[OWASP-Columbia] October 2018 Connector

Frank Catucci frank.catucci at owasp.org
Thu Nov 9 16:05:56 UTC 2017


<http://cts.vresp.com/fbl?1f9c1df811/d1c8dfd3bd/http%3A%2F%2Fhosted-p0.vresp.com%2F1479611%2F1f9c1df811%2FARCHIVE%23like>
<http://cts.vresp.com/ts?1f9c1df811/d1c8dfd3bd/http%3A%2F%2Fapi.addthis.com%2Foexchange%2F0.8%2Fforward%2Ftwitter%2Foffer%3Ftemplate%3D%257B%257Btitle%257D%257D%2B%257B%257Burl%257D%257D%26url%3Dhttp%253A%252F%252Fhosted-p0.vresp.com%252F1479611%252F1f9c1df811%252FARCHIVE%26shortener%3Dbitly%26title%3DOctober%2B2018%2BConnector>
<http://cts.vresp.com/ls?1f9c1df811/d1c8dfd3bd/http%3A%2F%2Fapi.addthis.com%2Foexchange%2F0.8%2Fforward%2Flinkedin%2Foffer%3Ftemplate%3D%257B%257Btitle%257D%257D%2B%257B%257Burl%257D%257D%26url%3Dhttp%253A%252F%252Fhosted-p0.vresp.com%252F1479611%252F1f9c1df811%252FARCHIVE%26shortener%3Dbitly%26title%3DOctober%2B2018%2BConnector>
[image: OWASP Connector]
<http://cts.vresp.com/c/?TheOWASPFoundation/1f9c1df811/d1c8dfd3bd/d18d6244be>

*FOLLOW US*

<http://cts.vresp.com/c/?TheOWASPFoundation/1f9c1df811/d1c8dfd3bd/012e61c2cc>
<http://cts.vresp.com/c/?TheOWASPFoundation/1f9c1df811/d1c8dfd3bd/4694fa2851>
<http://cts.vresp.com/c/?TheOWASPFoundation/1f9c1df811/d1c8dfd3bd/2f582ed3eb>
<http://cts.vresp.com/c/?TheOWASPFoundation/1f9c1df811/d1c8dfd3bd/06bcdf1ce1>
<http://cts.vresp.com/c/?TheOWASPFoundation/1f9c1df811/d1c8dfd3bd/cf5ee1af62>
<http://cts.vresp.com/c/?TheOWASPFoundation/1f9c1df811/d1c8dfd3bd/467d723a05>


  COMMUNICATIONS <#m_-2167559286765813397_COMMUNICATIONS> |  PROJECTS
<#m_-2167559286765813397_PROJECTS> |  EVENTS
<#m_-2167559286765813397_EVENTS> |  CHAPTERS
<#m_-2167559286765813397_CHAPTERS> |  MEMBERSHIP
<#m_-2167559286765813397_MEMBERSHIP>
*Wed November 8, 2017*
<http://cts.vresp.com/c/?TheOWASPFoundation/1f9c1df811/d1c8dfd3bd/54cf2d46e3>
<http://cts.vresp.com/c/?TheOWASPFoundation/1f9c1df811/d1c8dfd3bd/f426f0d568>
OWASP *CONNECTOR*
[image: Communications]
Operations Update

The September Operations Update
<http://cts.vresp.com/c/?TheOWASPFoundation/1f9c1df811/d1c8dfd3bd/91b404d49c>
includes vital information about OWASP's infrastructure initiatives,
project activity, and Chapters. Read it for an overview of what is
happening in OWASP.
------------------------------
OWASP Board of Directors Election is Reopened

Dear OWASP Community,

The OWASP Global Board has become aware of an issue that affects the
integrity of our ongoing Board of Directors election.

It is with respect for the integrity of our election process, due
sensitivity to the impact it will cause and fairness to all our candidates
and voting members, that we have decided to halt the current election and
restart it with a clean slate once the issue has been corrected. We do not
take this action lightly, but as a unified Board feel we have a duty to do
so. We are committed to free, fair, transparent and open elections.

There are two irregularities that need to be addressed to ensure that we
have fair results:

   - A candidate was left off of the ballot.
   - Some community members whose membership expired between June - October
   had one of two issues:
      - Their memberships did not auto-renew.
      - They did not receive proper reminders that their membership was
      expiring and that they need to renew.

