[OCC] [Owasp-leaders] San Diego OWASP Hacking Dojo was a big success!

Jim Manico jim.manico at owasp.org
Mon Feb 1 07:21:44 EST 2010


 > they include the standard OWASP blurb that was developed a while ago 
(Jim - you started this didn't you?)

On the podcast, I just use the first 2 sentences from the standard blurb 
on the OWASP.org homepage. I'm fond of it.

/The Open Web Application Security Project (OWASP) is a 501c3 
not-for-profit worldwide charitable organization focused on improving 
the security of application software. Our mission is to make application 
security visible, so that people and organizations can make informed 
decisions about true application security risks.

-/ Jim/
/
> I think that local chapters (and projects) should definitely be 
> drafting their own press releases, and should be free to send them out 
> if they want to with a few provisos:
>
>     * they should let the OCC (i.e. Lorna) know about the press
>       release, so we can include it with our press page (so we have as
>       complete a picture of what OWASP is up to publicly as possible)
>     * they include the standard OWASP blurb that was developed a while
>       ago (Jim - you started this didn't you?) OR they have one that
>       clearly shows this is a local chapter initiative (i.e. they
>       don't roll their own description of OWASP's core mission statement)
>
>
> So, in essence I agree :-)  Templates with the standard blurb on them 
> should be as easy to find as possible.
>
> As an aside, I don't think that local chapters will have quite the 
> reach as the OCC with regards to press coverage, so one of the 
> guidelines should be what types of things we should send out through 
> the OCC - i.e. major project releases, regional/chapter conferences 
> etc should probably go out centrally to reach the largest audience we 
> can. 
>
> As another aside, I'm going to have a talk to my business partners 
> about donating our press list of OWASP/revising the OWASP list based 
> on ours. Due to the fact this has reporter email addresses and phone 
> numbers in most cases we might want to have a think about how we'd 
> handle that info - I don't think it should be public.
>
> Cheers
>
> Justin
>
> On 29 Jan 2010, at 17:57, dinis cruz wrote:
>
>> I like the idea the the local chapters can issue their local press 
>> release (and then if relevant the OCC would pick it up and distribute 
>> it globally)
>>
>> Can we give them a couple templates with sample PRs? (I would say the 
>> only major item in there would be a couple standard words on OWASP 
>> and the explicit reference that it is a PR from a local chapter (or 
>> project))
>>
>> It is much better to put no restrictions on our community, because we 
>> want them to fell empowered to be proactive about their chapter/project
>>
>> Dinis Cruz
>>
>>
>> On 29 January 2010 13:47, Justin Clarke <justin.clarke at owasp.org 
>> <mailto:justin.clarke at owasp.org>> wrote:
>>
>>     Currently I don't believe there is any guidance against chapters
>>     sending out press releases, but I'd suggest that there should be
>>     - especially in this case where it could be construed to
>>     represent OWASP as a whole, and doesn't appear to have the
>>     current OWASP boilerplate (the blurb) on it.
>>
>>     In reality, what has been discussed is to centralise this so
>>     press releases can be put out for all significant
>>     releases/projects etc, and all of these can be collected together
>>     in one place (on the OWASP site) so people (especially press) can
>>     see what OWASP is up to from a press release point of view.  None
>>     of this is currently in place, but Lorna has got this against her
>>     name. Having said that, the committee is less than a month old,
>>     so its going to be a while before we're going to be where we want
>>     to be on the PR side.
>>
>>     Care to volunteer to help drive this Mike?  The Connections
>>     Committee is still looking for members!
>>
>>     Cheers
>>
>>     Justin
>>
>>     On 29 Jan 2010, at 13:17, Boberski, Michael [USA] wrote:
>>
>>     > Thanks Kate.
>>     >
>>     > Team, please advise.
>>     >
>>     > Best,
>>     >
>>     > Mike B.
>>     >
>>     > -----Original Message-----
>>     > From: Kate Hartmann [mailto:kate.hartmann at owasp.org
>>     <mailto:kate.hartmann at owasp.org>]
>>     > Sent: Friday, January 29, 2010 7:48 AM
>>     > To: 'Dave Wichers'; Boberski, Michael [USA]
>>     > Cc: 'Dinis Cruz'; 'Lorna Alamri'; 'Robert Hansen'; 'Justin Clarke'
>>     > Subject: RE: [Owasp-leaders] San Diego OWASP Hacking Dojo was a
>>     big success!
>>     >
>>     > The connections committee is our PR engine.
>>     >
>>     > Kate Hartmann
>>     > OWASP Operations Director
>>     > 9175 Guilford Road
>>     > Suite 300
>>     > Columbia, MD  21046
>>     >
>>     > 301-275-9403
>>     > kate.hartmann at owasp.org <mailto:kate.hartmann at owasp.org>
>>     > Skype:  kate.hartmann1
>>     >
>>     >
>>     > -----Original Message-----
>>     > From: Dave Wichers [mailto:dave.wichers at aspectsecurity.com
