[Owasp-leaders] [Owasp-board] Appsec USA 2014 Proposals

Gregory Disney gregory.disney at owasp.org
Sat Jun 22 17:01:05 UTC 2013


Agreed.
On Jun 22, 2013 12:57 PM, "Jim Manico" <jim.manico at owasp.org> wrote:

> +1 Denver, they have a track record of running a pretty amazing conference.
>
> Aloha,
> Jim
>
> > Yes- both submitters were provided the budget actuals from last year
> > and projections for this year as a point of reference in putting their
> > proposals together.
> >
> > Sarah
> >
> > On Jun 19, 2013, at 1:06 PM, Dirk Wetter <dirk.wetter at owasp.org> wrote:
> >
> >>
> >> Hi all,
> >>
> >> I am European, so probably my opinion probably doesn't count
> >> that much ;-)
> >>
> >> What would have helped us as we applied for AppSecEU 2013 would have
> been
> >> having budget sheets or insights from the previous years, i.e. not the
> proposals but
> >> more realistic numbers. That kind of learning effect would have been
> helpful.
> >>
> >> Is/Was there feedback loop in the US from previous years.?
> >>
> >> Cheers Dirk
> >>
> >>
> >>
> >> Am 06/19/2013 07:31 PM, schrieb Mark Major:
> >>> Please take all of the below with a grain of salt. I am a member of
> the Denver planning committee
> >>> and I want to be transparent about my bias. At the same time, I
> genuinely appreciate the
> >>> enthusiasm, energy, and ambition coming out of Omaha. Keep it up!
> >>>
> >>>> Venue and catering are ~160k for Omaha, Denver 277k. BTW:
> >>>> What's the venue for Denver?
> >>>
> >>> The Denver venue is under active negotiation with several locations.
> Catering costs used in the
> >>> budget are projected from the downtown Denver Marriott where SnowFROC
> 2013 was held.. These costs
> >>> are comparable to catering at similar venues in the area (notably the
> convention center). Also,
> >>> the numbers are somewhat inflated because they include Entertainment
> costs. By hosting a speaker
> >>> reception, VIP dinner, etc. at the conference venue, a good chunk of
> the expenditures apply toward
> >>> the venue's minimum catering obligation. In order to track all venue
> catering in the same place we
> >>> moved Entertainment catering costs into the Catering tab (see
> "Pre-conference").
> >>>
> >>> Conversely, the Omaha budget appears to feed 700 of the 1000 attendees
> and does not account for
> >>> tax or service fees (7% and 19%, respectively). I would guess their
> conservative catering numbers
> >>> should be around 258k (not including Entertainment catering). In
> fairness, they may have
> >>> negotiated around the service fee, in which case the conservative
> catering costs should be around
> >>> $217k (before Entertainment catering). It looks like a couple other
> expenditures in the Omaha
> >>> budget may suffer from scale problems related to per-person costs.
> Swag, for example, is based on
> >>> a conference with fewer attendees than projected for Omaha.
> >>>
> >>> Overall, I get the impression Omaha's convention center can provide a
> very cost-effective
> >>> conference. The CenturyLink Convention Center's catering menu is
> rather inexpensive for a venue of
> >>> its size, and catering is (by far) the largest cost in any AppSec
> budget. However, their overall
> >>> budget needs a lot of work before we can really compare
> apples-to-apples. In my opinion, hosting a
> >>> regional conference in 2014 would be a great way for Omaha to
> establish a baseline for a national
> >>> conference bid.
> >>>
> >>>
> >>>> Looking the the Denver proposal, a number of companies are mentioned.
> >>>>
> >>>> Are they going to sponsor the event?
> >>>
> >>> Each of the companies listed in the Denver proposal has sponsored
> SnowFROC in the past. Without
> >>> getting into specifics, yes, I do expect several of those companies
> listed will sponsor a Denver
> >>> AppSec.
> >>>
> >>>
> >>>
> >>> On Wed, Jun 19, 2013 at 5:59 AM, Eoin <eoin.keary at owasp.org <mailto:
> eoin.keary at owasp.org>> wrote:
> >>>
> >>>    Looking the the Denver proposal, a number of companies are
> mentioned.
