[Owasp-leaders] Guide for a new chapter

Sherif Mansour sherif.mansour at owasp.org
Sat Apr 15 10:42:50 UTC 2017

Hi Ade,

Sam and I have drawn up some useful docs for our speakers and our hosts
which might be helpful.
There some key tips though:

   - Keep it simple, find a lightweight process to manage your chapter. You
   can harness sites like Eventbrite to manage invites to events and use the
   OWASP chapter page + Email List, and social media (Twitter has been quite
   useful for us).
   - Find volunteers or another Chapter leader to help you: Simply put, its
   too much work for one person especially if its going to be on an ongoing
   basis, its best to find a like minded colleague and work together.
   - Re-use as much as you can. At the London Chapter we built a template
   for news-letter, intro presentations, and how to run an event for the hosts
   etc.. This way it becomes easier as time goes by (and not the other way
   - Build a community: So the other thing is to understand what the
   community needs, and try to give it to them, for example if there is a new
   trend of attacks, might be worth getting an expert to talk about it etc..
   If they want a hackathon try to run one, and you'll be surprised who will
   come out to help.
   - Be consistent: If you are able to deliver events or talks on a regular
   basis, and you do communicate it effectively, your community will grow. So
   make sure you have a maintainable pace otherwise you could burnout etc..

Please find attached a sample eventbrite post and the link to our OWASP
London page https://www.owasp.org/index.php/London

For hosting an event:
Make sure you have an agenda sent out ahead of time (see the eventbrite PDF
for example), and work with the host on how to run the event (Does the
event have the right audio visual setup, is there someone who checks
attendee names etc.., making sure the event ends on time).

Sometimes, the hosts might not know how to run an event especially in a
large organisation. Usually with a company with many lines of business,
reaching out to facilities is the first port of call as they are the ones
that manage the event theaters / hosting areas and they also know who to
reach out to about catering.
Depending on the company/facility using their catering team might be
mandatory as was the case with banks like Nomura and HSBC. Tech companies
like Expedia and Microsoft don't have that requirement so the host just
orders Pizzas.

The cost breakdown for the catering & cleanup at one company was:

   - 4x bottles of red Malbec,  £23.16 (£27.80 with VAT)
   - 4x bottles white, Le Colline San Giorgio  £21.52 (£25.84 with VAT)
   - 6x cases of Becks = 74p £106.56 (£128.16 with VAT)
   - Evening clean up = £70
   - 20 Pizzas = £200 - *Note:* deal from Papa John's has expired
   - Total = £451.8

Hope that helps.

