[Owasp-leaders] Chapter Leader Update

Konstantinos Papapanagiotou conpap at di.uoa.gr
Wed Aug 17 11:49:00 EDT 2011


Ultimate ROI: well-promoted OWASP Training Days
(https://www.owasp.org/index.php/OWASP_Training)
Especially for chapters with limited funds/visibility

> My attire comment was somewhat tongue-in-cheek, though I think that if
> you're going to talk about professional image, personal appearance needs
> to be considered.
>
> The greater and more important question is: how does OWASP measure ROI?
> I don't think we have an answer for that, but we should.  We should
> strive to measure our impact and success - or at least have clearly
> defined goals to which we can align our activities and expenditures.
> That would allow us to 1) promote our impact among our supporters to
> show them a return on THEIR investment, hopefully increasing sponsorship
> dollars and 2) more easily determine if spending money on banners is a
> better idea than flying somebody to an AppSec conference (for example).
>
> Perhaps this is new project? ;)
>
> Rex
>
> On 8/17/2011 11:20 AM, Tom Brennan wrote:
>>
>> Intended audience of OWASP Foundation materials is developers,
>> industry to standards bodies.
>>
>> Hardcopies of the OWASP Top 10 is a  great example when a .PDF will
>> not do the trick....
>> http://owasptop10.googlecode.com/files/OWASP%20Top%2010%20-%202010.pdf
>> awareness for this (1) project effort however we have over 200 hence
>> need to spread the love around in raising the visibility of Stable and
>> Beta efforts (https://www.owasp.org/index.php/Category:OWASP_Project)
>>
>> re: "If the audience is industry"  at times it is -- and as example if
>> the individuals are so inclined to wear a monkey suit that is image.
>>  As a example at Blackhat we (Sara,Lorna, Myself) all were Business
>> attire -- not that this fact made a difference -- however i would
>> agree that perception is key to any awareness campaign.  I am aware
>> that many chapters including my own are business attire, hell the
>> meetings are after work -- hence the local region drives that.  If
>> shorts and t-shirts are appropriate so be it.. but seriously that is a
>> stretch to worry about attire.
>>
>> Yes there is 100k in the chapter buckets. Not to spend on banners and
>> the such... rather raising awareness to the chapters that there is
>> monies in the bucket that should be reinvested into the chapters and
>> efforts that are core to the mission.  What chapter do you run Rex?
>>  DC, VA? Hence a balance of:  Virginia (Northern
>> Virginia)$2,770.60$160.00$277.06$2,653.50 / Washington
>> DC$4,990.00$140.00$3,542.97$1,587.03 running a chapter has
>> expenditures -- I know my chapter does.
>>
>> seeing the ROI  -  How is this:  In 2004 you might agree that OWASP
>> was a smaller group,  2007 we had a growth spurt, 2008, 2009, 2010,
>> 2011 are measurable years of visibility not only on the mission but on
>> the industry and on the core contributors as referenced
>> https://www.owasp.org/index.php/Industry:Citations   As a non-profit
>> we have the upside business model of commercial for profit efforts and
>> collectively a great platform and voice.  Good reference information
>> is here: http://en.wikipedia.org/wiki/Nonprofit_organization updated
>> recently.   The future is quite bright for this professional
>> association with committees focused on implementation of our core
>> values and purpose.
>>
>> Is this your measurement of ROI http://xssed.com/archive/special=1
>> -- then yes there is work to be done on awareness from frameworks,
>> developer tools and easy to leverage risk models -- personally I am
>> fan of the efforts happening here:
>> http://cwe.mitre.org/about/images/lg_consensus.jpg and we (OWASP) has
>> a seat at the table in both the working groups and the ISO standards
>> bodies.
>>
>> Brennan
>> 973-202-0122
>>
>>
>>
>> On Aug 17, 2011, at 10:53 AM, Rex Booth wrote:
>>
>>> Who is the intended audience of this enhanced professional image for
>>> OWASP and what is the expected ROI?
>>>
>>> If it's fellow security consultants, I think hard-copy printouts of
>>> the top 10, etc, would have the most impact.  It would allow us to
>>> use them as force multipliers, too, and have them spread the word of
>>> OWASP for us.
>>>
>>> If the audience is industry (and it should be, IMO), I think the
>>> funds would probably be better spent on a shirt and tie for each of
>>> our leaders. I know many of us don't require business attire for our
>>> daily lives, but many of our target industries do, and they respond
>>> to people that "look professional."  Is it fair?  No, but that's the
>>> reality.
>>>
>>> On the whole, however, I'm surprised we have $100k to spend on
>>> banners, etc to be used at the local chapter level given our current
>>> budget situation.  Especially since most chapter meetings are
>>> probably 1) fewer than 20 people and 2) are repeat attendees that
>>> don't need to be wowed by banners and image.
>>>
>>> I don't see the ROI - perhaps somebody can explain it to me.
>>>
>>> Rex
>>>
>>> On 8/17/2011 10:28 AM, Tom Brennan wrote:
>>>>
>>>> As a result of repeated discussions at the OWASP booth at Blackhat
>>>> this year, the following items are worth pointing out globally;
>>>>
>>>> *_Chapter Leaders: _*
>>>> *
>>>> *
>>>> When you host your next local meeting will you have a table throw, a