> >>>
> >>>    Are they going to sponsor the event?
> >>>
> >>>    Sponsorship is important IMHO.
> >>>
> >>>
> >>>    Eoin Keary
> >>>    Owasp Global Board
> >>>    +353 87 977 2988
> >>>
> >>>
> >>>    On 19 Jun 2013, at 12:24, Dirk Wetter <dirk.wetter at owasp.org<mailto:
> dirk.wetter at owasp.org>>
> >>>    wrote:
> >>>
> >>>>
> >>>>    Hi,
> >>>>
> >>>>    don't know about the US conferences but Omaha seems more
> optimistic as Denver, as
> >>>>    far as training revenue is concerned (100k vs 79k/39k) and number
> of participants.
> >>>>    Numbers for the latter:  1500/1000 vs  1000/750
> (optimistic/conservative).
> >>>>
> >>>>    In the optimistic scenario the numbers for paid and total
> attendance are probably
> >>>>    swapped.
> >>>>
> >>>>    Venue and catering are ~160k for Omaha, Denver 277k. BTW:
> >>>>    What's the venue for Denver?
> >>>>
> >>>>    BR, Dirk
> >>>>
> >>>>    Am 06/18/2013 10:56 PM, schrieb Sarah Baso:
> >>>>>    Checklist version 1 is available
> >>>>>    here: https://www.owasp.org/index.php/Conference_Planning_Table and overview of tasks
> >>>>>    here:
> https://www.owasp.org/images/2/2a/Conference_Timeline_Overview.pdf
> >>>>>
> >>>>>    This definitely could use some work but it is a starting place
> for now ;-0
> >>>>>
> >>>>>
> >>>>>    On Tue, Jun 18, 2013 at 1:55 PM, Fabio Cerullo <
> fcerullo at owasp.org
> >>>>>    <mailto:fcerullo at owasp.org>> wrote:
> >>>>>
> >>>>>        Agree with Tom.
> >>>>>
> >>>>>        For an Appsec Conference there should be a track record of at
> least one regional event
> >>>>>        being held by the soliciting chapter.
> >>>>>
> >>>>>        A scoring criteria for proposals will definitely help. Also,
> a checklist of "things to
> >>>>>        be done" once the proposal has been selected with time
> frames, etc.
> >>>>>
> >>>>>        Fabio
> >>>>>
> >>>>>        Sent from my iPhone
> >>>>>
> >>>>>        On 18 Jun 2013, at 21:42, Tom Brennan <tomb at owasp.org<mailto:
> tomb at owasp.org>> wrote:
> >>>>>
> >>>>>>        Denver has been kicking ass and taking names at FROC proven
> team and experience.
> >>>>>>
> >>>>>>        I would love to see a Nebraska event however is there a
> track record?  I would like to
> >>>>>>        see a active chapter, a active regional event that makes
> OCMS before the investment of
> >>>>>>        time energy and effort.
> >>>>>>
> >>>>>>
> >>>>>>
> >>>>>>
> >>>>>>
> >>>>>>
> >>>>>>        On Tue, Jun 18, 2013 at 3:45 PM, Sarah Baso <
> sarah.baso at owasp.org
> >>>>>>        <mailto:sarah.baso at owasp.org>> wrote:
> >>>>>>
> >>>>>>            All -
> >>>>>>            We have received an additional proposal for AppSec USA
> 2014 from the Omaha,
> >>>>>>            Nebraska Chapter.  So, now that we have 2 proposals to
> consider (Denver and Omaha)
> >>>>>>             I think it is appropriate to have an open comment and
> vote on the about the two
> >>>>>>            proposals.
> >>>>>>
> >>>>>>            In the future, as Eoin noted in his original email, we
> need to develop some scoring
> >>>>>>            criteria for proposals.  Since time is of the essence
> though with the AppSec USA
> >>>>>>            proposals and I don't think it is fair to set scoring
> criteria AFTER the
> >>>>>>            submissions have been received, I think the best way to
> handle this is to have an
> >>>>>>            open voting.  I have included some previous AppSec
> conference hosts on this thread
> >>>>>>            hoping they will weigh in on any considerations or
> thoughts on the proposals, base
> >>>>>>            on their past experiences.
