[Owasp-leaders] European Software & Solution Summit 2015 messages #owaspateusss16
Timur 'x' Khrotko (owasp)
timur at owasp.org
Wed Mar 25 16:31:38 UTC 2015
Colleagues, I am at the European Software and Solution Summit I mentioned
earlier (ex ISV convention).
I was chatting here with participants who are generally the part of the IT
scene we -- correct me if I am wrong -- never reach out to: like ISV
directors, business consultants, representatives of the large IT vendors
responsible for their cooperation with ISVs, marketers of the cloud and
installation providers. My impression is that these different actors of the
IT scene are already prepared to hear about the importance of the
application security. Telling them about the risks at the application layer
makes them listen to the issue, and probably they will raise it the next
time they are at a table with devs. I guess a significant part of code the
security quality of which we are fighting for is produced by these code
manufacturers behind the ISV label.
As you may remember I am the guy who is obsessed with the idea that OWASP
has to actively develop its activities towards the business people in order
to more effectively serve the god of AppSec. )) I also keep saying that
security is already visible (see my above experience of today), let's find
a newschool slogan instead our classic one.
I approached the managing director of IT Europa with an idea to have a
desk/stand of OWASP at the event next year. (It would be more effective
than my self propelled pushing of the cause here). He was positive. Of
course they will be chasing their commercial interests for an extent and
not only support us out of pure altruism (eg. we may promote the event
among supporters of our meetings in Europe, tbd).
What do you think about this format of expanding our outreach and
influence? What alternative suggestions you have for that? What would be
the disposition of the UK/British chapters towards my idea?
I will visit the European Software & Solution Summit 2015 --
http://www.isvconvention.com/agenda.html -- next Wednesday. It's not a
technical gathering, it provides a platform for marketing speeches, but it
is a good opportunity to meet with a number of active ISV directors.
Officially I attend in my being of an OWASP chapter leader. I will try to
bring up the AppSec topic in face to face talks (and probably will have an
opportunity to speak more publicly).
What would be your message I may represent in my talks with ISV managers?
This message may contain confidential information - you should handle it
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the OWASP-Leaders