OWASP - User contributions [en]

File:Aspect Security Logo.jpg

2016-10-17T18:41:59Z

Kerryjorichards: Kerryjorichards uploaded a new version of "File:Aspect Security Logo.jpg"

Aspect Security, Inc. Logo
http://www.aspectsecurity.com

File:Aspect Security Logo.jpg

2016-10-17T18:41:28Z

Kerryjorichards: Kerryjorichards uploaded a new version of "File:Aspect Security Logo.jpg"

Aspect Security, Inc. Logo
http://www.aspectsecurity.com

File:Aspect Security Logo.jpg

2016-10-17T18:40:51Z

Kerryjorichards: Kerryjorichards uploaded a new version of "File:Aspect Security Logo.jpg"

Aspect Security, Inc. Logo
http://www.aspectsecurity.com

User:Kerryjorichards

2015-12-04T21:37:13Z

Kerryjorichards:

I have over 15 years of experience in technology marketing and community building. I recently joined Aspect Security and am new to the application security community. I expect that my generalized anxiety about information security will be substantially increased by the end of this first year. I have a special interest in increasing the participation of women in technology. I look forward to connecting with others!

REST Security Cheat Sheet

2015-12-04T21:35:29Z

Kerryjorichards: updated broken link under Whitelist allowable methods section

__NOTOC__
<div style="width:100%;height:160px;border:0,margin:0;overflow: hidden;">[[File:Cheatsheets-header.jpg|link=]]</div>

{| style="padding: 0;margin:0;margin-top:10px;text-align:left;" |-
| valign="top" style="border-right: 1px dotted gray;padding-right:25px;" |
Last revision (mm/dd/yy): '''{{REVISIONMONTH}}/{{REVISIONDAY}}/{{REVISIONYEAR}}'''
= Introduction =
__TOC__{{TOC hidden}}

[http://en.wikipedia.org/wiki/Representational_state_transfer REST] (or REpresentational State Transfer) is a means of expressing specific entities in a system by URL path elements. REST is not an architecture but it is an architectural style to build services on top of the Web. REST allows interaction with a web-based system via simplified URLs rather than complex request body or <tt>POST</tt> parameters to request specific items from the system. This document serves as a guide (although not exhaustive) of best practices to help REST-based services.

= Authentication and session management =

RESTful web services should use session-based authentication, either by establishing a session token via a POST or by using an API key as a POST body argument or as a cookie. Usernames, passwords, session tokens, and API keys should not appear in the URL, as this can be captured in web server logs, which makes them intrinsically valuable.

OK:

* [https://example.com/resourceCollection/123/action https://example.com/resourceCollection/<id>/action]
* https://twitter.com/vanderaj/lists

NOT OK:

* [https://example.com/controller/123/action?apiKey=a53f435643de32 https://example.com/controller/<id>/action?apiKey=a53f435643de32] (API Key in URL)
* [http://example.com/controller/123/action?apiKey=a53f435643de32 http://example.com/controller/<id>/action?apiKey=a53f435643de32] (transaction not protected by TLS; API Key in URL)

== Protect Session State ==

Many web services are written to be as stateless as possible. This usually ends up with a state blob being sent as part of the transaction.

* Consider using only the session token or API key to maintain client state in a server-side cache. This is directly equivalent to how normal web apps do it, and there's a reason why this is moderately safe.
* Anti-replay. Attackers will cut and paste a blob and become someone else. Consider using a time limited encryption key, keyed against the session token or API key, date and time, and incoming IP address. In general, implement some protection of local client storage of the authentication token to mitigate replay attacks.
* Don't make it easy to decrypt; change the internal state to be much better than it should be.

In short, even if you have a brochureware web site, don't put in <tt>https://example.com/users/2313/edit?isAdmin=false&debug=false&allowCSRPanel=false</tt> as you will quickly end up with a lot of admins, and help desk helpers, and "developers".

= Authorization =

== Anti-farming ==

Many RESTful web services are put up, and then farmed, such as a price matching website or aggregation service. There's no technical method of preventing this use, so strongly consider means to encourage it as a business model by making high velocity farming is possible for a fee, or contractually limiting service using terms and conditions. CAPTCHAs and similar methods can help reduce simpler adversaries, but not well funded or technically competent adversaries. Using mutually assured client side TLS certificates may be a method of limiting access to trusted organizations, but this is by no means certain, particularly if certificates are posted deliberately or by accident to the Internet.

== Protect HTTP methods ==

RESTful API often use GET (read), POST (create), PUT (replace/update) and DELETE (to delete a record). Not all of these are valid choices for every single resource collection, user, or action. Make sure the incoming HTTP method is valid for the session token/API key and associated resource collection, action, and record. For example, if you have an RESTful API for a library, it's not okay to allow anonymous users to DELETE book catalog entries, but it's fine for them to GET a book catalog entry. On the other hand, for the librarian, both of these are valid uses.

== Whitelist allowable methods ==

It is common with RESTful services to allow multiple methods for a given URL for different operations on that entity. For example, a <tt>GET</tt> request might read the entity while <tt>PUT</tt> would update an existing entity, <tt>POST</tt> would create a new entity, and <tt>DELETE</tt> would delete an existing entity. It is important for the service to properly restrict the allowable verbs such that only the allowed verbs would work, while all others would return a proper response code (for example, a <tt>403 Forbidden</tt>).

In Java EE in particular, this can be difficult to implement properly. See [http://www.aspectsecurity.com/research-presentations/bypassing-vbaac-with-http-verb-tampering Bypassing Web Authentication and Authorization with HTTP Verb Tampering] for an explanation of this common misconfiguration.

== Protect privileged actions and sensitive resource collections ==

Not every user has a right to every web service. This is vital, as you don't want administrative web services to be misused:

* https://example.com/admin/exportAllData

The session token or API key should be sent along as a cookie or body parameter to ensure that privileged collections or actions are properly protected from unauthorized use.

== Protect against cross-site request forgery ==

For resources exposed by RESTful web services, it's important to make sure any PUT, POST, and DELETE request is protected from Cross Site Request Forgery. Typically one would use a token-based approach. See [[Cross-Site Request Forgery (CSRF) Prevention Cheat Sheet]] for more information on how to implement CSRF-protection.

CSRF is easily achieved even using random tokens if any XSS exists within your application, so please make sure you understand [[XSS (Cross Site Scripting) Prevention Cheat Sheet|how to prevent XSS]].

== Insecure direct object references ==

It may seem obvious, but if you had a bank account REST web service, you'd have to make sure there is adequate checking of primary and foreign keys:

* https://example.com/account/325365436/transfer?amount=$100.00&toAccount=473846376

In this case, it would be possible to transfer money from any account to any other account, which is clearly absurd. Not even a random token makes this safe.

* https://example.com/invoice/2362365

In this case, it would be possible to get a copy of all invoices.

This is essentially a data-contextual access control enforcement need. A URL or even a POSTed form should NEVER contain an access control "key" or similar that provides automatic verification. A data contextual check needs to be done, server side, with each request.

= Input validation =

== Input validation 101 ==

Everything you know about input validation applies to RESTful web services, but add 10% because automated tools can easily fuzz your interfaces for hours on end at high velocity. So:

* Assist the user > Reject input > Sanitize (filtering) > No input validation

Assisting the user makes the most sense, as the most common scenario is "problem exists between keyboard and computer" (PEBKAC). Help the user input high quality data into your web services, such as ensuring a Zip code makes sense for the supplied address, or the date makes sense. If not, reject that input. If they continue on, or it's a text field or some other difficult to validate field, input sanitization is a losing proposition but still better than XSS or SQL injection. If you're already reduced to sanitization or no input validation, make sure output encoding is very strong for your application.

Log input validation failures, particularly if you assume that client-side code you wrote is going to call your web services. The reality is that anyone can call your web services, so assume that someone who is performing hundreds of failed input validations per second is up to no good. Also consider rate limiting the API to a certain number of requests per hour or day to prevent abuse.

== Secure parsing ==

Use a secure parser for parsing the incoming messages. If you are using XML, make sure to use a parser that is not vulnerable to [https://www.owasp.org/index.php/XML_External_Entity_(XXE)_Processing XXE] and similar attacks.

== Strong typing ==

It's difficult to perform most attacks if the only allowed values are true or false, or a number, or one of a small number of acceptable values. Strongly type incoming data as quickly as possible.

== Validate incoming content-types ==

When POSTing or PUTting new data, the client will specify the Content-Type (e.g. <tt>application/xml</tt> or <tt>application/json</tt>) of the incoming data. The server should never assume the Content-Type; it should always check that the Content-Type header and the content are the same type. A lack of Content-Type header or an unexpected Content-Type header should result in the server rejecting the content with a <tt>406 Not Acceptable</tt> response.

== Validate response types ==

It is common for REST services to allow multiple response types (e.g. <tt>application/xml</tt> or <tt>application/json</tt>, and the client specifies the preferred order of response types by the <tt>Accept</tt> header in the request. '''Do NOT''' simply copy the <tt>Accept</tt> header to the <tt>Content-type</tt> header of the response. Reject the request (ideally with a <tt>406 Not Acceptable</tt> response) if the <tt>Accept</tt> header does not specifically contain one of the allowable types.

Because there are many MIME types for the typical response types, it's important to document for clients specifically which MIME types should be used.

== XML input validation ==

XML-based services must ensure that they are protected against common XML based attacks by using secure XML-parsing. This typically means protecting against XML External Entity attacks, XML-signature wrapping etc. See [http://ws-attacks.org http://ws-attacks.org] for examples of such attacks.

== Framework-Provided Validation ==

Many frameworks, such as [https://jersey.java.net/ Jersey], allow for validation constraints to be enforced automatically by the framework at request or response time. (See [https://jersey.java.net/documentation/latest/bean-validation.html Bean Validation Support] for more information). While this does not validate the structure of JSON or XML data before being unmarshaled, it does provide automatic validation after unmarshaling, but before the data is presented to the application.

= Output encoding =

== Send security headers ==

To make sure the content of a given resources is interpreted correctly by the browser, the server should always send the Content-Type header with the correct Content-Type, and preferably the Content-Type header should include a charset. The server should also send an <tt>X-Content-Type-Options: nosniff</tt> to make sure the browser does not try to detect a different Content-Type than what is actually sent (can lead to XSS).

Additionally the client should send an <tt>X-Frame-Options: deny</tt> to protect against drag'n drop clickjacking attacks in older browsers.

== JSON encoding ==

A key concern with JSON encoders is preventing arbitrary JavaScript remote code execution within the browser... or, if you're using node.js, on the server. It's vital that you use a proper JSON serializer to encode user-supplied data properly to prevent the execution of user-supplied input on the browser.

When inserting values into the browser DOM, strongly consider using <tt>.value</tt>/<tt>.innerText</tt>/<tt>.textContent</tt> rather than <tt>.innerHTML</tt> updates, as this protects against simple DOM XSS attacks.

== XML encoding ==

XML should never be built by string concatenation. It should always be constructed using an XML serializer. This ensures that the XML content sent to the browser is parseable and does not contain XML injection. For more information, please see the [[Web Service Security Cheat Sheet]].

= Cryptography =

== Data in transit ==

Unless the public information is completely read-only, the use of TLS should be mandated, particularly where credentials, updates, deletions, and any value transactions are performed. The overhead of TLS is negligible on modern hardware, with a minor latency increase that is more than compensated by safety for the end user.

Consider the use of mutually authenticated client-side certificates to provide additional protection for highly privileged web services.

== Data in storage ==

Leading practices are recommended as per any web application when it comes to correctly handling stored sensitive or regulated data. For more information, please see [[Top 10 2010-A7|OWASP Top 10 2010 - A7 Insecure Cryptographic Storage]].

= Related articles =

{{Cheatsheet_Navigation}}

= Authors and primary editors =

Erlend Oftedal - erlend.oftedal@owasp.org 
Andrew van der Stock - vanderaj@owasp.org 

== Other cheatsheets ==

{{Cheatsheet_Navigation_Body}}

|}

[[Category:Cheatsheets]]

Women In AppSec

2015-10-23T16:04:47Z

Kerryjorichards:

=WELCOME=

==Women in Application Security Program==

The purpose of the Women in AppSec Program is to increase the visibility and participation of women in application security. The program was successfully launched in 2011 at AppSec USA, and the aim is to run the program at every OWASP Global AppSec going forward. Most recently, at AppSec EU in Amsterndam in May 2015, a program with the theme "Women in AppSec - Making it Happen" was launched and both a panel and a workshop were included at the event.

The Women in AppSec program is for any OWASP member who believes that diversity is important to the success of the organization, as well as for women looking to learn more about AppSec or who want to make career connections with like-minded colleagues. This includes female undergraduate and graduate students, instructors, and professionals who are dedicated to information security or application development.

'''AppSec USA 2015''' 
Currently, there is an effort to plan activities for AppSec USA 2015. Volunteers are eagerly sought to support the program at AppSec USA! We are especially excited to invite the founders of the '''InfoSec Girls''' initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We are very close to our goal and know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world. '''Donate now:''' 

<paypal>Women In AppSec</paypal>

'''Want to find out more?''' Join the weekly meeting - reach out via the [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support]. Fill out the survey to let us know how you'd like to participate! https://www.surveymonkey.com/r/SRNLD7H

Regional conferences are also encouraged to host the Women in AppSec program. Contact us via the [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support] to discuss how to successfully run a program at your event.

{|
|-
! width="400" align="left" |
! width="400" align="left" |
|-
| align="left" | [[Image:WiAAPAC3.jpg| left|330px]] 
| align="left" | [[Image:IMG_5579.JPG|left|325px]]
| align="left" | [[Image:WiAAPAC2.jpg|left|330px]]

|}

==Contact Us==

If you are interested in another piece of OWASP design for your event or project, please let us know by using the [http://owasp4.owasp.org/contactus.html OWASP Contact Us form].

==Links==
*[https://www.isc2.org/PressReleaseDetails.aspx?id=11240 (ISC)²® Report Reveals Women's Perspective and Skills are Transforming the Information Security Industry October 29, 2013].

*[https://www.youtube.com/watch?v=62i4o15NbgA&list=PLpr-xdpM8wG8ODR2zWs06JkMmlRiLyBXU&index=42 Women in AppSec Panel at AppSec USA 2013: Women in Information Security: Who Are We? Where Are We Going? Why? -- Joan Goodchild (Audio Only)]

=ABOUT THE PROGRAM=

The OWASP Foundation, in recognition of value to both organizations and society, is working to support and enhance programs that increase the participation of women in the field of information and application security. The OWASP Foundation Women in AppSec Program provides merit-based funding for women to attend participating OWASP AppSec conferences. OWASP’s current program objective is to encourage female students at both the undergraduate and graduate levels, instructors, and professional working women who are dedicated to a career in information security and/or application development, to expand their skills and pursue application security. Interested applicants are encouraged to apply to the program running within their region of residence. 

'''AppSec USA 2015''' 
The Women in AppSec (WIA) program is for all OWASP members who believe that diversity is important to the success of an organization, as well as for women who want to make career connections with like-minded colleagues. We encourage you to attend our session on Thursday at 3:30pm in Room F, featuring the founders of InfoSec Girls, Apoorva Giri and Shruthi Kamath. 
We also invite you to join us for our networking and “Birds of a Feather” sessions on on Thursday in WIA meeting room . Stop by anytime between 10:00am and 3:30pm to meet other members and learn more about the WIA program. You can also suggest a discussion topic on the sign-up at the room entrance. 
Sponsorship opportunities for commercial organizations and OWASP chapters are also available. Please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information about sponsorship packages.

=PREVIOUS WIA ACTIVITIES=

== AppSec EU 2015 ==
During AppSec EU there was a panel discussion and workshop supported by the Women in AppSec initiative. Through these sessions we hoped to encourage women to pursue a career in AppSec and help them realize it is an option for them. These sessions was be open to all so we can help build support for the women around us. Learn more here: [http://2015.appsec.eu/women-in-application-security/ http://2015.appsec.eu/women-in-application-security] 

'''Panel: "Women in AppSec - Making it Happen"''' 
During this panel session we discussed what can be done to Make it Happen for Women in AppSec going forward. What have those currently working in the field done to Make it Happen for themselves and other women; what tips and advice do they have to help you do to make a career for yourself or encourage those around you (sister, friend, daughter, etc…) to pursue a career in AppSec? What can we as professionals can do to help encourage girls to go for a career in AppSec?

'''Workshop''' 
During the workshop we introduced female attendees of the conference to what a career in App Sec can involve. We discussed application security and the many career paths available. We hope to build relationships that may lead to a mentoring program for these women.

== AppSec USA 2013 ==
Learn more about the program here: [http://2013.appsecusa.org/2013/activities/owasp-women-in-application-security-appsec-program/index.html http://2013.appsecusa.org/2013/activities/owasp-women-in-application-security-appsec-program/index.html]

==WIA Attendee Sponsorship==

In the past, when we have offered sponsorships, we have typically had two winners selected for the sponsorship award; however, the number of winners depends on how much you can afford to sponsor. We recommend that you raise $3000 USD for each winner, at least. In the past, we have given each winner a free conference pass, one free training, and free travel and accommodation to attend the event.
[[Image:IMG_5746.JPG|right|500x260px]]
Below is the list of eligibility criteria used to select WIA sponsorship winners at AppSec USA 2013.

* Has provided 2 responsive contacts as reference, and both references are familiar with the candidate, application security, and OWASP.
* Both references have provided letters of recommendation.
* Has relevant/appropriate achievement goals for attending the conference.
* Is the applicant from the region that the conference is taking place in.
* Has background in volunteering for OWASP or similar organizations.
* Has participated in one of OWASP's programs or activities?
* Is either studying, wishing to study, working in AppSec, or interested in working in AppSec.
* Has financial need.
* Is a paid OWASP member, and/or employer/school is an OWASP sponsor.
* Has an interest in exploring application security

We encourage you to create your own set of criteria that will fit the Women In AppSec that you are planning within your region. The criteria above is meant to be a guideline of what has been used in the past.

