[Owasp-sydney] [epiclongpost] Words about ~content~ in 2014

Norman Yue norman.yue at owasp.org
Thu Feb 6 06:52:18 UTC 2014

Hey all,

*tl;dr: Cool stuff planned for 2014. Looking for people to take ownership
of content creation (e.g. workshops) on interesting topics. Meetings at

Thanks to those of you who were able to make it to last night's meetup.
It's always great to put some faces to names, and to listen to the cool
ideas being discussed around content in 2014.

As promised, I've summarized the key points of the dicussion below, and
some things I'm going to do to make this stuff happen. Please let me know
if I missed anything:

*What cool ideas were discussed?*

- *Introductory Sessions*: OWASP is not a group exclusively for security
professionals, and our content should not be centered around people who
already work with security day-in day-out. An interest was expressed in
having some entry-level content - something like hour-long,
experienced-person-led sessions going over things like the pentesting
toolchain, previous CTF exercises, etc.
- *Speaking at Developer Groups:* There's a lot of security enthusiasts out
there, and a lot of developers as well, but there isn't effective
communication about ~security~. One idea is to go to events like local
developer meetups, and talk to people about security challenges we've come
across specific to their technology stacks. This is a great place for
people to practice their presentation skills, and engage people on
real-world security issues.
- *Continue engagement with Uni's*: Last year, we did a trial run of a talk
at UNSW. I think this is worth continuing. A few people did contact me last
year about speaking if this worked out, and I will get in touch with you
guys ~soon~.
- *Presentation + Workshops*: It was proposed that one way to involve
people in interesting topics was to run a single presentation, followed by
a series of workshops, in which a discrete task is walked through. For
example, a talk on say, debugging a certain type of crash, followed by some
workshops implementing a simple tracing/analysis tool with a discrete
- *Collaborative Development*: One thing we could potentially do is
collaborate on development of one of OWASP's many projects. There's a lot
of cool projects out there, and they're generally run by volunteers - folks
like you and me, folks with day jobs and such. There's a lot of room to
help out.
- *Hackathons / Collaborative Software Auditing*: I tried to organise one
last year, but unfortunately it fell through because of a number of things
going wrong at the same time (also ~christmas~). Nevertheless, I think we
can take from the lessons of that, and try again, this time making sure
that we do have things like content 100% ready.
- *Regular Meetups. At 6:30*: The idea of having a general get-together
regularly I think is a good one - when we have content, we'll look for a
venue where there is a projector; when there isn't content, those of us who
are keen to get together over drinks/food can do so anyway. These will be
announced on the OWASP Wiki page, our Meetup.com page and on this mailing

*Okay, what practical next steps are you taking to make this happen?*

- *Ownership of projects*: If you are interested in taking ownership of
some content creation - whether it be running a series of workshops in
something you're interested in or delivering a presentation at a monthly
meetup, please do let me know.
- *Reaching out to developer groups: *I'm going to get in touch with some
local developer groups on meetup.com, and see if they are interested in
having someone owaspy talk about security. (protip for you security
consultants: this is like epic free PR that's not even preaching to the
- *Scheduling a regular meetup: *Between myself and Paul, we will work
together to make sure one meetup a month gets scheduled (at 6:30pm).

For those of you still with me, thanks for reading this far. If you're
interested in helping out with the above, please let me know.

Otherwise, here's to content-richer year :)

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-sydney/attachments/20140206/7a1165af/attachment.html>

More information about the Owasp-sydney mailing list