those who do appsec for dev
>>>>>  
>>>>>> 
>>>>>> 2. Countries involved
>>>>>> Should we invite other chapters from region (eg. Pavol from Slovakia) or even extend to whole Europe?
>>>>>> From my point of view - we should stay in region, at least in terms of speakers - to give opportunity for local speakers and researchers (maybe also companies) to promote themselves.
>>>>>> If we will organize successful events in our region, probably it will be much easier to extend event to other EU chapters in the next round.
>>>>> 
>>>>> region (incl RU, and any country can join if can identify with the EE notion)
>>>>>  
>>>>>> 
>>>>>> 3. How we will find interesting speakers?
>>>>>> - Ourselves (or our companies/coleagues). If you have any ideas - please share in separate thread.
>>>>>> - OWASP speakers available in Europe.
>>>>>> - Project leaders from our countries?
>>>>>> - Open CFP.
>>>>>> Any other ideas?
>>>>> 
>>>>> priorities:
>>>>> - deliver quality content
>>>>> - motivate local speakers to deliver in english
>>>>> - bring one charismatic and one known speaker 
>>>>>  
>>>>>> 
>>>>>> 4. Funding
>>>>>> Do we have consensus that conference should be free and eventual workshops should be paid?
>>>>> 
>>>>> +1
>>>>>  
>>>>>> If so, we will need money to fund free conferences. Of course we could use our chapter budgets of find sponsors, but AFAIK OWASP Global has lot of spare funds and if we will justify need to fund our events they will help us.
>>>>> 
>>>>> +1
>>>>> and there was a discussion on the leaders list in November or so about this, let's read that again
>>>>>  
>>>>>> Also we should thing about cashflow. When I am doing chapter meeting, I am using my private money to pay for catering, etc and then I am asking for reimbursement from chapter budget. In case of larger event this model is rather unacceptable.
>>>>>> Qualys is good candidate for sponsor and of course I can handle contacts with Andrzej Klesnicki. I can also reach out to Allegro Group.They are supporting our chapter and AFAIK their business is present mainly in EE  (Allegro, OLX, PayU, etc).
>>>>>  
>>>>> ...
>>>>>  
>>>>>> 
>>>>>> Best regards,
>>>>>> Wojtek Dworakowski
>>>>>> OWASP Poland Chapter Leader
>>>>>> 
>>>>>> 
>>>>>>> On Mon, Dec 8, 2014 at 4:46 PM, Alexander Antukh <alexander.antukh at owasp.org> wrote:
>>>>>>> Hope other guys will let us know their opinions as well :)
>>>>>>> 
>>>>>>> Kate recently wrote me the following:
>>>>>>> 
>>>>>>> "At a global level, we have the LATAM tour in the Q1, AppSec EU Q2, AppSec USA Q3, and APAC tour Q4.
>>>>>>> 
>>>>>>> There are a couple of other events in the region through out the year.  You might want to check when they are so that your event can compliment and not compete with anything else going on."
>>>>>>> 
>>>>>>> So maybe it is better to make it regional (EEE)  as planned, and not all-EU, since we might interfere with others.
>>>>>>> Nevertheless she's totally supporting us, so if we come to the consensus we could proceed with official start to get (organizational) support from OWASP.
>>>>>>> 
>>>>>>> I don't mind either of chatting here or to have a Skype call.
>>>>>>> Cheers,
>>>>>>> AA
>>>>>>> 
>>>>>>>> On Mon, Dec 8, 2014 at 4:56 PM, Oana Cornea <oana.cornea at owasp.org> wrote:
>>>>>>>> Hello all,
>>>>>>>> 
>>>>>>>> There was something similar organized in Europe before: OWASP Europe Tour. It's similar to what Alexander described. It was organized in several years by different volunteers.
>>>>>>>> 
>>>>>>>> For example, this is the 2013 event page:
>>>>>>>> https://www.owasp.org/index.php/EUTour2013 and this was the event hosted in Bucharest as part of this tour: https://www.owasp.org/index.php/EUTour2013#tab=Bucharest
>>>>>>>> Here are the 2010 coordinated events:https://www.owasp.org/index.php/OWASP_EU_Tour_2010
>>>>>>>> Unfortunately this kind of events (under EU Tour) were not repeated every year.
