[Owasp-leaders] Appsec USA 2014 Proposals

Mark Major mark.major at owasp.org
Wed Jun 19 17:31:08 UTC 2013


Please take all of the below with a grain of salt. I am a member of the
Denver planning committee and I want to be transparent about my bias. At
the same time, I genuinely appreciate the enthusiasm, energy, and ambition
coming out of Omaha. Keep it up!

> Venue and catering are ~160k for Omaha, Denver 277k. BTW:
> What's the venue for Denver?

The Denver venue is under active negotiation with several locations.
Catering costs used in the budget are projected from the downtown Denver
Marriott where SnowFROC 2013 was held.. These costs are comparable to
catering at similar venues in the area (notably the convention center).
Also, the numbers are somewhat inflated because they include Entertainment
costs. By hosting a speaker reception, VIP dinner, etc. at the conference
venue, a good chunk of the expenditures apply toward the venue's minimum
catering obligation. In order to track all venue catering in the same place
we moved Entertainment catering costs into the Catering tab (see
"Pre-conference").

Conversely, the Omaha budget appears to feed 700 of the 1000 attendees and
does not account for tax or service fees (7% and 19%, respectively). I
would guess their conservative catering numbers should be around 258k (not
including Entertainment catering). In fairness, they may have negotiated
around the service fee, in which case the conservative catering costs
should be around $217k (before Entertainment catering). It looks like a
couple other expenditures in the Omaha budget may suffer from scale
problems related to per-person costs. Swag, for example, is based on a
conference with fewer attendees than projected for Omaha.

Overall, I get the impression Omaha's convention center can provide a very
cost-effective conference. The CenturyLink Convention Center's catering
menu is rather inexpensive for a venue of its size, and catering is (by
far) the largest cost in any AppSec budget. However, their overall budget
needs a lot of work before we can really compare apples-to-apples. In my
opinion, hosting a regional conference in 2014 would be a great way for
Omaha to establish a baseline for a national conference bid.


> Looking the the Denver proposal, a number of companies are mentioned.
>
> Are they going to sponsor the event?

Each of the companies listed in the Denver proposal has sponsored SnowFROC
in the past. Without getting into specifics, yes, I do expect several of
those companies listed will sponsor a Denver AppSec.



On Wed, Jun 19, 2013 at 5:59 AM, Eoin <eoin.keary at owasp.org> wrote:

> Looking the the Denver proposal, a number of companies are mentioned.
>
> Are they going to sponsor the event?
>
> Sponsorship is important IMHO.
>
>
> Eoin Keary
> Owasp Global Board
> +353 87 977 2988
>
>
> On 19 Jun 2013, at 12:24, Dirk Wetter <dirk.wetter at owasp.org> wrote:
>
>
> Hi,
>
> don't know about the US conferences but Omaha seems more optimistic as
> Denver, as
> far as training revenue is concerned (100k vs 79k/39k) and number of
> participants.
> Numbers for the latter:  1500/1000 vs  1000/750 (optimistic/conservative).
>
> In the optimistic scenario the numbers for paid and total attendance are
> probably
> swapped.
>
> Venue and catering are ~160k for Omaha, Denver 277k. BTW:
> What's the venue for Denver?
>
> BR, Dirk
>
> Am 06/18/2013 10:56 PM, schrieb Sarah Baso:
>
> Checklist version 1 is available here:
> https://www.owasp.org/index.php/Conference_Planning_Table  and overview
> of tasks here:
> https://www.owasp.org/images/2/2a/Conference_Timeline_Overview.pdf
>
>  This definitely could use some work but it is a starting place for now
> ;-0
>
>
> On Tue, Jun 18, 2013 at 1:55 PM, Fabio Cerullo <fcerullo at owasp.org> wrote:
>
>>  Agree with Tom.
>>
>>  For an Appsec Conference there should be a track record of at least one
>> regional event being held by the soliciting chapter.
>>
>>  A scoring criteria for proposals will definitely help. Also, a
>> checklist of "things to be done" once the proposal has been selected with
>> time frames, etc.
>>
>>  Fabio
>>
>> Sent from my iPhone
>>
>> On 18 Jun 2013, at 21:42, Tom Brennan <tomb at owasp.org> wrote:
>>
>>    Denver has been kicking ass and taking names at FROC proven team and
>> experience.
>>
>>  I would love to see a Nebraska event however is there a track record?  I
>> would like to see a active chapter, a active regional event that makes OCMS
>> before the investment of time energy and effort.
>>
>>
>>
>>
>>
>>
>> On Tue, Jun 18, 2013 at 3:45 PM, Sarah Baso <sarah.baso at owasp.org> wrote:
>>
>>> All -
>>> We have received an additional proposal for AppSec USA 2014 from the
>>> Omaha, Nebraska Chapter.  So, now that we have 2 proposals to consider
>>> (Denver and Omaha)  I think it is appropriate to have an open comment and
>>> vote on the about the two proposals.
>>>
>>>  In the future, as Eoin noted in his original email, we need to develop
>>> some scoring criteria for proposals.  Since time is of the essence though
>>> with the AppSec USA proposals and I don't think it is fair to set scoring
>>> criteria AFTER the submissions have been received, I think the best way to
>>> handle this is to have an open voting.  I have included some previous
>>> AppSec conference hosts on this thread hoping they will weigh in on any
>>> considerations or thoughts on the proposals, base on their past
>>> experiences.
>>>
>>>  *I have set up this google moderator page for voting
>>> https://www.google.com/moderator/#15/e=20c908&t=20c908.41 *
>>> *
>>> *
>>> *We will be accepting votes until the end of the day FRIDAY, JUNE 21.*
>>>
>>>  *Information on the two proposals:*
>>>
>>>  *DENVER, CO*
>>> *Submission from Snofroc Team (Denver & Boulder Chapters) -  *
>>> https://ocms.owasp.org/events/230/
>>>
>>>    - Team leads: Mark Major & Steve Kosten
>>>    - Presentation (Why Denver?)
>>>    https://docs.google.com/a/owasp.org/file/d/0B5cq5xuMqNYSRWlUbUZSckhNMlk/edit?usp=sharing
>>>     - Budget -
>>>    https://docs.google.com/a/owasp.org/spreadsheet/ccc?key=0Apcq5xuMqNYSdHMyUnAwaDBlQ1Nxa3AyWDEwN0Zya3c#gid=0
>>>
>>>
>>>  *OMAHA, NE*
>>> Submission from Omaha Chapter -- https://ocms.owasp.org/events/231/
>>>
>>>    - Team leads: Fred Donovan and Rob Temple
>>>    - Presentation (Why Omaha?)
>>>    https://docs.google.com/a/owasp.org/file/d/0B6ftS9CyBPmqYThQR1NPYko4Yjg/edit?usp=sharing
>>>     - Budget -
>>>    https://docs.google.com/a/owasp.org/file/d/0B6ftS9CyBPmqaTgwdXdteWpzd2c/edit?usp=sharing
>>>
>>>
>>>  Looking forward to hearing everyone's thoughts and feedback!
>>>
>>>  Regards,
>>>  Sarah Baso
>>>
>>> On Fri, Jun 7, 2013 at 5:54 PM, Sarah Baso <sarah.baso at owasp.org> wrote:
>>>
>>>> Hi Eoin (and OWASP community members)
>>>>
>>>>  Great questions ;-)
>>>>
>>>>  First the specifics for next year's events:
>>>>
>>>>  We have received one proposal for each AppSec USA 2014 (Denver CO)
>>>> and AppSec Europe (Cambridge UK) - so there is no selection as much as an
>>>> open opportunity for anyone to voice any objections before I approve these
>>>> two great proposals so they can get planning.
>>>>
>>>>  AppSec EU/Research for 2014 is proposed for the end of June in
>>>> Cambridge, UK -- details here: https://ocms.owasp.org/events/220/
>>>>
>>>>  AppSec USA 2014 is proposed for Q3 (September ideally) for Denver,
>>>> Colorado -- details here: https://ocms.owasp.org/events/230/
>>>>
>>>>  So, please take this opportunity to voice any questions, objections,
>>>> support and barring no big issues, I will go forward with approving the
>>>> events in OCMS on next Friday, the 14th.
>>>>
>>>>
>>>>  -----
>>>> In terms of a transparent and audit-able selection process - when there
>>>> is only one proposal received for the event (as has been the case for all
>>>> the Global appsecs last year and most of them the year before that, and so
>>>> far for next year) - there really is no "selection process" as much as an
>>>> opportunity to review the budget, discuss expectations with the local team
>>>> proposing to host, and barring no issues "approve".  The Global Conference
>>>> Committee previously conducted this process and there was not a scoring,
>>>> but they just voted on the location  if there was more than one submitted.
>>>>
>>>>  If you would like to put together a process or outline for what you
>>>> would like to see, I think that would be great. Otherwise, we will put it
>>>> on the wish list and when we get someone new hired for the conferences
>>>> position the staff, community, and that person can work on putting
>>>> something together.
>>>>
>>>>  Open to other feedback you have!
>>>>
>>>>  Best,
>>>> Sarah Baso
>>>>
>>>>
>>>>
>>>>
>>>>  On Fri, Jun 7, 2013 at 6:14 AM, Eoin <eoin.keary at owasp.org> wrote:
>>>>
>>>>> May I ask when venues for 2014 shall be selected and also how is the
>>>>> selection process conducted.
>>>>>
>>>>> Who makes the choice, how is the panel made up?
>>>>>
>>>>> I really want a transparent an auditable selection process.  What
>>>>> scoring mechanism is being used?
>>>>>
>>>>> For me this is a staff decision coupled with our (to be hired)
>>>>> conference manager.
>>>>>
>>>>>
>>>>>
>>>>> Eoin Keary
>>>>> Owasp Global Board
>>>>> +353 87 977 2988 <%2B353%2087%20977%202988>
>>>>>
>>>>> _______________________________________________
>>>>> Owasp-board mailing list
>>>>> Owasp-board at lists.owasp.org
>>>>> https://lists.owasp.org/mailman/listinfo/owasp-board
>>>>>
>>>>
>>>>
>>>>
>>>>   --
>>>>  Executive Director
>>>> OWASP Foundation
>>>>
>>>>  sarah.baso at owasp.org
>>>> +1.312.869.2779
>>>>
>>>>
>>>>
>>>>
>>>>
>>>
>>>
>>>  --
>>>  Executive Director
>>> OWASP Foundation
>>>
>>>  sarah.baso at owasp.org
>>> +1.312.869.2779
>>>
>>>
>>>
>>>
>>>
>>
>
>
>  --
>  Executive Director
> OWASP Foundation
>
>  sarah.baso at owasp.org
> +1.312.869.2779
>
>
>
>
>
>
> --
> German OWASP Board, Conference Chair AppSec EU 2013 http://appsec.eu/       |                 @appseceuskype://drwetter.de     |      tel:+49-40-2442035-1
>
>
-- 
Mark
OWASP Boulder
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20130619/f33e6115/attachment-0001.html>


More information about the OWASP-Leaders mailing list