=PLANNING A WIA EVENT=
==Planning a WIA Event==

The majority of the planning involved in running the Women in AppSec Program occurs before the conference or regional event. Below, you will find a brief outline of the tasks your team will have to take on.

'''Planning & Selection Team''' 

The first step you will need to take care of is the selection of your planning and selection team. These are the individuals that will be helping you manage the pre-event planning process and the selection of the sessions during the event. You will typically need a team of 5-6 people. The selection committee will then be broken down into several sub-teams of one to two people who will then work on sponsorship, marketing, the grading process, and the call for entries.

'''Sub-Team Roles''' 

''Sponsorship''

Two people should be responsible for developing the materials and seeking out sponsorships for the program. They will be in charge of creating the sponsorship packages, flyers, and seeking out sponsorship from other chapters and organizations.

''Marketing''

At least two people should be responsible for marketing the event. Their job will consist of putting together press releases, keeping the event planners updated on progress, and
communicating progress to the overall community. They will also be responsible for getting the message out when the team is ready to start accepting applicants.

'''Budget''' 
As mentioned above, it is up to your team to decide what it is you wish to do during the event - that will determine the budget.

'''Sponsorship''' 
It is very important to start reaching out to the overall OWASP community and their corporate contacts as potential sponsorship leads. Develop a Sponsorship Strategy and put together a sponsorship flyer outlining the program, what you are seeking, and the benefits of sponsorship. Give incentive for sponsorship and details about the program to get potential sponsors interested. Make sure to include the successes of past Women in AppSec conference events. Once you have your materials and sponsorship packages sorted, you can get started with sponsorship seeking activities.

==During the conference==
Be sure the engage the women attending the conference in the sessions you have organized: encourage them to not only attend but to be active participants. It's not all about the women try and encourage some men to get involved and attend also, for this initiative to be successful it must be inclusive.

==Post-Conference==

After the conference, it is very important to gather feedback from the participants to make sure they enjoyed the experience. Ask them for a brief description about their experience, with a picture attached for the website. Then write up a review and lessons learned page to document the experience with the program. Make sure to include what can be improved upon in the future.

==Global AppSec Conferences==

[[Image:Appsec_APAC.jpg|right|x375px]]
OWASP AppSec conferences bring together industry, government, security researchers, and practitioners to discuss the state of the art in software security. This series was launched in the United States in 2004 and Europe in 2005. Global AppSec conferences are held annually in North America, Latin America, Europe, and Asia Pacific. Additionally, regional events are held in locations such as Brazil, China, India, Ireland, Israel, and Washington D.C just to name a few. The aim of the foundation is to bring the Women in AppSec Program to all of our regional and global events.

'''AppSec APAC'''

The AppSec APAC global conference takes place in the Asian-Pacific region. This conference is a reunion of local software security leaders, and aims to present cutting-edge ideas to attendees. OWASP events attract a worldwide audience interested in “what’s next”, and this global conference is no different. The conference is expected to draw 200-250 technologists each year from Government, Financial Services, Media, Pharmaceuticals, Healthcare, Technology, and many more. Women from the Asia-Pacific region are encouraged to apply to the program taking place during AppSec APAC.

'''AppSec EU'''

The AppSec EU global conference take place in the European region. Executives from Fortune 500 firms along with technical thought leaders such as security architects and lead developers, travel to hear the cutting-edge ideas presented by the software security industry's top talent. This conference is expected to draw 400-500 attendees each year from various regions within the Europe and beyond. Women from the European region are encouraged to apply to the program taking place during AppSec EU Research

'''AppSec Latam'''

The AppSec LATAM global conference takes place in the Latin American region. AppSec LATAM is a reunion of Latin American, software security leaders, providing a platform to discuss, participate in, and innovate within the software security industry. The conference is expected to draw 200-250 attendees from the Latin American region and beyond. Women in the Latin American region are encouraged to apply to the program taking place during AppSec LATAM.

'''AppSec USA'''

The AppSec USA global conference takes place in the North American region. AppSec USA is a world-class software security conference for technologists, auditors, risk managers, and entrepreneurs, gathering the world's top practitioner, to share the latest research and practices. This conference is expected to draw over 300 attendees within the North American region. AppSec USA is typically OWASP's biggest conference of the year so women are encouraged to apply to the program taking place during AppSec USA if they live or will be traveling from within North America.

=APPSEC USA 2015=
The Women in AppSec (WIA) program is for all OWASP members who believe that diversity is important to the success of an organization, as well as for women who want to make career connections with like-minded colleagues. We encourage you to attend our session on Thursday at 3:30pm in Room F, featuring the founders of InfoSec Girls, Apoorva Giri and Shruthi Kamath. 

We also invite you to join us for our networking and “Birds of a Feather” sessions on on Thursday in WIA meeting room . Stop by anytime between 10:00am and 3:30pm to meet other members and learn more about the WIA program. You can also suggest a discussion topic on the sign-up at the room entrance. 
Interested in getting involved? [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support].

'''About InfoSec Girls''' 
Based in India, [https://infosecgirls.in/ InfoSec Girls] educates women about information security both at the community level and as a career option. Their kickoff event at C0c0n 2014 in Kochi, Kerala attracted 130 women and was the first event of it’s kind in the region.

Founders Apoorva Giri and Shruthi Kamath have spoken extensively on cybersecurity and women’s issues in India. Their efforts to bring awareness of cybersecurity to a wider audience has empowered women and girls to consider security careers as well as protect themselves online. They are also members of OWASP WIA.

At AppSec USA in September, they will inspire and inform your organization’s diversity and education programs, as well as give individual OWASP members ideas on how they can contribute to the application security education effort. 

'''Sponsorship opportunities''' 
Sponsorship opportunities for commercial organizations and OWASP chapters are available. Please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information about sponsorship packages.

=PAST WINNERS=
==Previous Women in AppSec Winners==
Following their experience at AppSec, winners are encouraged to write a short piece about their experience at the conference and their participation in the Women in AppSec program. Here, they outline their experience with the Women in AppSec Program in their own words.

'''Carrie Schaper, 2013 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Carrie Schaper Small.jpg|100px]]
| align="justify" |"OWASP Appsec proved to be a great experience for me, uniting and interacting with friends, professionals, and colleagues from the Information Security space from across the US and Internationally whom were in attendance. The huge space and well organized functions such as the: trainings, expert talks, panels, bug-bounty, lock-picking village and social events all enhanced the conference experience. Participating on the Women in IT panel was a wonderful experience, as many women were in attendance and participated in collaborative discussions. OWASP Appsec held in NY this year, was a premier NY conference not to be missed. Thank you to OWASP, its attendees and organizers."
|}
 

'''Nancy Lornston, 2013 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Nancy Lorntson Small.jpg|100px]]
| align="justify" |"AppSec 2013 was an awesome experience! Nowhere in the world can you find the top security experts all in one place at one time (and participate in a marriage proposal!). The conference presentations were well organized and the speakers were prepared to share pros, cons, successes and failures of their work in order to advance the application security domain. The variety of vendors was terrific as well.

The Women in AppSec panel was an opportunity to advance women's position in the community. Each speaker shared some very candid remarks about their personal experiences and by the end, it was clear that while more work needs to be done, there is a sincere interest by companies, universities and the industry in general to work on doing the things needed to attract more women to the profession.

The training course I attended (Open source tools) lived up to it's billing and I came away with several invaluable tips and strategies to improve our program.

A huge thank you to the Women in App Sec Panel and OWASP in general for this opportunity to attend the premier Application Security Conference in the world."
|}
 

'''Tara Wilson, 2011 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Tara wilson.jpg|100px]]
| align="justify" |“Being fortunate enough to receive the Women in AppSec sponsorhsip is a unique and valuable experience. It is a great opportunity for women to have a chance to bolster their skills and dive deep into the world of application security. I found that attending the conference was not only a great way to experience what the OWASP community has to offer, but it also gives students a chance to network with a great group of people who are passionate about their field and willing to share a wealth of information.”
|}
 

'''Chandni Bhowmik, 2011 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Chandni_bhowmik.jpg|100px]]
| align="justify" |Chandni Bhowmik is currently completing an M.S. in Computer Security and Information Assurance at the Rochester Institute of Technology (RIT). Her first introduction to OWASP was through the project WebScarab during an application security lab last spring at RIT and her interest in OWASP grew ever since. Over the summer, she started programming open source web applications using built-in security features of Django and Python. She is interested in becoming an information security researcher, and hopes to leverage learning at OWASP AppSec USA 2011 in ad-hoc architecture, mobile platforms and over-all concepts of web application security. Besides secure programming, Chandni enjoys her current research involving digital image forensics and machine learning. In addition to attending school, she has interned in IT security and compliance at Paychex, a Rochester based payroll processing company, and gained industrial experience working an assistant systems engineer for Tata Consultancy Services, a global IT firm.
|}
 

=WIA SPONSORS=
We'd like to offer a warm thanks to the individuals and organizations that have sponsored the OWASP Women in Technology project. 
==Diamond Sponsors==
 
[[File:Netflix_Logo_Print_FourColorCMYK_Small.png]] 
==Platinum Sponsors==
==Gold Sponsors==
==Silver Sponsors==
 
[[File:Owasp-bangalore-logo.png]] 
'''OWASP BOSTON''' ‎
'''OWASP CHICAGO''' ‎
'''OWASP DENVER''' ‎
[[File:Owasp_logo_ireland_small.jpg‎]] '''OWASP Dublin-Ireland''' 
'''OWASP GERMANY''' ‎
[[File:Owaspjapan.png]] 
[[File:New_OWASP_LA_Logo-08-2014.jpg]] 
'''OWASP MINNEAPOLIS ST. PAUL''' 
'''OWASP NETHERLANDS''' 
[[File:Owaspnyc.jpeg]]'''OWASP NYC''' 
'''OWASP NORWAY''' 

=SPONSOR WIA=
==Sponsor WIA==
We'd like to offer a warm thanks to the individuals and organizations that have sponsored the OWASP Women in Technology project. If your organization would like to discuss sponsorship, please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information. 

'''Sponsorship Packages for AppSec USA 2015:''' 
'''Silver:''' Donate $500 or more, get your company name and logo on the WIA Wiki Sponsorship Tab from now until June 2016. (10 sponsorships available) 
'''Gold:''' Donate $1500 or more, get your company name and logo on the WIA Wiki Sponsorship Tab from now until June 2016 and put your literature on the table in the WIA meeting room at AppSec USA (8 sponsorships available). 
'''Platinum:''' Donate $2500 or more, all of the above place a banner stand in the WIA meeting room at AppSec USA and have your company logo/social handle on the screen at the WIA session. (5 Sponsorships available). 
'''Diamond:''' Donate $3500 or more, all of the above plus introduce the WIA speakers at the AppSec USA WIA session. (1 Sponsorship available).

=CONTACT US=

==Contact Us==

If you are interested in another piece of OWASP design for your event or project, please let us know by using the [http://owasp4.owasp.org/contactus.html OWASP Contact Us form].

<headertabs />

Women In AppSec

2015-08-25T14:51:28Z

Kerryjorichards: /* WELCOME */

=WELCOME=

==Women in Application Security Program==

The purpose of the Women in AppSec Program is to increase the participation of women in the field of application security. The program was successfully launched in 2011 at AppSec USA, and the aim is to run the program at every OWASP Global AppSec going forward. Most recently, at AppSec EU in Amsterndam in May 2015, a program with the theme "Women in AppSec - Making it Happen" was launched and both a panel and a workshop were included at the event.

The Women in AppSec program is for any OWASP member who believes that diversity is important to the success of the organization, as well as for women looking to learn more about AppSec or who want to make career connections with like-minded colleagues. This includes female undergraduate and graduate students, instructors, and professionals who are dedicated to information security or application development.

'''AppSec USA 2015''' 
Currently, there is an effort to plan activities for AppSec USA 2015. Volunteers are eagerly sought to support the program at AppSec USA! We are especially excited to invite the founders of the '''InfoSec Girls''' initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We are very close to our goal and know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world. '''Donate now:''' 

<paypal>Women In AppSec</paypal>

'''Want to find out more?''' Join the weekly meeting - reach out via the [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support].

Regional conferences are also encouraged to host the Women in AppSec program. Contact us via the [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support] to discuss how to successfully run a program at your event.

{|
|-
! width="400" align="left" |
! width="400" align="left" |
|-
| align="left" | [[Image:WiAAPAC3.jpg| left|330px]] 
| align="left" | [[Image:IMG_5579.JPG|left|325px]]
| align="left" | [[Image:WiAAPAC2.jpg|left|330px]]

|}

==Contact Us==

If you are interested in another piece of OWASP design for your event or project, please let us know by using the [http://owasp4.owasp.org/contactus.html OWASP Contact Us form].

==Links==
*[https://www.isc2.org/PressReleaseDetails.aspx?id=11240 (ISC)²® Report Reveals Women's Perspective and Skills are Transforming the Information Security Industry October 29, 2013].

*[https://www.youtube.com/watch?v=62i4o15NbgA&list=PLpr-xdpM8wG8ODR2zWs06JkMmlRiLyBXU&index=42 Women in AppSec Panel at AppSec USA 2013: Women in Information Security: Who Are We? Where Are We Going? Why? -- Joan Goodchild (Audio Only)]

=ABOUT THE PROGRAM=

The OWASP Foundation, in recognition of value to both organizations and society, is working to support and enhance programs that increase the participation of women in the field of information and application security. The OWASP Foundation Women in AppSec Program provides merit-based funding for women to attend participating OWASP AppSec conferences. OWASP’s current program objective is to encourage female students at both the undergraduate and graduate levels, instructors, and professional working women who are dedicated to a career in information security and/or application development, to expand their skills and pursue application security. Interested applicants are encouraged to apply to the program running within their region of residence. 

'''AppSec USA 2015''' 
The Women in AppSec (WIA) program is for all OWASP members who believe that diversity is important to the success of an organization, as well as for women who want to make career connections with like-minded colleagues. We encourage you to attend our session on Thursday at 3:30pm in Room F, featuring the founders of InfoSec Girls, Apoorva Giri and Shruthi Kamath. 
We also invite you to join us for our networking and “Birds of a Feather” sessions on on Thursday in WIA meeting room . Stop by anytime between 10:00am and 3:30pm to meet other members and learn more about the WIA program. You can also suggest a discussion topic on the sign-up at the room entrance. 
Sponsorship opportunities for commercial organizations and OWASP chapters are also available. Please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information about sponsorship packages.

=PREVIOUS WIA ACTIVITIES=

== AppSec EU 2015 ==
During AppSec EU there was a panel discussion and workshop supported by the Women in AppSec initiative. Through these sessions we hoped to encourage women to pursue a career in AppSec and help them realize it is an option for them. These sessions was be open to all so we can help build support for the women around us. Learn more here: [http://2015.appsec.eu/women-in-application-security/ http://2015.appsec.eu/women-in-application-security] 

'''Panel: "Women in AppSec - Making it Happen"''' 
During this panel session we discussed what can be done to Make it Happen for Women in AppSec going forward. What have those currently working in the field done to Make it Happen for themselves and other women; what tips and advice do they have to help you do to make a career for yourself or encourage those around you (sister, friend, daughter, etc…) to pursue a career in AppSec? What can we as professionals can do to help encourage girls to go for a career in AppSec?

'''Workshop''' 
During the workshop we introduced female attendees of the conference to what a career in App Sec can involve. We discussed application security and the many career paths available. We hope to build relationships that may lead to a mentoring program for these women.

== AppSec USA 2013 ==
Learn more about the program here: [http://2013.appsecusa.org/2013/activities/owasp-women-in-application-security-appsec-program/index.html http://2013.appsecusa.org/2013/activities/owasp-women-in-application-security-appsec-program/index.html]

==WIA Attendee Sponsorship==

In the past, when we have offered sponsorships, we have typically had two winners selected for the sponsorship award; however, the number of winners depends on how much you can afford to sponsor. We recommend that you raise $3000 USD for each winner, at least. In the past, we have given each winner a free conference pass, one free training, and free travel and accommodation to attend the event.
[[Image:IMG_5746.JPG|right|500x260px]]
Below is the list of eligibility criteria used to select WIA sponsorship winners at AppSec USA 2013.

* Has provided 2 responsive contacts as reference, and both references are familiar with the candidate, application security, and OWASP.
* Both references have provided letters of recommendation.
* Has relevant/appropriate achievement goals for attending the conference.
* Is the applicant from the region that the conference is taking place in.
* Has background in volunteering for OWASP or similar organizations.
* Has participated in one of OWASP's programs or activities?
* Is either studying, wishing to study, working in AppSec, or interested in working in AppSec.
* Has financial need.
* Is a paid OWASP member, and/or employer/school is an OWASP sponsor.
* Has an interest in exploring application security

We encourage you to create your own set of criteria that will fit the Women In AppSec that you are planning within your region. The criteria above is meant to be a guideline of what has been used in the past.

=PLANNING A WIA EVENT=
==Planning a WIA Event==

The majority of the planning involved in running the Women in AppSec Program occurs before the conference or regional event. Below, you will find a brief outline of the tasks your team will have to take on.

'''Planning & Selection Team''' 

The first step you will need to take care of is the selection of your planning and selection team. These are the individuals that will be helping you manage the pre-event planning process and the selection of the sessions during the event. You will typically need a team of 5-6 people. The selection committee will then be broken down into several sub-teams of one to two people who will then work on sponsorship, marketing, the grading process, and the call for entries.

