[Owasp-leaders] OWASP Academy[Project Cancellation]

Tom Brennan - OWASP tomb at owasp.org
Tue Jul 19 18:15:09 UTC 2016


With another hat on coming from another non-profit that I work with, want
to point you to some free and open and on demand training courses

https://training.safecode.org/courses

Product Penetration Testing 101 </>

Injections 101: SQL and Beyond </>

Threat Modeling 101 </>

Secure Java Programming 101 </>

Introduction to Cryptography </>

Secure Memory Handling in C 101 </>

Cross Site Scripting (XSS) 101 </>

Auth 101: A Passwords Backgrounder for Everyone </>

DOH: Default, Obscure and Hidden Content for Everyone </>

An Introduction to Windows Access Controls </>

File Permissions 101: Linux and OS X </>

CSRF 101: Cross Site Request Forgery for Everyone </>

@John,  is this the type of thing you want to build?

OWASP already has content (unsorted btw) but it would not be to much work
to categorize 100 "training" presentations" and highlight them to the world.

Kudos to those that were able to contribute to the other OWASP effort:
 https://www.owasp.org/index.php/Education/Free_Training
<https://www.owasp.org/index.php/Education/Free_Training> and note on the
page there is even a stub for the coming soon training on demand page.

Keep in mind that OWASP Foundation set this as a strategic goal
<https://www.owasp.org/index.php/OWASP_Strategic_Goals> and what that means
simply is there is BUDGET allocated to making these goals happen for the
GLOBAL COMMUNITY (see budget:
https://docs.google.com/spreadsheets/d/1tCD2IDtDneI0ZzDeSBehXpaSzTantftUrp_b5YUWsVE/edit#gid=616181681
)

So let's take a fresh look at the actual issue

We have budget
We have content
We have alliances in the community
We have a AppSec scheduled (AppSecUSA)
We have a *new* community manager and *new* senior technical coordinator on
staff

Lots of positives.

Tom Brennan
GPG ID: DC6AA149 | Fingerprint: 12A6 9978 45BB 1562 C921  B228 BD0F D9C6
DC6A A
https://www.linkedin.com/in/tombrennan


