[Owasp-leaders] Chapter Leader Update

Tom Brennan tomb at owasp.org
Wed Aug 17 11:20:43 EDT 2011


Intended audience of OWASP Foundation materials is developers, industry to standards bodies.

Hardcopies of the OWASP Top 10 is a  great example when a .PDF will not do the trick....  http://owasptop10.googlecode.com/files/OWASP%20Top%2010%20-%202010.pdf awareness for this (1) project effort however we have over 200 hence need to spread the love around in raising the visibility of Stable and Beta efforts (https://www.owasp.org/index.php/Category:OWASP_Project)

re: "If the audience is industry"  at times it is -- and as example if the individuals are so inclined to wear a monkey suit that is image.  As a example at Blackhat we (Sara,Lorna, Myself) all were Business attire -- not that this fact made a difference -- however i would agree that perception is key to any awareness campaign.  I am aware that many chapters including my own are business attire, hell the meetings are after work -- hence the local region drives that.  If shorts and t-shirts are appropriate so be it.. but seriously that is a stretch to worry about attire.

Yes there is 100k in the chapter buckets. Not to spend on banners and the such... rather raising awareness to the chapters that there is monies in the bucket that should be reinvested into the chapters and efforts that are core to the mission.  What chapter do you run Rex?  DC, VA? Hence a balance of:  Virginia (Northern Virginia)$2,770.60$160.00$277.06$2,653.50 / Washington DC$4,990.00$140.00$3,542.97$1,587.03 running a chapter has expenditures -- I know my chapter does.

seeing the ROI  -  How is this:  In 2004 you might agree that OWASP was a smaller group,  2007 we had a growth spurt, 2008, 2009, 2010, 2011 are measurable years of visibility not only on the mission but on the industry and on the core contributors as referenced https://www.owasp.org/index.php/Industry:Citations   As a non-profit we have the upside business model of commercial for profit efforts and collectively a great platform and voice.  Good reference information is here:  http://en.wikipedia.org/wiki/Nonprofit_organization updated recently.   The future is quite bright for this professional association with committees focused on implementation of our core values and purpose.

Is this your measurement of ROI  http://xssed.com/archive/special=1   -- then yes there is work to be done on awareness from frameworks, developer tools and easy to leverage risk models -- personally I am fan of the efforts happening here:  http://cwe.mitre.org/about/images/lg_consensus.jpg and we (OWASP) has a seat at the table in both the working groups and the ISO standards bodies.

Brennan
973-202-0122



On Aug 17, 2011, at 10:53 AM, Rex Booth wrote:

> Who is the intended audience of this enhanced professional image for OWASP and what is the expected ROI?
> 
> If it's fellow security consultants, I think hard-copy printouts of the top 10, etc, would have the most impact.  It would allow us to use them as force multipliers, too, and have them spread the word of OWASP for us.
> 
> If the audience is industry (and it should be, IMO), I think the funds would probably be better spent on a shirt and tie for each of our leaders. I know many of us don't require business attire for our daily lives, but many of our target industries do, and they respond to people that "look professional."  Is it fair?  No, but that's the reality.
> 
> On the whole, however, I'm surprised we have $100k to spend on banners, etc to be used at the local chapter level given our current budget situation.  Especially since most chapter meetings are probably 1) fewer than 20 people and 2) are repeat attendees that don't need to be wowed by banners and image.
> 
> I don't see the ROI - perhaps somebody can explain it to me.
> 
> Rex
> 
> On 8/17/2011 10:28 AM, Tom Brennan wrote:
>> 
>> 
>> As a result of repeated discussions at the OWASP booth at Blackhat this year, the following items are worth pointing out globally;
>> 
>> Chapter Leaders:  
>> 
>> When you host your next local meeting will you have a table throw, a pull up banner, swag to help raise the professional image and awareness of the mission of OWASP Foundation?
>>  
>> VISUAL Example:  https://www.owasp.org/images/a/a7/OWASP-BOOTH.jpg
>> 
>> FAQ: what can you REQUEST for your chapter to promote OWASP locally? 
>> 
>> Answer:  https://www.owasp.org/index.php/Chapter_Supplies
>> 
>> $$$
>> 
>> For many chapters there IS money in the chapter bank for this purpose over 100k actually.    Seeing that summer is almost over... its time to review your chapter budget and invest invest short term and long term in your local chapter before the end of the year.  If you are without funds contact your nearby chapter with funds collaborate with them we are a single community and ask for a transfer of funds to help out its a community effort. 
>> 
>> Here is where the 100k+ in funds are currently allocated by the hard-work of volunteer chapter leaders:
>> 
>> https://spreadsheets.google.com/pub?key=0Atu4kyR3ljftdF9aZkY0YjRFcmNBY21OaWo3djdkUXc&hl=en&output=html
>> 
>> * NYC Chapter is offering $1000 to any chapter that is less than 12 months old, has used OWASP On The Move and a membership balance is currently less than $100 to help you get started (contact me for more details off list). 
>> 
>> **NOTE Many of the other chapter leaders that I have spoken with are also willing to help you out - you have to ASK them
>> 
>> ***As a chapter leader you are coming to the Global AppSec USA 10 Year Anniversary of OWASP right? There is NO CHARGE for chapter leaders, don't miss the chapter workshop - http://www.appsecusa.org in September
>> 
>> ===
>> 
>> Need Speakers for your Chapter? 
>> 
>> Have you looked at OWASP on the Move yet to bring in one of the 200+ OWASP Project Leaders to your chapter?
>> 
>> https://www.owasp.org/index.php/OWASP_on_the_Move
>> 
>> To see what has been used to date see:  https://www.owasp.org/index.php/OWASP_on_the_Move_-_Payments  we have a budget allocated USE IT!
>> 
>> Also consider being a scout and coming to AppSecUSA and asking presenters of AppSecUSA to come to your local chapter see:  http://www.appsecusa.org/schedule.html
>> 
>> ===
>> 
>> FAQ where can we find the other OWASP Chapter guidance support information?
>> 
>> Answer:  https://www.owasp.org/index.php/Category:OWASP_Chapter#Chapter_Support_Materials  
>> For the OWASP Chapter Leader Handbook which includes rules and regulations, click here.
>> For OWASP Chapter resources, click here.
>> For OWASP Chapter presentations, click here.
>> For the OWASP news item template, click here.
>> For OWASP Chapter promotion tips click here.
>> ===
>> 
>> Finally, we need your help   If you are a CHAPTER LEADER, you have a chapter mailing list (this might be why your even getting this email....),   we are counting "Chapter Leaders" by those that are listed on the administrative area of the chapter mailing list.  If someones name is listed on the wiki, that is NOT how we are counting the active chapter leaders, add there @owasp.org email to the mailing list administrative area.
>> 
>> Some chapters are announce only mailing lists and that is ok here is why;   Larry Casey our volunteer has a simple script that scrapes the administrative names/emails and includes them in OWASP-LEADERS list.  So this is how we get communication like the above out to those that are Chapter Leaders.  It is important that you add all associated chapter "leaders" to your chapter mailing-list so that they can be included in OWASP-LEADERS list communication such as this.  If you need your local chapter mailing list password reset click on the below or visit www.owasp.org and click on CONTACT US
>> 
>> https://spreadsheets.google.com/a/owasp.org/viewform?hl=en&formkey=dFN1R2NIMTNROXN3dml4ZEcxXzJQYXc6MQ#gid=0
>> 
>> ===
>> 
>> OWASP ELECTION - https://www.owasp.org/index.php/Membership/2011Election -  This is in progress we are approx., at 50% of the eligible voters have already done so.  If you have not voted today the window is closing - VOTE TODAY.
>> 
>> 
>> Semper Fi,
>> 
>> Tom Brennan
>> Direct: 973-202-0122
>> 
>> 
>> 
>> 
>> 
>> 
>> 
>> 
>> 
>> _______________________________________________
>> OWASP-Leaders mailing list
>> OWASP-Leaders at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
> 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-leaders/attachments/20110817/0c0e2291/attachment-0001.html 


More information about the OWASP-Leaders mailing list