>>>>>>>> 
>>>>>>>> The idea was to have coordinated events across Europe (under the OWASP EU Tour name) - I can give you more details. In a nutshell:
>>>>>>>> 
>>>>>>>> The chapter leaders were responsible for the events in their own chapters. Along with this, the coordinators of the tour worked to get everyone involved (chapter leaders and OWASP staff) and to also raise some funds. Every chapter event could have 2 foreign OWASP speakers as guests with the travel costs covered by OWASP, within 500 euros per person. 
>>>>>>>> 
>>>>>>>> I think we can do that as OWASP EU Tour 2015. It was done before and we can make it a tradition.
>>>>>>>> 
>>>>>>>> In case we want just an Eastern European event we can make one in a different location every year... something similar to BeNeLux events - organized by the OWASP Belgium, Netherlands and Luxembourg (For example one week conference that will be organized one year in Poland, another year in Romania... etc.) or join local events under the same name.
>>>>>>>> 
>>>>>>>> We can discuss more over email or even schedule a call.
>>>>>>>> What are your thoughts?
>>>>>>>> 
>>>>>>>> Cheers,
>>>>>>>> Oana
>>>>>>>> 
>>>>>>>>> On Mon, Dec 8, 2014 at 11:25 AM, Alexander Antukh <alexander.antukh at owasp.org> wrote:
>>>>>>>>> Hey all,
>>>>>>>>> as promised, here is "pool of ideas" for the event:
>>>>>>>>> 
>>>>>>>>> 1) I think, it will be cool to have something like LatamTour (https://www.owasp.org/index.php/LatamTour2015) - we could select several countries (4-5) and make it, say, 10 days long with a lot of interesting presentations, one-two days per each country.
>>>>>>>>> 2) There could be, say, 4-5 speakers which will be permanent, who will travel from country to country, and several of local ones, which will have a talk only in their home country. Numbers of speakers may vary.
>>>>>>>>> 3) Each chapter leader is responsible for successful event in his own chapter. Online translations, local sponsors, halls for presentations etc. will depend on activity of the leader. Nevertheless, I think it's better to have a "board" which will manage the event globally.
>>>>>>>>> 4) We could call for Qualys (if they are really that cool and willing to help) to be a general sponsor (maybe they could pay for tickets, hotels, marketing etc)
>>>>>>>>> 5) If we have a clear roadmap, maybe we could arrange everything to be done before summer 2015.
>>>>>>>>> 
>>>>>>>>> What do you think of it?
>>>>>>>>> Cheers,
>>>>>>>>> AA
>>>>>>>>> 
>>>>>>>>>> On Mon, Dec 8, 2014 at 1:44 AM, Timur 'x' Khrotko (owasp) <timur at owasp.org> wrote:
>>>>>>>>>> (Hello, Miss Cornea, it's great to hear from you!))
>>>>>>>>>> 
>>>>>>>>>> My other suggestion would be to contact our good Andrzej Klesnicki of Qualys, if we plan to make the Event in his region.
>>>>>>>>>> If you don't mind, I contact Logmein and Prezi, whether they are interested in supporting our "project". It would be good to sponsor the event with sane/cool partners.
>>>>>>>>>> 
>>>>>>>>>>    
>>>>>>>>>> ~timur
>>>>>>>>>> owasp hu chapter // appsec propagandist
>>>>>>>>>> +36309225777, +79217697577, +12318468790 
>>>>>>>>>> < w, g, f, l, t, m />
>>>>>>>>>>>>>>>>>>>> 
>>>>>>>>>>> On Sun, Dec 7, 2014 at 11:17 PM, Oana Cornea <oana.cornea at owasp.org> wrote:
>>>>>>>>>>> Hello everyone,
>>>>>>>>>>> 
>>>>>>>>>>> I like the idea of an OWASP Eastern Europe Event :) 
>>>>>>>>>>> You can count on my full support. I also like Timur's suggestion. I'll send more comments and ideas tomorrow. 
>>>>>>>>>>> 
>>>>>>>>>>> Cheers,
>>>>>>>>>>> Oana
>>>>>>>>>>> 
>>>>>>>>>>> 
>>>>>>>>>>>> On Sun, Dec 7, 2014 at 10:52 PM, Alexander Antukh <alexander.antukh at owasp.org> wrote:
>>>>>>>>>>>> Hey all,
>>>>>>>>>>>> Frankly, we didn't discuss exact details of the event yet, still it's great we already have your support here :)
>>>>>>>>>>>> I will send a list of ideas tomorrow, hope the guys will join me too!
