[OWASP-Columbia] OWASP Connector Jan17

Frank Catucci frank.catucci at owasp.org
Mon Jan 30 22:47:21 UTC 2017


> 
> 
>        	       	       
> 
> January 30, 2017 | www.owasp.org | Contact Us | Brought to you by the OWASP Foundation
> 
>   			
> OWASP Operations Update
> 
> OWASP in the News!
> 
>  			
> Project Graduation Updates
> 
> Combating the Vulnerability Chaos with OWASP DefectDojo
> 
> Google Summer of Code Program
> 
>   			
> Global AppSec Events
> 
> Local and Regional Events
> 
> Project Summits
> 
> Partner and Promotional Events
> 
>  			
> New Chapters!
> 
> Ottawa Chapter on Becoming a Community
> 
>  			
> New and Renewing Corporate Members
> 
> New Membership Proposal
> 
>  			
> OWASP Foundation Social Media
> 
> 
> OWASP Communications
> OWASP Operations Update
> 
> Operations updates are posted on the blog before each month's board meeting.  This update is from January 6, 2017
> Welcome to the first operations update for 2017. We started monthly blogs about what's happening at the OWASP Foundation back in December.
> 
> Here's our major efforts and status of those in process starting with updates from last time:
> 
> The Website Reboot aka TWR - a major effort to update and modernize OWASP's web presence. Since last month, we've
> 
> Made progress on Phase 1 - updating the wiki to 1.27.x
> Got the wiki source and all extensions in Git repos
> Started coding Ansible to automate our deploys and updates
> Production roll-out - mid-January
> Next up Phase 2 - Updating the look and feel of the OWASP Wiki
> Blocked: waiting for the 2017 Budget to get approved by the OWASP Board
> The OWASP Communications Plan - a staff-created plan to professionalize how OWASP interacts with its community and the world at large. There’s a ton of moving parts to this effort but here’s what we focusing on currently:
> 
> Migration to Discourse
> Evaluation of Discourse showed it would fit our needs
> Worked with/reverse engineered the Discourse API to ensure we can automate:
> Migration from Mailman
> Future operational tasks
> An empty production site is expected mid-January
> Beta program for the Foundation's Global Meetup account is continuing.
> Two new major, interlinked efforts
> 
> Two major efforts are starting this month - a significant upgrade to OWASP's Association Management System (AMS) and the proposed plan for updating our membership models.
> 
> Association Management System
> Planned for February 2017
> Runs atop the OWASP Foundation's Salesforce account
> Handles many operational aspects: membership, conference registrations, etc
> New AMS allows us to re-think our past membership model
> Beginning the first week of February, we'll start the migration to the new AMS
> Blocked: Board did not vote on the membership changes below during the Jan 11th Board Meeting; on hold until the February 8 board meeting.
> Updating Membership Models
> New plans created by staff based on past community, board and staff discussions
> Flexible Individual Membership plan
> Updated Corporate Membership plan
> Account for diverse membership
> Developed to optimize accessibility and growth
> Request to the OWASP Community: Please provide feedback prior to the Jan 11th Board Meeting when staff is asking for approval of the new membership plans. The links above allow for public comments.
> Projects
> 
> New projects
> 2 Documentation projects
> 5 Tool projects
> 2 New Code Projects
> Project Reviews
> Multiple projects under review - look for requests for feedback this month!
> Updates on Events for 2017
> 
> AppSec EU 2017
> CFP & CFT Final Review
> AppSec USA 2017
> CFP and CFT planned to open by the end of January - look for announcements soon!
> ​AppSec California 2017 happens January 23 - 25 in lovely Santa Monica CA
> Membership and Outreach
> 
> Member numbers for December
> 2048 Individual members
> 70 Corporate members
> Membership drive planning begins - tentative June launch
> Community
> 
> Claudia and Tiffany have started the planning for an updated OWASP Volunteer program
> Planned enhancements include searchable descriptions of opportunities, details including expected time commitment and volunteer profiles
> Women in AppSec (WIA) Committee has been formed - Congrats!
> Chapter Leader Handbook updates continue - draft version tentatively available at Feb Board Meeting
> Pending a board vote: Request for a committee to be invite only as an exception to the Committee 2.0 rules
> As always, the OWASP staff are here to help make the OWASP community even stronger. If you have any question, concern or need, let us know by using the ‘Contact Us’ form here.
