Скачать презентацию Membership Committee July 2009 Update OWASP Copyright Скачать презентацию Membership Committee July 2009 Update OWASP Copyright

75d5de757f824615af5ac7536d87d4b9.ppt

  • Количество слайдов: 33

Membership Committee July 2009 Update OWASP Copyright © The OWASP Foundation Permission is granted Membership Committee July 2009 Update OWASP Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP Foundation http: //www. owasp. org

OWASP 2009 Membership Drive • OWASP Background • Video: Dan Cornell, Member, Global Membership OWASP 2009 Membership Drive • OWASP Background • Video: Dan Cornell, Member, Global Membership Committee • What Does Membership Do For OWASP? • Membership Benefits – Individual Members – University Supporters – Organizational Supporters • Questions? 4

Video • Dan Cornell, Member, OWASP Global Membership Committee • http: //www. owasp. org/index. Video • Dan Cornell, Member, OWASP Global Membership Committee • http: //www. owasp. org/index. php/Membership 5

What Does Membership Do For OWASP? • Funds OWASP Speakers via OWASP On the What Does Membership Do For OWASP? • Funds OWASP Speakers via OWASP On the Move • Funds Season of Code projects • Helps Support Local Chapters – A portion of your membership fees helps fund your local chapter 6

Individual Members • Cost: $50/year • First Time Members Get A Membership Pack: – Individual Members • Cost: $50/year • First Time Members Get A Membership Pack: – Membership card and certificate – OWASP DVD – Attractive OWASP t-shirt – OWASP tote bag – Pen • 10% discount on OWASP conferences 7

University Supporters • No cost (!) – Universities must agree to provide meeting space University Supporters • No cost (!) – Universities must agree to provide meeting space twice per year and to include OWASP in their curriculum • Must be an accredited University • Logo on OWASP website • OWASP briefings for University – students and staff 8

Organizational Supporters Cost: $5000/year Logo on OWASP website Online job postings on OWASP website Organizational Supporters Cost: $5000/year Logo on OWASP website Online job postings on OWASP website Invitation to special OWASP events such as Industry Outreach • Two complimentary attendees to OWASP annual Summit • Employees get 10% discount on OWASP conferences • Onsite OWASP briefing • • 9

Questions? <Kate Hartmann (kate. hartmann@owasp. org) (OWASP) • OWASP Global Membership Committee – Tom Questions?

OWASP Global Conference Committee (GCC) Committee Update Slides July 1, 2009 Copyright 2007 © OWASP Global Conference Committee (GCC) Committee Update Slides July 1, 2009 Copyright 2007 © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP Foundation http: //www. owasp. org

Global Conference Committee The primary purpose of the Global Conference Committee is: to determine Global Conference Committee The primary purpose of the Global Conference Committee is: to determine location, frequency and to oversee and direct global conferences, speakers, and training. Conference Committee Mark Bristow (U. S. ), Wayne Huang (Asia), Steve Antoniewicz (U. S. ), Dhruv Soi (India), Kate Hartmann (U. S. ) OWASP 1

Posted Documents • Conference planner’s toolbox • Conference Budget planning tool • Sponsorship document Posted Documents • Conference planner’s toolbox • Conference Budget planning tool • Sponsorship document (Updated) • Speaker Agreement • Presentation Template • CFP Template • CFT Proposal Template • Training Instructor Agreement (New) OWASP 1

Call For Conferences 2010 – Needs approval In an effort to Coordinate and Promote Call For Conferences 2010 – Needs approval In an effort to Coordinate and Promote our events for next year, the Global Conferences Committee is now accepting proposals for events to be held in 2010. To be considered, planners must submit: 1. Dates of event 2. Location of event 3. Projected budget (using budget planning tool) 4. Event Type (using definitions from Conference page) In order to be considered, please submit your proposals to the Global Conference Committee global_conference_committe[email protected] owasp. org. The deadline for consideration is August 30, 2009. Proposals received after this date may not be approved by the committee. OWASP 1

OWASP Global Projects Committee Update Slides May 19, 2009 Copyright 2007 © The OWASP OWASP Global Projects Committee Update Slides May 19, 2009 Copyright 2007 © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP Foundation http: //www. owasp. org

Global Projects Committee Dinis Cruz, Paulo Coimbra, Jason Li, Matt Tesauro, Leo Cavallari, Pravir Global Projects Committee Dinis Cruz, Paulo Coimbra, Jason Li, Matt Tesauro, Leo Cavallari, Pravir Chandra, Brad Causey Meeting weekly on Monday at 10 PM GMT Organizing and documenting the “rules of engagement” for OWASP projects and the Season of Code Launching the next Season of Code Finalizing project setup and templates under Priteria v 2 for projects & So. C OWASP 1

OWASP Season of Code 2009 • Announced at App. Sec EU 2009 in Poland OWASP Season of Code 2009 • Announced at App. Sec EU 2009 in Poland Provisional budget of $90, 000 Focus: Improving quality in for key areas – OWASP Education Pack – Enterprise usability of OWASP Projects – Additional Source of Funding – Marketing and PR Any project proposals are welcome including joint proposals up to 20 K OWASP 1

OWASP Season of Code 2009 • Global Committees assist with areas: – Education Committee OWASP Season of Code 2009 • Global Committees assist with areas: – Education Committee • OWASP Education Pack – Projects Committee • Enterprise usability of OWASP Projects – Membership & Chapters Committee • Additional Sources of Funding – Industry and Conference Committee • Marketing and PR • Projects will be assessed with Criteria v 2 OWASP 1

OWASP Season of Code 2009 – Prep work • Templates and informational “tab” created OWASP Season of Code 2009 – Prep work • Templates and informational “tab” created for projects – Allows easy setup of new projects and collection of meta-data on projects – Provides structure to evaluate project quality generally and for So. C • Sponsor-able projects list created – List projects which are open for sponsorship – “Rules of the Road” for sponsors • Orphaned projects list created http: //www. owasp. org/index. php/Category: OWASP_Orphaned_Projects OWASP 1

Projects A – Projects launched recently (with the new 2. 0 template) OWASP Content Projects A – Projects launched recently (with the new 2. 0 template) OWASP Content Validation using Java Annotations Project https: //www. owasp. org/index. php/Category: OWASP_Content_Validation_using_Java_Annotations_Project OWASP Security Analysis of Core J 2 EE Design Patterns Project http: //www. owasp. org/index. php/Category: OWASP_Security_Analysis_of_Core_J 2 EE_Design_Patterns_Project B – Projects re-set up (with the new 2. 0 template) OWASP Live CD Project http: //www. owasp. org/index. php/Category: OWASP_Live_CD_Project OWASP JBro. Fuzz https: //www. owasp. org/index. php/Category: OWASP_JBro. Fuzz C – Projects launched recently (waiting for the new 2. 0 template) OWASP JSReg Project https: //www. owasp. org/index. php/Category: OWASP_JSReg_Project OWASP Cryttr - Encrypted Twitter Project http: //www. owasp. org/index. php/Category: OWASP_Cryttr_-_Encrypted_Twitter_Project OWASP Encrypted Syndication Project http: //www. owasp. org/index. php/Category: OWASP_Encrypted_Syndication_Project OWASP 2

Projects (Continuation) C – Projects launched recently (waiting for the new 2. 0 template) Projects (Continuation) C – Projects launched recently (waiting for the new 2. 0 template) OWASP CTF Project https: //www. owasp. org/index. php/Category: OWASP_CTF_Project OWASP 2

OWASP Global Chapters Committee (GCC) Committee Update Slides July 1, 2009 Copyright 2007 © OWASP Global Chapters Committee (GCC) Committee Update Slides July 1, 2009 Copyright 2007 © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP Foundation http: //www. owasp. org

Global Chapter Committee The primary purpose of the Global Chapter Committee is: Provide support Global Chapter Committee The primary purpose of the Global Chapter Committee is: Provide support and guidance on regional and global issues. Chapter Committee (Board Member Rep: Seba *) • • Puneet Mehta (India) Ofer Shezaf (Israel) * Matthew Chalmers (U. S. ) Kate Hartmann (U. S. ) * * Present in conf call OWASP 2

Meeting notes • Welcome new member: Matthew Chalmers • Call for new members (Seba) Meeting notes • Welcome new member: Matthew Chalmers • Call for new members (Seba) • Proposal for monthly meeting at each last Tuesday of the month at 18 h CET ? • Take on the chapters handbook (Ofer already started with it) • Next steps: • create an outline, • create stubs • ask for volunteers to help create content and review it. OWASP 2

Meeting notes • Start up a mentor program for new & inactive chapters • Meeting notes • Start up a mentor program for new & inactive chapters • Driven by experienced chapter leaders • Create a pool of ‘owasp certified mentors’ • Create wiki landing page listing the mentors with pointers to the chapter handbook / supporting ppts • Identifying chapters that could need mentor help • Next steps: • Create page (Ofer) • Recruit mentors (Seba) • Identify chapters to start that with (Kate) OWASP 2

Other things to do (need volunteers) Start survey (Matt? ) Podcast (check with Jim) Other things to do (need volunteers) Start survey (Matt? ) Podcast (check with Jim) /webcast … OWASP

OWASP Global Education Committee (GEC) Committee Update Slides June 25, 2009 Copyright 2007 © OWASP Global Education Committee (GEC) Committee Update Slides June 25, 2009 Copyright 2007 © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP Foundation http: //www. owasp. org

Global Education Committee The primary purpose of the Global Education Committee is: to work Global Education Committee The primary purpose of the Global Education Committee is: to work with the OWASP Education Project to provide educational materials for both internal and external users, develop liaisons with educational institutions worldwide. Education Committee (Board Member Rep: Seba) Martin Knobloch (Netherlands), Mano Paul (U. S. ), Eduardo Neves (Brazil), Kuai Hinjosa (U. S. ), Cecil Su (Singapore), Fabio Cerullo (Ireland), Andrzej Targosz (Poland) Meeting monthly on last Thursday at 10 PM GMT OWASP 2

Meeting notes • Got support from UCI, University of California Irvine DSU Dakota State Meeting notes • Got support from UCI, University of California Irvine DSU Dakota State University NKU Northern Kentucky University • Working on Cornell New York University Columbia University Syracuse University First OWASP App. Sec Symposium in the U. S. , sponsored by UCI participants App. Sec. EU 10 will have a Research track – strenghten ties with the academic world Working with Cornell using the OWASP Open Fortify for static analysis code used by Universities Creating a list of University conference or events such as Ja-Sig where GEC can present and promote OWASP 2

Meeting notes • Education Material Categorized (add link) • Modules to be added to Meeting notes • Education Material Categorized (add link) • Modules to be added to test structure and identify gaps & overlap • OWASP T 10 to be added • Train the trainers – first material has to be created – dependencies on portal / scoring – ‘accredited’ trainer list (what criteria are necessary) OWASP 3

Meeting notes • Assessment portal – SOC proposal to be created? Could try out Meeting notes • Assessment portal – SOC proposal to be created? Could try out something based on http: //www. expresscertifications. com/ content remains cc – scope of SOC proposal – based on http: //www. owasp. org/index. php/Category: OWASP_Ce rtification_Requirements • Boot camp material – to be based on project leaders input (part of the v 2 criteria) and possibly on Andrew’s donation https: //www. owasp. org/index. php/Education_Donated: _OWASP_ASVS_1. 0_~2_day_training_deck (seba to help Martin) OWASP 3

Meeting notes • CTF – OWASP project to be created? Several versions available. How Meeting notes • CTF – OWASP project to be created? Several versions available. How to have ‘secret’ challenges? – CTF EU 09 could be reused for US 09 • Speakers Buro – rating system – see trainers – how to manage evaluations – basic requirements to be captured • • Internationalization of Materials: OTGv 3 to • • • Chinese (simplified) from China Chinese (traditional) from Taiwan Indonesian Vietnamese Thai OWASP 3

Meeting notes • Education Committee slide deck to be created (Kuai – Martin) OWASP Meeting notes • Education Committee slide deck to be created (Kuai – Martin) OWASP 3