>>>>>>>>>>>> 
>>>>>>>>>>>> Good night,
>>>>>>>>>>>> AA
>>>>>>>>>>>> 
>>>>>>>>>>>>> 07.12.2014, в 23:47, "Timur 'x' Khrotko (owasp)" <timur at owasp.org> написал(а):
>>>>>>>>>>>>> 
>>>>>>>>>>>> 
>>>>>>>>>>>>> Oana, hello,
>>>>>>>>>>>>> 
>>>>>>>>>>>>> I just heard from Alexander that they discussed with guys from Poland and Ukraine the idea of an OWASP EEE, Eastern Europe Event. I hope you like the idea too.
>>>>>>>>>>>>> 
>>>>>>>>>>>>> All,
>>>>>>>>>>>>> 
>>>>>>>>>>>>> actually I know no details of your initiative, still like it anyway! Please let us know more about your concept.
>>>>>>>>>>>>> 
>>>>>>>>>>>>> My suggestion would be to extend the main EEE event with smaller ones under the OWASP EEE "brand" to be held by each of our chapters during a year, with guest speakers from other chapters, and using other common EEE elements.
>>>>>>>>>>>>> 
>>>>>>>>>>>>> Regards,
>>>>>>>>>>>>> 
>>>>>>>>>>>>> Timur Khrotko
>>>>>>>>>>>>>    
>>>>>>>>>>>>> ~timur
>>>>>>>>>>>>> owasp hu chapter // appsec propagandist
>>>>>>>>>>>>> +36309225777, +79217697577, +12318468790 
>>>>>>>>>>>>> < w, g, f, l, t, m />
>>>>>>>>>>>>>>>>>>>>>>>>>> 
>>>>>>>>>>>>> This message may contain confidential information - you should handle it accordingly.
>>>>>>>>>>> 
>>>>>>>>>>> 
>>>>>>>>>>> 
>>>>>>>>>>> -- 
>>>>>>>>>>> Oana Cornea, OWASP Romania
>>>>>>>>>>> Tel: +40741050210
>>>>>>>>>>> Email: oana.cornea at owasp.org
>>>>>>>>>>> OWASP Global: http://www.owasp.org
>>>>>>>>>> 
>>>>>>>>>> 
>>>>>>>>>> This message may contain confidential information - you should handle it accordingly.
>>>>>>>> 
>>>>>>>> 
>>>>>>>> 
>>>>>>>> -- 
>>>>>>>> Oana Cornea, OWASP Romania
>>>>>>>> Tel: +40741050210
>>>>>>>> Email: oana.cornea at owasp.org
>>>>>>>> OWASP Global: http://www.owasp.org
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> -- 
>>>>>> Wojciech Dworakowski
>>>>>> OWASP Poland Chapter Leader
>>>>> 
>>>>> 
>>>>> This message may contain confidential information - you should handle it accordingly.
>>>> 
>>>> 
>>>> 
>>>> -- 
>>>> Oana Cornea, OWASP Romania
>>>> Tel: +40741050210
>>>> Email: oana.cornea at owasp.org
>>>> OWASP Global: http://www.owasp.org
>>> 
>>> 
>>>    
>>> ~timur
>>> owasp hu chapter // appsec propagandist
>>> +36309225777, +79217697577, +12318468790 
>>> < w, g, f, l, t, m />
>>>>>> 
>>>> On Sun, Jan 11, 2015 at 5:22 PM, Oana Cornea <oana.cornea at owasp.org> wrote:
>>>> Hello everyone,
>>>> 
>>>> I've added Lucian Corlan, the chapter leader of OWASP Cluj-Napoca which was recently reactivated. Now in Romania there are two OWASP chapters: in Bucharest and in Cluj. 
>>>> 
>>>> Lucian, we were speaking about OWASP EEE (Eastern European Event) - if you like the idea, join us and feel free to comment.
>>>> 
>>>> I agree with the ideas presented so far: 
>>>> - a regional event for developers and application security people in Eastern Europe 
>>>> - I agree that the conference should be free and eventual workshops should be paid. (I think we should work with OWASP Global and also try to find sponsors in our region). 
>>>> - regarding speakers and content - I think it won't be an issue to find good speakers and topics. I'll also comment on the other thread.
>>>> 
>>>> Best regards,
>>>> Oana
>>>> 
>>>>> On Wed, Jan 7, 2015 at 7:42 PM, Timur 'x' Khrotko (owasp) <timur at owasp.org> wrote:
>>>>> Hello, happy new year all!)
