[Owasp-leaders] how can you help - support ? (Fwd: Help with OWASP Summit 2017 Outreach)

Seba seba at owasp.org
Mon May 8 05:34:28 UTC 2017


Hi fellow-leaders,

Check out our request below to the board & staff. We hope to have your
support on this!

A couple of ways you can help us:

1) support our request for funding towards your favourite board member(s)!
2) if you have budget available (see
https://www.owasp.org/index.php/Donation_Scoreboard chapters - $882,638,
projects $114,126): please sponsor your surplus budget to the summit? We
expect the outcome of the summit to be fantastically useful for all chapter
and owasp projects worldwide.
3) join us at the summit! http://owaspsummit.org/website/buy-ticket.html

kind regards,

Seba, Dinis, Francois


---------- Forwarded message ---------
From: Seba <seba at owasp.org>
Date: Mon, May 8, 2017 at 7:24 AM
Subject: Re: Help with OWASP Summit 2017 Outreach
To: Dinis Cruz <dinis.cruz at owasp.org>, Matt Tesauro <matt.tesauro at owasp.org>,
johanna curiel curiel <johanna.curiel at owasp.org>, Claudia Casanovas <
Claudia.Aviles-Casanovas at owasp.org>, Tom Brennan <tomb at owasp.org>, Matt
Konda <matt.konda at owasp.org>, vanderaj vanderaj <vanderaj at owasp.org>, Josh
Sokol <josh.sokol at owasp.org>, Michael Coates <michael.coates at owasp.org>,
Tobias Gondrom <tobias.gondrom at owasp.org>, Kate Hartmann <
kate.hartmann at owasp.org>, Tiffany Long <tiffany.long at owasp.org>, Laura Grau
<laura.grau at owasp.org>, Kelly Santalucia <kelly.santalucia at owasp.org>,
alison.shrader at owasp.org <alison.shrader at owasp.org>, Dawn Aitken <
dawn.aitken at owasp.org>, Hugo Costa <hugo.costa at owasp.org>,
owasp-board at owasp.org <owasp-board at owasp.org>, OWASP Foundation Board List <
owasp-board at lists.owasp.org>
Cc: Francois <francois at devseccon.com>


Hi Owasp Board and Owasp Employees,

One way to help us, is with financial and operational support.

The OWASP Summit is getting great traction:

   - 70+ confirmed participants
   - 105 Working sessions planned

For more details, see the email from Dinis below.

We started the OWASP Summit last year and so far, have run the summit on a
shoestring budget.
We used the 150K USD seed fund from the board to reserve the lodges and
conference rooms of the venue.
With the currently confirmed sponsors, participants and the registrations
in the pipeline, we are confident that we will break even on the venue and
the catering.
This means we will be able to return the seed fund, which is great news.

However, *we need extra funding:*

1) The first funding we need is to get the amazing OWASP leaders and
contributors that need support (flight+ticket) to the summit!
Check out the list here
http://owaspsummit.org/pages/for-editors/participants/need-funding.html
In total we need about *33K USD to cover 17 people* to contribute to the
success of the summit.

2) Everything we have done so far (Dinis, Francois, 6 summit editors and
myself) has been done with our volunteer time.
But for the summit to become a success, we need the support of a
professional operations team with an operations budget.
We currently estimate this *operations to cost about 50K USD*:
- 10k for Tickets and flights for OWASP (or other operational) staff and/or
participating Board Members
- 20k for operational team expenses (before summit)
   - venue accommodation for team that will go to the venue for the weekend
before the Summit
   - temp contractors to help with logistics and scheduling
   - printing, signage and logistics
-  20k for operational team expenses (during the Summit)
   - venue accommodation for operational team (during summit)
   - temp contractors to help with logistics and scheduling
   - extra internet connection
   - other misc expenses
As we stand today these costs are *‘critical’ for the Summit success.*

Of course we will try to cover these costs and reach a profit (and we are
going on the right direction), but *at the moment we do not have that
budget.*

*So in total we need about 85K USD to get extra people to the summit and
have a professional operations team in place.*

One option (for the board) is for you to *allow us to use the 150k as a
buffer (knowing that we might need to use it).*
That should be seen as an ‘investment’ for OWASP, not a cost (after all
that is why owasp should make money)
Another option is to budget for 85K USD for the summit as separate
investment from the OWASP foundation in the summit.

Thanks for considering this request (I have scheduled this as new business
for the upcoming board meeting tomorrow).
If you are in Belfast, we can discuss face to face.

