[Owasp-leaders] OWASP Academy[Project Cancellation]

johanna curiel curiel johanna.curiel at owasp.org
Tue Jul 19 18:41:20 UTC 2016


John

I submitted a request for funding in your name here:

On Tue, Jul 19, 2016 at 2:35 PM, johanna curiel curiel <
johanna.curiel at owasp.org> wrote:

> >>We have a *new* community manager and *new* senior technical coordinator
> on staff
>
> I don't remember anyone announcing the new technical coordinator staff
> I think is Matt Tesauro right? Our admin?
>
> Will he still be the admin of OWASP infra?
>
> Will he be working full time or part-time?
>
> When will he start?
>
> On Tue, Jul 19, 2016 at 2:15 PM, Tom Brennan - OWASP <tomb at owasp.org>
> wrote:
>
>> With another hat on coming from another non-profit that I work with, want
>> to point you to some free and open and on demand training courses
>>
>> https://training.safecode.org/courses
>>
>> Product Penetration Testing 101 <http:///>
>>
>> Injections 101: SQL and Beyond <http:///>
>>
>> Threat Modeling 101 <http:///>
>>
>> Secure Java Programming 101 <http:///>
>>
>> Introduction to Cryptography <http:///>
>>
>> Secure Memory Handling in C 101 <http:///>
>>
>> Cross Site Scripting (XSS) 101 <http:///>
>>
>> Auth 101: A Passwords Backgrounder for Everyone <http:///>
>>
>> DOH: Default, Obscure and Hidden Content for Everyone <http:///>
>>
>> An Introduction to Windows Access Controls <http:///>
>>
>> File Permissions 101: Linux and OS X <http:///>
>>
>> CSRF 101: Cross Site Request Forgery for Everyone <http:///>
>>
>> @John,  is this the type of thing you want to build?
>>
>> OWASP already has content (unsorted btw) but it would not be to much work
>> to categorize 100 "training" presentations" and highlight them to the world.
>>
>> Kudos to those that were able to contribute to the other OWASP effort:
>>  https://www.owasp.org/index.php/Education/Free_Training
>> <https://www.owasp.org/index.php/Education/Free_Training> and note on
>> the page there is even a stub for the coming soon training on demand page.
>>
>> Keep in mind that OWASP Foundation set this as a strategic goal
>> <https://www.owasp.org/index.php/OWASP_Strategic_Goals> and what that
>> means simply is there is BUDGET allocated to making these goals happen for
>> the GLOBAL COMMUNITY (see budget:
>> https://docs.google.com/spreadsheets/d/1tCD2IDtDneI0ZzDeSBehXpaSzTantftUrp_b5YUWsVE/edit#gid=616181681
>> )
>>
>> So let's take a fresh look at the actual issue
>>
>> We have budget
>> We have content
>> We have alliances in the community
>> We have a AppSec scheduled (AppSecUSA)
>> We have a *new* community manager and *new* senior technical coordinator
>> on staff
>>
>> Lots of positives.
>>
>> Tom Brennan
>> GPG ID: DC6AA149 | Fingerprint: 12A6 9978 45BB 1562 C921  B228 BD0F D9C6
>> DC6A A
>> https://www.linkedin.com/in/tombrennan
>>
>>
>>
>> On Tue, Jul 19, 2016 at 12:04 PM, johanna curiel curiel <
>> johanna.curiel at owasp.org> wrote:
>> > I spoke to John In private to understand the core of the problem
>> >
>> > John is one of the most amazing , active volunteers in Asia.
>> > The drive to teach and spread the word in Philippines Universities and
>> > educational sector has been incredible.
>> >
>> > What I enjoy is that he has reached a huge audience hungry for this
>> > knowledge and he is promoting OWASP name in Philippines.
>> >
>> > However, like many other chapters around the Globe, we don't have a
>> sector
>> > or developed industry in security that is willing to sponsor these
>> > activities
>> > Getting sponsors is very difficult.
>> >
>> > I understand that John has real ambitions to set this system in a
>> > professional platform which already has +15 videos (all in english).
>> > GoTo Training does not seem to support what he needs. Coursera is only
>>  for
>> > University partners.
>> >
>> > He lacks funds to setup a professional platform like Teachable which
>> fits
>> > with the requirements what he needs.
>> >
>> > Off course, getting content is not easy but so far he has done an
>> amazing
>> > work getting those courses out there which OWASP does not even have.
>> >
>> > So this is what we propose:
>> >
>> > John wants to work on a platform that offers all the services that he