'''Sub-Team Roles''' 

''Sponsorship''

Two people should be responsible for developing the materials and seeking out sponsorships for the program. They will be in charge of creating the sponsorship packages, flyers, and seeking out sponsorship from other chapters and organizations.

''Marketing''

At least two people should be responsible for marketing the event. Their job will consist of putting together press releases, keeping the event planners updated on progress, and
communicating progress to the overall community. They will also be responsible for getting the message out when the team is ready to start accepting applicants.

'''Budget''' 
As mentioned above, it is up to your team to decide what it is you wish to do during the event - that will determine the budget.

'''Sponsorship''' 
It is very important to start reaching out to the overall OWASP community and their corporate contacts as potential sponsorship leads. Develop a Sponsorship Strategy and put together a sponsorship flyer outlining the program, what you are seeking, and the benefits of sponsorship. Give incentive for sponsorship and details about the program to get potential sponsors interested. Make sure to include the successes of past Women in AppSec conference events. Once you have your materials and sponsorship packages sorted, you can get started with sponsorship seeking activities.

==During the conference==
Be sure the engage the women attending the conference in the sessions you have organized: encourage them to not only attend but to be active participants. It's not all about the women try and encourage some men to get involved and attend also, for this initiative to be successful it must be inclusive.

==Post-Conference==

After the conference, it is very important to gather feedback from the participants to make sure they enjoyed the experience. Ask them for a brief description about their experience, with a picture attached for the website. Then write up a review and lessons learned page to document the experience with the program. Make sure to include what can be improved upon in the future.

==Global AppSec Conferences==

[[Image:Appsec_APAC.jpg|right|x375px]]
OWASP AppSec conferences bring together industry, government, security researchers, and practitioners to discuss the state of the art in software security. This series was launched in the United States in 2004 and Europe in 2005. Global AppSec conferences are held annually in North America, Latin America, Europe, and Asia Pacific. Additionally, regional events are held in locations such as Brazil, China, India, Ireland, Israel, and Washington D.C just to name a few. The aim of the foundation is to bring the Women in AppSec Program to all of our regional and global events.

'''AppSec APAC'''

The AppSec APAC global conference takes place in the Asian-Pacific region. This conference is a reunion of local software security leaders, and aims to present cutting-edge ideas to attendees. OWASP events attract a worldwide audience interested in “what’s next”, and this global conference is no different. The conference is expected to draw 200-250 technologists each year from Government, Financial Services, Media, Pharmaceuticals, Healthcare, Technology, and many more. Women from the Asia-Pacific region are encouraged to apply to the program taking place during AppSec APAC.

'''AppSec EU'''

The AppSec EU global conference take place in the European region. Executives from Fortune 500 firms along with technical thought leaders such as security architects and lead developers, travel to hear the cutting-edge ideas presented by the software security industry's top talent. This conference is expected to draw 400-500 attendees each year from various regions within the Europe and beyond. Women from the European region are encouraged to apply to the program taking place during AppSec EU Research

'''AppSec Latam'''

The AppSec LATAM global conference takes place in the Latin American region. AppSec LATAM is a reunion of Latin American, software security leaders, providing a platform to discuss, participate in, and innovate within the software security industry. The conference is expected to draw 200-250 attendees from the Latin American region and beyond. Women in the Latin American region are encouraged to apply to the program taking place during AppSec LATAM.

'''AppSec USA'''

The AppSec USA global conference takes place in the North American region. AppSec USA is a world-class software security conference for technologists, auditors, risk managers, and entrepreneurs, gathering the world's top practitioner, to share the latest research and practices. This conference is expected to draw over 300 attendees within the North American region. AppSec USA is typically OWASP's biggest conference of the year so women are encouraged to apply to the program taking place during AppSec USA if they live or will be traveling from within North America.

=APPSEC USA 2015=
The Women in AppSec (WIA) program is for all OWASP members who believe that diversity is important to the success of an organization, as well as for women who want to make career connections with like-minded colleagues. We encourage you to attend our session on Thursday at 3:30pm in Room F, featuring the founders of InfoSec Girls, Apoorva Giri and Shruthi Kamath. 

We also invite you to join us for our networking and “Birds of a Feather” sessions on on Thursday in WIA meeting room . Stop by anytime between 10:00am and 3:30pm to meet other members and learn more about the WIA program. You can also suggest a discussion topic on the sign-up at the room entrance. 
Interested in getting involved? [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support].

'''About InfoSec Girls''' 
Based in India, [https://infosecgirls.in/ InfoSec Girls] educates women about information security both at the community level and as a career option. Their kickoff event at C0c0n 2014 in Kochi, Kerala attracted 130 women and was the first event of it’s kind in the region.

Founders Apoorva Giri and Shruthi Kamath have spoken extensively on cybersecurity and women’s issues in India. Their efforts to bring awareness of cybersecurity to a wider audience has empowered women and girls to consider security careers as well as protect themselves online. They are also members of OWASP WIA.

At AppSec USA in September, they will inspire and inform your organization’s diversity and education programs, as well as give individual OWASP members ideas on how they can contribute to the application security education effort. 

'''Sponsorship opportunities''' 
Sponsorship opportunities for commercial organizations and OWASP chapters are available. Please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information about sponsorship packages.

=PAST WINNERS=
==Previous Women in AppSec Winners==
Following their experience at AppSec, winners are encouraged to write a short piece about their experience at the conference and their participation in the Women in AppSec program. Here, they outline their experience with the Women in AppSec Program in their own words.

'''Carrie Schaper, 2013 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Carrie Schaper Small.jpg|100px]]
| align="justify" |"OWASP Appsec proved to be a great experience for me, uniting and interacting with friends, professionals, and colleagues from the Information Security space from across the US and Internationally whom were in attendance. The huge space and well organized functions such as the: trainings, expert talks, panels, bug-bounty, lock-picking village and social events all enhanced the conference experience. Participating on the Women in IT panel was a wonderful experience, as many women were in attendance and participated in collaborative discussions. OWASP Appsec held in NY this year, was a premier NY conference not to be missed. Thank you to OWASP, its attendees and organizers."
|}
 

'''Nancy Lornston, 2013 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Nancy Lorntson Small.jpg|100px]]
| align="justify" |"AppSec 2013 was an awesome experience! Nowhere in the world can you find the top security experts all in one place at one time (and participate in a marriage proposal!). The conference presentations were well organized and the speakers were prepared to share pros, cons, successes and failures of their work in order to advance the application security domain. The variety of vendors was terrific as well.

The Women in AppSec panel was an opportunity to advance women's position in the community. Each speaker shared some very candid remarks about their personal experiences and by the end, it was clear that while more work needs to be done, there is a sincere interest by companies, universities and the industry in general to work on doing the things needed to attract more women to the profession.

The training course I attended (Open source tools) lived up to it's billing and I came away with several invaluable tips and strategies to improve our program.

A huge thank you to the Women in App Sec Panel and OWASP in general for this opportunity to attend the premier Application Security Conference in the world."
|}
 

'''Tara Wilson, 2011 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Tara wilson.jpg|100px]]
| align="justify" |“Being fortunate enough to receive the Women in AppSec sponsorhsip is a unique and valuable experience. It is a great opportunity for women to have a chance to bolster their skills and dive deep into the world of application security. I found that attending the conference was not only a great way to experience what the OWASP community has to offer, but it also gives students a chance to network with a great group of people who are passionate about their field and willing to share a wealth of information.”
|}
 

'''Chandni Bhowmik, 2011 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Chandni_bhowmik.jpg|100px]]
| align="justify" |Chandni Bhowmik is currently completing an M.S. in Computer Security and Information Assurance at the Rochester Institute of Technology (RIT). Her first introduction to OWASP was through the project WebScarab during an application security lab last spring at RIT and her interest in OWASP grew ever since. Over the summer, she started programming open source web applications using built-in security features of Django and Python. She is interested in becoming an information security researcher, and hopes to leverage learning at OWASP AppSec USA 2011 in ad-hoc architecture, mobile platforms and over-all concepts of web application security. Besides secure programming, Chandni enjoys her current research involving digital image forensics and machine learning. In addition to attending school, she has interned in IT security and compliance at Paychex, a Rochester based payroll processing company, and gained industrial experience working an assistant systems engineer for Tata Consultancy Services, a global IT firm.
|}
 

=WIA SPONSORS=
We'd like to offer a warm thanks to the individuals and organizations that have sponsored the OWASP Women in Technology project. 
==Diamond Sponsors==
 
[[File:Netflix_Logo_Print_FourColorCMYK_Small.png]] 
==Platinum Sponsors==
==Gold Sponsors==
==Silver Sponsors==
 
[[File:Owasp-bangalore-logo.png]] 
'''OWASP BOSTON''' ‎
'''OWASP CHICAGO''' ‎
'''OWASP DENVER''' ‎
[[File:Owasp_logo_ireland_small.jpg‎]] '''OWASP Dublin-Ireland''' 
'''OWASP GERMANY''' ‎
[[File:Owaspjapan.png]] 
[[File:New_OWASP_LA_Logo-08-2014.jpg]] 
'''OWASP MINNEAPOLIS ST. PAUL''' 
'''OWASP NETHERLANDS''' 
[[File:Owaspnyc.jpeg]]'''OWASP NYC''' 
'''OWASP NORWAY''' 

=SPONSOR WIA=
==Sponsor WIA==
We'd like to offer a warm thanks to the individuals and organizations that have sponsored the OWASP Women in Technology project. If your organization would like to discuss sponsorship, please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information. 

'''Sponsorship Packages for AppSec USA 2015:''' 
'''Silver:''' Donate $500 or more, get your company name and logo on the WIA Wiki Sponsorship Tab from now until June 2016. (10 sponsorships available) 
'''Gold:''' Donate $1500 or more, get your company name and logo on the WIA Wiki Sponsorship Tab from now until June 2016 and put your literature on the table in the WIA meeting room at AppSec USA (8 sponsorships available). 
'''Platinum:''' Donate $2500 or more, all of the above place a banner stand in the WIA meeting room at AppSec USA and have your company logo/social handle on the screen at the WIA session. (5 Sponsorships available). 
'''Diamond:''' Donate $3500 or more, all of the above plus introduce the WIA speakers at the AppSec USA WIA session. (1 Sponsorship available).

=CONTACT US=

==Contact Us==

If you are interested in another piece of OWASP design for your event or project, please let us know by using the [http://owasp4.owasp.org/contactus.html OWASP Contact Us form].

<headertabs />

Women In AppSec

2015-08-25T14:50:31Z

Kerryjorichards: /* ABOUT THE PROGRAM */

=WELCOME=

==Women in Application Security Program==

The purpose of the Women in AppSec Program is to increase the participation of women in the field of application security. The program was successfully launched in 2011 at AppSec USA, and the aim is to run the program at every OWASP Global AppSec going forward. Most recently, at AppSec EU in Amsterndam in May 2015, a program with the theme "Women in AppSec - Making it Happen" was launched and both a panel and a workshop were included at the event.

The Women in AppSec program is for any OWASP member who believes that diversity is important to the success of the organization, as well as for women looking to learn more about AppSec or who want to make career connections with like-minded colleagues. This includes female undergraduate and graduate students, instructors, and professionals who are dedicated to information security or application development.

'''AppSec USA 2015''' 
Currently, there is an effort to plan activities for AppSec USA 2015. Volunteers are eagerly sought to support the program at AppSec USA! We are especially excited to invite the founders of the '''InfoSec Girls''' initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world. '''Donate now:''' 

<paypal>Women In AppSec</paypal>

'''Want to find out more?''' Join the weekly meeting - reach out via the [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support].

Regional conferences are also encouraged to host the Women in AppSec program. Contact us via the [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support] to discuss how to successfully run a program at your event.

{|
|-
! width="400" align="left" |
! width="400" align="left" |
|-
| align="left" | [[Image:WiAAPAC3.jpg| left|330px]] 
| align="left" | [[Image:IMG_5579.JPG|left|325px]]
| align="left" | [[Image:WiAAPAC2.jpg|left|330px]]

|}

==Contact Us==

If you are interested in another piece of OWASP design for your event or project, please let us know by using the [http://owasp4.owasp.org/contactus.html OWASP Contact Us form].

==Links==
*[https://www.isc2.org/PressReleaseDetails.aspx?id=11240 (ISC)²® Report Reveals Women's Perspective and Skills are Transforming the Information Security Industry October 29, 2013].

*[https://www.youtube.com/watch?v=62i4o15NbgA&list=PLpr-xdpM8wG8ODR2zWs06JkMmlRiLyBXU&index=42 Women in AppSec Panel at AppSec USA 2013: Women in Information Security: Who Are We? Where Are We Going? Why? -- Joan Goodchild (Audio Only)]

=ABOUT THE PROGRAM=

The OWASP Foundation, in recognition of value to both organizations and society, is working to support and enhance programs that increase the participation of women in the field of information and application security. The OWASP Foundation Women in AppSec Program provides merit-based funding for women to attend participating OWASP AppSec conferences. OWASP’s current program objective is to encourage female students at both the undergraduate and graduate levels, instructors, and professional working women who are dedicated to a career in information security and/or application development, to expand their skills and pursue application security. Interested applicants are encouraged to apply to the program running within their region of residence. 

'''AppSec USA 2015''' 
The Women in AppSec (WIA) program is for all OWASP members who believe that diversity is important to the success of an organization, as well as for women who want to make career connections with like-minded colleagues. We encourage you to attend our session on Thursday at 3:30pm in Room F, featuring the founders of InfoSec Girls, Apoorva Giri and Shruthi Kamath. 
We also invite you to join us for our networking and “Birds of a Feather” sessions on on Thursday in WIA meeting room . Stop by anytime between 10:00am and 3:30pm to meet other members and learn more about the WIA program. You can also suggest a discussion topic on the sign-up at the room entrance. 
Sponsorship opportunities for commercial organizations and OWASP chapters are also available. Please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information about sponsorship packages.

=PREVIOUS WIA ACTIVITIES=

== AppSec EU 2015 ==
During AppSec EU there was a panel discussion and workshop supported by the Women in AppSec initiative. Through these sessions we hoped to encourage women to pursue a career in AppSec and help them realize it is an option for them. These sessions was be open to all so we can help build support for the women around us. Learn more here: [http://2015.appsec.eu/women-in-application-security/ http://2015.appsec.eu/women-in-application-security] 

'''Panel: "Women in AppSec - Making it Happen"''' 
During this panel session we discussed what can be done to Make it Happen for Women in AppSec going forward. What have those currently working in the field done to Make it Happen for themselves and other women; what tips and advice do they have to help you do to make a career for yourself or encourage those around you (sister, friend, daughter, etc…) to pursue a career in AppSec? What can we as professionals can do to help encourage girls to go for a career in AppSec?

'''Workshop''' 
During the workshop we introduced female attendees of the conference to what a career in App Sec can involve. We discussed application security and the many career paths available. We hope to build relationships that may lead to a mentoring program for these women.

== AppSec USA 2013 ==
Learn more about the program here: [http://2013.appsecusa.org/2013/activities/owasp-women-in-application-security-appsec-program/index.html http://2013.appsecusa.org/2013/activities/owasp-women-in-application-security-appsec-program/index.html]

==WIA Attendee Sponsorship==

In the past, when we have offered sponsorships, we have typically had two winners selected for the sponsorship award; however, the number of winners depends on how much you can afford to sponsor. We recommend that you raise $3000 USD for each winner, at least. In the past, we have given each winner a free conference pass, one free training, and free travel and accommodation to attend the event.
[[Image:IMG_5746.JPG|right|500x260px]]
Below is the list of eligibility criteria used to select WIA sponsorship winners at AppSec USA 2013.

* Has provided 2 responsive contacts as reference, and both references are familiar with the candidate, application security, and OWASP.
* Both references have provided letters of recommendation.
* Has relevant/appropriate achievement goals for attending the conference.
* Is the applicant from the region that the conference is taking place in.
* Has background in volunteering for OWASP or similar organizations.
* Has participated in one of OWASP's programs or activities?
* Is either studying, wishing to study, working in AppSec, or interested in working in AppSec.
* Has financial need.
* Is a paid OWASP member, and/or employer/school is an OWASP sponsor.
* Has an interest in exploring application security

We encourage you to create your own set of criteria that will fit the Women In AppSec that you are planning within your region. The criteria above is meant to be a guideline of what has been used in the past.

=PLANNING A WIA EVENT=
==Planning a WIA Event==

The majority of the planning involved in running the Women in AppSec Program occurs before the conference or regional event. Below, you will find a brief outline of the tasks your team will have to take on.

'''Planning & Selection Team''' 

The first step you will need to take care of is the selection of your planning and selection team. These are the individuals that will be helping you manage the pre-event planning process and the selection of the sessions during the event. You will typically need a team of 5-6 people. The selection committee will then be broken down into several sub-teams of one to two people who will then work on sponsorship, marketing, the grading process, and the call for entries.

'''Sub-Team Roles''' 

''Sponsorship''

Two people should be responsible for developing the materials and seeking out sponsorships for the program. They will be in charge of creating the sponsorship packages, flyers, and seeking out sponsorship from other chapters and organizations.

''Marketing''

At least two people should be responsible for marketing the event. Their job will consist of putting together press releases, keeping the event planners updated on progress, and
communicating progress to the overall community. They will also be responsible for getting the message out when the team is ready to start accepting applicants.

'''Budget''' 
As mentioned above, it is up to your team to decide what it is you wish to do during the event - that will determine the budget.