>>     <mailto:dave.wichers at aspectsecurity.com>]
>>     > Sent: Thursday, January 28, 2010 10:00 PM
>>     > To: Boberski, Michael [USA]; Kate Hartmann
>>     > Subject: RE: [Owasp-leaders] San Diego OWASP Hacking Dojo was a
>>     big success!
>>     >
>>     > I don't know, but this sounds like a question for one of the
>>     committees.
>>     > Kate, which committee?
>>     >
>>     > Or do you know the answer?
>>     >
>>     > Thanks, Dave
>>     >
>>     > -----Original Message-----
>>     > From: Boberski, Michael [USA] [mailto:boberski_michael at bah.com
>>     <mailto:boberski_michael at bah.com>]
>>     > Sent: Thursday, January 28, 2010 4:03 PM
>>     > To: Dave Wichers
>>     > Subject: FW: [Owasp-leaders] San Diego OWASP Hacking Dojo was a big
>>     > success!
>>     >
>>     > Dave, what are the rules when it comes to press releases using e.g.
>>     > http://www.prlog.org/ as was done below? I didn't know such free
>>     > services existed. I know the value of press releases is limited in
>>     > general, but I would have been blasting these out anyway for
>>     different
>>     > projects if so, about e.g. the Japanese ASVS translation, etc.
>>     The San
>>     > Diego guy has been sending out a number of them using this service,
>>     > doing a quick search. The about OWASP blurb at the bottom of
>>     his release
>>     > linked below looks new/made up, does one just need to include
>>     something
>>     > like that, then can write releases as one sees fit?
>>     >
>>     > Mike B.
>>     >
>>     > -----Original Message-----
>>     > From: owasp-leaders-bounces at lists.owasp.org
>>     <mailto:owasp-leaders-bounces at lists.owasp.org>
>>     > [mailto:owasp-leaders-bounces at lists.owasp.org
>>     <mailto:owasp-leaders-bounces at lists.owasp.org>] On Behalf Of Jeromie
>>     > Jackson
>>     > Sent: Thursday, January 28, 2010 3:43 PM
>>     > To: owasp-leaders at lists.owasp.org
>>     <mailto:owasp-leaders at lists.owasp.org>
>>     > Subject: [Owasp-leaders] San Diego OWASP Hacking Dojo was a big
>>     success!
>>     >
>>     > We had a hacking dojo where I brought in an AP, an Imperva WAF,
>>     and 2
>>     > instances of WebGoat.  1 WebGoat was behind the WAF, which was in
>>     > blocking mode, and the other was hanging right off the AP.  A
>>     little
>>     > sushi and sake along with some dojo style training- they loved
>>     it!  I
>>     > highly recommend doing similar type events in your area if you're
>>     > looking to build attendance.
>>     >
>>     > We already had someone become a member of OWASP this morning in
>>     response
>>     > to his attendance.  We used LinkedIn, free press release sites, and
>>     > blogs to get the word out..
>>     >
>>     >
>>     > Linked-In Event:
>>     >
>>     http://events.linkedin.com/Sushi-Sake-Hacking-Dojo-OWASP-San-Diego/pub/2
>>     > 10524
>>     >
>>     >
>>     > Also, a link to the invite is @
>>     >
>>     http://jeromiejackson.com/index.php/the-news/76-Sush-and-Sake-Hacker-Doj
>>     > o-OWASP-San-Diego
>>     >
>>     > Press Release:
>>     >
>>     http://www.prlog.org/10496793-sushi-sake-owasp-san-diego-to-host-free-we
>>     > b-hacker-dojo.html
>>     >
>>     > Another Blog that received high visibility on Google:
>>     >
>>     http://itknowledgeexchange.techtarget.com/security-assessment/hacking-do
>>     > jo-sushi-and-sake-web-application-penetration-event
>>     >
>>     >
>>     > Jeromie Jackson- CISSP, CISM
>>     > COBIT & ITIL Certified
>>     > President- San Diego OWASP
>>     > Vice President- San Diego ISACA
>>     > SANS Mentor
>>     > TIG- Senior Security Architect
>>     > LinkedIn: www.linkedin.com/in/securityassessment
>>     <http://www.linkedin.com/in/securityassessment>
>>     > BLOG: www.jeromiejackson.com <http://www.jeromiejackson.com/>
>>     > Twitter: www.twitter.com/Security_Sifu
>>     <http://www.twitter.com/Security_Sifu>
>>     > 858.205.3645
>>     >
>>     >
>>     > _______________________________________________
>>     > OWASP-Leaders mailing list
>>     > OWASP-Leaders at lists.owasp.org
>>     <mailto:OWASP-Leaders at lists.owasp.org>
>>     > https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>     >
>>
>>     _______________________________________________
>>     Owasp-connections-committee mailing list
>>     Owasp-connections-committee at lists.owasp.org
>>     <mailto:Owasp-connections-committee at lists.owasp.org>
>>     https://lists.owasp.org/mailman/listinfo/owasp-connections-committee
>>
>>
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> Owasp-connections-committee mailing list
> Owasp-connections-committee at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-connections-committee
>   


-- 
Jim Manico
OWASP Podcast Host/Producer
OWASP ESAPI Project Manager
http://www.manico.net

-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-connections-committee/attachments/20100201/1bdd83fa/attachment-0001.html 


More information about the Owasp-connections-committee mailing list