>> > requires to setup the classes for the free version.
>> > He wants financial support if this pilot succeeds but I think in order
>> to
>> > make it succeed we need to:
>> >
>> > Set a timeline for the pilot: 6 months
>> >
>> > Set a realistic of the amount  of the courses available on the
>> platform:lets
>> > say there are 15, try to get at least within 6 months some 5 courses
>> >
>> >
>> > If he succeeds during this pilot, OWASP in exchange should:
>> >
>> > Support the project financially buying the platform with the condition
>> that
>> > he gets at least 2 courses every 6 months
>> > Help promote the project through OWASP conferences and chapters
>> >
>> >
>> > John: I'll help you set a request for this, if OWASP as foundation/org
>> > commits on these conditions or we negotiate others that accommodate to
>> you
>> > and OWASP foundation then we can pull off the project.
>> >
>> >
>> > On Tue, Jul 19, 2016 at 11:34 AM, Nikola Milosevic
>> > <nikola.milosevic at owasp.org> wrote:
>> >>
>> >> What language was content supposed to be? I believe that if it is
>> English,
>> >> we can gather and create content of couple of courses. Although, I
>> maybe
>> >> would try to go through Coursera or similar MOOC platform, than making
>> >> another, that people would need to register, etc. at this point. Since
>> you
>> >> said you wanted it local first, I see if there was supposed to be some
>> local
>> >> language, how that could be difficult.
>> >>
>> >> Pozdrav/Best regards,
>> >>
>> >> Nikola Milošević
>> >> OWASP Seraphimdroid project leader
>> >> nikola.milosevic at owasp.org
>> >> OWASP - Open Web Application Security Project
>> >> OWASP Seraphimdroid Project
>> >>
>> >> On Tue, Jul 19, 2016 at 4:30 PM, Claudia Casanovas
>> >> <claudia.aviles-casanovas at owasp.org> wrote:
>> >>>
>> >>> Johanna - Thank you for jumping to help.
>> >>>
>> >>> @John - How can we help you with the platform?  I have not seen any
>> >>> funding requests this year so far.
>> >>>
>> >>> Please let us know how we can help.
>> >>>
>> >>> On Tue, Jul 19, 2016 at 7:52 AM, johanna curiel curiel
>> >>> <johanna.curiel at owasp.org> wrote:
>> >>>>
>> >>>> >>Actually we are not focus in financial support, but it could help
>> us
>> >>>> >> on the platform for Developments, Purchase a Domain and server
>> Setup
>> >>>>
>> >>>> John, could you be more explicit on what are the needs of the
>> project?
>> >>>> While you mention that financial is not the focus, correct me if I'm
>> >>>> wrong, what I understand is that you need to buy a domain and a
>> server? This
>> >>>> still means you need financial help ;-)
>> >>>>
>> >>>> >>I want to Repeat we don't need a huge amount of "fund"
>> >>>>
>> >>>> Again, the question is how much do you need and if OWASP can help
>> >>>> provide this financial aid. Projects can get up to USD500,
>> >>>>
>> >>>> did you received this funds?
>> >>>> were you able to get them?
>> >>>> Do you need more?
>> >>>>
>> >>>>
>> >>>> People cannot help you if they don't know what is what you need ;-)
>> >>>>
>> >>>>
>> >>>> On Tue, Jul 19, 2016 at 10:41 AM, John Patrick Lita
>> >>>> <john.patrick.lita at owasp.org> wrote:
>> >>>>>
>> >>>>> Actually we are not focus in financial support, but it could help
>> us on
>> >>>>> the platform for Developments, Purchase a Domain and server Setup,
>> but the
>> >>>>> most important is the content of the materials, this training
>> platform
>> >>>>> doesn't need a huge amount of fund, the most basic needs of the
>> project.
>> >>>>>
>> >>>>> I want to Repeat we don't need a huge amount of "fund", Training
>> >>>>> materials is the most important on the project.
>> >>>>>
>> >>>>> thank you.
>> >>>>>
>> >>>>> John Patrick Lita
>> >>>>> Manager for cyber security and IT services
>> >>>>> OWASP Manila chapter chairman
>> >>>>> FB Page @OwaspManila
>> >>>>> https://www.owasp.org/index.php/Manila
>> >>>>>
>> >>>>>
>> >>>>> On Tue, Jul 19, 2016 at 8:24 PM, johanna curiel curiel
>> >>>>> <johanna.curiel at owasp.org> wrote:
>> >>>>>>
>> >>>>>> Hi John
>> >>>>>>
>> >>>>>> Could you let us now why the project was removed? I'm assuming is
>> >>>>>> because financially you could not support the project anymore.