Otherwise, happy to discuss by email or to schedule call(s).

Kind regards,

Seba, Dinis, Francois.


On Sun, May 7, 2017 at 8:26 PM Dinis Cruz <dinis.cruz at owasp.org> wrote:

> Hi Owasp Board and Owasp Employees, I would like to ask for some help in
> promoting the Owasp Summit 2017 <http://owaspsummit.org/>.
>
> We are now in the critical phase of the Summit where we have reached
> critical mass and really could do with some extra help from the Owasp
> mothership (after all this is an Owasp event to/for the Owasp community)
>
> Here are the areas where you could help
>
>    - *Owasp Twitter <https://twitter.com/Owasp> *- with 78.5k followers
>    the retweet of important milestones or Tweets about the Summit would reach
>    quite a wide audience (note that in 2017 there has only been one (1) tweet
>    about the Owasp Summit, and that was a retweet of one of Tom's tweet)
>    - *Owasp Blog <https://owasp.blogspot.co.uk/>* - I don't know how many
>    subscribers, but I'm sure it's reach is quite wide. Note that as far as I
>    can tell there has been no blog post about the Summit
>    - *Owasp LinkedIn <https://www.linkedin.com/company-beta/250673/> *-
>    with 19k followers, this would also be a great way to reach potential
>    Summit Attendees
>    - *Owasp monthly newsletter - *The last Owasp Connector
>    <https://owasp.blogspot.co.uk/2017/04/April2017Connector.html> only
>    has one link to the Owasp Summit 2017, with a large feature being allocated
>    to the Project Summit and Developer Summit happing at AppSec EU. Note that
>    I'm not saying we shouldn't be promoting those activities (at AppSec EU),
>    but as you can see by the number of Working Sessions
>    <http://owaspsummit.org/website/working-sessions.html> and Participants
>    <http://owaspsummit.org/website/participants.html>, the Owasp Summit
>    2017 will be a much bigger event
>    - *Owasp Conferences and Chapters - *With the high number of events
>    that Owasp will organise or be involved between now and the Summit, it
>    would be great if the Owasp mothership asked these events to promote the
>    Summit
>    - *Owasp Leaders list* - This is the list that reaches our trusted
>    leaders and it would make a massive difference if there were a couple posts
>    from the Owasp Board or Employees about the Summit (as far as I can tell
>    most, if not all, Owasp Summit 2017 related posts have been started by me
>    or Seba, with Tom being the exception on his help on trying to get the
>    chapters/projects to sponsor the Summit)
>    - *Owasp global distribution list - *Yes I know that this needs to be
>    used very carefully, but its outreach is massive and the Summit is exactly
>    the kind of event that we should be making out global community aware of
>    - *Owasp Home page* - There are no links (or mentions) in the home
>    page about the Summit (I know that you need to be careful on which evens to
>    expose there, but the Summit should be seen as an special event due to the
>    amount of work that will be done and amount of collaboration that will
>    occur)
>    - *Official Owasp Press Release *- This is another kind of activity
>    where sending it from the OWASP mothership would do wonders to the Summit's
>    promotion (ideally with some quotes from OWASP Board and other high profile
>    Summit Participants, like Neil from Capital One
>    <http://owaspsummit.org/Participants/ticket-24h-sponsor/Neil-Barlow.html>
>    )
>
> Note that at the moment there is $0 USD direct support from the Owasp
> Mothership to the Summit. What we currently have is:
>
>    - $6,000 from Project outreach funds (where each participant applied
> directly to Owasp)
>    - $150k buffer that were used to book the venue, only on the condition
> that all amount was recovered with tickets and sponsorships (i.e. we can't
> use those funds to cover any operational expenses or to fund participants
> that still need funding to attend
> <http://owaspsummit.org/pages/for-editors/participants/need-funding.html> the
> Summit). Thanks Andrew, Johanna and Matt for making this happen, it helped
> us to secure the venue.
>
> *About the Summit:*
>
> The Summit has massive amounts of energy at the moment and it is a really
> good story for OWASP.
>
> This is the kind of event that only Owasp can create and the fact that we
> have already so many participants (in a pure grass-roots effort) is a good
> testament to the power and trust that the community has in Owasp
>
> In terms of the current Owasp Summit 2017 content, you probably have not
> had the time to catch up with the latest changes (after all they are
> happening very fast these days :)  ), so here is a quick overview of the
> Working Sessions we have planned.
>