Kind regards
Sherif Mansour

On Sun, Apr 9, 2017 at 1:56 AM, Ade Yoseman Putra <ade.putra at owasp.org>

> Hi ajay
> You shoud read the chapter handbook for your guide
> https://www.owasp.org/index.php/Category:Chapter_Handbook .
> Thanks
> Pada tanggal 9 Apr 2017 12.31 AM, "Ajay Dutta" <ajay.dutta at owasp.org>
> menulis:
> Dear Friends,
> I have started a new chapter at chandigarh. Please guide me for further
> activity.
> On Fri, Apr 7, 2017 at 7:57 PM, Mike McCabe <mccabe615 at gmail.com> wrote:
>> Awesome idea and great project!
>> On Sat, Apr 1, 2017 at 5:09 AM, Bjoern Kimminich <
>> bjoern.kimminich at owasp.org> wrote:
>>> Dear all,
>>> I just released v2.25 which adds an awesome new feature to the OWASP
>>> Juice
>>> Shop: Via a simple YAML-based configuration file you can now customize
>>> the
>>> look & feel (logo, app name, theme, ...) and all products the store! Why
>>> would you want to do this? When using Juice Shop in trainings for your
>>> employer or at a customer, you might actually increase the awareness
>>> impact
>>> by customizing the Juice Shop to their very own corporate identity and
>>> business domain! Kudos to Timo Pagel for envisioning and contributing
>>> this
>>> feature!
>>> The following customization examples are delivered out of the box with
>>> Juice Shop v2.25.0:
>>> * The BodgeIt Store: An homage to our server-side rendered ancestor
>>> * Sick-Shop: A store that offers a variety of illnesses. Achoo! Bless
>>> you!
>>> Please check out
>>> https://github.com/bkimminich/juice-shop/blob/master/CUSTOMIZATION.md to
>>> learn how to use one of these samples and how to roll your own corporate
>>> theme! You can even use the existing end-to-end test suite to verify if
>>> all
>>> hacking challenges will keep working with yourcustom configuration! Below
>>> you also find the complete release notes. Some challenge solutions
>>> needed to
>>> be adjusted to work with the new customization feature. The "Pwning OWASP
>>> Juice Shop" companion guide eBook available at
>>> https://bkimminich.gitbooks.io/pwning-owasp-juice-shop/content will be
>>> updated soon after to reflect those changes.
>>> Cheers,
>>> Bjoern
>>> PS in case you are wondering: No, this is not an April's Fools joke!
>>> --------------------------------------------------
>>> v2.25.0
>>> ======
>>> https://github.com/bkimminich/juice-shop/releases/tag/v2.25.0
>>> Changes
>>> -----------
>>> * Customization allows you to tailor the OWASP Juice Shop to your own
>>> corporate business domain and styleguide for maximum awareness impact!
>>> * Changed some challenge solutions to be independent of customizations
>>> * Changed all generated Feedback to be not "juice"-theme any more
>>> Bugfixes
>>> ------------
>>> * Fixed language selection label for Hungarian
>>> * Fixed Challenge solved!-notifications not showing when coming back to
>>> the
>>> UI after e.g. hacking the API directly
>>> I18N
>>> -------
>>> * Added Romanian  translation
>>> -----BEGIN PGP MESSAGE-----
>>> Version: GnuPG v2
>>> owGVVn2IFGUYv7v8vDz6EoQyevbMUrvdVUvsDir3FPFOvTvdU9MSfHfm3ZnXnZl3
