70 likes | 174 Views
OWASP Global Conferences Committee. Dave Wichers dave.wichers@owasp.org Mark Bristow mark.bristow@owasp.org Kate Hartmann kate.hartmann@owasp.org Wayne Huang wayne.huang@owasp.org Dhruv Soi dhruv.soi@owasp.org. November 11, 2009. Conferences: Mission and Purpose. Why host an event?
E N D
OWASP Global Conferences Committee Dave Wichers dave.wichers@owasp.org Mark Bristow mark.bristow@owasp.org Kate Hartmann kate.hartmann@owasp.org Wayne Huang wayne.huang@owasp.org Dhruv Soi dhruv.soi@owasp.org November 11, 2009
Conferences: Mission and Purpose • Why host an event? • Make web application security visible • Expand contacts in region • Raise awareness in region • “We can’t hack ourselves secure” Jeff Williams • OWASP events are levels above other hacker conferences • Attendees gain understanding of remediation, not just threats
Definition of events: • OWASP AppSec Conference • These conferences are the flagship of the OWASP outreach effort. This will be an international conference sponsored by OWASP and approved by the Global Conferences Committee. AppSec Conferences include multiple days of multi-track plenary sessions in addition to pre-conference training offerings. AppSec Conferences, schedules, and trainings must be approved by the OWASP Global Conference Committee and will receive the full support of the OWASP Foundation. In any calendar year, there will be no more than 4 AppSec Conferences of this size. Locations will be determined the prior year and planning must begin at a minimum of 12 months in advance. • OWASP Regional Conference • Regional conferences typically have lower attendance than AppSec conferences and typically include multiple days of single track plenary sessions. Training may or may not be offered at the descression of the regional conference planning team. Regional conferences are not subject to the same rigor as AppSec conferences in terms of planning and only require the local planning team deconflict scheduling with the Global Conferences Committee. Regional teams are free to brand their conference as they wish, as long as the OWASP affiliation is maintained. OWASP Foundation support may be available for large expenses at the discression of the Global Conference Committee. • OWASP Events • Events are typically single day or "OWASP Day" type events that are generally local in nature. Events typically have only one track and span anywhere from a half to a full day. Planning for these events are at the sole discression of the event team and may be branded in any manner so long as the OWASP affiliation is maintained. In general, significant OWASP Foundation support will not be available for these events.
Conference Planning – How to Host a Conference http://www.owasp.org/index.php/How_to_Host_a_Conference • Budget worksheet - NEW • Venue • Registration • CFP and CFT templates - NEW • Promotion • Catering • Social events • Sponsorship Documents - NEW • Speaker Agreements • Trainer Agreements - NEW • AV • And on and on and on and on
Funding and Finance • To facilitate the funding of up front costs and to protect the conference organizers conferences and events’ finances need to be run through the foundation. • Conferences and events are primary source of funding for the Foundation • AppSec events require a year to plan
Funding and finance (cont.) • Events: local, regional, and global, should beexecuting a profit sharing model with the foundation. A 70/30 split (negotiable based onexpenditure mapping by the local chapter) should be the norm. This will encourage local chapters to prepare budgets to the Foundation to justify future spending. • ALL local events should be run through the foundation. This would include registrations, accounting, contracts, etc.
Looking Forward • Relationships with other organizations • CoSponsorship • 2010 Call For Conferences • Sponsorship/membership packages for corp. • Be a part of the solution – volunteer for the Conferences Committee!