>>>> pull up banner, swag to help raise the professional image and
>>>> awareness of the mission of OWASP Foundation?
>>>> *VISUAL Example:* https://www.owasp.org/images/a/a7/OWASP-BOOTH.jpg
>>>>
>>>> *FAQ: what can you REQUEST for your chapter to promote OWASP locally?
>>>> *
>>>> *
>>>> *
>>>> *Answer: https://www.owasp.org/index.php/Chapter_Supplies*
>>>> *
>>>> *
>>>> *$$$*
>>>>
>>>> For many chapters there IS money in the chapter bank for this
>>>> purpose over 100k actually.    Seeing that summer is almost over...
>>>> its time to review your chapter budget and invest invest short term
>>>> and long term in your local chapter before the end of the year.  If
>>>> you are without funds contact your nearby chapter with funds
>>>> collaborate with them we are a single community and ask for a
>>>> transfer of funds to help out its a community effort.
>>>>
>>>> Here is where the 100k+ in funds are currently allocated by the
>>>> hard-work of volunteer chapter leaders:
>>>>
>>>> https://spreadsheets.google.com/pub?key=0Atu4kyR3ljftdF9aZkY0YjRFcmNBY21OaWo3djdkUXc&hl=en&output=html
>>>> <https://spreadsheets.google.com/pub?key=0Atu4kyR3ljftdF9aZkY0YjRFcmNBY21OaWo3djdkUXc&hl=en&output=html>
>>>>
>>>> * NYC Chapter is offering *$1000* to any chapter that is *_less than
>>>> 12 months old, has used OWASP On The Move and a membership balance
>>>> is currently less than $100_* to help you get started (contact me
>>>> for more details off list).
>>>>
>>>> **NOTE Many of the other chapter leaders that I have spoken with are
>>>> also willing to help you out - you have to ASK them
>>>>
>>>> ***As a chapter leader you are coming to the Global AppSec USA 10
>>>> Year Anniversary of OWASP right? There is NO CHARGE for chapter
>>>> leaders, don't miss the chapter workshop - http://www.appsecusa.org
>>>> <http://www.appsecusa.org/> in September
>>>>
>>>> ===
>>>>
>>>> *_Need Speakers for your Chapter? _*
>>>>
>>>> Have you looked at OWASP on the Move yet to bring in one of the 200+
>>>> OWASP Project Leaders to your chapter?
>>>>
>>>> https://www.owasp.org/index.php/OWASP_on_the_Move
>>>>
>>>> To see what has been used to date see:
>>>> https://www.owasp.org/index.php/OWASP_on_the_Move_-_Payments  we
>>>> have a budget allocated USE IT!
>>>>
>>>> Also consider being a scout and coming to AppSecUSA and asking
>>>> presenters of AppSecUSA to come to your local chapter see:
>>>> http://www.appsecusa.org/schedule.html
>>>>
>>>> ===
>>>> _
>>>> _
>>>> *_FAQ where can we find the other OWASP Chapter guidance support
>>>> information?_*
>>>>
>>>> Answer:
>>>> https://www.owasp.org/index.php/Category:OWASP_Chapter#Chapter_Support_Materials
>>>>
>>>>
>>>>   * For the OWASP Chapter Leader Handbook which includes rules and
>>>>     regulations, click here
>>>>     <https://www.owasp.org/index.php/Chapter_Leader_Handbook>.
>>>>   * For OWASP Chapter resources, click here
>>>>     <https://www.owasp.org/index.php/Category:Chapter_Resources>.
>>>>   * For OWASP Chapter presentations, click here
>>>>     <https://www.owasp.org/index.php/Chapter_Presentation_Bundles>.
>>>>   * For the OWASP news item template, click here
>>>>     <https://www.owasp.org/index.php/Template:News_Item>.
>>>>   * For OWASP Chapter promotion tips click here
>>>>     <https://www.owasp.org/index.php/Chapter_Promotion>.
>>>>
>>>> ===
>>>>
>>>> _*Finally, we need your help* _  If you are a CHAPTER LEADER, you
>>>> have a chapter mailing list (this might be why your even getting
>>>> this email....),   we are counting "Chapter Leaders" by those that
>>>> are listed on the administrative area of the chapter mailing list.
>>>>  If someones name is listed on the wiki, that is NOT how we are
>>>> counting the active chapter leaders, add there @owasp.org email to
>>>> the mailing list administrative area.
>>>>
>>>> Some chapters are announce only mailing lists and that is ok here is
>>>> why;   Larry Casey our volunteer has a simple script that scrapes
>>>> the administrative names/emails and includes them in OWASP-LEADERS
>>>> list.  So this is how we get communication like the above out to
>>>> those that are Chapter Leaders.  It is important that you add all
>>>> associated chapter "leaders" to your chapter mailing-list so that
>>>> they can be included in OWASP-LEADERS list communication such as
>>>> this.  If you need your local chapter mailing list password reset
>>>> click on the below or visit www.owasp.org <http://www.owasp.org/>
>>>> and click on CONTACT US
>>>>
>>>> https://spreadsheets.google.com/a/owasp.org/viewform?hl=en&formkey=dFN1R2NIMTNROXN3dml4ZEcxXzJQYXc6MQ#gid=0
>>>> <https://spreadsheets.google.com/a/owasp.org/viewform?hl=en&formkey=dFN1R2NIMTNROXN3dml4ZEcxXzJQYXc6MQ#gid=0>
>>>>
>>>> ===
>>>>
>>>> *OWASP ELECTION -
>>>> https://www.owasp.org/index.php/Membership/2011Election *-  This is
>>>> in progress we are approx., at 50% of the eligible voters have
>>>> already done so.  If you have not voted today the window is closing
>>>> - VOTE TODAY.
>>>>
>>>>
>>>> Semper Fi,
>>>>
>>>> Tom Brennan
>>>> Direct: 973-202-0122
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> _______________________________________________
>>>> OWASP-Leaders mailing list
>>>> OWASP-Leaders at lists.owasp.org
>>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>
>>
>
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>




More information about the OWASP-Leaders mailing list