On Tue, Jul 19, 2016 at 12:04 PM, johanna curiel curiel <
johanna.curiel at owasp.org> wrote:
> I spoke to John In private to understand the core of the problem
>
> John is one of the most amazing , active volunteers in Asia.
> The drive to teach and spread the word in Philippines Universities and
> educational sector has been incredible.
>
> What I enjoy is that he has reached a huge audience hungry for this
> knowledge and he is promoting OWASP name in Philippines.
>
> However, like many other chapters around the Globe, we don't have a sector
> or developed industry in security that is willing to sponsor these
> activities
> Getting sponsors is very difficult.
>
> I understand that John has real ambitions to set this system in a
> professional platform which already has +15 videos (all in english).
> GoTo Training does not seem to support what he needs. Coursera is only
 for
> University partners.
>
> He lacks funds to setup a professional platform like Teachable which fits
> with the requirements what he needs.
>
> Off course, getting content is not easy but so far he has done an amazing
> work getting those courses out there which OWASP does not even have.
>
> So this is what we propose:
>
> John wants to work on a platform that offers all the services that he
> requires to setup the classes for the free version.
> He wants financial support if this pilot succeeds but I think in order to
> make it succeed we need to:
>
> Set a timeline for the pilot: 6 months
>
> Set a realistic of the amount  of the courses available on the
platform:lets
> say there are 15, try to get at least within 6 months some 5 courses
>
>
> If he succeeds during this pilot, OWASP in exchange should:
>
> Support the project financially buying the platform with the condition
that
> he gets at least 2 courses every 6 months
> Help promote the project through OWASP conferences and chapters
>
>
> John: I'll help you set a request for this, if OWASP as foundation/org
> commits on these conditions or we negotiate others that accommodate to you
> and OWASP foundation then we can pull off the project.
>
>
> On Tue, Jul 19, 2016 at 11:34 AM, Nikola Milosevic
> <nikola.milosevic at owasp.org> wrote:
>>
>> What language was content supposed to be? I believe that if it is
English,
>> we can gather and create content of couple of courses. Although, I maybe
>> would try to go through Coursera or similar MOOC platform, than making
>> another, that people would need to register, etc. at this point. Since
you
>> said you wanted it local first, I see if there was supposed to be some
local
>> language, how that could be difficult.
>>
>> Pozdrav/Best regards,
>>
>> Nikola Milošević
>> OWASP Seraphimdroid project leader
>> nikola.milosevic at owasp.org
>> OWASP - Open Web Application Security Project
>> OWASP Seraphimdroid Project
>>
>> On Tue, Jul 19, 2016 at 4:30 PM, Claudia Casanovas
>> <claudia.aviles-casanovas at owasp.org> wrote:
>>>
>>> Johanna - Thank you for jumping to help.
>>>
>>> @John - How can we help you with the platform?  I have not seen any
>>> funding requests this year so far.
>>>
>>> Please let us know how we can help.
>>>
>>> On Tue, Jul 19, 2016 at 7:52 AM, johanna curiel curiel
>>> <johanna.curiel at owasp.org> wrote:
>>>>
>>>> >>Actually we are not focus in financial support, but it could help us
>>>> >> on the platform for Developments, Purchase a Domain and server Setup
>>>>
>>>> John, could you be more explicit on what are the needs of the project?
>>>> While you mention that financial is not the focus, correct me if I'm
>>>> wrong, what I understand is that you need to buy a domain and a
server? This
>>>> still means you need financial help ;-)
>>>>
>>>> >>I want to Repeat we don't need a huge amount of "fund"
>>>>
>>>> Again, the question is how much do you need and if OWASP can help
>>>> provide this financial aid. Projects can get up to USD500,
>>>>
>>>> did you received this funds?
>>>> were you able to get them?
>>>> Do you need more?
>>>>
>>>>
>>>> People cannot help you if they don't know what is what you need ;-)
>>>>
>>>>
>>>> On Tue, Jul 19, 2016 at 10:41 AM, John Patrick Lita
>>>> <john.patrick.lita at owasp.org> wrote:
>>>>>
>>>>> Actually we are not focus in financial support, but it could help us
on
>>>>> the platform for Developments, Purchase a Domain and server Setup,
but the
>>>>> most important is the content of the materials, this training platform
>>>>> doesn't need a huge amount of fund, the most basic needs of the
project.
>>>>>
>>>>> I want to Repeat we don't need a huge amount of "fund", Training
>>>>> materials is the most important on the project.
>>>>>
>>>>> thank you.
>>>>>
>>>>> John Patrick Lita
>>>>> Manager for cyber security and IT services
>>>>> OWASP Manila chapter chairman
>>>>> FB Page @OwaspManila
>>>>> https://www.owasp.org/index.php/Manila
>>>>>
>>>>>
>>>>> On Tue, Jul 19, 2016 at 8:24 PM, johanna curiel curiel
>>>>> <johanna.curiel at owasp.org> wrote:
>>>>>>
>>>>>> Hi John
>>>>>>
>>>>>> Could you let us now why the project was removed? I'm assuming is
>>>>>> because financially you could not support the project anymore.
>>>>>>
>>>>>> One of the major issues, for all projects, is feasibility, especially
>>>>>> when the projects requires some form of investment . Many people
come to
>>>>>> OWASP expecting financial support and up to certain level this is
provided
>>>>>> but very limited. Or you have to look for sponsors yourself.
>>>>>>
>>>>>> All projects were supposed to get USD500 but were you able to get
this
>>>>>> financial aid for your project?
>>>>>> Was this financial aid not enough?
>>>>>>
>>>>>> OWASP projects is an excellent platform to promote and connect with
>>>>>> people, but I have not see this as a major financial platform such as
>>>>>> grants. OWAPS does not have such platform to help projects at this
level and
>>>>>> the educational initiative so far has focused on very limited
activities
>>>>>> such as webinars using this new platform that was bought (Go
Training) or
>>>>>> activities in Chicago and other chapters in US.
>>>>>>
>>>>>> I took a personal initiative to connect Simon from ZAP with Linux
>>>>>> foundation, but hey, that was me , and so I can do with other Grant
>>>>>> initiatives but not all projects are ready for this and OWASP does
