[Owasp-leaders] TRAINING

johanna curiel curiel johanna.curiel at owasp.org
Tue Apr 12 09:39:07 UTC 2016


>>Login to the chapter.leader at owasp.org gotomeeting account and you would
have had it a week ago

I'm confused by your message. Obviously I didn't go to this meeting, if
this is what you are referring. I even didn't know this email existed.


I requested access through the contact form to Kate

I received a lot of unclear answers except the credentials, but I hope that
I'm clear, all I'm asking is the username + password to login



On Tue, Apr 12, 2016 at 5:35 AM, Tom Brennan <tomb at proactiverisk.com> wrote:

> Login to the chapter.leader at owasp.org gotomeeting account and you would
> have had it a week ago
>
>
>
>
>
> On Apr 12, 2016, at 5:19 AM, johanna curiel curiel <
> johanna.curiel at owasp.org> wrote:
>
> >>Since OWASP is AGILE the minimum viable product (MVP) is now LIVE.
>
> Tom, AGILE
> <http://www.dummies.com/how-to/content/agile-project-management-for-dummies-cheat-sheet.html>
> doesn't mean that there no execution plan behind.
>
> Right now all there is 1 shared account in the GoToTraining 'available' (I
> have not yet received any credentials to log in). This is by no definition
> a 'sprint.'I have been a developer for 16 years, my major work right now is
> about patching insecure applications for the dutch gov, and I have been
> working with agile/scrum for about 5 years.
>
> It means the execution plan is cut down through sprints. Right now there
> are no 'sprints' , there is no plan on what will be produced.
>
> Thats ok, as long access can be provided to the platform which I still do
> not have.
>
> And I need is access to create the tests and the interactive materials.
> IF, it is expected that I give a training same format as GoToWebinaar, I do
> not need GoToTraining, then I use Google Hangouts. What interest me in this
> platform is the interactive tests, but this need to be created before
> providing the training.
>
> You mentioned 2 requirements, I filled them all
> a)I I have been a major contributor of the Coe Review project for the .NET
> section
> b)All the materials I'm planning to create are for free
>
> STEP 1: provide access to the project leaders, like me, asking for it ;-P
>
> *18 emails later, + more than 1 week later, my question is and keeps on
> being: Can I get access?*
>
> On Mon, Apr 11, 2016 at 10:16 PM, Tom Brennan - OWASP <tomb at owasp.org>
> wrote:
>
>> Since OWASP is AGILE the minimum viable product (MVP) is now LIVE.
>>
>> https://www.owasp.org/index.php/Education/Free_Training  note the update
>> and link to the new page
>>
>> With a desire, materials and delivery tool now in place and operational,
>> next is a small team who want to experiment
>>
>> I might suggest that the requirements are
>>
>> a) OWASP Project
>> b) OWASP Training that is with open-materials only
>>
>> If you can meet those requirements you can unlock and use the tool
>>
>> On this thread we touched on APPSEC Events and charging for training....
>> well here is my 2 cents on that.  At Global AppSec events, local events and
>> even chapter trainings we have seen people deliver training with a 60/40
>> split. So for those that are looking at the elephant in the room (money)
>> and asking how can this scale...   That same could be TRUE for training at
>> OWASP in the FUTURE as a FREE value to members delivered by live
>> instructors OR a cost as example $50usd (annual membership) to others.
>> Another item would be to have project leaders provide project training for
>> their project if we are collecting the metrics from visitors of who would
>> like a training class.
>>
>> For now, we just need to put a few OWASP'ers together that really desire *to
>> raise visibility for software security* and sprint on it... sprint 2 and
>> 3 would refine it and implement a workflow to manage it and if wildly
>> successful and we need an administrator to administrate all the extra work
>> it creates, then OWASP can hire that person... and make a more useful OWASP
>> Foundation to the WORLD outside the forest.
>>
>> Brennan
>>
>>
>>
>>
>> On Sun, Apr 10, 2016 at 12:30 PM, johanna curiel curiel <
>> johanna.curiel at owasp.org> wrote:
>> >
>> > >>First, do we want to do a training platform as we do at the
>> conferences? This would be easier, as OWASP would be facilitator, less
>> overhead.
>> >
>> > Agree. It's about providing a platform to educate about security. We do
>> not need to provide certificates or scores, but I think some automated
>> tests for people to evaluate their knowledge is a nice to have.
>> >
>> > >>Another though,  do we want to risk becoming a competitor with
>> sponsoring  organisations?
>> > Definitely not and given the actual resources, we cannot even aspire to
>> compete, but we can provide some free training materials on subjects such
>> as how to secure applications in a given language for example. Think of a