'''Sponsorship''' 
It is very important to start reaching out to the overall OWASP community and their corporate contacts as potential sponsorship leads. Develop a Sponsorship Strategy and put together a sponsorship flyer outlining the program, what you are seeking, and the benefits of sponsorship. Give incentive for sponsorship and details about the program to get potential sponsors interested. Make sure to include the successes of past Women in AppSec conference events. Once you have your materials and sponsorship packages sorted, you can get started with sponsorship seeking activities.

==During the conference==
Be sure the engage the women attending the conference in the sessions you have organized: encourage them to not only attend but to be active participants. It's not all about the women try and encourage some men to get involved and attend also, for this initiative to be successful it must be inclusive.

==Post-Conference==

After the conference, it is very important to gather feedback from the participants to make sure they enjoyed the experience. Ask them for a brief description about their experience, with a picture attached for the website. Then write up a review and lessons learned page to document the experience with the program. Make sure to include what can be improved upon in the future.

==Global AppSec Conferences==

[[Image:Appsec_APAC.jpg|right|x375px]]
OWASP AppSec conferences bring together industry, government, security researchers, and practitioners to discuss the state of the art in software security. This series was launched in the United States in 2004 and Europe in 2005. Global AppSec conferences are held annually in North America, Latin America, Europe, and Asia Pacific. Additionally, regional events are held in locations such as Brazil, China, India, Ireland, Israel, and Washington D.C just to name a few. The aim of the foundation is to bring the Women in AppSec Program to all of our regional and global events.

'''AppSec APAC'''

The AppSec APAC global conference takes place in the Asian-Pacific region. This conference is a reunion of local software security leaders, and aims to present cutting-edge ideas to attendees. OWASP events attract a worldwide audience interested in “what’s next”, and this global conference is no different. The conference is expected to draw 200-250 technologists each year from Government, Financial Services, Media, Pharmaceuticals, Healthcare, Technology, and many more. Women from the Asia-Pacific region are encouraged to apply to the program taking place during AppSec APAC.

'''AppSec EU'''

The AppSec EU global conference take place in the European region. Executives from Fortune 500 firms along with technical thought leaders such as security architects and lead developers, travel to hear the cutting-edge ideas presented by the software security industry's top talent. This conference is expected to draw 400-500 attendees each year from various regions within the Europe and beyond. Women from the European region are encouraged to apply to the program taking place during AppSec EU Research

'''AppSec Latam'''

The AppSec LATAM global conference takes place in the Latin American region. AppSec LATAM is a reunion of Latin American, software security leaders, providing a platform to discuss, participate in, and innovate within the software security industry. The conference is expected to draw 200-250 attendees from the Latin American region and beyond. Women in the Latin American region are encouraged to apply to the program taking place during AppSec LATAM.

'''AppSec USA'''

The AppSec USA global conference takes place in the North American region. AppSec USA is a world-class software security conference for technologists, auditors, risk managers, and entrepreneurs, gathering the world's top practitioner, to share the latest research and practices. This conference is expected to draw over 300 attendees within the North American region. AppSec USA is typically OWASP's biggest conference of the year so women are encouraged to apply to the program taking place during AppSec USA if they live or will be traveling from within North America.

=APPSEC USA 2015=
The Women in AppSec (WIA) program is for all OWASP members who believe that diversity is important to the success of an organization, as well as for women who want to make career connections with like-minded colleagues. We encourage you to attend our session on Thursday at 3:30pm in Room F, featuring the founders of InfoSec Girls, Apoorva Giri and Shruthi Kamath. 

We also invite you to join us for our networking and “Birds of a Feather” sessions on on Thursday in WIA meeting room . Stop by anytime between 10:00am and 3:30pm to meet other members and learn more about the WIA program. You can also suggest a discussion topic on the sign-up at the room entrance. 
Interested in getting involved? [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support].

'''About InfoSec Girls''' 
Based in India, [https://infosecgirls.in/ InfoSec Girls] educates women about information security both at the community level and as a career option. Their kickoff event at C0c0n 2014 in Kochi, Kerala attracted 130 women and was the first event of it’s kind in the region.

Founders Apoorva Giri and Shruthi Kamath have spoken extensively on cybersecurity and women’s issues in India. Their efforts to bring awareness of cybersecurity to a wider audience has empowered women and girls to consider security careers as well as protect themselves online. They are also members of OWASP WIA.

At AppSec USA in September, they will inspire and inform your organization’s diversity and education programs, as well as give individual OWASP members ideas on how they can contribute to the application security education effort. 

'''Sponsorship opportunities''' 
Sponsorship opportunities for commercial organizations and OWASP chapters are available. Please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information about sponsorship packages.

=PAST WINNERS=
==Previous Women in AppSec Winners==
Following their experience at AppSec, winners are encouraged to write a short piece about their experience at the conference and their participation in the Women in AppSec program. Here, they outline their experience with the Women in AppSec Program in their own words.

'''Carrie Schaper, 2013 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Carrie Schaper Small.jpg|100px]]
| align="justify" |"OWASP Appsec proved to be a great experience for me, uniting and interacting with friends, professionals, and colleagues from the Information Security space from across the US and Internationally whom were in attendance. The huge space and well organized functions such as the: trainings, expert talks, panels, bug-bounty, lock-picking village and social events all enhanced the conference experience. Participating on the Women in IT panel was a wonderful experience, as many women were in attendance and participated in collaborative discussions. OWASP Appsec held in NY this year, was a premier NY conference not to be missed. Thank you to OWASP, its attendees and organizers."
|}
 

'''Nancy Lornston, 2013 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Nancy Lorntson Small.jpg|100px]]
| align="justify" |"AppSec 2013 was an awesome experience! Nowhere in the world can you find the top security experts all in one place at one time (and participate in a marriage proposal!). The conference presentations were well organized and the speakers were prepared to share pros, cons, successes and failures of their work in order to advance the application security domain. The variety of vendors was terrific as well.

The Women in AppSec panel was an opportunity to advance women's position in the community. Each speaker shared some very candid remarks about their personal experiences and by the end, it was clear that while more work needs to be done, there is a sincere interest by companies, universities and the industry in general to work on doing the things needed to attract more women to the profession.

The training course I attended (Open source tools) lived up to it's billing and I came away with several invaluable tips and strategies to improve our program.

A huge thank you to the Women in App Sec Panel and OWASP in general for this opportunity to attend the premier Application Security Conference in the world."
|}
 

'''Tara Wilson, 2011 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Tara wilson.jpg|100px]]
| align="justify" |“Being fortunate enough to receive the Women in AppSec sponsorhsip is a unique and valuable experience. It is a great opportunity for women to have a chance to bolster their skills and dive deep into the world of application security. I found that attending the conference was not only a great way to experience what the OWASP community has to offer, but it also gives students a chance to network with a great group of people who are passionate about their field and willing to share a wealth of information.”
|}
 

'''Chandni Bhowmik, 2011 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Chandni_bhowmik.jpg|100px]]
| align="justify" |Chandni Bhowmik is currently completing an M.S. in Computer Security and Information Assurance at the Rochester Institute of Technology (RIT). Her first introduction to OWASP was through the project WebScarab during an application security lab last spring at RIT and her interest in OWASP grew ever since. Over the summer, she started programming open source web applications using built-in security features of Django and Python. She is interested in becoming an information security researcher, and hopes to leverage learning at OWASP AppSec USA 2011 in ad-hoc architecture, mobile platforms and over-all concepts of web application security. Besides secure programming, Chandni enjoys her current research involving digital image forensics and machine learning. In addition to attending school, she has interned in IT security and compliance at Paychex, a Rochester based payroll processing company, and gained industrial experience working an assistant systems engineer for Tata Consultancy Services, a global IT firm.
|}
 

=WIA SPONSORS=
We'd like to offer a warm thanks to the individuals and organizations that have sponsored the OWASP Women in Technology project. 
==Diamond Sponsors==
 
[[File:Netflix_Logo_Print_FourColorCMYK_Small.png]] 
==Platinum Sponsors==
==Gold Sponsors==
==Silver Sponsors==
 
[[File:Owasp-bangalore-logo.png]] 
'''OWASP BOSTON''' ‎
'''OWASP CHICAGO''' ‎
'''OWASP DENVER''' ‎
[[File:Owasp_logo_ireland_small.jpg‎]] '''OWASP Dublin-Ireland''' 
'''OWASP GERMANY''' ‎
[[File:Owaspjapan.png]] 
[[File:New_OWASP_LA_Logo-08-2014.jpg]] 
'''OWASP MINNEAPOLIS ST. PAUL''' 
'''OWASP NETHERLANDS''' 
[[File:Owaspnyc.jpeg]]'''OWASP NYC''' 
'''OWASP NORWAY''' 

=SPONSOR WIA=
==Sponsor WIA==
We'd like to offer a warm thanks to the individuals and organizations that have sponsored the OWASP Women in Technology project. If your organization would like to discuss sponsorship, please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information. 

'''Sponsorship Packages for AppSec USA 2015:''' 
'''Silver:''' Donate $500 or more, get your company name and logo on the WIA Wiki Sponsorship Tab from now until June 2016. (10 sponsorships available) 
'''Gold:''' Donate $1500 or more, get your company name and logo on the WIA Wiki Sponsorship Tab from now until June 2016 and put your literature on the table in the WIA meeting room at AppSec USA (8 sponsorships available). 
'''Platinum:''' Donate $2500 or more, all of the above place a banner stand in the WIA meeting room at AppSec USA and have your company logo/social handle on the screen at the WIA session. (5 Sponsorships available). 
'''Diamond:''' Donate $3500 or more, all of the above plus introduce the WIA speakers at the AppSec USA WIA session. (1 Sponsorship available).

=CONTACT US=

==Contact Us==

If you are interested in another piece of OWASP design for your event or project, please let us know by using the [http://owasp4.owasp.org/contactus.html OWASP Contact Us form].

<headertabs />

Women In AppSec

2015-08-25T14:49:15Z

Kerryjorichards: /* APPSEC USA 2015 */

=WELCOME=

==Women in Application Security Program==

The purpose of the Women in AppSec Program is to increase the participation of women in the field of application security. The program was successfully launched in 2011 at AppSec USA, and the aim is to run the program at every OWASP Global AppSec going forward. Most recently, at AppSec EU in Amsterndam in May 2015, a program with the theme "Women in AppSec - Making it Happen" was launched and both a panel and a workshop were included at the event.

The Women in AppSec program is for any OWASP member who believes that diversity is important to the success of the organization, as well as for women looking to learn more about AppSec or who want to make career connections with like-minded colleagues. This includes female undergraduate and graduate students, instructors, and professionals who are dedicated to information security or application development.

'''AppSec USA 2015''' 
Currently, there is an effort to plan activities for AppSec USA 2015. Volunteers are eagerly sought to support the program at AppSec USA! We are especially excited to invite the founders of the '''InfoSec Girls''' initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world. '''Donate now:''' 

<paypal>Women In AppSec</paypal>

'''Want to find out more?''' Join the weekly meeting - reach out via the [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support].

Regional conferences are also encouraged to host the Women in AppSec program. Contact us via the [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support] to discuss how to successfully run a program at your event.

{|
|-
! width="400" align="left" |
! width="400" align="left" |
|-
| align="left" | [[Image:WiAAPAC3.jpg| left|330px]] 
| align="left" | [[Image:IMG_5579.JPG|left|325px]]
| align="left" | [[Image:WiAAPAC2.jpg|left|330px]]

|}

==Contact Us==

If you are interested in another piece of OWASP design for your event or project, please let us know by using the [http://owasp4.owasp.org/contactus.html OWASP Contact Us form].

==Links==
*[https://www.isc2.org/PressReleaseDetails.aspx?id=11240 (ISC)²® Report Reveals Women's Perspective and Skills are Transforming the Information Security Industry October 29, 2013].

*[https://www.youtube.com/watch?v=62i4o15NbgA&list=PLpr-xdpM8wG8ODR2zWs06JkMmlRiLyBXU&index=42 Women in AppSec Panel at AppSec USA 2013: Women in Information Security: Who Are We? Where Are We Going? Why? -- Joan Goodchild (Audio Only)]

=ABOUT THE PROGRAM=

The OWASP Foundation, in recognition of value to both organizations and society, is working to support and enhance programs that increase the participation of women in the field of information and application security. The OWASP Foundation Women in AppSec Program provides merit-based funding for women to attend participating OWASP AppSec conferences. OWASP’s current program objective is to encourage female students at both the undergraduate and graduate levels, instructors, and professional working women who are dedicated to a career in information security and/or application development, to expand their skills and pursue application security. Interested applicants are encouraged to apply to the program running within their region of residence. 

'''AppSec USA 2015''' 
Join the AppSecUSA 2015 Women in AppSec Program Organizing Committee on the OWASP Women in AppSec Community Group: https://myowasp.force.com. We are planning several activities for the AppSec USA event.

We are especially excited to invite the founders of the InfoSec Girls initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world. 
'''Donate now:''' 
<paypal>Women In AppSec</paypal>

Sponsorship opportunities for commercial organizations and OWASP chapters are also available. Please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information about sponsorship packages.

=PREVIOUS WIA ACTIVITIES=

== AppSec EU 2015 ==
During AppSec EU there was a panel discussion and workshop supported by the Women in AppSec initiative. Through these sessions we hoped to encourage women to pursue a career in AppSec and help them realize it is an option for them. These sessions was be open to all so we can help build support for the women around us. Learn more here: [http://2015.appsec.eu/women-in-application-security/ http://2015.appsec.eu/women-in-application-security] 

'''Panel: "Women in AppSec - Making it Happen"''' 
During this panel session we discussed what can be done to Make it Happen for Women in AppSec going forward. What have those currently working in the field done to Make it Happen for themselves and other women; what tips and advice do they have to help you do to make a career for yourself or encourage those around you (sister, friend, daughter, etc…) to pursue a career in AppSec? What can we as professionals can do to help encourage girls to go for a career in AppSec?

'''Workshop''' 
During the workshop we introduced female attendees of the conference to what a career in App Sec can involve. We discussed application security and the many career paths available. We hope to build relationships that may lead to a mentoring program for these women.

== AppSec USA 2013 ==
Learn more about the program here: [http://2013.appsecusa.org/2013/activities/owasp-women-in-application-security-appsec-program/index.html http://2013.appsecusa.org/2013/activities/owasp-women-in-application-security-appsec-program/index.html]

==WIA Attendee Sponsorship==

In the past, when we have offered sponsorships, we have typically had two winners selected for the sponsorship award; however, the number of winners depends on how much you can afford to sponsor. We recommend that you raise $3000 USD for each winner, at least. In the past, we have given each winner a free conference pass, one free training, and free travel and accommodation to attend the event.
[[Image:IMG_5746.JPG|right|500x260px]]
Below is the list of eligibility criteria used to select WIA sponsorship winners at AppSec USA 2013.

* Has provided 2 responsive contacts as reference, and both references are familiar with the candidate, application security, and OWASP.
* Both references have provided letters of recommendation.
* Has relevant/appropriate achievement goals for attending the conference.
* Is the applicant from the region that the conference is taking place in.
* Has background in volunteering for OWASP or similar organizations.
* Has participated in one of OWASP's programs or activities?
* Is either studying, wishing to study, working in AppSec, or interested in working in AppSec.
* Has financial need.
* Is a paid OWASP member, and/or employer/school is an OWASP sponsor.
* Has an interest in exploring application security

We encourage you to create your own set of criteria that will fit the Women In AppSec that you are planning within your region. The criteria above is meant to be a guideline of what has been used in the past.

=PLANNING A WIA EVENT=
==Planning a WIA Event==

The majority of the planning involved in running the Women in AppSec Program occurs before the conference or regional event. Below, you will find a brief outline of the tasks your team will have to take on.

'''Planning & Selection Team''' 

The first step you will need to take care of is the selection of your planning and selection team. These are the individuals that will be helping you manage the pre-event planning process and the selection of the sessions during the event. You will typically need a team of 5-6 people. The selection committee will then be broken down into several sub-teams of one to two people who will then work on sponsorship, marketing, the grading process, and the call for entries.

'''Sub-Team Roles''' 

''Sponsorship''

Two people should be responsible for developing the materials and seeking out sponsorships for the program. They will be in charge of creating the sponsorship packages, flyers, and seeking out sponsorship from other chapters and organizations.

''Marketing''

At least two people should be responsible for marketing the event. Their job will consist of putting together press releases, keeping the event planners updated on progress, and
communicating progress to the overall community. They will also be responsible for getting the message out when the team is ready to start accepting applicants.

'''Budget''' 
As mentioned above, it is up to your team to decide what it is you wish to do during the event - that will determine the budget.

'''Sponsorship''' 
It is very important to start reaching out to the overall OWASP community and their corporate contacts as potential sponsorship leads. Develop a Sponsorship Strategy and put together a sponsorship flyer outlining the program, what you are seeking, and the benefits of sponsorship. Give incentive for sponsorship and details about the program to get potential sponsors interested. Make sure to include the successes of past Women in AppSec conference events. Once you have your materials and sponsorship packages sorted, you can get started with sponsorship seeking activities.

==During the conference==
Be sure the engage the women attending the conference in the sessions you have organized: encourage them to not only attend but to be active participants. It's not all about the women try and encourage some men to get involved and attend also, for this initiative to be successful it must be inclusive.

==Post-Conference==

After the conference, it is very important to gather feedback from the participants to make sure they enjoyed the experience. Ask them for a brief description about their experience, with a picture attached for the website. Then write up a review and lessons learned page to document the experience with the program. Make sure to include what can be improved upon in the future.