>>>>> 
>>>>> inline:
>>>>> 
>>>>>> On Wed, Jan 7, 2015 at 4:45 PM, Wojciech Dworakowski <wojciech.dworakowski at owasp.org> wrote:
>>>>>> Hi All,
>>>>>> Sorry for being quiet for so long. End of the year is always busy in pentesting business ;)
>>>>>> 
>>>>>> I think, that before we will start discussing form, funding, locations, scope, logistics etc we should align our goals regarding this event. Local chapters goals and (maybe) also personal goals. Organizing such as event always take a lot of time and effort so without motivation it will be difficult to keep momentum.
>>>>>> 
>>>>>> So:
>>>>>> 
>>>>>> 1. Target audience:
>>>>>> Builders, breakers or defenders?
>>>>>> From my point of view we should especially reach out to developers or rather people responsible for security in dev teams.
>>>>>> Nowadays EE is "new India" in world of software development. Many of software vendors are moving their development operations to Poland, Ukraine, Romania, Hungary (I don't know if this trend is also valid for Russia?). This could be some kind of differentiator if we would like to justify to OWASP Global why we want to organize EE Event and why we need funding.
>>>>> 
>>>>> dev and those who do appsec for dev
>>>>>  
>>>>>> 
>>>>>> 2. Countries involved
>>>>>> Should we invite other chapters from region (eg. Pavol from Slovakia) or even extend to whole Europe?
>>>>>> From my point of view - we should stay in region, at least in terms of speakers - to give opportunity for local speakers and researchers (maybe also companies) to promote themselves.
>>>>>> If we will organize successful events in our region, probably it will be much easier to extend event to other EU chapters in the next round.
>>>>> 
>>>>> region (incl RU, and any country can join if can identify with the EE notion)
>>>>>  
>>>>>> 
>>>>>> 3. How we will find interesting speakers?
>>>>>> - Ourselves (or our companies/coleagues). If you have any ideas - please share in separate thread.
>>>>>> - OWASP speakers available in Europe.
>>>>>> - Project leaders from our countries?
>>>>>> - Open CFP.
>>>>>> Any other ideas?
>>>>> 
>>>>> priorities:
>>>>> - deliver quality content
>>>>> - motivate local speakers to deliver in english
>>>>> - bring one charismatic and one known speaker 
>>>>>  
>>>>>> 
>>>>>> 4. Funding
>>>>>> Do we have consensus that conference should be free and eventual workshops should be paid?
>>>>> 
>>>>> +1
>>>>>  
>>>>>> If so, we will need money to fund free conferences. Of course we could use our chapter budgets of find sponsors, but AFAIK OWASP Global has lot of spare funds and if we will justify need to fund our events they will help us.
>>>>> 
>>>>> +1
>>>>> and there was a discussion on the leaders list in November or so about this, let's read that again
>>>>>  
>>>>>> Also we should thing about cashflow. When I am doing chapter meeting, I am using my private money to pay for catering, etc and then I am asking for reimbursement from chapter budget. In case of larger event this model is rather unacceptable.
>>>>>> Qualys is good candidate for sponsor and of course I can handle contacts with Andrzej Klesnicki. I can also reach out to Allegro Group.They are supporting our chapter and AFAIK their business is present mainly in EE  (Allegro, OLX, PayU, etc).
>>>>>  
>>>>> ...
>>>>>  
>>>>>> 
>>>>>> Best regards,
>>>>>> Wojtek Dworakowski
>>>>>> OWASP Poland Chapter Leader
>>>>>> 
>>>>>> 
>>>>>>> On Mon, Dec 8, 2014 at 4:46 PM, Alexander Antukh <alexander.antukh at owasp.org> wrote:
>>>>>>> Hope other guys will let us know their opinions as well :)
>>>>>>> 
>>>>>>> Kate recently wrote me the following:
>>>>>>> 
>>>>>>> "At a global level, we have the LATAM tour in the Q1, AppSec EU Q2, AppSec USA Q3, and APAC tour Q4.
>>>>>>> 
>>>>>>> There are a couple of other events in the region through out the year.  You might want to check when they are so that your event can compliment and not compete with anything else going on."
>>>>>>> 
>>>>>>> So maybe it is better to make it regional (EEE)  as planned, and not all-EU, since we might interfere with others.
>>>>>>> Nevertheless she's totally supporting us, so if we come to the consensus we could proceed with official start to get (organizational) support from OWASP.
>>>>>>> 
>>>>>>> I don't mind either of chatting here or to have a Skype call.
>>>>>>> Cheers,
>>>>>>> AA
>>>>>>> 
>>>>>>>> On Mon, Dec 8, 2014 at 4:56 PM, Oana Cornea <oana.cornea at owasp.org> wrote:
>>>>>>>> Hello all,
>>>>>>>> 
>>>>>>>> There was something similar organized in Europe before: OWASP Europe Tour. It's similar to what Alexander described. It was organized in several years by different volunteers.
>>>>>>>> 
>>>>>>>> For example, this is the 2013 event page:
>>>>>>>> https://www.owasp.org/index.php/EUTour2013 and this was the event hosted in Bucharest as part of this tour: https://www.owasp.org/index.php/EUTour2013#tab=Bucharest
>>>>>>>> Here are the 2010 coordinated events:https://www.owasp.org/index.php/OWASP_EU_Tour_2010
>>>>>>>> Unfortunately this kind of events (under EU Tour) were not repeated every year.
>>>>>>>> 
>>>>>>>> The idea was to have coordinated events across Europe (under the OWASP EU Tour name) - I can give you more details. In a nutshell:
>>>>>>>> 
>>>>>>>> The chapter leaders were responsible for the events in their own chapters. Along with this, the coordinators of the tour worked to get everyone involved (chapter leaders and OWASP staff) and to also raise some funds. Every chapter event could have 2 foreign OWASP speakers as guests with the travel costs covered by OWASP, within 500 euros per person. 
>>>>>>>> 
>>>>>>>> I think we can do that as OWASP EU Tour 2015. It was done before and we can make it a tradition.
>>>>>>>> 
>>>>>>>> In case we want just an Eastern European event we can make one in a different location every year... something similar to BeNeLux events - organized by the OWASP Belgium, Netherlands and Luxembourg (For example one week conference that will be organized one year in Poland, another year in Romania... etc.) or join local events under the same name.
>>>>>>>> 
>>>>>>>> We can discuss more over email or even schedule a call.
>>>>>>>> What are your thoughts?
>>>>>>>> 
>>>>>>>> Cheers,
>>>>>>>> Oana
>>>>>>>> 
>>>>>>>>> On Mon, Dec 8, 2014 at 11:25 AM, Alexander Antukh <alexander.antukh at owasp.org> wrote:
>>>>>>>>> Hey all,
>>>>>>>>> as promised, here is "pool of ideas" for the event:
>>>>>>>>> 
>>>>>>>>> 1) I think, it will be cool to have something like LatamTour (https://www.owasp.org/index.php/LatamTour2015) - we could select several countries (4-5) and make it, say, 10 days long with a lot of interesting presentations, one-two days per each country.
>>>>>>>>> 2) There could be, say, 4-5 speakers which will be permanent, who will travel from country to country, and several of local ones, which will have a talk only in their home country. Numbers of speakers may vary.
>>>>>>>>> 3) Each chapter leader is responsible for successful event in his own chapter. Online translations, local sponsors, halls for presentations etc. will depend on activity of the leader. Nevertheless, I think it's better to have a "board" which will manage the event globally.
>>>>>>>>> 4) We could call for Qualys (if they are really that cool and willing to help) to be a general sponsor (maybe they could pay for tickets, hotels, marketing etc)
>>>>>>>>> 5) If we have a clear roadmap, maybe we could arrange everything to be done before summer 2015.
>>>>>>>>> 
>>>>>>>>> What do you think of it?
>>>>>>>>> Cheers,
>>>>>>>>> AA
>>>>>>>>> 
>>>>>>>>>> On Mon, Dec 8, 2014 at 1:44 AM, Timur 'x' Khrotko (owasp) <timur at owasp.org> wrote:
>>>>>>>>>> (Hello, Miss Cornea, it's great to hear from you!))
>>>>>>>>>> 
>>>>>>>>>> My other suggestion would be to contact our good Andrzej Klesnicki of Qualys, if we plan to make the Event in his region.
>>>>>>>>>> If you don't mind, I contact Logmein and Prezi, whether they are interested in supporting our "project". It would be good to sponsor the event with sane/cool partners.
>>>>>>>>>> 
>>>>>>>>>>    
>>>>>>>>>> ~timur
>>>>>>>>>> owasp hu chapter // appsec propagandist
>>>>>>>>>> +36309225777, +79217697577, +12318468790 
>>>>>>>>>> < w, g, f, l, t, m />
>>>>>>>>>>>>>>>>>>>> 
>>>>>>>>>>> On Sun, Dec 7, 2014 at 11:17 PM, Oana Cornea <oana.cornea at owasp.org> wrote:
>>>>>>>>>>> Hello everyone,
>>>>>>>>>>> 
>>>>>>>>>>> I like the idea of an OWASP Eastern Europe Event :) 
>>>>>>>>>>> You can count on my full support. I also like Timur's suggestion. I'll send more comments and ideas tomorrow. 