>> format like 'coursera' without the certificate but with the ability to
>> provide tests and interactive materials. This is possible in the
>> GoToTraining platform.That is the cool aspect of this platform.
>> >
>> > >> it is OWASP provided trainings‎, this is more complicated and I
>> doubt is OWASP is ready / mature enough doing so. More overhead and
>> dedicated resources needed.
>> >
>> > This is a concerning point. So far I understood, the GoTraining
>> platform was acquired as a 'pilot' project to experiment with trainings. It
>> has no clear execution plan behind. To work without clear objectives to
>> reach a goal , the chances are high that it wont succeed. I think we are
>> trying to launch way too often initiatives without an execution plan, and
>> this is , a waste of time and resources if we keep on doing this.
>> >
>> > @Eoin
>> >
>> > >>I'm Certainly happy to train new trainers..I'm sure others are also..
>> This initiative shall require funding and coordination.
>> >
>> > Agree. If I set a plan to:
>> >
>> > Set a group of experienced trainers and group of rookie trainers
>> willing to commit
>> > Create a list of tasks on how can the experienced ones train rookies
>> > Create a list of courses that rookies and experience trainers are
>> willing to provide
>> > Set a budget that will support these activities
>> > Submit this for approval to the board
>> >
>> > End results goals:
>> >
>> > A series of training materials similar to coursera or khan academy,
>> interactive and high quality into the GoTraining platform
>> > A series of training materials that could be also be provided during
>> appsec training but with our own team of trainers.
>> > 100% owasp produced materials
>> >
>> > If you (Eoin and others experienced trainers) are willing to stand
>> behind this plan, I"ll be very glad to help coordinate it and ask for a
>> budget and approval.
>> >
>> > Cheers
>> >
>> > Johanna
>> >
>> >
>> >
>> >
>> > On Sun, Apr 10, 2016 at 10:53 AM, Martin Knobloch <
>> martin.knobloch at owasp.org> wrote:
>> >>
>> >> ‎All,
>> >>
>> >> In my life, the problem is bigger than that.
>> >> First, do we want to do a training platform as we do at the
>> conferences? This would be easier, as OWASP would be facilitator, less
>> overhead.
>> >> Kate has proposed this years ago. Problem is keeping scores and
>> evaluations. Questions able what info to share publicly and what not.
>> >>
>> >> If it is OWASP provided trainings‎, this is more complicated and I
>> doubt is OWASP is ready / mature enough doing so. More overhead and
>> dedicated resources needed.
>> >> Another though,  do we want to risk becoming a competitor with
>> sponsoring  organisations?
>> >>
>> >> -martin
>> >>
>> >>
>> >>
>> >> From: Eoin Keary
>> >> Sent: zondag 10 april 2016 15:51
>> >> To: johanna curiel curiel
>> >> Cc: owasp-leaders at lists.owasp.org
>> >> Subject: Re: [Owasp-leaders] TRAINING
>> >>
>> >> I'm Certainly happy to train new trainers.
>> >> I'm sure others are also.
>> >> This initiative shall require funding and coordination.
>> >>
>> >> When we deliver free training a novice trainer also  delivers
>> alongside the experienced instructor.  SANS for example do similar to
>> this.  I did this also many years ago to develop internal champions for a
>> global Corp. it works.
>> >>
>> >>
>> >> Eoin Keary
>> >> OWASP Volunteer
>> >> @eoinkeary
>> >>
>> >>
>> >>
>> >> On 9 Apr 2016, at 19:24, johanna curiel curiel <
>> johanna.curiel at owasp.org> wrote:
>> >>
>> >> Eoin
>> >>
>> >> So, the first step is to get those 'experience trainers' 'train' the
>> 'rookie-trainers'
>> >>
>> >> If this is the case we will need:
>> >>
>> >> Experienced Trainers willing to provide training
>> >> Create a format on how to deliver quality training
>> >>
>> >>
>> >> Are you willing to help the rookies?
>> >>
>> >> If this is the case then the Experienced ones needs to provide
>> training to the rookies
>> >> Experienced ones can provide training through the GoTraining platform
>> >>
>> >> My questions to those experience ones:
>> >> Who is willing to volunteer?
>> >> If you are experience and want to help, please respond to this email
>> with 'I do'.
>> >>
>> >> If we have no experienced trainers willing to help , then rookies will
>> have to look for other alternatives
>> >>
>> >> Otherwise people, we `keep on suggesting  initiatives that leads to no
>> where...
>> >>
>> >>
>> >>
>> >> On Sat, Apr 9, 2016 at 11:11 AM, Eoin Keary <eoin.keary at owasp.org>
>> wrote:
>> >>>
>> >>> I suggested this before....but a train the trainer programme
>> delivered by experienced trainers could grow the free training capability
>> and quality of OWASP.
>> >>>
>> >>>
>> >>> Eoin Keary
>> >>> OWASP Volunteer
>> >>> @eoinkeary
>> >>>
>> >>>
>> >>>
>> >>> On 9 Apr 2016, at 02:56, John Patrick Lita <
>> john.patrick.lita at owasp.org> wrote:
>> >>>
>> >>> Hi Tom
>> >>>
>> >>> This is very useful for those who cannot attend the AppSec