==Global AppSec Conferences==

[[Image:Appsec_APAC.jpg|right|x375px]]
OWASP AppSec conferences bring together industry, government, security researchers, and practitioners to discuss the state of the art in software security. This series was launched in the United States in 2004 and Europe in 2005. Global AppSec conferences are held annually in North America, Latin America, Europe, and Asia Pacific. Additionally, regional events are held in locations such as Brazil, China, India, Ireland, Israel, and Washington D.C just to name a few. The aim of the foundation is to bring the Women in AppSec Program to all of our regional and global events.

'''AppSec APAC'''

The AppSec APAC global conference takes place in the Asian-Pacific region. This conference is a reunion of local software security leaders, and aims to present cutting-edge ideas to attendees. OWASP events attract a worldwide audience interested in “what’s next”, and this global conference is no different. The conference is expected to draw 200-250 technologists each year from Government, Financial Services, Media, Pharmaceuticals, Healthcare, Technology, and many more. Women from the Asia-Pacific region are encouraged to apply to the program taking place during AppSec APAC.

'''AppSec EU'''

The AppSec EU global conference take place in the European region. Executives from Fortune 500 firms along with technical thought leaders such as security architects and lead developers, travel to hear the cutting-edge ideas presented by the software security industry's top talent. This conference is expected to draw 400-500 attendees each year from various regions within the Europe and beyond. Women from the European region are encouraged to apply to the program taking place during AppSec EU Research

'''AppSec Latam'''

The AppSec LATAM global conference takes place in the Latin American region. AppSec LATAM is a reunion of Latin American, software security leaders, providing a platform to discuss, participate in, and innovate within the software security industry. The conference is expected to draw 200-250 attendees from the Latin American region and beyond. Women in the Latin American region are encouraged to apply to the program taking place during AppSec LATAM.

'''AppSec USA'''

The AppSec USA global conference takes place in the North American region. AppSec USA is a world-class software security conference for technologists, auditors, risk managers, and entrepreneurs, gathering the world's top practitioner, to share the latest research and practices. This conference is expected to draw over 300 attendees within the North American region. AppSec USA is typically OWASP's biggest conference of the year so women are encouraged to apply to the program taking place during AppSec USA if they live or will be traveling from within North America.

=APPSEC USA 2015=
The Women in AppSec (WIA) program is for all OWASP members who believe that diversity is important to the success of an organization, as well as for women who want to make career connections with like-minded colleagues. We encourage you to attend our session on Thursday at 3:30pm in Room F, featuring the founders of InfoSec Girls, Apoorva Giri and Shruthi Kamath. 

We also invite you to join us for our networking and “Birds of a Feather” sessions on on Thursday in WIA meeting room . Stop by anytime between 10:00am and 3:30pm to meet other members and learn more about the WIA program. You can also suggest a discussion topic on the sign-up at the room entrance. 
Interested in getting involved? [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support].

'''About InfoSec Girls''' 
Based in India, [https://infosecgirls.in/ InfoSec Girls] educates women about information security both at the community level and as a career option. Their kickoff event at C0c0n 2014 in Kochi, Kerala attracted 130 women and was the first event of it’s kind in the region.

Founders Apoorva Giri and Shruthi Kamath have spoken extensively on cybersecurity and women’s issues in India. Their efforts to bring awareness of cybersecurity to a wider audience has empowered women and girls to consider security careers as well as protect themselves online. They are also members of OWASP WIA.

At AppSec USA in September, they will inspire and inform your organization’s diversity and education programs, as well as give individual OWASP members ideas on how they can contribute to the application security education effort. 

'''Sponsorship opportunities''' 
Sponsorship opportunities for commercial organizations and OWASP chapters are available. Please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information about sponsorship packages.

=PAST WINNERS=
==Previous Women in AppSec Winners==
Following their experience at AppSec, winners are encouraged to write a short piece about their experience at the conference and their participation in the Women in AppSec program. Here, they outline their experience with the Women in AppSec Program in their own words.

'''Carrie Schaper, 2013 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Carrie Schaper Small.jpg|100px]]
| align="justify" |"OWASP Appsec proved to be a great experience for me, uniting and interacting with friends, professionals, and colleagues from the Information Security space from across the US and Internationally whom were in attendance. The huge space and well organized functions such as the: trainings, expert talks, panels, bug-bounty, lock-picking village and social events all enhanced the conference experience. Participating on the Women in IT panel was a wonderful experience, as many women were in attendance and participated in collaborative discussions. OWASP Appsec held in NY this year, was a premier NY conference not to be missed. Thank you to OWASP, its attendees and organizers."
|}
 

'''Nancy Lornston, 2013 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Nancy Lorntson Small.jpg|100px]]
| align="justify" |"AppSec 2013 was an awesome experience! Nowhere in the world can you find the top security experts all in one place at one time (and participate in a marriage proposal!). The conference presentations were well organized and the speakers were prepared to share pros, cons, successes and failures of their work in order to advance the application security domain. The variety of vendors was terrific as well.

The Women in AppSec panel was an opportunity to advance women's position in the community. Each speaker shared some very candid remarks about their personal experiences and by the end, it was clear that while more work needs to be done, there is a sincere interest by companies, universities and the industry in general to work on doing the things needed to attract more women to the profession.

The training course I attended (Open source tools) lived up to it's billing and I came away with several invaluable tips and strategies to improve our program.

A huge thank you to the Women in App Sec Panel and OWASP in general for this opportunity to attend the premier Application Security Conference in the world."
|}
 

'''Tara Wilson, 2011 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Tara wilson.jpg|100px]]
| align="justify" |“Being fortunate enough to receive the Women in AppSec sponsorhsip is a unique and valuable experience. It is a great opportunity for women to have a chance to bolster their skills and dive deep into the world of application security. I found that attending the conference was not only a great way to experience what the OWASP community has to offer, but it also gives students a chance to network with a great group of people who are passionate about their field and willing to share a wealth of information.”
|}
 

'''Chandni Bhowmik, 2011 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Chandni_bhowmik.jpg|100px]]
| align="justify" |Chandni Bhowmik is currently completing an M.S. in Computer Security and Information Assurance at the Rochester Institute of Technology (RIT). Her first introduction to OWASP was through the project WebScarab during an application security lab last spring at RIT and her interest in OWASP grew ever since. Over the summer, she started programming open source web applications using built-in security features of Django and Python. She is interested in becoming an information security researcher, and hopes to leverage learning at OWASP AppSec USA 2011 in ad-hoc architecture, mobile platforms and over-all concepts of web application security. Besides secure programming, Chandni enjoys her current research involving digital image forensics and machine learning. In addition to attending school, she has interned in IT security and compliance at Paychex, a Rochester based payroll processing company, and gained industrial experience working an assistant systems engineer for Tata Consultancy Services, a global IT firm.
|}
 

=WIA SPONSORS=
We'd like to offer a warm thanks to the individuals and organizations that have sponsored the OWASP Women in Technology project. 
==Diamond Sponsors==
 
[[File:Netflix_Logo_Print_FourColorCMYK_Small.png]] 
==Platinum Sponsors==
==Gold Sponsors==
==Silver Sponsors==
 
[[File:Owasp-bangalore-logo.png]] 
'''OWASP BOSTON''' ‎
'''OWASP CHICAGO''' ‎
'''OWASP DENVER''' ‎
[[File:Owasp_logo_ireland_small.jpg‎]] '''OWASP Dublin-Ireland''' 
'''OWASP GERMANY''' ‎
[[File:Owaspjapan.png]] 
[[File:New_OWASP_LA_Logo-08-2014.jpg]] 
'''OWASP MINNEAPOLIS ST. PAUL''' 
'''OWASP NETHERLANDS''' 
[[File:Owaspnyc.jpeg]]'''OWASP NYC''' 
'''OWASP NORWAY''' 

=SPONSOR WIA=
==Sponsor WIA==
We'd like to offer a warm thanks to the individuals and organizations that have sponsored the OWASP Women in Technology project. If your organization would like to discuss sponsorship, please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information. 

'''Sponsorship Packages for AppSec USA 2015:''' 
'''Silver:''' Donate $500 or more, get your company name and logo on the WIA Wiki Sponsorship Tab from now until June 2016. (10 sponsorships available) 
'''Gold:''' Donate $1500 or more, get your company name and logo on the WIA Wiki Sponsorship Tab from now until June 2016 and put your literature on the table in the WIA meeting room at AppSec USA (8 sponsorships available). 
'''Platinum:''' Donate $2500 or more, all of the above place a banner stand in the WIA meeting room at AppSec USA and have your company logo/social handle on the screen at the WIA session. (5 Sponsorships available). 
'''Diamond:''' Donate $3500 or more, all of the above plus introduce the WIA speakers at the AppSec USA WIA session. (1 Sponsorship available).

=CONTACT US=

==Contact Us==

If you are interested in another piece of OWASP design for your event or project, please let us know by using the [http://owasp4.owasp.org/contactus.html OWASP Contact Us form].

<headertabs />

Women In AppSec

2015-08-25T14:48:49Z

Kerryjorichards: /* APPSEC USA 2015 */

=WELCOME=

==Women in Application Security Program==

The purpose of the Women in AppSec Program is to increase the participation of women in the field of application security. The program was successfully launched in 2011 at AppSec USA, and the aim is to run the program at every OWASP Global AppSec going forward. Most recently, at AppSec EU in Amsterndam in May 2015, a program with the theme "Women in AppSec - Making it Happen" was launched and both a panel and a workshop were included at the event.

The Women in AppSec program is for any OWASP member who believes that diversity is important to the success of the organization, as well as for women looking to learn more about AppSec or who want to make career connections with like-minded colleagues. This includes female undergraduate and graduate students, instructors, and professionals who are dedicated to information security or application development.

'''AppSec USA 2015''' 
Currently, there is an effort to plan activities for AppSec USA 2015. Volunteers are eagerly sought to support the program at AppSec USA! We are especially excited to invite the founders of the '''InfoSec Girls''' initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world. '''Donate now:''' 

<paypal>Women In AppSec</paypal>

'''Want to find out more?''' Join the weekly meeting - reach out via the [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support].

Regional conferences are also encouraged to host the Women in AppSec program. Contact us via the [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support] to discuss how to successfully run a program at your event.

{|
|-
! width="400" align="left" |
! width="400" align="left" |
|-
| align="left" | [[Image:WiAAPAC3.jpg| left|330px]] 
| align="left" | [[Image:IMG_5579.JPG|left|325px]]
| align="left" | [[Image:WiAAPAC2.jpg|left|330px]]

|}

==Contact Us==

If you are interested in another piece of OWASP design for your event or project, please let us know by using the [http://owasp4.owasp.org/contactus.html OWASP Contact Us form].

==Links==
*[https://www.isc2.org/PressReleaseDetails.aspx?id=11240 (ISC)²® Report Reveals Women's Perspective and Skills are Transforming the Information Security Industry October 29, 2013].

*[https://www.youtube.com/watch?v=62i4o15NbgA&list=PLpr-xdpM8wG8ODR2zWs06JkMmlRiLyBXU&index=42 Women in AppSec Panel at AppSec USA 2013: Women in Information Security: Who Are We? Where Are We Going? Why? -- Joan Goodchild (Audio Only)]

=ABOUT THE PROGRAM=

The OWASP Foundation, in recognition of value to both organizations and society, is working to support and enhance programs that increase the participation of women in the field of information and application security. The OWASP Foundation Women in AppSec Program provides merit-based funding for women to attend participating OWASP AppSec conferences. OWASP’s current program objective is to encourage female students at both the undergraduate and graduate levels, instructors, and professional working women who are dedicated to a career in information security and/or application development, to expand their skills and pursue application security. Interested applicants are encouraged to apply to the program running within their region of residence. 

'''AppSec USA 2015''' 
Join the AppSecUSA 2015 Women in AppSec Program Organizing Committee on the OWASP Women in AppSec Community Group: https://myowasp.force.com. We are planning several activities for the AppSec USA event.

We are especially excited to invite the founders of the InfoSec Girls initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world. 
'''Donate now:''' 
<paypal>Women In AppSec</paypal>

Sponsorship opportunities for commercial organizations and OWASP chapters are also available. Please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information about sponsorship packages.

=PREVIOUS WIA ACTIVITIES=

== AppSec EU 2015 ==
During AppSec EU there was a panel discussion and workshop supported by the Women in AppSec initiative. Through these sessions we hoped to encourage women to pursue a career in AppSec and help them realize it is an option for them. These sessions was be open to all so we can help build support for the women around us. Learn more here: [http://2015.appsec.eu/women-in-application-security/ http://2015.appsec.eu/women-in-application-security] 

'''Panel: "Women in AppSec - Making it Happen"''' 
During this panel session we discussed what can be done to Make it Happen for Women in AppSec going forward. What have those currently working in the field done to Make it Happen for themselves and other women; what tips and advice do they have to help you do to make a career for yourself or encourage those around you (sister, friend, daughter, etc…) to pursue a career in AppSec? What can we as professionals can do to help encourage girls to go for a career in AppSec?

'''Workshop''' 
During the workshop we introduced female attendees of the conference to what a career in App Sec can involve. We discussed application security and the many career paths available. We hope to build relationships that may lead to a mentoring program for these women.

== AppSec USA 2013 ==
Learn more about the program here: [http://2013.appsecusa.org/2013/activities/owasp-women-in-application-security-appsec-program/index.html http://2013.appsecusa.org/2013/activities/owasp-women-in-application-security-appsec-program/index.html]

==WIA Attendee Sponsorship==

In the past, when we have offered sponsorships, we have typically had two winners selected for the sponsorship award; however, the number of winners depends on how much you can afford to sponsor. We recommend that you raise $3000 USD for each winner, at least. In the past, we have given each winner a free conference pass, one free training, and free travel and accommodation to attend the event.
[[Image:IMG_5746.JPG|right|500x260px]]
Below is the list of eligibility criteria used to select WIA sponsorship winners at AppSec USA 2013.

* Has provided 2 responsive contacts as reference, and both references are familiar with the candidate, application security, and OWASP.
* Both references have provided letters of recommendation.
* Has relevant/appropriate achievement goals for attending the conference.
* Is the applicant from the region that the conference is taking place in.
* Has background in volunteering for OWASP or similar organizations.
* Has participated in one of OWASP's programs or activities?
* Is either studying, wishing to study, working in AppSec, or interested in working in AppSec.
* Has financial need.
* Is a paid OWASP member, and/or employer/school is an OWASP sponsor.
* Has an interest in exploring application security

We encourage you to create your own set of criteria that will fit the Women In AppSec that you are planning within your region. The criteria above is meant to be a guideline of what has been used in the past.

=PLANNING A WIA EVENT=
==Planning a WIA Event==

The majority of the planning involved in running the Women in AppSec Program occurs before the conference or regional event. Below, you will find a brief outline of the tasks your team will have to take on.

'''Planning & Selection Team''' 

The first step you will need to take care of is the selection of your planning and selection team. These are the individuals that will be helping you manage the pre-event planning process and the selection of the sessions during the event. You will typically need a team of 5-6 people. The selection committee will then be broken down into several sub-teams of one to two people who will then work on sponsorship, marketing, the grading process, and the call for entries.

'''Sub-Team Roles''' 

''Sponsorship''

Two people should be responsible for developing the materials and seeking out sponsorships for the program. They will be in charge of creating the sponsorship packages, flyers, and seeking out sponsorship from other chapters and organizations.

''Marketing''

At least two people should be responsible for marketing the event. Their job will consist of putting together press releases, keeping the event planners updated on progress, and
communicating progress to the overall community. They will also be responsible for getting the message out when the team is ready to start accepting applicants.

'''Budget''' 
As mentioned above, it is up to your team to decide what it is you wish to do during the event - that will determine the budget.

'''Sponsorship''' 
It is very important to start reaching out to the overall OWASP community and their corporate contacts as potential sponsorship leads. Develop a Sponsorship Strategy and put together a sponsorship flyer outlining the program, what you are seeking, and the benefits of sponsorship. Give incentive for sponsorship and details about the program to get potential sponsors interested. Make sure to include the successes of past Women in AppSec conference events. Once you have your materials and sponsorship packages sorted, you can get started with sponsorship seeking activities.

==During the conference==
Be sure the engage the women attending the conference in the sessions you have organized: encourage them to not only attend but to be active participants. It's not all about the women try and encourage some men to get involved and attend also, for this initiative to be successful it must be inclusive.

==Post-Conference==

After the conference, it is very important to gather feedback from the participants to make sure they enjoyed the experience. Ask them for a brief description about their experience, with a picture attached for the website. Then write up a review and lessons learned page to document the experience with the program. Make sure to include what can be improved upon in the future.

==Global AppSec Conferences==

[[Image:Appsec_APAC.jpg|right|x375px]]
OWASP AppSec conferences bring together industry, government, security researchers, and practitioners to discuss the state of the art in software security. This series was launched in the United States in 2004 and Europe in 2005. Global AppSec conferences are held annually in North America, Latin America, Europe, and Asia Pacific. Additionally, regional events are held in locations such as Brazil, China, India, Ireland, Israel, and Washington D.C just to name a few. The aim of the foundation is to bring the Women in AppSec Program to all of our regional and global events.

'''AppSec APAC'''

The AppSec APAC global conference takes place in the Asian-Pacific region. This conference is a reunion of local software security leaders, and aims to present cutting-edge ideas to attendees. OWASP events attract a worldwide audience interested in “what’s next”, and this global conference is no different. The conference is expected to draw 200-250 technologists each year from Government, Financial Services, Media, Pharmaceuticals, Healthcare, Technology, and many more. Women from the Asia-Pacific region are encouraged to apply to the program taking place during AppSec APAC.

