johanna curiel curiel
johanna.curiel at owasp.org
Sun Apr 10 16:30:13 UTC 2016
>>First, do we want to do a training platform as we do at the conferences?
This would be easier, as OWASP would be facilitator, less overhead.
Agree. It's about providing a platform to educate about security. We do not
need to provide certificates or scores, but I think some automated tests
for people to evaluate their knowledge is a nice to have.
>>Another though, do we want to risk becoming a competitor with sponsoring
Definitely not and given the actual resources, we cannot even aspire to
compete, but we can provide some free training materials on subjects such
as how to secure applications in a given language for example. Think of a
format like 'coursera' without the certificate but with the ability to
provide tests and interactive materials. This is possible in the
GoToTraining platform.That is the cool aspect of this platform.
>> it is OWASP provided trainings, this is more complicated and I doubt is
OWASP is ready / mature enough doing so. More overhead and dedicated
This is a concerning point. So far I understood, the GoTraining platform
was acquired as a 'pilot' project to experiment with trainings. It has no
clear execution plan behind. To work without clear objectives to reach a
goal , the chances are high that it wont succeed. I think we are trying to
launch way too often initiatives without an execution plan, and this is , a
waste of time and resources if we keep on doing this.
>>I'm Certainly happy to train new trainers..I'm sure others are also..
This initiative shall require funding and coordination.
Agree. If I set a plan to:
- Set a group of experienced trainers and group of rookie trainers
willing to commit
- Create a list of tasks on how can the experienced ones train rookies
- Create a list of courses that rookies and experience trainers are
willing to provide
- Set a budget that will support these activities
- Submit this for approval to the board
End results goals:
- A series of training materials similar to coursera or khan academy,
interactive and high quality into the GoTraining platform
- A series of training materials that could be also be provided during
appsec training but with our own team of trainers.
- 100% owasp produced materials
If you (Eoin and others experienced trainers) are willing to stand behind
this plan, I"ll be very glad to help coordinate it and ask for a budget and
On Sun, Apr 10, 2016 at 10:53 AM, Martin Knobloch <martin.knobloch at owasp.org
> In my life, the problem is bigger than that.
> First, do we want to do a training platform as we do at the conferences?
> This would be easier, as OWASP would be facilitator, less overhead.
> Kate has proposed this years ago. Problem is keeping scores and
> evaluations. Questions able what info to share publicly and what not.
> If it is OWASP provided trainings, this is more complicated and I doubt
> is OWASP is ready / mature enough doing so. More overhead and dedicated
> resources needed.
> Another though, do we want to risk becoming a competitor with sponsoring
> *From: *Eoin Keary
> *Sent: *zondag 10 april 2016 15:51
> *To: *johanna curiel curiel
> *Cc: *owasp-leaders at lists.owasp.org
> *Subject: *Re: [Owasp-leaders] TRAINING
> I'm Certainly happy to train new trainers.
> I'm sure others are also.
> This initiative shall require funding and coordination.
> When we deliver free training a novice trainer also delivers alongside
> the experienced instructor. SANS for example do similar to this. I did
> this also many years ago to develop internal champions for a global Corp.
> it works.
> Eoin Keary
> OWASP Volunteer
> On 9 Apr 2016, at 19:24, johanna curiel curiel <johanna.curiel at owasp.org>
> So, the first step is to get those 'experience trainers' 'train' the
> If this is the case we will need:
> - Experienced Trainers willing to provide training
> - Create a format on how to deliver quality training
> Are you willing to help the rookies?
> If this is the case then the *Experienced* ones needs to provide training
> to the rookies
> *Experienced* ones can provide training through the GoTraining platform
> My questions to those experience ones:
> Who is willing to volunteer?
> If you are experience and want to help, please respond to this email with
> 'I do'.
> If we have no experienced trainers willing to help , then rookies will
> have to look for other alternatives
> Otherwise people, we `keep on suggesting initiatives that leads to no
> On Sat, Apr 9, 2016 at 11:11 AM, Eoin Keary <eoin.keary at owasp.org> wrote:
>> I suggested this before....but a train the trainer programme delivered by
>> experienced trainers could grow the free training capability and quality of
>> Eoin Keary
>> OWASP Volunteer
>> On 9 Apr 2016, at 02:56, John Patrick Lita <john.patrick.lita at owasp.org>
>> Hi Tom
>> This is very useful for those who cannot attend the AppSec Conference,
>> but creating an online training is a very challenging and need a lot of
>> time :) if we can have a Practical Training and Management training that
>> would be great! technical Track and management tracks.
>> let try to make 5-10 training videos and lets see what is the feedback.
>> On Fri, Apr 8, 2016 at 11:52 AM, johanna curiel curiel <
>> johanna.curiel at owasp.org> wrote:
>>> Hi Tom
>>> A week ago I had contact with Kate regarding creating a training inn the
>>> OWASP GoTraining platform.
>>> We exchanged some emails, however I'm awaiting access to the Training
>>> platform since a week ago.
>>> How can we make sure that volunteers can actually make use of resources
>>> if available in order to move forward with these plans?
>>> On Fri, Apr 8, 2016 at 2:15 PM, Tom Brennan - OWASP <tomb at owasp.org>
>>>> There's been discussion around training programs aligned with strategic
>>>> goals https://www.owasp.org/index.php/OWASP_Strategic_Goals locally
>>>> and globally.
>>>> There are multiple data inputs that influence a investment in this area.
>>>> Please take two minutes and answer the following short multiple-choice
>>>> survey to capture anonymous metric data to assist further in this process
>>>> http://goo.gl/forms/nPzqACi0e9 <--- Google survey link
>>>> Thank you in advance.
>>>> Additional training references
>>>> The information contained in this message and any attachments may be
>>>> privileged, confidential, proprietary or otherwise protected from
>>>> disclosure. If you, the reader of this message, are not the intended
>>>> recipient, you are hereby notified that any dissemination, distribution,
>>>> copying or use of this message and any attachment is strictly prohibited.
>>>> If you have received this message in error, please notify the sender
>>>> immediately by replying to the message, permanently delete it from your
>>>> computer and destroy any printout.
>>>> OWASP-Leaders mailing list
>>>> OWASP-Leaders at lists.owasp.org
>>> Johanna Curiel
>>> OWASP Volunteer
>>> OWASP-Leaders mailing list
>>> OWASP-Leaders at lists.owasp.org
>> Best Regrads
>> *John Patrick Lita *
>> InfoSec Consultant | Instructor | Chapter Leader OWASP Manila
>> FB Page @OwaspManila <https://www.facebook.com/OwaspManila>
>> OWASP-Leaders mailing list
>> OWASP-Leaders at lists.owasp.org
> Johanna Curiel
> OWASP Volunteer
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the OWASP-Leaders