>> Conference, but creating an online training is a very challenging and need
>> a lot of time :) if we can have a Practical Training and Management
>> training that would be great! technical Track and management tracks.
>> >>>
>> >>> let try to make 5-10 training videos and lets see what is the
>> feedback.
>> >>>
>> >>> On Fri, Apr 8, 2016 at 11:52 AM, johanna curiel curiel <
>> johanna.curiel at owasp.org> wrote:
>> >>>>
>> >>>> Hi Tom
>> >>>>
>> >>>> A week ago I had contact with Kate regarding creating a training inn
>> the OWASP GoTraining platform.
>> >>>>
>> >>>> We exchanged some emails, however I'm awaiting access to the
>> Training platform since a week ago.
>> >>>>
>> >>>> How can we make sure that volunteers can actually make use of
>> resources if available in order to move forward with these plans?
>> >>>>
>> >>>> Cheers
>> >>>>
>> >>>> Johanna
>> >>>>
>> >>>> On Fri, Apr 8, 2016 at 2:15 PM, Tom Brennan - OWASP <tomb at owasp.org>
>> wrote:
>> >>>>>
>> >>>>> There's been discussion around training programs aligned with
>> strategic goals https://www.owasp.org/index.php/OWASP_Strategic_Goals
>> locally and globally.
>> >>>>>
>> >>>>> There are multiple data inputs that influence a investment in this
>> area.
>> >>>>>
>> >>>>> Please take two minutes and answer the following short
>> multiple-choice survey to capture anonymous metric data to assist further
>> in this process
>> >>>>>
>> >>>>> Survey
>> >>>>> http://goo.gl/forms/nPzqACi0e9 <--- Google survey link
>> >>>>>
>> >>>>> Thank you in advance.
>> >>>>>
>> >>>>> Additional training references
>> >>>>> https://www.owasp.org/index.php/OWASP_Training
>> >>>>>
>> >>>>> https://www.owasp.org/index.php/Education/Free_Training
>> >>>>>
>> >>>>> https://www.owasp.org/index.php/Category:OWASP_Video
>> >>>>>
>> >>>>>
>> >>>>>
>> >>>>>
>> >>>>>
>> >>>>> The information contained in this message and any attachments may
>> be privileged, confidential, proprietary or otherwise protected from
>> disclosure. If you, the reader of this message, are not the intended
>> recipient, you are hereby notified that any dissemination, distribution,
>> copying or use of this message and any attachment is strictly prohibited.
>> If you have received this message in error, please notify the sender
>> immediately by replying to the message, permanently delete it from your
>> computer and destroy any printout.
>> >>>>> _______________________________________________
>> >>>>> OWASP-Leaders mailing list
>> >>>>> OWASP-Leaders at lists.owasp.org
>> >>>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>> >>>>>
>> >>>>
>> >>>>
>> >>>>
>> >>>> --
>> >>>> Johanna Curiel
>> >>>> OWASP Volunteer
>> >>>>
>> >>>> _______________________________________________
>> >>>> OWASP-Leaders mailing list
>> >>>> OWASP-Leaders at lists.owasp.org
>> >>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>> >>>>
>> >>>
>> >>>
>> >>>
>> >>> --
>> >>> Best Regrads
>> >>> John Patrick Lita
>> >>> InfoSec Consultant | Instructor | Chapter Leader OWASP Manila
>> >>> FB Page @OwaspManila
>> >>> https://www.owasp.org/index.php/Manila
>> >>>
>> >>> _______________________________________________
>> >>> OWASP-Leaders mailing list
>> >>> OWASP-Leaders at lists.owasp.org
>> >>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>> >>
>> >>
>> >>
>> >>
>> >> --
>> >> Johanna Curiel
>> >> OWASP Volunteer
>> >>
>> >>
>> >
>> >
>> >
>> > --
>> > Johanna Curiel
>> > OWASP Volunteer
>> >
>> > _______________________________________________
>> > OWASP-Leaders mailing list
>> > OWASP-Leaders at lists.owasp.org
>> > https://lists.owasp.org/mailman/listinfo/owasp-leaders
>> >
>>
>> The information contained in this message and any attachments may be
>> privileged, confidential, proprietary or otherwise protected from
>> disclosure. If you, the reader of this message, are not the intended
>> recipient, you are hereby notified that any dissemination, distribution,
>> copying or use of this message and any attachment is strictly prohibited.
>> If you have received this message in error, please notify the sender
>> immediately by replying to the message, permanently delete it from your
>> computer and destroy any printout.
>>
>
>
>
> --
> Johanna Curiel
> OWASP Volunteer
>
>
>
> The information contained in this message and any attachments may be
> privileged, confidential, proprietary or otherwise protected from
> disclosure. If you, the reader of this message, are not the intended
> recipient, you are hereby notified that any dissemination, distribution,
> copying or use of this message and any attachment is strictly prohibited.
> If you have received this message in error, please notify the sender
> immediately by replying to the message, permanently delete it from your
> computer and destroy any printout.
>



-- 
Johanna Curiel
OWASP Volunteer
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20160412/1ce48d15/attachment-0001.html>


More information about the OWASP-Leaders mailing list