> 
> Your friendly neighborhood OWASP staff:
> Kate, Kelly, Alison, Laura, Claudia, Tiffany, Dawn and Matt
> 
> 
> 
> OWASP in the NEWS!
> 
> OWASP AppSec California Brings Diversity to the Beach – ITSP Magazine, January 27, 2017
> 
> New real-time detection and extraction solution prevents JavaScript-based cyberattacks – Vanilla Plus, January 24, 2017
> 
> IT Governance’s head of consultancy to speak at Anglia Ruskin University – Ein PResswire, January 18, 2017
> 
> FTC Files to Protect Consumers’ Security in the Internet of Things – National Law Review, January 9, 2017
> 
> Cyber security career has massive potential – Belfast Telegraph, January 3, 2017
> 
> Mobile banking surges as security issues are addressed – FinExtra, January 3, 2017
> 
> 
> OWASP Projects
> Project Graduation Updates
> 
> Graduation is the process by which Projects move between Incubator, Labs, and Flagship levels. It includes a self review, followed by a review by our Senior Project Coordinator Matt Tesauro, and finally certified by our community through peer review. You can read about our recent Project Graduates or sign up to be a peer reviewer.
> 
> 
> 
> Combating the Vulnerability Chaos with OWASP DefectDojo
> 
> Greg Anderson invites you streamline your entire application security process by exploring DefectDojo with a live demo of the vulnerability aggregation tool.
> 
> 
> 
> OWASP is Once Again Participating in the Google Summer of Code Program
> 
> It is that time of year again! OWASP will participate in the Google Summer of Code (GSoC). We love that GSoC is a great vehicle to introduce students to both open source projects and application security with real, hands on projects. Long time Project Leader Konstantinos Papapanagiotou notes “GSoC is an amazing opportunity for projects to make significant progress in terms of code and attract new, enthusiastic contributors. On a personal basis I enjoy GSoC because it gives me the opportunity to interact with numerous students around the world and participate in one of the largest open source initiatives.”
> 
> To read more about this event and sign up to participate check out our blog post.
> 
> 
> OWASP Events
> Global AppSec Events
> 
> AppSec Europe 2017  8–12 May, 2017, Belfast, UK
> 
> Call for Lightning Trainings
> Call for Activities
> Call for Arsenal
> AppSec Europe is still accepting sponsorships 
> AppSec USA 2017   September 19–22, 2017, Orlando, Florida, USA
> 
> 
> 
> Local and Regional Events
> 
> AppSec Africa 2017   February 1–2, 2017, Casablanca, Morocco
> 
> SnowFROC 2017   March 16, 2017, Denver, CO, USA
> 
> Latam Tour 2017   April 3–28, 2017, South America
> 
> OWASP Middle East Cyber Security Conference 2017   May 3–4, 2017, Dubai, UAE
> 
> 
> 
> Project Summits
> 
> OWASP Project Summit 2017 June12–16, 2017, London, UK
> 
> 
> 
> Partner and Promotional Events
> 
> Cyber Resilience & InfoSec 2017  February 6-7, 2017   Abu Dhabi, U.A.E.
> 
> SC Congress London   February 23, 2017   London, UK
> 
> CyberCentral   April 4-6, 2017   Prague, Czech Republic
> 
> QuBit Conference 2017   April 4-6, 2017   Prague, Czech Republic   OWASP members save 10% by using discount code: QB17OWASP
> 
> Cyber Security North Africa Summit   April 26-27, 2017   Cairo, Egypt  
> 
> SC Congress New York   May 2, 2017   New York, NY
> 
> Techno Security & Digital Forensics Conference  June 4-7, 2017   Myrtle Beach, SC
> 
> SC Congress Toronto   June 13-14, 2017   Toranto, Canada
> 
> 
> 
> OWASP Chapters
> New Chapters!
> 
> Welcome to our new chapters in January!
> 
> Trichirappalli	New Jersey Central
> Chattanooga	Surat
> Vellore	Iowa City
> Ankara	 
> In 2016 OWASP grew in 2016—especially in Asia and the Middle East.
> 
> Jakarta	Haryana
> Mexicali	Cebu
> Malta	Tallahassee
> Varanasi	Botswana
> Richmond	Punjab
> Jodhpur	Riviera Maya
> Pondicherry	Gandhinagar
> Tripoli	Sāo José dos Campos
> Durgapur	Medellin
> Okinawa	Fukushima
> Burkina Faso	Visakhapatnam
> Alexandria	Jalandhar
> Cuttack	 
> 
> From uni-directional to vibrant and dynamic: Ottawa Chapter on becoming a community
> 
> There are two challenges that consume most chapters: getting speakers and growing their community. The Ottawa Chapter documented their approach to growing 450% in one year. The key to their success was diversity of activities and actively courting a diverse membership. You can read more about their experiments on the blog.