To address this we have opened a NEW 2017 OWASP Board of Directors
election. In order to ensure fair results, the previous vote tallies have
been zeroed out for this totally NEW ELECTION. Whether or not you already
voted, please take a few moments to cast your vote and help decide the
future direction of OWASP! If you are a member in good standing with voting
privileges, you should receive an invitation to vote in the election by the
end of the day today, 10/19/2017. If you do not receive an email, but
believe you should have, or have any other issues related to the election,
please email election2017 at owasp.org.

The process behind the scenes for the past two days has been scrambling to
ensure that the election is set up properly and doing a second review of
the setup before re-opening.

Even as the election opens, OWASP Staff are working tirelessly to make sure
that anyone who should be able to vote can. Unfortunately, this continues
to be a highly manual process. The anticipated process and timeline is
outlined below.

   - 10/19 - open election
   - 10/26-10/31 send renewal emails
   - 11/7 - close renewals related to voting
   - 11/8 - add those who renewed to Simply Voting
   - 11/16 - close voting
   - 11/17 - notify candidates
   - 11/20 - share the results with the community

It is critically important that the community participate in this important
election in which we will be choosing four new board members.

I apologize again for the inconvenience caused through this process. Thank
you for your support and patience as we worked through these issues. As
always, feel free to contact me or other leaders directly in addition to
the address above if you have further questions or concerns.

Thank you,

Matt Konda

OWASP Board Chair


------------------------------
Let OWASP Know How You Think We Should Construct our Budget

Every year the community gets the opportunity to tell the Board of
Directors where they believe we should invest by giving input into the
OWASP Annual Budget. This is the time that you can ask for funds beyond the
grant amount 2k per year for resources to accomplish a particular goal for
your chapter or project. You can also ask the board to implement funded
initiatives, additional events, or anything that you believe will make
OWASP more successful in 2018.

This year requests will go through the OWASP Service Desk
<http://cts.vresp.com/c/?TheOWASPFoundation/1f9c1df811/d1c8dfd3bd/81b13db388>
hosted on Jira. You can read more about the process including Deadlines and
how to submit on the OWASP Wiki
<http://cts.vresp.com/c/?TheOWASPFoundation/1f9c1df811/d1c8dfd3bd/2ab46c9512>
OWASP Leader Workshop

The semi annual Leader Workshop covered a lot of ground this year. The
first half was devoted to our ongoing plans upgrade the infrastructure at
OWASP. Since the meeting we have learned of a significant problem with our
Association Management System (AMS) Migration. Correcting this issue is our
largest concern at the moment. The second focus we have is our transition
from mailing lists to Discourse
<http://cts.vresp.com/c/?TheOWASPFoundation/1f9c1df811/d1c8dfd3bd/b9dda58191>.
Once on Discourse you will be able to interact with the platform solely
through your email if you wish.

Your input is invaluable and we thank you for your time.

The second half of the meeting was devoted to hearing what our Leaders need
from the organization. We asked you to fill out charts listing what support
is needed, what concerns need to be halted, and what has been working well
for you. Overall we learned that our community is worried about vendor
influence in our organization, but that the community was pleased with the
OWASP Project Summit, Project outputs, and the continued efforts of the
staff. Importantly we heard that Leaders see a deep need for funding
projects, for increased infrastructure, and for better resources such as
updated templates in more formats, swifter project start times, and shared
resources such as access to staff recommended technical writers and
graphics.

You can watch the meeting here, and discuss your thoughts either on the
OWASP blog page or on the YouTube comments section.

<http://cts.vresp.com/c/?TheOWASPFoundation/1f9c1df811/d1c8dfd3bd/9309fa65e1>

[image: Events]
AppSec USA Developer Summit
<http://cts.vresp.com/c/?TheOWASPFoundation/1f9c1df811/d1c8dfd3bd/3b1f05d2d1>

An invitation to the local community and attendees of Global AppSecs to
join us for FREE security training in the days before the AppSec Global
Conference, the AppSec USA 2017 Developer Summit
<http://cts.vresp.com/c/?TheOWASPFoundation/1f9c1df811/d1c8dfd3bd/a14e3c5f64>
was
a huge success, drawing unprecedented crowds! 180 participants learned
about threat modeling, API vulnerabilities, and hacking iOS from 4 trainers
in 3 sessions held over the course of 2 days.

While our training is performed by volunteers and primarily aimed at
developers and new AppSec professionals, everyone is welcome and even
seasoned pros might learn something new.

Look to attend or teach at our next Developer Summit in Tel Aviv, details
coming soon!
<http://cts.vresp.com/c/?TheOWASPFoundation/1f9c1df811/d1c8dfd3bd/d0e7e5394f>
<http://cts.vresp.com/c/?TheOWASPFoundation/1f9c1df811/d1c8dfd3bd/f8674852aa>
2018 AppSec Europe CfP and CfT are now OPEN

We are glad to announce that the 2018 AppSec Europe
<http://cts.vresp.com/c/?TheOWASPFoundation/1f9c1df811/d1c8dfd3bd/7cf0fe905d>
Call
for Papers
<http://cts.vresp.com/c/?TheOWASPFoundation/1f9c1df811/d1c8dfd3bd/4995cb2901>
and
Call for Training
<http://cts.vresp.com/c/?TheOWASPFoundation/1f9c1df811/d1c8dfd3bd/d5d4b18477>
are now open.

The OWASP AppSec conference is Europe's premier venue for web applications
leaders, software engineers, researchers and visionaries from all over the
world. AppSec Europe gathers the application security community for a 5-day
event to share and discuss novel ideas, initiatives and advancements in
AppSec.  The 2018 conference will take place in Tel-Aviv from June 17th to
21st 2018, with papers/talks presented on 20th and 21st June and training
from the 17th and 18th.

The special theme of OWASP AppSec EU this year is: *Usable Security*. How
is security affected by the human aspects of users, developers and
administrators? How do we design, deploy and manage a security system so
that it will be used consistently and properly? What lessons can we learn
from past success (or not-exactly-success...) stories in which the human
factor played a major role?

Topics of interest include, but are not limited to the following:

   - Novel web vulnerabilities and countermeasures
   - New technologies, paradigms, tools
   - OWASP tools or projects in practice
   - Secure development: frameworks, best practices, secure coding,
   methods, processes, SDLC
   - Browser security
   - Mobile security and security for the mobile web
   - Cloud security
   - REST/SOAP security
   - Security of frameworks
   - Large-scale security assessments of web applications and services
   - Privacy risks in the web and the cloud
   - Management topics in Application Security: Business Risks, Awareness
   Programs, Project Management, Managing SDLC

To ensure the best talks available
<http://cts.vresp.com/c/?TheOWASPFoundation/1f9c1df811/d1c8dfd3bd/2803c2410a>
are presented at AppSec Europe blind reading is being incorporated as part
of their process. This means that names and job titles will be removed when
the paper abstract is being reviewed. All speakers will be given access to
speaker mentorship.

The submission deadline is January 5, 2018. Please submit your proposal
through EasyChair
<http://cts.vresp.com/c/?TheOWASPFoundation/1f9c1df811/d1c8dfd3bd/de16fa3643/conf=appseceu2018>
and
encourage your favorite trainers and speakers to apply as well.
------------------------------
Upcoming Events

   - AppSec Europe 2018
   <http://cts.vresp.com/c/?TheOWASPFoundation/1f9c1df811/d1c8dfd3bd/6a5c4902f7>
— June
   17–21, 2018; Tel Aviv, Israel
   - AppSec USA  — Fall 2018; San Jose, CA, USA

Regional and Local Events

   - German OWASP Day 2017
   <http://cts.vresp.com/c/?TheOWASPFoundation/1f9c1df811/d1c8dfd3bd/dd24f8ec13>
— November
   13–14, 2017; Essen, Germany
   - OWASP Benelux Day 2017
   <http://cts.vresp.com/c/?TheOWASPFoundation/1f9c1df811/d1c8dfd3bd/236ba1c88f>
— November
   23–24, 2017; Tilburg, the Netherlands
   - AppSec California 2018
   <http://cts.vresp.com/c/?TheOWASPFoundation/1f9c1df811/d1c8dfd3bd/e41a1b7848>
   — January 28–31, 2018; Santa Monica, CA, USA
   - OWASP New Zealand Day 2018
   <http://cts.vresp.com/c/?TheOWASPFoundation/1f9c1df811/d1c8dfd3bd/96cd12a5a2>
— Feburary
   4–8, 2018; Aukland University, New Zealand
   - SnowFROC2018
   <http://cts.vresp.com/c/?TheOWASPFoundation/1f9c1df811/d1c8dfd3bd/aa21b44419>
— March
   8, 2018; Denver, Co, USA
   - OWASP AppSec Africa 2018 — May 10–12, 2018; Morocco
   - SuperSec
   <http://cts.vresp.com/c/?TheOWASPFoundation/1f9c1df811/d1c8dfd3bd/ea71798cb4>
— May
   11, 2018; Spain
   - LASCON2018
   <http://cts.vresp.com/c/?TheOWASPFoundation/1f9c1df811/d1c8dfd3bd/51d114721d>
— September
   23–26, 2018; Austin, TX, USA

Training Events

   - Seminario Universitario de Ciberseguridad  — November 10, 2017; Cali,
   Colombia

Partner and Promotional Events

   - IoT Tech Expo North America
   <http://cts.vresp.com/c/?TheOWASPFoundation/1f9c1df811/d1c8dfd3bd/5b0dff1b8b>
— November
   29-30, 2017; Santa Clara
   - Black Hat Europe 2017
   <http://cts.vresp.com/c/?TheOWASPFoundation/1f9c1df811/d1c8dfd3bd/3d39c25692>—
December
   4-7, 2017; London, UK
   - ICCS 2018
   <http://cts.vresp.com/c/?TheOWASPFoundation/1f9c1df811/d1c8dfd3bd/17f1a510b1>
— January
   8-11, 2018; New York, NY, USA
   - DevSecCon Singapore
   <http://cts.vresp.com/c/?TheOWASPFoundation/1f9c1df811/d1c8dfd3bd/89a8c4e0c6>
— February
   22-23, 2018; New York, NY, USA


<http://cts.vresp.com/c/?TheOWASPFoundation/1f9c1df811/d1c8dfd3bd/6799b01ec8/utm_campaign=OWASP-August-2017&utm_source=owasp-connector-september-2017&utm_medium=owasp-security-assessment.>

*[image: Chapters]*
*Chapter Health Checks
           *

It is time again for us to conduct our annual Chapter health check.  It
will go forward from 11/9 and take several weeks.  Normally the health
check entails Tiffany, the community manager, checking the wiki page of
every Chapter to make sure that they have made the minimum number of
meetings (each chapter must host a minimum of 4 meetings to be considered
active and all meetings must be posted on the wiki to be considered open)
and following up with chapters who did not manage to make the minimum
number of meetings or seem at risk.  During this time she offeres support
about building chapter attendance, running a chapter, and raising activity
as needed.

However, this time will take a little longer as we will be reaching out to
each Chapter in alphabetical order to ensure that the Chapter's information
has made the AMS transition intact.  To streamline the process, please make
sure that your wiki page is up to date with all of the meetings you hosted
this year. This is a great opportunity to reach out with questions about
activities, budgets, or other matters.
------------------------------
*Welcome New Chapters!
         *

We would like to welcome these new chapters:

Madurai
<http://cts.vresp.com/c/?TheOWASPFoundation/1f9c1df811/d1c8dfd3bd/6837d88960>
              Sioux Falls
<http://cts.vresp.com/c/?TheOWASPFoundation/1f9c1df811/d1c8dfd3bd/323c611837>
              Ahmedabad
<http://cts.vresp.com/c/?TheOWASPFoundation/1f9c1df811/d1c8dfd3bd/94c7e5b028>
------------------------------




*The OWASP Foundation, 1200C Agora Drive #232, Bel Air, Maryland, 21014,
USA
<https://maps.google.com/?q=1200C+Agora+Drive+%23232,+Bel+Air,+Maryland,+21014,+USA&entry=gmail&source=g>*


------------------------------
Click to view this email in a browser
<http://hosted.verticalresponse.com/1479611/1f9c1df811/543936139/d1c8dfd3bd/>

If you no longer wish to receive these emails, please reply to this message
with "Unsubscribe" in the subject line or simply click on the following
link: Unsubscribe <http://cts.vresp.com/u?1f9c1df811/d1c8dfd3bd/mlpftw>
------------------------------
The OWASP Foundation
1200-C Agora Drive
<https://maps.google.com/?q=1200-C+Agora+Drive+%0D+%23232+%0D+Bel+Air,+Maryland+21014+%0D+US&entry=gmail&source=g>
#232
Bel Air, Maryland 21014
US
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-columbia/attachments/20171109/491d1e6a/attachment-0001.html>


More information about the OWASP-Columbia mailing list