not have
>>>>>> the administration necessary to manage funds from the EU for
example.
>>>>>>
>>>>>> So if we want to help projects at this level this is the place were
it
>>>>>> needs to start: setting the right people to know how to manage grant
funds
>>>>>> and carry on the administration and auditing for this.
>>>>>>
>>>>>>  As long as that does not exist within OWASP , forget about getting
>>>>>> certain kind of funds such as Cyber research from EU.
>>>>>>
>>>>>> Were you able to get access to GoTraining? It is possible to move the
>>>>>> materials there if the staff provides you access to it.Question is,
if you
>>>>>> have time to do this but I think the GoTraining platform can support
the
>>>>>> OWASP Academy by setting up the materials such as videos and classes
over
>>>>>> there.
>>>>>>
>>>>>> Cheers
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> On Tue, Jul 19, 2016 at 3:23 AM, Andrew van der Stock
>>>>>> <vanderaj at owasp.org> wrote:
>>>>>>>
>>>>>>> Hi all
>>>>>>>
>>>>>>> OWASP Education is one of our strategic goals. I'm sad to see this
go
>>>>>>> by the wayside. It's not the first time such a thing has happened,
and
>>>>>>> unless we fix the fundamentals of OWASP Education, it will not be
the last.
>>>>>>> I'm determined to create a self-sustaining education platform that
advances
>>>>>>> OWASP's mission.
>>>>>>>
>>>>>>> @JP and Munir, please work with Claudia and Tiffany (cc'd) to get
all
>>>>>>> donated materials into our forthcoming education platform, which is
coming
>>>>>>> along.
>>>>>>>
>>>>>>> We should not lose donated materials (again!) because this
particular
>>>>>>> platform is not working. If you want to be involved in the new
platform,
>>>>>>> please let us know so that we can make a success of it. I had the
ASVS
>>>>>>> training materials recorded, and will be up on our new training
platform as
>>>>>>> soon as it is ready, or OWASP's YouTube channel, whichever comes
first.
>>>>>>>
>>>>>>> thanks
>>>>>>> Andrew
>>>>>>>
>>>>>>>
>>>>>>> On Tue, Jul 19, 2016 at 4:00 PM, Munir Njiru <munir.njiru at owasp.org>
>>>>>>> wrote:
>>>>>>>>
>>>>>>>> Sad to see this project go . we have a lot of content developed
>>>>>>>> towards it :(
>>>>>>>>
>>>>>>>> Munir Njenga,
>>>>>>>> OWASP Chapter Leader (Kenya) || Information Security Consultant ||
>>>>>>>> Developer
>>>>>>>> Mob   (KE) +254 (0) 734960670
>>>>>>>>
>>>>>>>> =============================
>>>>>>>> Chapter Page: www.owasp.org/index.php/Kenya
>>>>>>>> Project Site:
>>>>>>>> http://alienwithin.github.io/OWASP-mth3l3m3nt-framework/
>>>>>>>> Email: munir.njiru at owasp.org
>>>>>>>> Facebook: https://www.facebook.com/OWASP.Kenya
>>>>>>>> Mailing List: https://lists.owasp.org/mailman/listinfo/owasp-Kenya
>>>>>>>>
>>>>>>>>
>>>>>>>> On Mon, Jul 18, 2016 at 5:32 PM, John Patrick Lita
>>>>>>>> <john.patrick.lita at owasp.org> wrote:
>>>>>>>>>
>>>>>>>>> Good day to All,
>>>>>>>>>
>>>>>>>>> As we started the project OWASP Online Academy (
>>>>>>>>> https://owasponlineacademy.zenler.com ), we sad to say that the
project will
>>>>>>>>> be cancelled and remove on the internet,
>>>>>>>>> We have so many instructors who likes to give time on the platform
>>>>>>>>> once the project supported and funded by the foundation, but the
project
>>>>>>>>> development is already done and it been around for one year
without any
>>>>>>>>> comments and feedback.
>>>>>>>>>
>>>>>>>>> we would like give thanks those who show their support and give
>>>>>>>>> time to upload a demo video on the site, as we want to initiate
this project
>>>>>>>>> world wide, provide a reach out all types of learners and seekers
to improve
>>>>>>>>> their skills, enhance their knowledge in awareness.
>>>>>>>>>
>>>>>>>>> i decided to have this project locally here in Philippines
(Tagalog
>>>>>>>>> Language) and this can be possible and do-able and this will be
available on
>>>>>>>>> youtube channel of OWASP Manila.  As the Project leader of OWASP
Academy i
>>>>>>>>> hope someday, someone ca do this project successfully. thank you.
>>>>>>>>>
>>>>>>>>> Regards!
>>>>>>>>> John Patrick Lita
>>>>>>>>> Manager for cyber security and IT services
>>>>>>>>> OWASP Manila chapter chairman
>>>>>>>>> FB Page @OwaspManila
>>>>>>>>> https://www.owasp.org/index.php/Manila
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> _______________________________________________
>>>>>>>>> OWASP-Leaders mailing list
>>>>>>>>> OWASP-Leaders at lists.owasp.org
>>>>>>>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> _______________________________________________
>>>>>>>> OWASP-Leaders mailing list
>>>>>>>> OWASP-Leaders at lists.owasp.org
>>>>>>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> _______________________________________________
>>>>>>> OWASP-Leaders mailing list
>>>>>>> OWASP-Leaders at lists.owasp.org
>>>>>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> --
>>>>>> Johanna Curiel
>>>>>> OWASP Volunteer
>>>>>
>>>>>
>>>>
>>>>
>>>>
>>>> --
>>>> Johanna Curiel
>>>> OWASP Volunteer
>>>>
>>>> _______________________________________________
>>>> OWASP-Leaders mailing list
>>>> OWASP-Leaders at lists.owasp.org
>>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>>
>>>
>>>
>>>
>>> --
>>>
>>>
>>> Claudia Aviles-Casanovas
>>> Project Coordinator
>>> Phone:973-288-1697
>>>
>>> _______________________________________________
>>> OWASP-Leaders mailing list
>>> OWASP-Leaders at lists.owasp.org
>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>
>>
>
>
>
> --
> Johanna Curiel
> OWASP Volunteer
>
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>

-- 
The information contained in this message and any attachments may be 
privileged, confidential, proprietary or otherwise protected from 
disclosure. If you, the reader of this message, are not the intended 
recipient, you are hereby notified that any dissemination, distribution, 
copying or use of this message and any attachment is strictly prohibited. 
If you have received this message in error, please notify the sender 
immediately by replying to the message, permanently delete it from your 
computer and destroy any printout.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20160719/75bfbcb0/attachment-0001.html>


More information about the OWASP-Leaders mailing list