> >>>>>>
> >>>>>>            *I have set up this google moderator page for
> >>>>>>            voting
> https://www.google.com/moderator/#15/e=20c908&t=20c908.41 *
> >>>>>>            *
> >>>>>>            *
> >>>>>>            *We will be accepting votes until the end of the day
> FRIDAY, JUNE 21.*
> >>>>>>
> >>>>>>            *Information on the two proposals:*
> >>>>>>
> >>>>>>            *DENVER, CO*
> >>>>>>            *Submission from Snofroc Team (Denver & Boulder
> Chapters) -
> >>>>>>             *https://ocms.owasp.org/events/230/
> >>>>>>
> >>>>>>              * Team leads: Mark Major & Steve Kosten
> >>>>>>              * Presentation (Why Denver?)
> >>>>>>
> https://docs.google.com/a/owasp.org/file/d/0B5cq5xuMqNYSRWlUbUZSckhNMlk/edit?usp=sharing
> >>>>>>              * Budget
> >>>>>>                -
> https://docs.google.com/a/owasp.org/spreadsheet/ccc?key=0Apcq5xuMqNYSdHMyUnAwaDBlQ1Nxa3AyWDEwN0Zya3c#gid=0
> >>>>>>
> >>>>>>
> >>>>>>            *OMAHA, NE*
> >>>>>>            Submission from Omaha Chapter --
> https://ocms.owasp.org/events/231/
> >>>>>>
> >>>>>>              * Team leads: Fred Donovan and Rob Temple
> >>>>>>              * Presentation (Why Omaha?)
> >>>>>>
> https://docs.google.com/a/owasp.org/file/d/0B6ftS9CyBPmqYThQR1NPYko4Yjg/edit?usp=sharing
> >>>>>>              * Budget
> >>>>>>                -
> https://docs.google.com/a/owasp.org/file/d/0B6ftS9CyBPmqaTgwdXdteWpzd2c/edit?usp=sharing
> >>>>>>
> >>>>>>
> >>>>>>            Looking forward to hearing everyone's thoughts and
> feedback!
> >>>>>>
> >>>>>>            Regards,
> >>>>>>            Sarah Baso
> >>>>>>
> >>>>>>            On Fri, Jun 7, 2013 at 5:54 PM, Sarah Baso <
> sarah.baso at owasp.org
> >>>>>>            <mailto:sarah.baso at owasp.org>> wrote:
> >>>>>>
> >>>>>>                Hi Eoin (and OWASP community members)
> >>>>>>
> >>>>>>                Great questions ;-)
> >>>>>>
> >>>>>>                First the specifics for next year's events:
> >>>>>>
> >>>>>>                We have received one proposal for each AppSec USA
> 2014 (Denver CO) and AppSec
> >>>>>>                Europe (Cambridge UK) - so there is no selection as
> much as an open opportunity
> >>>>>>                for anyone to voice any objections before I approve
> these two great proposals
> >>>>>>                so they can get planning.
> >>>>>>
> >>>>>>                AppSec EU/Research for 2014 is proposed for the end
> of June in Cambridge, UK --
> >>>>>>                details here: https://ocms.owasp.org/events/220/
> >>>>>>
> >>>>>>                AppSec USA 2014 is proposed for Q3 (September
> ideally) for Denver, Colorado --
> >>>>>>                details here: https://ocms.owasp.org/events/230/
> >>>>>>
> >>>>>>                So, please take this opportunity to voice any
> questions, objections, support
> >>>>>>                and barring no big issues, I will go forward with
> approving the events in OCMS
> >>>>>>                on next Friday, the 14th.
> >>>>>>
> >>>>>>
> >>>>>>                -----
> >>>>>>                In terms of a transparent and audit-able selection
> process - when there is only
> >>>>>>                one proposal received for the event (as has been the
> case for all the Global
> >>>>>>                appsecs last year and most of them the year before
> that, and so far for next
> >>>>>>                year) - there really is no "selection process" as
> much as an opportunity to
> >>>>>>                review the budget, discuss expectations with the
> local team proposing to host,
> >>>>>>                and barring no issues "approve".  The Global
> Conference Committee previously
> >>>>>>                conducted this process and there was not a scoring,
> but they just voted on the
> >>>>>>                location  if there was more than one submitted.