> Due to the number of Working Sessions planned (122 at last count), we are
> organising them in (12) Tracks:
>
>    - *Threat Modeling
>    <http://owaspsummit.org/Working-Sessions/Threat-Model/>* - This is one
>    of the strongest tracks. If you look at the 'Threat Model' talent that will
>    be there (Adam S, Tony UV, Stephen V,  and others...), you can see that we
>    really *have most of the core Threat Modeling talent in the world
>    coming to the Summit!* If there is one hard-core AppSec topic that we
>    should be promoting about the Summit, we should be talking about the fact
>    that we will be making a big difference in Threat Modeling (check out the
>    Working Sessions topics)
>    - *OwaspSAMM <http://owaspsummit.org/Working-Sessions/OwaspSAMM/> *-
>    This is another track where we have the main contributors and users of this
>    Owasp project participating at the Summit (hopefully we will also have a
>    good representation of companies that are already using this Maturity
>    Model)
>    - *DevSecOps* <http://owaspsummit.org/Working-Sessions/DevSecOps/> -
>    This track is the one that has been generating quite a lot of buzz on the
>    people we talk to, since it is addressing real pain points and problems
>    that companies have today
>    - *Education* <http://owaspsummit.org/Working-Sessions/Education/> -
>    Always strong in OWASP, this Track ranges from University master degree to
>    how to create the next generation of AppSec professionals
>    - *Mobile Security*
>    <http://owaspsummit.org/Working-Sessions/Mobile-Security/> - Another
>    track where the key Owasp leaders of Mobile related Owasp projects are
>    participating
>    - *CISO* <http://owaspsummit.org/Working-Sessions/CISO/> - This track
>    has started slow, but is now really reaching a wide audience of CISOs and
>    covering a wide range of CISO related topics
>    - *Research* <http://owaspsummit.org/Working-Sessions/Research/> -
>    This is a recently added track, but is already covering really important
>    and interesting research topics (it's important to also look at the future
>    and work on the next generation of Application Security)
>    - *Agile AppSec
>    <http://owaspsummit.org/Working-Sessions/Agile-AppSec/> *- This is a
>    Track driven by a couple participants that really care about Agile and want
>    to find better ways to integrate it with AppSec practices
>    - *Security Crowdsourcing*
>    <http://owaspsummit.org/Working-Sessions/Security-Crowdsourcing/> -
>    This is a Track that is focused on scaling AppSec activities via internal
>    and external crowdsourcing
>    - *Tools* <http://owaspsummit.org/Working-Sessions/Tools/> - Track
>    focused on specific tools or services
>    - *Owasp <http://owaspsummit.org/Working-Sessions/Owasp/> *- As
>    always, once the number of Owasp leaders per square meter goes up, there is
>    always the opportunity to address important organisational and operational
>    Owasp related issues
>    - *Owasp Project's Summit*
>    <http://owaspsummit.org/Working-Sessions/Project-Summit/> - last but
>    not least, here are all the 31x Working Sessions directly related to an
>    Owasp Project. I'm sure you will agree that it is a pretty impressive list
>    of Owasp Projects (with most having the Project Leader participating)
>
> In terms of Working Sessions, at the moment we have 122 created (with a
> good number more still on the works) and probably the most high profile
> ones will be the Owasp Top 10 related (Implications of Owasp Top 10 2017
> <http://owaspsummit.org/Working-Sessions/Owasp-Top-10-2017>  and Data
> behind Owasp Top 10 2017
> <http://owaspsummit.org/Working-Sessions/Owasp-Top-10-2017/Data-behind-OWASP-Top-10-2017.html>)
> which given the fact that Dave Wichers
> <http://owaspsummit.org/Participants/Dave-Wichers.html> is attending, are
> bound to be quite 'interesting'.
>
> I believe most of you participated at one of the last Summits, but if you
> want a refresher or want to read the current plan, please see the Working
> Sessions - How <http://owaspsummit.org/website/working-sessions-how.html>
>  page.
>
> As I hope you agree, we have an amazing opportunity here to really make a
> difference in the Application Security world in 2017, *what we need is
> some help from the Owasp mothership.*
>
> We have a pretty good Summit Organisation team (Seba, Francois and me) and
> 6 Summit Editors (sponsored Summit participants that are helping before the
> Summit), so please let us know how we can help you to help the Summit :)
>
> Thanks
>
> Dinis, Seba and Francois
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20170508/5ff8190d/attachment-0001.html>


More information about the OWASP-Leaders mailing list