[Owasp-leaders] Appsec awareness

Marian Ventuneac marian.ventuneac at owasp.org
Wed Feb 27 19:35:12 UTC 2013


Hi Eoin,

I totally agree, and congratulations for managing to deliver the AppSec
training to such a large audience.

I recently traveled around the globe delivering similar training (probably
a bit more in-depth since I had mostly developers attending it) to roughly
a quarter of the attendees you mentioned, so I would be happy to contribute
to make this a reality.

We really need to give all support we can provide to Developers and Testers
communities, and making AppSec training more affordable (if not available
for free) would be a nice thing :)

While I could get away just with congratulating you and Jim, I am planning
to deliver a training course on secure coding in the next two months with
OWASP Limerick chapter. I would love to deliver it for free to everyone
(for now it is free for OWASP members and students) - but this could be
subject to getting the right sponsors.

Do we have a pool of sponsoring organizations we can rely on for such a
global initiative? Or can we rely on OWASP funds to be allocated for it?

Regards,
Marian

Marian Ventuneac - Security Architect, PhD, MEng, CISM, CISA
OWASP Ireland Limerick Chapter Leader
https://www.owasp.org/index.php/Ireland-Limerick

OWASP Romania Chapter
https://www.owasp.org/index.php/Romania

OWASP Romania Cluj Mentor
https://www.owasp.org/index.php/Cluj

On Wed, Feb 27, 2013 at 4:25 PM, Eoin <eoin.keary at owasp.org> wrote:

Hi leaders,
> "Spreading the word" is a lot of what we do in owasp. We use wiki, social
> media, guides, build tools to enable our mission in action etc.
>
> On Monday myself and Jim Manico delivered free training at the RSA
> conference in San Fransisco. We did a 4 hour session building from a
> description of issues, to some technical controls, to process integration.
>
> We had 400 students, 6 kinder eggs. Many were developers, lots of testers
> and dev managers. Great discussion was had and many people found it
> valuable.
>
> I believe owasp should deliver more of this free training as it seems to
> work!
>
> We get responses such as "I never knew what xss was" or "SQLI prevention
> is actually easy" etc.
>
> We should offer such services to most Dev and sec conferences where
> possible. I think this could change the "game" in a big way.
>
> Delivering free training is not really free. Students pay with their time.
> Presenters pay with their commercial time. OWASP pays to support such
> logistics, but the payback to our mission seems to be worth it.
>
>
> Eoin.
>
> Eoin Keary
> Owasp Global Board
> +353 87 977 2988
>
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20130227/19c91b6d/attachment-0001.html>


More information about the OWASP-Leaders mailing list