> >>>>>>
> >>>>>>                If you would like to put together a process or
> outline for what you would like
> >>>>>>                to see, I think that would be great. Otherwise, we
> will put it on the wish list
> >>>>>>                and when we get someone new hired for the
> conferences position the staff,
> >>>>>>                community, and that person can work on putting
> something together.
> >>>>>>
> >>>>>>                Open to other feedback you have!
> >>>>>>
> >>>>>>                Best,
> >>>>>>                Sarah Baso
> >>>>>>
> >>>>>>
> >>>>>>
> >>>>>>
> >>>>>>                On Fri, Jun 7, 2013 at 6:14 AM, Eoin <
> eoin.keary at owasp.org
> >>>>>>                <mailto:eoin.keary at owasp.org>> wrote:
> >>>>>>
> >>>>>>                    May I ask when venues for 2014 shall be selected
> and also how is the
> >>>>>>                    selection process conducted.
> >>>>>>
> >>>>>>                    Who makes the choice, how is the panel made up?
> >>>>>>
> >>>>>>                    I really want a transparent an auditable
> selection process.  What scoring
> >>>>>>                    mechanism is being used?
> >>>>>>
> >>>>>>                    For me this is a staff decision coupled with our
> (to be hired) conference
> >>>>>>                    manager.
> >>>>>>
> >>>>>>
> >>>>>>
> >>>>>>                    Eoin Keary
> >>>>>>                    Owasp Global Board
> >>>>>>                    +353 87 977 2988 <tel:%2B353%2087%20977%202988>
> >>>>>>
> >>>>>>                    _______________________________________________
> >>>>>>                    Owasp-board mailing list
> >>>>>>                    Owasp-board at lists.owasp.org <mailto:
> Owasp-board at lists.owasp.org>
> >>>>>>
> https://lists.owasp.org/mailman/listinfo/owasp-board
> >>>>>>
> >>>>>>
> >>>>>>
> >>>>>>
> >>>>>>                --
> >>>>>>                Executive Director
> >>>>>>                OWASP Foundation
> >>>>>>
> >>>>>>                sarah.baso at owasp.org <mailto:sarah.baso at owasp.org>
> >>>>>>                +1.312.869.2779 <tel:%2B1.312.869.2779>
> >>>>>>
> >>>>>>
> >>>>>>
> >>>>>>
> >>>>>>
> >>>>>>
> >>>>>>
> >>>>>>            --
> >>>>>>            Executive Director
> >>>>>>            OWASP Foundation
> >>>>>>
> >>>>>>            sarah.baso at owasp.org <mailto:sarah.baso at owasp.org>
> >>>>>>            +1.312.869.2779 <tel:%2B1.312.869.2779>
> >>>>>
> >>>>>
> >>>>>
> >>>>>    --
> >>>>>    Executive Director
> >>>>>    OWASP Foundation
> >>>>>
> >>>>>    sarah.baso at owasp.org <mailto:sarah.baso at owasp.org>
> >>>>>    +1.312.869.2779
> >>>>
> >>>>
> >>>>    --
> >>>>    German OWASP Board, Conference Chair AppSec EU 2013
> >>>>    http://appsec.eu/       |                 @appseceu
> >>>>    skype://drwetter.de     |      tel:+49-40-2442035-1
> >>>
> >>>
> >>> --
> >>> Mark
> >>> OWASP Boulder
> >>
> >>
> >> --
> >> German OWASP Board, Conference Chair AppSec EU 2013
> >> http://appsec.eu/       |                 @appseceu
> >> skype://drwetter.de     |      tel:+49-40-2442035-1
> >>
> > _______________________________________________
> > Owasp-board mailing list
> > Owasp-board at lists.owasp.org
> > https://lists.owasp.org/mailman/listinfo/owasp-board
> >
>
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20130622/8b838c53/attachment-0001.html>


More information about the OWASP-Leaders mailing list