>>> mXdm5zYighArjArqjyDIj4QglQ40DYWsJKXzn5IkTfT6AE0Jv1Aw0Xqed3bvQw1q
>>> OW53dmae5/f8Pp7ZdxruqhlTO2rauk/6rp84Xtt3Llfz/ClvxjzOfGCO0wQN9V9v
>>> xH9tsDZUAfjc4UxxE0ozUzNnQWQLwwZmmgqYByziSrocPB5BnrMg9DkEEgKbQ+eK
>>> TLYL2kNhcMjastgCywUDBkq4RYfDysziRcmcLmxILy+s0GeBkB7kBZ4tyxAMrO/J
>>> CAxEIV3xEtdlHSkL8Bg24w5McaQlm4AVi+AxlzfRBfSWSqWmIjqTxoGiL83QCJS+
>>> Gyv5PAEr7DJEMnRM3ShiXkCoTQIu1HN4mnsQKuFZQ/CD8CDwmfDwawV56dO9PnCc
>>> Rpa5D/gFC3C+GC73m3RtV1g2fmsEIWIpYw3DJzY1GBYxn3tcKUBK8BLIlQeGpd50
>>> zZD+Ma/ChxL3yyAjD4nzixJp4yBM7gUiKOupcwSdyprSRbwJWBiaUtH93cKV0MUs
>>> 5I4G4F5JKOScmtGNKETgi1wYxN2FqmqaqFiiGxHlpePIiK6oYo114z2MhEVboAdM
>>> 7giEieLKMACZ17PkZA9EIrBvs0ZsrdT0FmwxDahJqzQt3hZAlvRqgYwHNs5iaXMR
>>> 64r7WD6pcG40qGfqVswzOAmsq2SFUUjGvsvEsiMGRljy3EeQUGK+4MgYghOOQ3xx
>>> lYKMYUuZgFaH+EMBE9U0dOkUgGFzo6CHsoOgqFrSaQsnCnMpQ7rpXEG4LhrEsNNr
>>> abikwv7pnCNzaZepgPvpucuy3Z2L21Zluts6O1KuSfNgYZ/mi+ggxB7S4xXK8EBV
>>> WUV9Ktf4qEBsvuEm0O5PwMpKdnhJuzj2Gu8RSsuKZCUDmcQ3CJAtUKEINK3Ip8ij
>>> Q/M6NTYzClpjG4+4ZyGCCGmCAudFjI6vT2oxCUjshOFBRhI5GkWngDlKYrCpJ2JB
>>> qnCkgFdXC6Y8IO6ztEkGGoKSTkiFFG4XbnLNVQ5TY9Jaig8JSIyC6tISGu7Jin1T
>>> 2lONXZF2+q3ua9SAmEc3WCE5irfSkmElJhyWw23EBtUelDiFwufwOpUSMl3UpZMy
>>> YqqYHKI9JQqTGXOH4MOiyQi7ktiM5dESWlCedzjmP7ClthgjvlMV4821ORqWtnLr
>>> WsnRKVVDZmkjGcSfphgNHklKAgJpgQ7ZFCcY/5Be2tWZoi+cxxXMl9JRsFYW+IC5
>>> k//7Vb2zklz89Ix+4Yf/HIyK/CodMCs9WKgytSZhODYd7LnDFGa0jHRS9X5ExTD/
>>> d3r80Ok7ZOaWXaljpoKyw2Mn0JZ0WY9wQ/e2dZ3QaDROEvRfvBubFq3Pi7SnPL0N
>>> h7lUwdBCFD4L2/jaJ/PR+TmMYqUMKdmoGWxM6rQj3jK4uNwa6tEfoZUXPbeSFrM2
>>> H0+Y4GCPkNao4mQ4IhAdvrvyOFgQehYuReYN3jB36EQlbiaSCEHkhVFBToBQS/04
>>> iOipiWrT5ypmUmJZW8XpPGWlBhYLncl0tYEpfETilGmAthlPdwxg17AzJgV/KWrj
>>> IS50Bj6BPeXE2r9RO3FETe2YmlEj6+gHTE392Hurv2rKm0b/veTG6Z6vTkyS8zfM
>>> fnfCn1Pm1NkfXT360wcLH1l2X/+WMYvez24X43pHvOlmx9747OOlhcYXzxfP3n/m
>>> 0I6942umw18LJlwafezZb/fUXTAPNx/d+d3EzZuy117Y+OsWs27jA7v2lradufrF
>>> 5XlPXnpo+Yevjdy6Id/Q+vPnvWt6Z82M6m/+tn7nnJ6DR84ffLt5f/31yU0XL46v
>>> WTX1y8vTl8CBp/wdD566p7/5ZPeF/RM7Nh86bX3fve+V1e91Llo/bvK+w8ePtbdP
>>> mm2vX3OlZG1I9Z8r9p778cC6s9eWb3ri4Qvbdr/8h33AfLT1h0Tf1vysX15tv/vI
>>> 9ZmwtO/mp92h/fueOfOu7FrZfP311du/OflW/z8=
>>> =TBZs
>>> -----END PGP MESSAGE-----
>>> _______________________________________________
>>> OWASP-Leaders mailing list
>>> OWASP-Leaders at lists.owasp.org
>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>> _______________________________________________
>> OWASP-Leaders mailing list
>> OWASP-Leaders at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders


Sherif Mansour
OWASP London Chapter Leadersherif.mansour at owasp.org
Follow OWASP London Chapter on Twitter: @owasplondon
"Like" us on Facebook: https://www.facebook.com/OWASPLondon
Subscribe to our (lightweight) mailing list:
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20170415/a0eeb572/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OWASP London Chapter Meeting, Thursday 24th November 2016, 6_30pm Tickets, Thu, 24 Nov 2016 at 18_00 _ Eventbrite.pdf
Type: application/pdf
Size: 414218 bytes
Desc: not available
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20170415/a0eeb572/attachment-0001.pdf>

More information about the OWASP-Leaders mailing list