'''AppSec EU'''

The AppSec EU global conference take place in the European region. Executives from Fortune 500 firms along with technical thought leaders such as security architects and lead developers, travel to hear the cutting-edge ideas presented by the software security industry's top talent. This conference is expected to draw 400-500 attendees each year from various regions within the Europe and beyond. Women from the European region are encouraged to apply to the program taking place during AppSec EU Research

'''AppSec Latam'''

The AppSec LATAM global conference takes place in the Latin American region. AppSec LATAM is a reunion of Latin American, software security leaders, providing a platform to discuss, participate in, and innovate within the software security industry. The conference is expected to draw 200-250 attendees from the Latin American region and beyond. Women in the Latin American region are encouraged to apply to the program taking place during AppSec LATAM.

'''AppSec USA'''

The AppSec USA global conference takes place in the North American region. AppSec USA is a world-class software security conference for technologists, auditors, risk managers, and entrepreneurs, gathering the world's top practitioner, to share the latest research and practices. This conference is expected to draw over 300 attendees within the North American region. AppSec USA is typically OWASP's biggest conference of the year so women are encouraged to apply to the program taking place during AppSec USA if they live or will be traveling from within North America.

=APPSEC USA 2015=
The Women in AppSec (WIA) program is for all OWASP members who believe that diversity is important to the success of an organization, as well as for women who want to make career connections with like-minded colleagues. We encourage you to attend our session on Thursday at 3:30pm in Room F, featuring the founders of InfoSec Girls, Apoorva Giri and Shruthi Kamath. 

We also invite you to join us for our networking and “Birds of a Feather” sessions on on Thursday in WIA meeting room . Stop by anytime between 10:00am and 3:30pm to meet other members and learn more about the WIA program. You can also suggest a discussion topic on the sign-up at the room entrance. 
Interested in getting involved? [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support].

'''About InfoSec Girls''' 
Based in India, [https://infosecgirls.in/ InfoSec Girls] educates women about information security both at the community level and as a career option. Their kickoff event at C0c0n 2014 in Kochi, Kerala attracted 130 women and was the first event of it’s kind in the region.

Founders Apoorva Giri and Shruthi Kamath have spoken extensively on cybersecurity and women’s issues in India. Their efforts to bring awareness of cybersecurity to a wider audience has empowered women and girls to consider security careers as well as protect themselves online. They are also members of OWASP WIA.

At AppSec USA in September, they will inspire and inform your organization’s diversity and education programs, as well as give individual OWASP members ideas on how they can contribute to the application security education effort. 

'''Sponsorship opportunities''' 
Sponsorship opportunities for commercial organizations and OWASP chapters are available. Please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information about sponsorship packages.

=PAST WINNERS=
==Previous Women in AppSec Winners==
Following their experience at AppSec, winners are encouraged to write a short piece about their experience at the conference and their participation in the Women in AppSec program. Here, they outline their experience with the Women in AppSec Program in their own words.

'''Carrie Schaper, 2013 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Carrie Schaper Small.jpg|100px]]
| align="justify" |"OWASP Appsec proved to be a great experience for me, uniting and interacting with friends, professionals, and colleagues from the Information Security space from across the US and Internationally whom were in attendance. The huge space and well organized functions such as the: trainings, expert talks, panels, bug-bounty, lock-picking village and social events all enhanced the conference experience. Participating on the Women in IT panel was a wonderful experience, as many women were in attendance and participated in collaborative discussions. OWASP Appsec held in NY this year, was a premier NY conference not to be missed. Thank you to OWASP, its attendees and organizers."
|}
 

'''Nancy Lornston, 2013 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Nancy Lorntson Small.jpg|100px]]
| align="justify" |"AppSec 2013 was an awesome experience! Nowhere in the world can you find the top security experts all in one place at one time (and participate in a marriage proposal!). The conference presentations were well organized and the speakers were prepared to share pros, cons, successes and failures of their work in order to advance the application security domain. The variety of vendors was terrific as well.

The Women in AppSec panel was an opportunity to advance women's position in the community. Each speaker shared some very candid remarks about their personal experiences and by the end, it was clear that while more work needs to be done, there is a sincere interest by companies, universities and the industry in general to work on doing the things needed to attract more women to the profession.

The training course I attended (Open source tools) lived up to it's billing and I came away with several invaluable tips and strategies to improve our program.

A huge thank you to the Women in App Sec Panel and OWASP in general for this opportunity to attend the premier Application Security Conference in the world."
|}
 

'''Tara Wilson, 2011 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Tara wilson.jpg|100px]]
| align="justify" |“Being fortunate enough to receive the Women in AppSec sponsorhsip is a unique and valuable experience. It is a great opportunity for women to have a chance to bolster their skills and dive deep into the world of application security. I found that attending the conference was not only a great way to experience what the OWASP community has to offer, but it also gives students a chance to network with a great group of people who are passionate about their field and willing to share a wealth of information.”
|}
 

'''Chandni Bhowmik, 2011 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Chandni_bhowmik.jpg|100px]]
| align="justify" |Chandni Bhowmik is currently completing an M.S. in Computer Security and Information Assurance at the Rochester Institute of Technology (RIT). Her first introduction to OWASP was through the project WebScarab during an application security lab last spring at RIT and her interest in OWASP grew ever since. Over the summer, she started programming open source web applications using built-in security features of Django and Python. She is interested in becoming an information security researcher, and hopes to leverage learning at OWASP AppSec USA 2011 in ad-hoc architecture, mobile platforms and over-all concepts of web application security. Besides secure programming, Chandni enjoys her current research involving digital image forensics and machine learning. In addition to attending school, she has interned in IT security and compliance at Paychex, a Rochester based payroll processing company, and gained industrial experience working an assistant systems engineer for Tata Consultancy Services, a global IT firm.
|}
 

=WIA SPONSORS=
We'd like to offer a warm thanks to the individuals and organizations that have sponsored the OWASP Women in Technology project. 
==Diamond Sponsors==
 
[[File:Netflix_Logo_Print_FourColorCMYK_Small.png]] 
==Platinum Sponsors==
==Gold Sponsors==
==Silver Sponsors==
 
[[File:Owasp-bangalore-logo.png]] 
'''OWASP BOSTON''' ‎
'''OWASP CHICAGO''' ‎
'''OWASP DENVER''' ‎
[[File:Owasp_logo_ireland_small.jpg‎]] '''OWASP Dublin-Ireland''' 
'''OWASP GERMANY''' ‎
[[File:Owaspjapan.png]] 
[[File:New_OWASP_LA_Logo-08-2014.jpg]] 
'''OWASP MINNEAPOLIS ST. PAUL''' 
'''OWASP NETHERLANDS''' 
[[File:Owaspnyc.jpeg]]'''OWASP NYC''' 
'''OWASP NORWAY''' 

=SPONSOR WIA=
==Sponsor WIA==
We'd like to offer a warm thanks to the individuals and organizations that have sponsored the OWASP Women in Technology project. If your organization would like to discuss sponsorship, please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information. 

'''Sponsorship Packages for AppSec USA 2015:''' 
'''Silver:''' Donate $500 or more, get your company name and logo on the WIA Wiki Sponsorship Tab from now until June 2016. (10 sponsorships available) 
'''Gold:''' Donate $1500 or more, get your company name and logo on the WIA Wiki Sponsorship Tab from now until June 2016 and put your literature on the table in the WIA meeting room at AppSec USA (8 sponsorships available). 
'''Platinum:''' Donate $2500 or more, all of the above place a banner stand in the WIA meeting room at AppSec USA and have your company logo/social handle on the screen at the WIA session. (5 Sponsorships available). 
'''Diamond:''' Donate $3500 or more, all of the above plus introduce the WIA speakers at the AppSec USA WIA session. (1 Sponsorship available).

=CONTACT US=

==Contact Us==

If you are interested in another piece of OWASP design for your event or project, please let us know by using the [http://owasp4.owasp.org/contactus.html OWASP Contact Us form].

<headertabs />

Women In AppSec

2015-08-25T14:01:00Z

Kerryjorichards: /* Silver Sponsors */

=WELCOME=

==Women in Application Security Program==

The purpose of the Women in AppSec Program is to increase the participation of women in the field of application security. The program was successfully launched in 2011 at AppSec USA, and the aim is to run the program at every OWASP Global AppSec going forward. Most recently, at AppSec EU in Amsterndam in May 2015, a program with the theme "Women in AppSec - Making it Happen" was launched and both a panel and a workshop were included at the event.

The Women in AppSec program is for any OWASP member who believes that diversity is important to the success of the organization, as well as for women looking to learn more about AppSec or who want to make career connections with like-minded colleagues. This includes female undergraduate and graduate students, instructors, and professionals who are dedicated to information security or application development.

'''AppSec USA 2015''' 
Currently, there is an effort to plan activities for AppSec USA 2015. Volunteers are eagerly sought to support the program at AppSec USA! We are especially excited to invite the founders of the '''InfoSec Girls''' initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world. '''Donate now:''' 

<paypal>Women In AppSec</paypal>

'''Want to find out more?''' Join the weekly meeting - reach out via the [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support].

Regional conferences are also encouraged to host the Women in AppSec program. Contact us via the [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support] to discuss how to successfully run a program at your event.

{|
|-
! width="400" align="left" |
! width="400" align="left" |
|-
| align="left" | [[Image:WiAAPAC3.jpg| left|330px]] 
| align="left" | [[Image:IMG_5579.JPG|left|325px]]
| align="left" | [[Image:WiAAPAC2.jpg|left|330px]]

|}

==Contact Us==

If you are interested in another piece of OWASP design for your event or project, please let us know by using the [http://owasp4.owasp.org/contactus.html OWASP Contact Us form].

==Links==
*[https://www.isc2.org/PressReleaseDetails.aspx?id=11240 (ISC)²® Report Reveals Women's Perspective and Skills are Transforming the Information Security Industry October 29, 2013].

*[https://www.youtube.com/watch?v=62i4o15NbgA&list=PLpr-xdpM8wG8ODR2zWs06JkMmlRiLyBXU&index=42 Women in AppSec Panel at AppSec USA 2013: Women in Information Security: Who Are We? Where Are We Going? Why? -- Joan Goodchild (Audio Only)]

=ABOUT THE PROGRAM=

The OWASP Foundation, in recognition of value to both organizations and society, is working to support and enhance programs that increase the participation of women in the field of information and application security. The OWASP Foundation Women in AppSec Program provides merit-based funding for women to attend participating OWASP AppSec conferences. OWASP’s current program objective is to encourage female students at both the undergraduate and graduate levels, instructors, and professional working women who are dedicated to a career in information security and/or application development, to expand their skills and pursue application security. Interested applicants are encouraged to apply to the program running within their region of residence. 

'''AppSec USA 2015''' 
Join the AppSecUSA 2015 Women in AppSec Program Organizing Committee on the OWASP Women in AppSec Community Group: https://myowasp.force.com. We are planning several activities for the AppSec USA event.

We are especially excited to invite the founders of the InfoSec Girls initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world. 
'''Donate now:''' 
<paypal>Women In AppSec</paypal>

Sponsorship opportunities for commercial organizations and OWASP chapters are also available. Please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information about sponsorship packages.

=PREVIOUS WIA ACTIVITIES=

== AppSec EU 2015 ==
During AppSec EU there was a panel discussion and workshop supported by the Women in AppSec initiative. Through these sessions we hoped to encourage women to pursue a career in AppSec and help them realize it is an option for them. These sessions was be open to all so we can help build support for the women around us. Learn more here: [http://2015.appsec.eu/women-in-application-security/ http://2015.appsec.eu/women-in-application-security] 

'''Panel: "Women in AppSec - Making it Happen"''' 
During this panel session we discussed what can be done to Make it Happen for Women in AppSec going forward. What have those currently working in the field done to Make it Happen for themselves and other women; what tips and advice do they have to help you do to make a career for yourself or encourage those around you (sister, friend, daughter, etc…) to pursue a career in AppSec? What can we as professionals can do to help encourage girls to go for a career in AppSec?

'''Workshop''' 
During the workshop we introduced female attendees of the conference to what a career in App Sec can involve. We discussed application security and the many career paths available. We hope to build relationships that may lead to a mentoring program for these women.

== AppSec USA 2013 ==
Learn more about the program here: [http://2013.appsecusa.org/2013/activities/owasp-women-in-application-security-appsec-program/index.html http://2013.appsecusa.org/2013/activities/owasp-women-in-application-security-appsec-program/index.html]

==WIA Attendee Sponsorship==

In the past, when we have offered sponsorships, we have typically had two winners selected for the sponsorship award; however, the number of winners depends on how much you can afford to sponsor. We recommend that you raise $3000 USD for each winner, at least. In the past, we have given each winner a free conference pass, one free training, and free travel and accommodation to attend the event.
[[Image:IMG_5746.JPG|right|500x260px]]
Below is the list of eligibility criteria used to select WIA sponsorship winners at AppSec USA 2013.

* Has provided 2 responsive contacts as reference, and both references are familiar with the candidate, application security, and OWASP.
* Both references have provided letters of recommendation.
* Has relevant/appropriate achievement goals for attending the conference.
* Is the applicant from the region that the conference is taking place in.
* Has background in volunteering for OWASP or similar organizations.
* Has participated in one of OWASP's programs or activities?
* Is either studying, wishing to study, working in AppSec, or interested in working in AppSec.
* Has financial need.
* Is a paid OWASP member, and/or employer/school is an OWASP sponsor.
* Has an interest in exploring application security

We encourage you to create your own set of criteria that will fit the Women In AppSec that you are planning within your region. The criteria above is meant to be a guideline of what has been used in the past.

=PLANNING A WIA EVENT=
==Planning a WIA Event==

The majority of the planning involved in running the Women in AppSec Program occurs before the conference or regional event. Below, you will find a brief outline of the tasks your team will have to take on.

'''Planning & Selection Team''' 

The first step you will need to take care of is the selection of your planning and selection team. These are the individuals that will be helping you manage the pre-event planning process and the selection of the sessions during the event. You will typically need a team of 5-6 people. The selection committee will then be broken down into several sub-teams of one to two people who will then work on sponsorship, marketing, the grading process, and the call for entries.

'''Sub-Team Roles''' 

''Sponsorship''

Two people should be responsible for developing the materials and seeking out sponsorships for the program. They will be in charge of creating the sponsorship packages, flyers, and seeking out sponsorship from other chapters and organizations.

''Marketing''

At least two people should be responsible for marketing the event. Their job will consist of putting together press releases, keeping the event planners updated on progress, and
communicating progress to the overall community. They will also be responsible for getting the message out when the team is ready to start accepting applicants.

'''Budget''' 
As mentioned above, it is up to your team to decide what it is you wish to do during the event - that will determine the budget.

'''Sponsorship''' 
It is very important to start reaching out to the overall OWASP community and their corporate contacts as potential sponsorship leads. Develop a Sponsorship Strategy and put together a sponsorship flyer outlining the program, what you are seeking, and the benefits of sponsorship. Give incentive for sponsorship and details about the program to get potential sponsors interested. Make sure to include the successes of past Women in AppSec conference events. Once you have your materials and sponsorship packages sorted, you can get started with sponsorship seeking activities.

==During the conference==
Be sure the engage the women attending the conference in the sessions you have organized: encourage them to not only attend but to be active participants. It's not all about the women try and encourage some men to get involved and attend also, for this initiative to be successful it must be inclusive.

==Post-Conference==

After the conference, it is very important to gather feedback from the participants to make sure they enjoyed the experience. Ask them for a brief description about their experience, with a picture attached for the website. Then write up a review and lessons learned page to document the experience with the program. Make sure to include what can be improved upon in the future.

==Global AppSec Conferences==

[[Image:Appsec_APAC.jpg|right|x375px]]
OWASP AppSec conferences bring together industry, government, security researchers, and practitioners to discuss the state of the art in software security. This series was launched in the United States in 2004 and Europe in 2005. Global AppSec conferences are held annually in North America, Latin America, Europe, and Asia Pacific. Additionally, regional events are held in locations such as Brazil, China, India, Ireland, Israel, and Washington D.C just to name a few. The aim of the foundation is to bring the Women in AppSec Program to all of our regional and global events.

'''AppSec APAC'''

The AppSec APAC global conference takes place in the Asian-Pacific region. This conference is a reunion of local software security leaders, and aims to present cutting-edge ideas to attendees. OWASP events attract a worldwide audience interested in “what’s next”, and this global conference is no different. The conference is expected to draw 200-250 technologists each year from Government, Financial Services, Media, Pharmaceuticals, Healthcare, Technology, and many more. Women from the Asia-Pacific region are encouraged to apply to the program taking place during AppSec APAC.

'''AppSec EU'''

The AppSec EU global conference take place in the European region. Executives from Fortune 500 firms along with technical thought leaders such as security architects and lead developers, travel to hear the cutting-edge ideas presented by the software security industry's top talent. This conference is expected to draw 400-500 attendees each year from various regions within the Europe and beyond. Women from the European region are encouraged to apply to the program taking place during AppSec EU Research

'''AppSec Latam'''

The AppSec LATAM global conference takes place in the Latin American region. AppSec LATAM is a reunion of Latin American, software security leaders, providing a platform to discuss, participate in, and innovate within the software security industry. The conference is expected to draw 200-250 attendees from the Latin American region and beyond. Women in the Latin American region are encouraged to apply to the program taking place during AppSec LATAM.

'''AppSec USA'''

The AppSec USA global conference takes place in the North American region. AppSec USA is a world-class software security conference for technologists, auditors, risk managers, and entrepreneurs, gathering the world's top practitioner, to share the latest research and practices. This conference is expected to draw over 300 attendees within the North American region. AppSec USA is typically OWASP's biggest conference of the year so women are encouraged to apply to the program taking place during AppSec USA if they live or will be traveling from within North America.