> 
> 
> 
> Request for Blog Content
> 
> OWASP would like to start spotlighting chapter activity on our blog. If your chapter hosted and recorded an amazing talk that just NEEDS to be shared, or perhaps you ran a great event and would like to help other chapter follow suite think about writing a blog post to be shared on the OWASP Blog. Contact our community manager, Tiffany Long for more details.
> 
> 
> OWASP Membership
> We would like to thank the following companies for supporting the OWASP Foundation. The companies listed below have contributed this month by either renewing their existing Corporate Membership or joining OWASP as a new Corporate Member. Details about Corporate Membership can be found here.
> 
>  
> Contributor Corporate Members
> 
> 
> Accenture is a leading global professional services company, providing a broad range of services and solutions in strategy, consulting, digital, technology and operations. Combining unmatched experience and specialized skills across more than 40 industries and all business functions—underpinned by the world’s largest delivery network—Accenture works at the intersection of business and technology to help clients improve their performance and create sustainable value for their stakeholders. With more than 394,000 people serving clients in more than 120 countries, Accenture drives innovation to improve the way the world works and lives. Visit us at www.accenture.com.
> 
>  
> 
> Organizations worldwide use Black Duck’s industry-leading products to automate the process of securing and managing open source software, eliminating the pain related to security vulnerabilities, compliance and operational risk. Black Duck is headquartered in Burlington, MA, and has offices in San Jose, CA, London, Frankfurt, Hong Kong, Tokyo, Seoul and Beijing. For more information, visit www.blackducksoftware.com.
> 
>  
> 
> Cybozu is a Japanese cloud computing vendor founded in 1997. Its service supports effective team collaboration hence our services are widely used from large-scaled teams like multinational enterprises to small-scaled teams like volunteer groups, clubs even families. “kintone” is one of the Cybozu’s key products released in 2011.
> 
> It is called "no-code application platform" which makes work more productive through business applications. It is recognized as one of the leading vendors in” Gartner 2016 Enterprise application Platform as a Service (aPaaS), Worldwide Magic Quadrant”.
> 
> Cybozu has been focusing on security enhancement. It has started "bug bounty project" in 2013 to find any vulnerabilities which may exist in its product in order to provide its customers with the most secure service possible.
> 
> For more information about Cybozu, please visit https://www.cybozu.com/jp/.
> 
>  
> Want your name here? Find out how by visiting our Corporate Member information page, or contact or contact our Membership & Business Liaison Kelly Santalucia today! Thank you to all of our Premier and Contributor Corporate Members for your support in 2017!
> 
> 
> 
> New Membership Proposal
> 
> Over the last several months there have been a number of ideas put forth for how to modernize our membership plan from simply adjusting the cost to developing an entirely new membership organization. Our current membership plan is in need of optimization. This proposal includes back end system integration upgrades and modern price tier structures.
> 
> Concurrently, OWASP is upgrading our Association Management System (AMS) this spring; some of the improvements in the AMS will allow us to think about membership in a host of new ways. To this end our Operations and Membership team have put together a Flexible Individual Membership plan and updated our Corporate Membership plan. These plans account for our diverse membership are developed to optimize accessibility and growth. We are asking for the Community to provide feedback and the Board to vote on them at the February 8 meeting so that they may be included in the February AMS migration.  
> 
> Feedback can be submitted via the board list or by attending the board meeting. 
> 
> 
> OWASP Social Media
> OWASP Social Media Sites
> 
> OWASP YouTube Channel
> LinkedIn
> Twitter
> Google +
> Facebook
> StackOverflow
> GitHub
> Trello
> Slack
> 
> 
> Click to view this email in a browser 
> 
> If you no longer wish to receive these emails, please reply to this message with "Unsubscribe" in the subject line or simply click on the following link: Unsubscribe
> The OWASP Foundation
> 1200-C Agora Drive
> #232
> Bel Air, Maryland 21014
> US
>              
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-columbia/attachments/20170130/97462a8d/attachment-0001.html>


More information about the OWASP-Columbia mailing list