[Owasp-leaders] OWASP Summit 2017 announcement - setting the stage...
seba at owasp.org
Mon Jan 9 19:59:48 UTC 2017
### OWASP Summit 2017 Announcement
*OWASP Summit 2017 - join us!*
It's now official, the next OWASP Summit will happen in *London/England
between 12 and 16 of June 2017* (date chosen using a Doodle
<http://doodle.com/poll/e8d4p955rc8guuru> with 73 participants).
The event will be hosted at CenterParcs Woburn
have already booked the first block of 10 villas and meeting rooms.
This will be a working Summit based on the model used at the 2008
<https://www.owasp.org/index.php/Summit_2008> and 2011
<https://www.owasp.org/index.php/Summit_2011> Summits in Portugal,
basically daily 18 hours of sessions on Application Security.
To be clear, we decided to rename it to just *OWASP Summit 2017*, and give
it a focus on the collaboration between: OWASP Projects, Developers,
Application Security and DevOps.
Summits are about its participants and Working sessions, they are a meeting
of minds passionate about Application Security.
There are no presentations, and all sessions are about *getting something
The Summit organisation team's objective is to set-up an hyper productive
and collaboration environment, it is up to the attendees (i.e. you) to
figure out what is the best use of your time and what to focus on.
As you can see at the Workshops page
<https://owasp.github.io/owasp-summit-2017/workshops.html>, there are
already a number of Working Sessions and Tracks being worked on (OwaspSAMM,
ZAP, WebGoat, Top 10, Mobile Security, AWS Security, Threat Modeling) but
we need a lot more.
This content is managed using GitHub
help to improve the existing Working Session and create the pages with the
Here is how you should think about the Summit: *"If you could get the best
minds of XYZ in the same room for a number of hours/days, what should they
work on?"* (see more details below on the 'Why OWASP needs Summits'
If you can't make it to the venue of those dates, please also be involved
in the setup and content of these working sessions, since there will be
multiple ways to participate remotely and collaborate.
There are two types of tickets for this Summit both covering participation
in the summit for the full 5 days.
- *5 days x 24h participant* (venue, lunch, dinner, accommodation): £1,200
GBP (about $1,500 USD)
- *5 days x 8h participant *(venue, lunch) - £400 GBP (about $500 USD)
As with the previous Summits the accommodation is based on villas (called
lodges at Woburn); these are a key part of making the event an 'OWASP
The layout of the CenterParcs Woburn villas/lodges is actually better than
the previous summits, and we are expecting a lot of high productive and
energetic sessions to occur :)
The tickets will soon be available for purchase, and if your OWASP Chapter
or Project has funds that it would like to use, please do that as soon as
Ideally your company will be able to support your participation in this
event. If that is not possible (or if you are an independent contractor)
then please let the Summit Team know about it, since there will be some
funds available to help out (especially if you are OWASP Leader with a
successful track record on an OWASP Project, Chapter or Conference)
There will also be a number of sponsorship opportunities available for
Companies and OWASP Chapters/Projects (at the moment we have: DevSecCon,
the OwaspSAMM project and the OWASP London chapter).
If you are planning to participate at the Summit, please add your name to
the Participants list
<https://owasp.github.io/owasp-summit-2017/participants.html> (even if at
the moment you don't know how your travel/accommodation/ticket costs will
*Why OWASP needs Summits*
We need OWASP Summits because we need as a community and industry, a place
where we can come together and work on ideas and solutions.
We need places where we can have independent, non-vendor focused
discussions on the hard problems that we have.
OWASP is one of the few organisations in the world that is able to create
such environments for Application Security.
The problem we have with conferences is that they are very uni-directional.
They are people presenting their research, which is great, but there is
little collaboration with the participants. There is also a general concern
in our community about the lack of innovation in the hundreds of Security
conferences that exist every year worldwide. Usually, the best exchange of
ideas and collaboration happens at the conference's lobby. Some
participants even go these events not for the talks, but for the people
they will meet there. The problem is that those conversations are very ad
hoc, they aren't planned, there is no work done before, there is no
preparation for those conversations.
The summit allows you to be prepared for those exchanges. You know that you
are going to meet a critical mass of people that are interested, passionate
and knowledgeable about a specific topic, technology or tool (relevant to
you and your industry).
More importantly all participants are there to work. Everybody is focused
on creating important deliverables and solutions for Application Security
(like we did on previous Summits
What are those deliverables? It depends on the participants, it depends on
the people, it depends on who is going to go there, and how much effort
they put into it.
*All that we can do is to set the stage, it is up to the participants to
actually create magic and to create something quite amazing.*
*Please help, by booking your place asap*
Registrations will open soon. It will really help with the logistics and
management of the Summit if we have a good idea of the participants, what
type of ticket they need (with accommodation or not) and if they are able
to get their current company to cover the participation cost.
Let us know how we can help, and thanks for the help!
Dinis, Seba, Francois
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the OWASP-Leaders