=APPSEC USA 2015=
Planning is currently underway for AppSec USA 2015 WIA activities. We are exploring a networking room as well as other activities. Interested in getting involved? [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support].

Keep an eye on this space for more information!

==Bring the InfoSec Girls to AppSec USA 2015==
We are especially excited to invite the founders of the InfoSec Girls initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world. 
'''Donate now:''' 

<paypal>Women In AppSec</paypal> 

'''About InfoSec Girls''' 
Based in India, [https://infosecgirls.in/ InfoSec Girls] educates women about information security both at the community level and as a career option. Their kickoff event at C0c0n 2014 in Kochi, Kerala attracted 130 women and was the first event of it’s kind in the region.

Founders Apoorva Giri and Shruthi Kamath have spoken extensively on cybersecurity and women’s issues in India. Their efforts to bring awareness of cybersecurity to a wider audience has empowered women and girls to consider security careers as well as protect themselves online. They are also members of OWASP WIA.

At AppSec USA in September, they will inspire and inform your organization’s diversity and education programs, as well as give individual OWASP members ideas on how they can contribute to the application security education effort. 

'''Sponsorship opportunities''' 
Sponsorship opportunities for commercial organizations and OWASP chapters are also available. Please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information about sponsorship packages.

=PAST WINNERS=
==Previous Women in AppSec Winners==
Following their experience at AppSec, winners are encouraged to write a short piece about their experience at the conference and their participation in the Women in AppSec program. Here, they outline their experience with the Women in AppSec Program in their own words.

'''Carrie Schaper, 2013 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Carrie Schaper Small.jpg|100px]]
| align="justify" |"OWASP Appsec proved to be a great experience for me, uniting and interacting with friends, professionals, and colleagues from the Information Security space from across the US and Internationally whom were in attendance. The huge space and well organized functions such as the: trainings, expert talks, panels, bug-bounty, lock-picking village and social events all enhanced the conference experience. Participating on the Women in IT panel was a wonderful experience, as many women were in attendance and participated in collaborative discussions. OWASP Appsec held in NY this year, was a premier NY conference not to be missed. Thank you to OWASP, its attendees and organizers."
|}
 

'''Nancy Lornston, 2013 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Nancy Lorntson Small.jpg|100px]]
| align="justify" |"AppSec 2013 was an awesome experience! Nowhere in the world can you find the top security experts all in one place at one time (and participate in a marriage proposal!). The conference presentations were well organized and the speakers were prepared to share pros, cons, successes and failures of their work in order to advance the application security domain. The variety of vendors was terrific as well.

The Women in AppSec panel was an opportunity to advance women's position in the community. Each speaker shared some very candid remarks about their personal experiences and by the end, it was clear that while more work needs to be done, there is a sincere interest by companies, universities and the industry in general to work on doing the things needed to attract more women to the profession.

The training course I attended (Open source tools) lived up to it's billing and I came away with several invaluable tips and strategies to improve our program.

A huge thank you to the Women in App Sec Panel and OWASP in general for this opportunity to attend the premier Application Security Conference in the world."
|}
 

'''Tara Wilson, 2011 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Tara wilson.jpg|100px]]
| align="justify" |“Being fortunate enough to receive the Women in AppSec sponsorhsip is a unique and valuable experience. It is a great opportunity for women to have a chance to bolster their skills and dive deep into the world of application security. I found that attending the conference was not only a great way to experience what the OWASP community has to offer, but it also gives students a chance to network with a great group of people who are passionate about their field and willing to share a wealth of information.”
|}
 

'''Chandni Bhowmik, 2011 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Chandni_bhowmik.jpg|100px]]
| align="justify" |Chandni Bhowmik is currently completing an M.S. in Computer Security and Information Assurance at the Rochester Institute of Technology (RIT). Her first introduction to OWASP was through the project WebScarab during an application security lab last spring at RIT and her interest in OWASP grew ever since. Over the summer, she started programming open source web applications using built-in security features of Django and Python. She is interested in becoming an information security researcher, and hopes to leverage learning at OWASP AppSec USA 2011 in ad-hoc architecture, mobile platforms and over-all concepts of web application security. Besides secure programming, Chandni enjoys her current research involving digital image forensics and machine learning. In addition to attending school, she has interned in IT security and compliance at Paychex, a Rochester based payroll processing company, and gained industrial experience working an assistant systems engineer for Tata Consultancy Services, a global IT firm.
|}
 

=WIA SPONSORS=
We'd like to offer a warm thanks to the individuals and organizations that have sponsored the OWASP Women in Technology project. 
==Diamond Sponsors==
 
[[File:Netflix_Logo_Print_FourColorCMYK_Small.png]] 
==Platinum Sponsors==
==Gold Sponsors==
==Silver Sponsors==
 
[[File:Owasp-bangalore-logo.png]] 
'''OWASP BOSTON''' ‎
'''OWASP CHICAGO''' ‎
'''OWASP DENVER''' ‎
[[File:Owasp_logo_ireland_small.jpg‎]] '''OWASP Dublin-Ireland''' 
'''OWASP GERMANY''' ‎
[[File:Owaspjapan.png]] 
[[File:New_OWASP_LA_Logo-08-2014.jpg]] 
'''OWASP MINNEAPOLIS ST. PAUL''' 
'''OWASP NETHERLANDS''' 
[[File:Owaspnyc.jpeg]]'''OWASP NYC''' 
'''OWASP NORWAY''' 

=SPONSOR WIA=
==Sponsor WIA==
We'd like to offer a warm thanks to the individuals and organizations that have sponsored the OWASP Women in Technology project. If your organization would like to discuss sponsorship, please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information. 

'''Sponsorship Packages for AppSec USA 2015:''' 
'''Silver:''' Donate $500 or more, get your company name and logo on the WIA Wiki Sponsorship Tab from now until June 2016. (10 sponsorships available) 
'''Gold:''' Donate $1500 or more, get your company name and logo on the WIA Wiki Sponsorship Tab from now until June 2016 and put your literature on the table in the WIA meeting room at AppSec USA (8 sponsorships available). 
'''Platinum:''' Donate $2500 or more, all of the above place a banner stand in the WIA meeting room at AppSec USA and have your company logo/social handle on the screen at the WIA session. (5 Sponsorships available). 
'''Diamond:''' Donate $3500 or more, all of the above plus introduce the WIA speakers at the AppSec USA WIA session. (1 Sponsorship available).

=CONTACT US=

==Contact Us==

If you are interested in another piece of OWASP design for your event or project, please let us know by using the [http://owasp4.owasp.org/contactus.html OWASP Contact Us form].

<headertabs />

Women In AppSec

2015-08-25T13:59:29Z

Kerryjorichards: /* Silver Sponsors */

=WELCOME=

==Women in Application Security Program==

The purpose of the Women in AppSec Program is to increase the participation of women in the field of application security. The program was successfully launched in 2011 at AppSec USA, and the aim is to run the program at every OWASP Global AppSec going forward. Most recently, at AppSec EU in Amsterndam in May 2015, a program with the theme "Women in AppSec - Making it Happen" was launched and both a panel and a workshop were included at the event.

The Women in AppSec program is for any OWASP member who believes that diversity is important to the success of the organization, as well as for women looking to learn more about AppSec or who want to make career connections with like-minded colleagues. This includes female undergraduate and graduate students, instructors, and professionals who are dedicated to information security or application development.

'''AppSec USA 2015''' 
Currently, there is an effort to plan activities for AppSec USA 2015. Volunteers are eagerly sought to support the program at AppSec USA! We are especially excited to invite the founders of the '''InfoSec Girls''' initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world. '''Donate now:''' 

<paypal>Women In AppSec</paypal>

'''Want to find out more?''' Join the weekly meeting - reach out via the [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support].

Regional conferences are also encouraged to host the Women in AppSec program. Contact us via the [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support] to discuss how to successfully run a program at your event.

{|
|-
! width="400" align="left" |
! width="400" align="left" |
|-
| align="left" | [[Image:WiAAPAC3.jpg| left|330px]] 
| align="left" | [[Image:IMG_5579.JPG|left|325px]]
| align="left" | [[Image:WiAAPAC2.jpg|left|330px]]

|}

==Contact Us==

If you are interested in another piece of OWASP design for your event or project, please let us know by using the [http://owasp4.owasp.org/contactus.html OWASP Contact Us form].

==Links==
*[https://www.isc2.org/PressReleaseDetails.aspx?id=11240 (ISC)²® Report Reveals Women's Perspective and Skills are Transforming the Information Security Industry October 29, 2013].

*[https://www.youtube.com/watch?v=62i4o15NbgA&list=PLpr-xdpM8wG8ODR2zWs06JkMmlRiLyBXU&index=42 Women in AppSec Panel at AppSec USA 2013: Women in Information Security: Who Are We? Where Are We Going? Why? -- Joan Goodchild (Audio Only)]

=ABOUT THE PROGRAM=

The OWASP Foundation, in recognition of value to both organizations and society, is working to support and enhance programs that increase the participation of women in the field of information and application security. The OWASP Foundation Women in AppSec Program provides merit-based funding for women to attend participating OWASP AppSec conferences. OWASP’s current program objective is to encourage female students at both the undergraduate and graduate levels, instructors, and professional working women who are dedicated to a career in information security and/or application development, to expand their skills and pursue application security. Interested applicants are encouraged to apply to the program running within their region of residence. 

'''AppSec USA 2015''' 
Join the AppSecUSA 2015 Women in AppSec Program Organizing Committee on the OWASP Women in AppSec Community Group: https://myowasp.force.com. We are planning several activities for the AppSec USA event.

We are especially excited to invite the founders of the InfoSec Girls initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world. 
'''Donate now:''' 
<paypal>Women In AppSec</paypal>

Sponsorship opportunities for commercial organizations and OWASP chapters are also available. Please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information about sponsorship packages.

=PREVIOUS WIA ACTIVITIES=

== AppSec EU 2015 ==
During AppSec EU there was a panel discussion and workshop supported by the Women in AppSec initiative. Through these sessions we hoped to encourage women to pursue a career in AppSec and help them realize it is an option for them. These sessions was be open to all so we can help build support for the women around us. Learn more here: [http://2015.appsec.eu/women-in-application-security/ http://2015.appsec.eu/women-in-application-security] 

'''Panel: "Women in AppSec - Making it Happen"''' 
During this panel session we discussed what can be done to Make it Happen for Women in AppSec going forward. What have those currently working in the field done to Make it Happen for themselves and other women; what tips and advice do they have to help you do to make a career for yourself or encourage those around you (sister, friend, daughter, etc…) to pursue a career in AppSec? What can we as professionals can do to help encourage girls to go for a career in AppSec?

'''Workshop''' 
During the workshop we introduced female attendees of the conference to what a career in App Sec can involve. We discussed application security and the many career paths available. We hope to build relationships that may lead to a mentoring program for these women.

== AppSec USA 2013 ==
Learn more about the program here: [http://2013.appsecusa.org/2013/activities/owasp-women-in-application-security-appsec-program/index.html http://2013.appsecusa.org/2013/activities/owasp-women-in-application-security-appsec-program/index.html]

==WIA Attendee Sponsorship==

In the past, when we have offered sponsorships, we have typically had two winners selected for the sponsorship award; however, the number of winners depends on how much you can afford to sponsor. We recommend that you raise $3000 USD for each winner, at least. In the past, we have given each winner a free conference pass, one free training, and free travel and accommodation to attend the event.
[[Image:IMG_5746.JPG|right|500x260px]]
Below is the list of eligibility criteria used to select WIA sponsorship winners at AppSec USA 2013.

* Has provided 2 responsive contacts as reference, and both references are familiar with the candidate, application security, and OWASP.
* Both references have provided letters of recommendation.
* Has relevant/appropriate achievement goals for attending the conference.
* Is the applicant from the region that the conference is taking place in.
* Has background in volunteering for OWASP or similar organizations.
* Has participated in one of OWASP's programs or activities?
* Is either studying, wishing to study, working in AppSec, or interested in working in AppSec.
* Has financial need.
* Is a paid OWASP member, and/or employer/school is an OWASP sponsor.
* Has an interest in exploring application security

We encourage you to create your own set of criteria that will fit the Women In AppSec that you are planning within your region. The criteria above is meant to be a guideline of what has been used in the past.

=PLANNING A WIA EVENT=
==Planning a WIA Event==

The majority of the planning involved in running the Women in AppSec Program occurs before the conference or regional event. Below, you will find a brief outline of the tasks your team will have to take on.

'''Planning & Selection Team''' 

The first step you will need to take care of is the selection of your planning and selection team. These are the individuals that will be helping you manage the pre-event planning process and the selection of the sessions during the event. You will typically need a team of 5-6 people. The selection committee will then be broken down into several sub-teams of one to two people who will then work on sponsorship, marketing, the grading process, and the call for entries.

'''Sub-Team Roles''' 

''Sponsorship''

Two people should be responsible for developing the materials and seeking out sponsorships for the program. They will be in charge of creating the sponsorship packages, flyers, and seeking out sponsorship from other chapters and organizations.

''Marketing''

At least two people should be responsible for marketing the event. Their job will consist of putting together press releases, keeping the event planners updated on progress, and
communicating progress to the overall community. They will also be responsible for getting the message out when the team is ready to start accepting applicants.

'''Budget''' 
As mentioned above, it is up to your team to decide what it is you wish to do during the event - that will determine the budget.

'''Sponsorship''' 
It is very important to start reaching out to the overall OWASP community and their corporate contacts as potential sponsorship leads. Develop a Sponsorship Strategy and put together a sponsorship flyer outlining the program, what you are seeking, and the benefits of sponsorship. Give incentive for sponsorship and details about the program to get potential sponsors interested. Make sure to include the successes of past Women in AppSec conference events. Once you have your materials and sponsorship packages sorted, you can get started with sponsorship seeking activities.

==During the conference==
Be sure the engage the women attending the conference in the sessions you have organized: encourage them to not only attend but to be active participants. It's not all about the women try and encourage some men to get involved and attend also, for this initiative to be successful it must be inclusive.

==Post-Conference==

After the conference, it is very important to gather feedback from the participants to make sure they enjoyed the experience. Ask them for a brief description about their experience, with a picture attached for the website. Then write up a review and lessons learned page to document the experience with the program. Make sure to include what can be improved upon in the future.

==Global AppSec Conferences==

[[Image:Appsec_APAC.jpg|right|x375px]]
OWASP AppSec conferences bring together industry, government, security researchers, and practitioners to discuss the state of the art in software security. This series was launched in the United States in 2004 and Europe in 2005. Global AppSec conferences are held annually in North America, Latin America, Europe, and Asia Pacific. Additionally, regional events are held in locations such as Brazil, China, India, Ireland, Israel, and Washington D.C just to name a few. The aim of the foundation is to bring the Women in AppSec Program to all of our regional and global events.

'''AppSec APAC'''

The AppSec APAC global conference takes place in the Asian-Pacific region. This conference is a reunion of local software security leaders, and aims to present cutting-edge ideas to attendees. OWASP events attract a worldwide audience interested in “what’s next”, and this global conference is no different. The conference is expected to draw 200-250 technologists each year from Government, Financial Services, Media, Pharmaceuticals, Healthcare, Technology, and many more. Women from the Asia-Pacific region are encouraged to apply to the program taking place during AppSec APAC.

'''AppSec EU'''

The AppSec EU global conference take place in the European region. Executives from Fortune 500 firms along with technical thought leaders such as security architects and lead developers, travel to hear the cutting-edge ideas presented by the software security industry's top talent. This conference is expected to draw 400-500 attendees each year from various regions within the Europe and beyond. Women from the European region are encouraged to apply to the program taking place during AppSec EU Research

'''AppSec Latam'''

The AppSec LATAM global conference takes place in the Latin American region. AppSec LATAM is a reunion of Latin American, software security leaders, providing a platform to discuss, participate in, and innovate within the software security industry. The conference is expected to draw 200-250 attendees from the Latin American region and beyond. Women in the Latin American region are encouraged to apply to the program taking place during AppSec LATAM.

'''AppSec USA'''

The AppSec USA global conference takes place in the North American region. AppSec USA is a world-class software security conference for technologists, auditors, risk managers, and entrepreneurs, gathering the world's top practitioner, to share the latest research and practices. This conference is expected to draw over 300 attendees within the North American region. AppSec USA is typically OWASP's biggest conference of the year so women are encouraged to apply to the program taking place during AppSec USA if they live or will be traveling from within North America.

=APPSEC USA 2015=
Planning is currently underway for AppSec USA 2015 WIA activities. We are exploring a networking room as well as other activities. Interested in getting involved? [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support].

Keep an eye on this space for more information!

==Bring the InfoSec Girls to AppSec USA 2015==
We are especially excited to invite the founders of the InfoSec Girls initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world. 
'''Donate now:''' 

<paypal>Women In AppSec</paypal> 

'''About InfoSec Girls''' 
Based in India, [https://infosecgirls.in/ InfoSec Girls] educates women about information security both at the community level and as a career option. Their kickoff event at C0c0n 2014 in Kochi, Kerala attracted 130 women and was the first event of it’s kind in the region.

Founders Apoorva Giri and Shruthi Kamath have spoken extensively on cybersecurity and women’s issues in India. Their efforts to bring awareness of cybersecurity to a wider audience has empowered women and girls to consider security careers as well as protect themselves online. They are also members of OWASP WIA.

At AppSec USA in September, they will inspire and inform your organization’s diversity and education programs, as well as give individual OWASP members ideas on how they can contribute to the application security education effort. 

'''Sponsorship opportunities''' 
Sponsorship opportunities for commercial organizations and OWASP chapters are also available. Please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information about sponsorship packages.