>> >>>>>>
>> >>>>>> One of the major issues, for all projects, is feasibility,
>> especially
>> >>>>>> when the projects requires some form of investment . Many people
>> come to
>> >>>>>> OWASP expecting financial support and up to certain level this is
>> provided
>> >>>>>> but very limited. Or you have to look for sponsors yourself.
>> >>>>>>
>> >>>>>> All projects were supposed to get USD500 but were you able to get
>> this
>> >>>>>> financial aid for your project?
>> >>>>>> Was this financial aid not enough?
>> >>>>>>
>> >>>>>> OWASP projects is an excellent platform to promote and connect with
>> >>>>>> people, but I have not see this as a major financial platform such
>> as
>> >>>>>> grants. OWAPS does not have such platform to help projects at this
>> level and
>> >>>>>> the educational initiative so far has focused on very limited
>> activities
>> >>>>>> such as webinars using this new platform that was bought (Go
>> Training) or
>> >>>>>> activities in Chicago and other chapters in US.
>> >>>>>>
>> >>>>>> I took a personal initiative to connect Simon from ZAP with Linux
>> >>>>>> foundation, but hey, that was me , and so I can do with other Grant
>> >>>>>> initiatives but not all projects are ready for this and OWASP does
>> not have
>> >>>>>> the administration necessary to manage funds from the EU for
>> example.
>> >>>>>>
>> >>>>>> So if we want to help projects at this level this is the place
>> were it
>> >>>>>> needs to start: setting the right people to know how to manage
>> grant funds
>> >>>>>> and carry on the administration and auditing for this.
>> >>>>>>
>> >>>>>>  As long as that does not exist within OWASP , forget about getting
>> >>>>>> certain kind of funds such as Cyber research from EU.
>> >>>>>>
>> >>>>>> Were you able to get access to GoTraining? It is possible to move
>> the
>> >>>>>> materials there if the staff provides you access to it.Question
>> is, if you
>> >>>>>> have time to do this but I think the GoTraining platform can
>> support the
>> >>>>>> OWASP Academy by setting up the materials such as videos and
>> classes over
>> >>>>>> there.
>> >>>>>>
>> >>>>>> Cheers
>> >>>>>>
>> >>>>>>
>> >>>>>>
>> >>>>>>
>> >>>>>>
>> >>>>>> On Tue, Jul 19, 2016 at 3:23 AM, Andrew van der Stock
>> >>>>>> <vanderaj at owasp.org> wrote:
>> >>>>>>>
>> >>>>>>> Hi all
>> >>>>>>>
>> >>>>>>> OWASP Education is one of our strategic goals. I'm sad to see
>> this go
>> >>>>>>> by the wayside. It's not the first time such a thing has
>> happened, and
>> >>>>>>> unless we fix the fundamentals of OWASP Education, it will not be
>> the last.
>> >>>>>>> I'm determined to create a self-sustaining education platform
>> that advances
>> >>>>>>> OWASP's mission.
>> >>>>>>>
>> >>>>>>> @JP and Munir, please work with Claudia and Tiffany (cc'd) to get
>> all
>> >>>>>>> donated materials into our forthcoming education platform, which
>> is coming
>> >>>>>>> along.
>> >>>>>>>
>> >>>>>>> We should not lose donated materials (again!) because this
>> particular
>> >>>>>>> platform is not working. If you want to be involved in the new
>> platform,
>> >>>>>>> please let us know so that we can make a success of it. I had the
>> ASVS
>> >>>>>>> training materials recorded, and will be up on our new training
>> platform as
>> >>>>>>> soon as it is ready, or OWASP's YouTube channel, whichever comes
>> first.
>> >>>>>>>
>> >>>>>>> thanks
>> >>>>>>> Andrew
>> >>>>>>>
>> >>>>>>>
>> >>>>>>> On Tue, Jul 19, 2016 at 4:00 PM, Munir Njiru <
>> munir.njiru at owasp.org>
>> >>>>>>> wrote:
>> >>>>>>>>
>> >>>>>>>> Sad to see this project go . we have a lot of content developed
>> >>>>>>>> towards it :(
>> >>>>>>>>
>> >>>>>>>> Munir Njenga,
>> >>>>>>>> OWASP Chapter Leader (Kenya) || Information Security Consultant
>> ||
>> >>>>>>>> Developer
>> >>>>>>>> Mob   (KE) +254 (0) 734960670
>> >>>>>>>>
>> >>>>>>>> =============================
>> >>>>>>>> Chapter Page: www.owasp.org/index.php/Kenya
>> >>>>>>>> Project Site:
>> >>>>>>>> http://alienwithin.github.io/OWASP-mth3l3m3nt-framework/
>> >>>>>>>> Email: munir.njiru at owasp.org
>> >>>>>>>> Facebook: https://www.facebook.com/OWASP.Kenya
>> >>>>>>>> Mailing List:
>> https://lists.owasp.org/mailman/listinfo/owasp-Kenya
>> >>>>>>>>
>> >>>>>>>>
>> >>>>>>>> On Mon, Jul 18, 2016 at 5:32 PM, John Patrick Lita
>> >>>>>>>> <john.patrick.lita at owasp.org> wrote:
>> >>>>>>>>>
>> >>>>>>>>> Good day to All,
>> >>>>>>>>>
>> >>>>>>>>> As we started the project OWASP Online Academy (
>> >>>>>>>>> https://owasponlineacademy.zenler.com ), we sad to say that
>> the project will
>> >>>>>>>>> be cancelled and remove on the internet,
>> >>>>>>>>> We have so many instructors who likes to give time on the
>> platform
>> >>>>>>>>> once the project supported and funded by the foundation, but
>> the project
>> >>>>>>>>> development is already done and it been around for one year
>> without any
>> >>>>>>>>> comments and feedback.
>> >>>>>>>>>
>> >>>>>>>>> we would like give thanks those who show their support and give
>> >>>>>>>>> time to upload a demo video on the site, as we want to initiate
>> this project
>> >>>>>>>>> world wide, provide a reach out all types of learners and
>> seekers to improve
>> >>>>>>>>> their skills, enhance their knowledge in awareness.
>> >>>>>>>>>
>> >>>>>>>>> i decided to have this project locally here in Philippines
>> (Tagalog
>> >>>>>>>>> Language) and this can be possible and do-able and this will be
>> available on
>> >>>>>>>>> youtube channel of OWASP Manila.  As the Project leader of
>> OWASP Academy i
>> >>>>>>>>> hope someday, someone ca do this project successfully. thank
>> you.
>> >>>>>>>>>
>> >>>>>>>>> Regards!
>> >>>>>>>>> John Patrick Lita
>> >>>>>>>>> Manager for cyber security and IT services
>> >>>>>>>>> OWASP Manila chapter chairman
>> >>>>>>>>> FB Page @OwaspManila
>> >>>>>>>>> https://www.owasp.org/index.php/Manila
>> >>>>>>>>>
>> >>>>>>>>>
>> >>>>>>>>> _______________________________________________
>> >>>>>>>>> OWASP-Leaders mailing list
>> >>>>>>>>> OWASP-Leaders at lists.owasp.org
>> >>>>>>>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>> >>>>>>>>>
>> >>>>>>>>
>> >>>>>>>>
>> >>>>>>>> _______________________________________________
>> >>>>>>>> OWASP-Leaders mailing list
>> >>>>>>>> OWASP-Leaders at lists.owasp.org
>> >>>>>>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>> >>>>>>>>
>> >>>>>>>
>> >>>>>>>
>> >>>>>>> _______________________________________________
>> >>>>>>> OWASP-Leaders mailing list
>> >>>>>>> OWASP-Leaders at lists.owasp.org
>> >>>>>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>> >>>>>>>
>> >>>>>>
>> >>>>>>
>> >>>>>>
>> >>>>>> --
>> >>>>>> Johanna Curiel
>> >>>>>> OWASP Volunteer
>> >>>>>
>> >>>>>
>> >>>>
>> >>>>
>> >>>>
>> >>>> --
>> >>>> Johanna Curiel
>> >>>> OWASP Volunteer
>> >>>>
>> >>>> _______________________________________________
>> >>>> OWASP-Leaders mailing list
>> >>>> OWASP-Leaders at lists.owasp.org
>> >>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>> >>>>
>> >>>
>> >>>
>> >>>
>> >>> --
>> >>>
>> >>>
>> >>> Claudia Aviles-Casanovas
>> >>> Project Coordinator
>> >>> Phone:973-288-1697
>> >>>
>> >>> _______________________________________________
>> >>> OWASP-Leaders mailing list
>> >>> OWASP-Leaders at lists.owasp.org
>> >>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>> >>>
>> >>
>> >
>> >
>> >
>> > --
>> > Johanna Curiel
>> > OWASP Volunteer
>> >
>> > _______________________________________________
>> > OWASP-Leaders mailing list
>> > OWASP-Leaders at lists.owasp.org
>> > https://lists.owasp.org/mailman/listinfo/owasp-leaders
>> >
>>
>>
>> The information contained in this message and any attachments may be
>> privileged, confidential, proprietary or otherwise protected from
>> disclosure. If you, the reader of this message, are not the intended
>> recipient, you are hereby notified that any dissemination, distribution,
>> copying or use of this message and any attachment is strictly prohibited.
>> If you have received this message in error, please notify the sender
>> immediately by replying to the message, permanently delete it from your
>> computer and destroy any printout.
>
>
>
>
> --
> Johanna Curiel
> OWASP Volunteer
>



-- 
Johanna Curiel
OWASP Volunteer
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20160719/32e677f6/attachment-0001.html>


More information about the OWASP-Leaders mailing list