>>>>>>>>>>> 
>>>>>>>>>>> Cheers,
>>>>>>>>>>> Oana
>>>>>>>>>>> 
>>>>>>>>>>> 
>>>>>>>>>>>> On Sun, Dec 7, 2014 at 10:52 PM, Alexander Antukh <alexander.antukh at owasp.org> wrote:
>>>>>>>>>>>> Hey all,
>>>>>>>>>>>> Frankly, we didn't discuss exact details of the event yet, still it's great we already have your support here :)
>>>>>>>>>>>> I will send a list of ideas tomorrow, hope the guys will join me too!
>>>>>>>>>>>> 
>>>>>>>>>>>> Good night,
>>>>>>>>>>>> AA
>>>>>>>>>>>> 
>>>>>>>>>>>>> 07.12.2014, в 23:47, "Timur 'x' Khrotko (owasp)" <timur at owasp.org> написал(а):
>>>>>>>>>>>>> 
>>>>>>>>>>>> 
>>>>>>>>>>>>> Oana, hello,
>>>>>>>>>>>>> 
>>>>>>>>>>>>> I just heard from Alexander that they discussed with guys from Poland and Ukraine the idea of an OWASP EEE, Eastern Europe Event. I hope you like the idea too.
>>>>>>>>>>>>> 
>>>>>>>>>>>>> All,
>>>>>>>>>>>>> 
>>>>>>>>>>>>> actually I know no details of your initiative, still like it anyway! Please let us know more about your concept.
>>>>>>>>>>>>> 
>>>>>>>>>>>>> My suggestion would be to extend the main EEE event with smaller ones under the OWASP EEE "brand" to be held by each of our chapters during a year, with guest speakers from other chapters, and using other common EEE elements.
>>>>>>>>>>>>> 
>>>>>>>>>>>>> Regards,
>>>>>>>>>>>>> 
>>>>>>>>>>>>> Timur Khrotko
>>>>>>>>>>>>>    
>>>>>>>>>>>>> ~timur
>>>>>>>>>>>>> owasp hu chapter // appsec propagandist
>>>>>>>>>>>>> +36309225777, +79217697577, +12318468790 
>>>>>>>>>>>>> < w, g, f, l, t, m />
>>>>>>>>>>>>>>>>>>>>>>>>>> 
>>>>>>>>>>>>> This message may contain confidential information - you should handle it accordingly.
>>>>>>>>>>> 
>>>>>>>>>>> 
>>>>>>>>>>> 
>>>>>>>>>>> -- 
>>>>>>>>>>> Oana Cornea, OWASP Romania
>>>>>>>>>>> Tel: +40741050210
>>>>>>>>>>> Email: oana.cornea at owasp.org
>>>>>>>>>>> OWASP Global: http://www.owasp.org
>>>>>>>>>> 
>>>>>>>>>> 
>>>>>>>>>> This message may contain confidential information - you should handle it accordingly.
>>>>>>>> 
>>>>>>>> 
>>>>>>>> 
>>>>>>>> -- 
>>>>>>>> Oana Cornea, OWASP Romania
>>>>>>>> Tel: +40741050210
>>>>>>>> Email: oana.cornea at owasp.org
>>>>>>>> OWASP Global: http://www.owasp.org
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> -- 
>>>>>> Wojciech Dworakowski
>>>>>> OWASP Poland Chapter Leader
>>>>> 
>>>>> 
>>>>> This message may contain confidential information - you should handle it accordingly.
>>>> 
>>>> 
>>>> 
>>>> -- 
>>>> Oana Cornea, OWASP Romania
>>>> Tel: +40741050210
>>>> Email: oana.cornea at owasp.org
>>>> OWASP Global: http://www.owasp.org
>> 
>> This message may contain confidential information - you should handle it accordingly.
> 
> 
> 
> -- 
> Wojciech Dworakowski
> OWASP Poland Chapter Leader


This message may contain confidential information - you should handle it accordingly.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-cluj/attachments/20150316/6bfe050c/attachment-0001.html>


More information about the Owasp-Cluj mailing list