=PAST WINNERS=
==Previous Women in AppSec Winners==
Following their experience at AppSec, winners are encouraged to write a short piece about their experience at the conference and their participation in the Women in AppSec program. Here, they outline their experience with the Women in AppSec Program in their own words.

'''Carrie Schaper, 2013 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Carrie Schaper Small.jpg|100px]]
| align="justify" |"OWASP Appsec proved to be a great experience for me, uniting and interacting with friends, professionals, and colleagues from the Information Security space from across the US and Internationally whom were in attendance. The huge space and well organized functions such as the: trainings, expert talks, panels, bug-bounty, lock-picking village and social events all enhanced the conference experience. Participating on the Women in IT panel was a wonderful experience, as many women were in attendance and participated in collaborative discussions. OWASP Appsec held in NY this year, was a premier NY conference not to be missed. Thank you to OWASP, its attendees and organizers."
|}
 

'''Nancy Lornston, 2013 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Nancy Lorntson Small.jpg|100px]]
| align="justify" |"AppSec 2013 was an awesome experience! Nowhere in the world can you find the top security experts all in one place at one time (and participate in a marriage proposal!). The conference presentations were well organized and the speakers were prepared to share pros, cons, successes and failures of their work in order to advance the application security domain. The variety of vendors was terrific as well.

The Women in AppSec panel was an opportunity to advance women's position in the community. Each speaker shared some very candid remarks about their personal experiences and by the end, it was clear that while more work needs to be done, there is a sincere interest by companies, universities and the industry in general to work on doing the things needed to attract more women to the profession.

The training course I attended (Open source tools) lived up to it's billing and I came away with several invaluable tips and strategies to improve our program.

A huge thank you to the Women in App Sec Panel and OWASP in general for this opportunity to attend the premier Application Security Conference in the world."
|}
 

'''Tara Wilson, 2011 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Tara wilson.jpg|100px]]
| align="justify" |“Being fortunate enough to receive the Women in AppSec sponsorhsip is a unique and valuable experience. It is a great opportunity for women to have a chance to bolster their skills and dive deep into the world of application security. I found that attending the conference was not only a great way to experience what the OWASP community has to offer, but it also gives students a chance to network with a great group of people who are passionate about their field and willing to share a wealth of information.”
|}
 

'''Chandni Bhowmik, 2011 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Chandni_bhowmik.jpg|100px]]
| align="justify" |Chandni Bhowmik is currently completing an M.S. in Computer Security and Information Assurance at the Rochester Institute of Technology (RIT). Her first introduction to OWASP was through the project WebScarab during an application security lab last spring at RIT and her interest in OWASP grew ever since. Over the summer, she started programming open source web applications using built-in security features of Django and Python. She is interested in becoming an information security researcher, and hopes to leverage learning at OWASP AppSec USA 2011 in ad-hoc architecture, mobile platforms and over-all concepts of web application security. Besides secure programming, Chandni enjoys her current research involving digital image forensics and machine learning. In addition to attending school, she has interned in IT security and compliance at Paychex, a Rochester based payroll processing company, and gained industrial experience working an assistant systems engineer for Tata Consultancy Services, a global IT firm.
|}
 

=WIA SPONSORS=
We'd like to offer a warm thanks to the individuals and organizations that have sponsored the OWASP Women in Technology project. 
==Diamond Sponsors==
 
[[File:Netflix_Logo_Print_FourColorCMYK_Small.png]] 
==Platinum Sponsors==
==Gold Sponsors==
==Silver Sponsors==
 
[[File:Owasp-bangalore-logo.png]] 
[[File:Owasp_logo_ireland_small.jpg‎]] '''OWASP Dublin-Ireland''' 
[[File:Owaspjapan.png]] 
[[File:New_OWASP_LA_Logo-08-2014.jpg]] 
[[File:Owaspnyc.jpeg]]'''OWASP NYC''' 
'''OWASP BOSTON''' ‎
'''OWASP CHICAGO''' ‎
'''OWASP DENVER''' ‎
'''OWASP GERMANY''' ‎
'''OWASP MINNEAPOLIS ST. PAUL''' 
'''OWASP NETHERLANDS''' 
'''OWASP NORWAY''' 

=SPONSOR WIA=
==Sponsor WIA==
We'd like to offer a warm thanks to the individuals and organizations that have sponsored the OWASP Women in Technology project. If your organization would like to discuss sponsorship, please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information. 

'''Sponsorship Packages for AppSec USA 2015:''' 
'''Silver:''' Donate $500 or more, get your company name and logo on the WIA Wiki Sponsorship Tab from now until June 2016. (10 sponsorships available) 
'''Gold:''' Donate $1500 or more, get your company name and logo on the WIA Wiki Sponsorship Tab from now until June 2016 and put your literature on the table in the WIA meeting room at AppSec USA (8 sponsorships available). 
'''Platinum:''' Donate $2500 or more, all of the above place a banner stand in the WIA meeting room at AppSec USA and have your company logo/social handle on the screen at the WIA session. (5 Sponsorships available). 
'''Diamond:''' Donate $3500 or more, all of the above plus introduce the WIA speakers at the AppSec USA WIA session. (1 Sponsorship available).

=CONTACT US=

==Contact Us==

If you are interested in another piece of OWASP design for your event or project, please let us know by using the [http://owasp4.owasp.org/contactus.html OWASP Contact Us form].

<headertabs />

Women In AppSec

2015-08-25T13:56:53Z

Kerryjorichards: /* WIA SPONSORS */

=WELCOME=

==Women in Application Security Program==

The purpose of the Women in AppSec Program is to increase the participation of women in the field of application security. The program was successfully launched in 2011 at AppSec USA, and the aim is to run the program at every OWASP Global AppSec going forward. Most recently, at AppSec EU in Amsterndam in May 2015, a program with the theme "Women in AppSec - Making it Happen" was launched and both a panel and a workshop were included at the event.

The Women in AppSec program is for any OWASP member who believes that diversity is important to the success of the organization, as well as for women looking to learn more about AppSec or who want to make career connections with like-minded colleagues. This includes female undergraduate and graduate students, instructors, and professionals who are dedicated to information security or application development.

'''AppSec USA 2015''' 
Currently, there is an effort to plan activities for AppSec USA 2015. Volunteers are eagerly sought to support the program at AppSec USA! We are especially excited to invite the founders of the '''InfoSec Girls''' initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world. '''Donate now:''' 

<paypal>Women In AppSec</paypal>

'''Want to find out more?''' Join the weekly meeting - reach out via the [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support].

Regional conferences are also encouraged to host the Women in AppSec program. Contact us via the [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support] to discuss how to successfully run a program at your event.

{|
|-
! width="400" align="left" |
! width="400" align="left" |
|-
| align="left" | [[Image:WiAAPAC3.jpg| left|330px]] 
| align="left" | [[Image:IMG_5579.JPG|left|325px]]
| align="left" | [[Image:WiAAPAC2.jpg|left|330px]]

|}

==Contact Us==

If you are interested in another piece of OWASP design for your event or project, please let us know by using the [http://owasp4.owasp.org/contactus.html OWASP Contact Us form].

==Links==
*[https://www.isc2.org/PressReleaseDetails.aspx?id=11240 (ISC)²® Report Reveals Women's Perspective and Skills are Transforming the Information Security Industry October 29, 2013].

*[https://www.youtube.com/watch?v=62i4o15NbgA&list=PLpr-xdpM8wG8ODR2zWs06JkMmlRiLyBXU&index=42 Women in AppSec Panel at AppSec USA 2013: Women in Information Security: Who Are We? Where Are We Going? Why? -- Joan Goodchild (Audio Only)]

=ABOUT THE PROGRAM=

The OWASP Foundation, in recognition of value to both organizations and society, is working to support and enhance programs that increase the participation of women in the field of information and application security. The OWASP Foundation Women in AppSec Program provides merit-based funding for women to attend participating OWASP AppSec conferences. OWASP’s current program objective is to encourage female students at both the undergraduate and graduate levels, instructors, and professional working women who are dedicated to a career in information security and/or application development, to expand their skills and pursue application security. Interested applicants are encouraged to apply to the program running within their region of residence. 

'''AppSec USA 2015''' 
Join the AppSecUSA 2015 Women in AppSec Program Organizing Committee on the OWASP Women in AppSec Community Group: https://myowasp.force.com. We are planning several activities for the AppSec USA event.

We are especially excited to invite the founders of the InfoSec Girls initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world. 
'''Donate now:''' 
<paypal>Women In AppSec</paypal>

Sponsorship opportunities for commercial organizations and OWASP chapters are also available. Please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information about sponsorship packages.

=PREVIOUS WIA ACTIVITIES=

== AppSec EU 2015 ==
During AppSec EU there was a panel discussion and workshop supported by the Women in AppSec initiative. Through these sessions we hoped to encourage women to pursue a career in AppSec and help them realize it is an option for them. These sessions was be open to all so we can help build support for the women around us. Learn more here: [http://2015.appsec.eu/women-in-application-security/ http://2015.appsec.eu/women-in-application-security] 

'''Panel: "Women in AppSec - Making it Happen"''' 
During this panel session we discussed what can be done to Make it Happen for Women in AppSec going forward. What have those currently working in the field done to Make it Happen for themselves and other women; what tips and advice do they have to help you do to make a career for yourself or encourage those around you (sister, friend, daughter, etc…) to pursue a career in AppSec? What can we as professionals can do to help encourage girls to go for a career in AppSec?

'''Workshop''' 
During the workshop we introduced female attendees of the conference to what a career in App Sec can involve. We discussed application security and the many career paths available. We hope to build relationships that may lead to a mentoring program for these women.

== AppSec USA 2013 ==
Learn more about the program here: [http://2013.appsecusa.org/2013/activities/owasp-women-in-application-security-appsec-program/index.html http://2013.appsecusa.org/2013/activities/owasp-women-in-application-security-appsec-program/index.html]

==WIA Attendee Sponsorship==

In the past, when we have offered sponsorships, we have typically had two winners selected for the sponsorship award; however, the number of winners depends on how much you can afford to sponsor. We recommend that you raise $3000 USD for each winner, at least. In the past, we have given each winner a free conference pass, one free training, and free travel and accommodation to attend the event.
[[Image:IMG_5746.JPG|right|500x260px]]
Below is the list of eligibility criteria used to select WIA sponsorship winners at AppSec USA 2013.

* Has provided 2 responsive contacts as reference, and both references are familiar with the candidate, application security, and OWASP.
* Both references have provided letters of recommendation.
* Has relevant/appropriate achievement goals for attending the conference.
* Is the applicant from the region that the conference is taking place in.
* Has background in volunteering for OWASP or similar organizations.
* Has participated in one of OWASP's programs or activities?
* Is either studying, wishing to study, working in AppSec, or interested in working in AppSec.
* Has financial need.
* Is a paid OWASP member, and/or employer/school is an OWASP sponsor.
* Has an interest in exploring application security

We encourage you to create your own set of criteria that will fit the Women In AppSec that you are planning within your region. The criteria above is meant to be a guideline of what has been used in the past.

=PLANNING A WIA EVENT=
==Planning a WIA Event==

The majority of the planning involved in running the Women in AppSec Program occurs before the conference or regional event. Below, you will find a brief outline of the tasks your team will have to take on.

'''Planning & Selection Team''' 

The first step you will need to take care of is the selection of your planning and selection team. These are the individuals that will be helping you manage the pre-event planning process and the selection of the sessions during the event. You will typically need a team of 5-6 people. The selection committee will then be broken down into several sub-teams of one to two people who will then work on sponsorship, marketing, the grading process, and the call for entries.

'''Sub-Team Roles''' 

''Sponsorship''

Two people should be responsible for developing the materials and seeking out sponsorships for the program. They will be in charge of creating the sponsorship packages, flyers, and seeking out sponsorship from other chapters and organizations.

''Marketing''

At least two people should be responsible for marketing the event. Their job will consist of putting together press releases, keeping the event planners updated on progress, and
communicating progress to the overall community. They will also be responsible for getting the message out when the team is ready to start accepting applicants.

'''Budget''' 
As mentioned above, it is up to your team to decide what it is you wish to do during the event - that will determine the budget.

'''Sponsorship''' 
It is very important to start reaching out to the overall OWASP community and their corporate contacts as potential sponsorship leads. Develop a Sponsorship Strategy and put together a sponsorship flyer outlining the program, what you are seeking, and the benefits of sponsorship. Give incentive for sponsorship and details about the program to get potential sponsors interested. Make sure to include the successes of past Women in AppSec conference events. Once you have your materials and sponsorship packages sorted, you can get started with sponsorship seeking activities.

==During the conference==
Be sure the engage the women attending the conference in the sessions you have organized: encourage them to not only attend but to be active participants. It's not all about the women try and encourage some men to get involved and attend also, for this initiative to be successful it must be inclusive.

==Post-Conference==

After the conference, it is very important to gather feedback from the participants to make sure they enjoyed the experience. Ask them for a brief description about their experience, with a picture attached for the website. Then write up a review and lessons learned page to document the experience with the program. Make sure to include what can be improved upon in the future.

==Global AppSec Conferences==

[[Image:Appsec_APAC.jpg|right|x375px]]
OWASP AppSec conferences bring together industry, government, security researchers, and practitioners to discuss the state of the art in software security. This series was launched in the United States in 2004 and Europe in 2005. Global AppSec conferences are held annually in North America, Latin America, Europe, and Asia Pacific. Additionally, regional events are held in locations such as Brazil, China, India, Ireland, Israel, and Washington D.C just to name a few. The aim of the foundation is to bring the Women in AppSec Program to all of our regional and global events.

'''AppSec APAC'''

The AppSec APAC global conference takes place in the Asian-Pacific region. This conference is a reunion of local software security leaders, and aims to present cutting-edge ideas to attendees. OWASP events attract a worldwide audience interested in “what’s next”, and this global conference is no different. The conference is expected to draw 200-250 technologists each year from Government, Financial Services, Media, Pharmaceuticals, Healthcare, Technology, and many more. Women from the Asia-Pacific region are encouraged to apply to the program taking place during AppSec APAC.

'''AppSec EU'''

The AppSec EU global conference take place in the European region. Executives from Fortune 500 firms along with technical thought leaders such as security architects and lead developers, travel to hear the cutting-edge ideas presented by the software security industry's top talent. This conference is expected to draw 400-500 attendees each year from various regions within the Europe and beyond. Women from the European region are encouraged to apply to the program taking place during AppSec EU Research

'''AppSec Latam'''

The AppSec LATAM global conference takes place in the Latin American region. AppSec LATAM is a reunion of Latin American, software security leaders, providing a platform to discuss, participate in, and innovate within the software security industry. The conference is expected to draw 200-250 attendees from the Latin American region and beyond. Women in the Latin American region are encouraged to apply to the program taking place during AppSec LATAM.

'''AppSec USA'''

The AppSec USA global conference takes place in the North American region. AppSec USA is a world-class software security conference for technologists, auditors, risk managers, and entrepreneurs, gathering the world's top practitioner, to share the latest research and practices. This conference is expected to draw over 300 attendees within the North American region. AppSec USA is typically OWASP's biggest conference of the year so women are encouraged to apply to the program taking place during AppSec USA if they live or will be traveling from within North America.

=APPSEC USA 2015=
Planning is currently underway for AppSec USA 2015 WIA activities. We are exploring a networking room as well as other activities. Interested in getting involved? [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support].

Keep an eye on this space for more information!

==Bring the InfoSec Girls to AppSec USA 2015==
We are especially excited to invite the founders of the InfoSec Girls initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world. 
'''Donate now:''' 

<paypal>Women In AppSec</paypal> 

'''About InfoSec Girls''' 
Based in India, [https://infosecgirls.in/ InfoSec Girls] educates women about information security both at the community level and as a career option. Their kickoff event at C0c0n 2014 in Kochi, Kerala attracted 130 women and was the first event of it’s kind in the region.

Founders Apoorva Giri and Shruthi Kamath have spoken extensively on cybersecurity and women’s issues in India. Their efforts to bring awareness of cybersecurity to a wider audience has empowered women and girls to consider security careers as well as protect themselves online. They are also members of OWASP WIA.

At AppSec USA in September, they will inspire and inform your organization’s diversity and education programs, as well as give individual OWASP members ideas on how they can contribute to the application security education effort. 

'''Sponsorship opportunities''' 
Sponsorship opportunities for commercial organizations and OWASP chapters are also available. Please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information about sponsorship packages.

=PAST WINNERS=
==Previous Women in AppSec Winners==
Following their experience at AppSec, winners are encouraged to write a short piece about their experience at the conference and their participation in the Women in AppSec program. Here, they outline their experience with the Women in AppSec Program in their own words.

'''Carrie Schaper, 2013 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Carrie Schaper Small.jpg|100px]]
| align="justify" |"OWASP Appsec proved to be a great experience for me, uniting and interacting with friends, professionals, and colleagues from the Information Security space from across the US and Internationally whom were in attendance. The huge space and well organized functions such as the: trainings, expert talks, panels, bug-bounty, lock-picking village and social events all enhanced the conference experience. Participating on the Women in IT panel was a wonderful experience, as many women were in attendance and participated in collaborative discussions. OWASP Appsec held in NY this year, was a premier NY conference not to be missed. Thank you to OWASP, its attendees and organizers."
|}
 

'''Nancy Lornston, 2013 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Nancy Lorntson Small.jpg|100px]]
| align="justify" |"AppSec 2013 was an awesome experience! Nowhere in the world can you find the top security experts all in one place at one time (and participate in a marriage proposal!). The conference presentations were well organized and the speakers were prepared to share pros, cons, successes and failures of their work in order to advance the application security domain. The variety of vendors was terrific as well.

The Women in AppSec panel was an opportunity to advance women's position in the community. