[OCC] [Owasp-leaders] San Diego OWASP Hacking Dojo was a big success!

Justin Clarke justin.clarke at owasp.org
Mon Feb 1 05:55:23 EST 2010


I think that local chapters (and projects) should definitely be drafting their own press releases, and should be free to send them out if they want to with a few provisos:

they should let the OCC (i.e. Lorna) know about the press release, so we can include it with our press page (so we have as complete a picture of what OWASP is up to publicly as possible)
they include the standard OWASP blurb that was developed a while ago (Jim - you started this didn't you?) OR they have one that clearly shows this is a local chapter initiative (i.e. they don't roll their own description of OWASP's core mission statement)

So, in essence I agree :-)  Templates with the standard blurb on them should be as easy to find as possible.

As an aside, I don't think that local chapters will have quite the reach as the OCC with regards to press coverage, so one of the guidelines should be what types of things we should send out through the OCC - i.e. major project releases, regional/chapter conferences etc should probably go out centrally to reach the largest audience we can. 

As another aside, I'm going to have a talk to my business partners about donating our press list of OWASP/revising the OWASP list based on ours. Due to the fact this has reporter email addresses and phone numbers in most cases we might want to have a think about how we'd handle that info - I don't think it should be public.

Cheers

Justin

On 29 Jan 2010, at 17:57, dinis cruz wrote:

> I like the idea the the local chapters can issue their local press release (and then if relevant the OCC would pick it up and distribute it globally)
> 
> Can we give them a couple templates with sample PRs? (I would say the only major item in there would be a couple standard words on OWASP and the explicit reference that it is a PR from a local chapter (or project))
> 
> It is much better to put no restrictions on our community, because we want them to fell empowered to be proactive about their chapter/project
> 
> Dinis Cruz
> 
> 
> On 29 January 2010 13:47, Justin Clarke <justin.clarke at owasp.org> wrote:
> Currently I don't believe there is any guidance against chapters sending out press releases, but I'd suggest that there should be - especially in this case where it could be construed to represent OWASP as a whole, and doesn't appear to have the current OWASP boilerplate (the blurb) on it.
> 
> In reality, what has been discussed is to centralise this so press releases can be put out for all significant releases/projects etc, and all of these can be collected together in one place (on the OWASP site) so people (especially press) can see what OWASP is up to from a press release point of view.  None of this is currently in place, but Lorna has got this against her name. Having said that, the committee is less than a month old, so its going to be a while before we're going to be where we want to be on the PR side.
> 
> Care to volunteer to help drive this Mike?  The Connections Committee is still looking for members!
> 
> Cheers
> 
> Justin
> 
> On 29 Jan 2010, at 13:17, Boberski, Michael [USA] wrote:
> 
> > Thanks Kate.
> >
> > Team, please advise.
> >
> > Best,
> >
> > Mike B.
> >
> > -----Original Message-----
> > From: Kate Hartmann [mailto:kate.hartmann at owasp.org]
> > Sent: Friday, January 29, 2010 7:48 AM
> > To: 'Dave Wichers'; Boberski, Michael [USA]
> > Cc: 'Dinis Cruz'; 'Lorna Alamri'; 'Robert Hansen'; 'Justin Clarke'
> > Subject: RE: [Owasp-leaders] San Diego OWASP Hacking Dojo was a big success!
> >
> > The connections committee is our PR engine.
> >
> > Kate Hartmann
> > OWASP Operations Director
> > 9175 Guilford Road
> > Suite 300
> > Columbia, MD  21046
> >
> > 301-275-9403
> > kate.hartmann at owasp.org
> > Skype:  kate.hartmann1
> >
> >
> > -----Original Message-----
> > From: Dave Wichers [mailto:dave.wichers at aspectsecurity.com]
> > Sent: Thursday, January 28, 2010 10:00 PM
> > To: Boberski, Michael [USA]; Kate Hartmann
> > Subject: RE: [Owasp-leaders] San Diego OWASP Hacking Dojo was a big success!
> >
> > I don't know, but this sounds like a question for one of the committees.
> > Kate, which committee?
> >
> > Or do you know the answer?
> >
> > Thanks, Dave
> >
> > -----Original Message-----
> > From: Boberski, Michael [USA] [mailto:boberski_michael at bah.com]
> > Sent: Thursday, January 28, 2010 4:03 PM
> > To: Dave Wichers
> > Subject: FW: [Owasp-leaders] San Diego OWASP Hacking Dojo was a big
> > success!
> >
> > Dave, what are the rules when it comes to press releases using e.g.
> > http://www.prlog.org/ as was done below? I didn't know such free
> > services existed. I know the value of press releases is limited in
> > general, but I would have been blasting these out anyway for different
> > projects if so, about e.g. the Japanese ASVS translation, etc. The San
> > Diego guy has been sending out a number of them using this service,
> > doing a quick search. The about OWASP blurb at the bottom of his release
> > linked below looks new/made up, does one just need to include something
> > like that, then can write releases as one sees fit?
> >
> > Mike B.
> >
> > -----Original Message-----
> > From: owasp-leaders-bounces at lists.owasp.org
> > [mailto:owasp-leaders-bounces at lists.owasp.org] On Behalf Of Jeromie
> > Jackson
> > Sent: Thursday, January 28, 2010 3:43 PM
> > To: owasp-leaders at lists.owasp.org
> > Subject: [Owasp-leaders] San Diego OWASP Hacking Dojo was a big success!
> >
> > We had a hacking dojo where I brought in an AP, an Imperva WAF, and 2
> > instances of WebGoat.  1 WebGoat was behind the WAF, which was in
> > blocking mode, and the other was hanging right off the AP.  A little
> > sushi and sake along with some dojo style training- they loved it!  I
> > highly recommend doing similar type events in your area if you're
> > looking to build attendance.
> >
> > We already had someone become a member of OWASP this morning in response
> > to his attendance.  We used LinkedIn, free press release sites, and
> > blogs to get the word out..
> >
> >
> > Linked-In Event:
> > http://events.linkedin.com/Sushi-Sake-Hacking-Dojo-OWASP-San-Diego/pub/2
> > 10524
> >
> >
> > Also, a link to the invite is @
> > http://jeromiejackson.com/index.php/the-news/76-Sush-and-Sake-Hacker-Doj
> > o-OWASP-San-Diego
> >
> > Press Release:
> > http://www.prlog.org/10496793-sushi-sake-owasp-san-diego-to-host-free-we
> > b-hacker-dojo.html
> >
> > Another Blog that received high visibility on Google:
> > http://itknowledgeexchange.techtarget.com/security-assessment/hacking-do
> > jo-sushi-and-sake-web-application-penetration-event
> >
> >
> > Jeromie Jackson- CISSP, CISM
> > COBIT & ITIL Certified
> > President- San Diego OWASP
> > Vice President- San Diego ISACA
> > SANS Mentor
> > TIG- Senior Security Architect
> > LinkedIn: www.linkedin.com/in/securityassessment
> > BLOG: www.jeromiejackson.com
> > Twitter: www.twitter.com/Security_Sifu
> > 858.205.3645
> >
> >
> > _______________________________________________
> > OWASP-Leaders mailing list
> > OWASP-Leaders at lists.owasp.org
> > https://lists.owasp.org/mailman/listinfo/owasp-leaders
> >
> 
> _______________________________________________
> Owasp-connections-committee mailing list
> Owasp-connections-committee at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-connections-committee
> 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-connections-committee/attachments/20100201/7fc1f23a/attachment.html 


More information about the Owasp-connections-committee mailing list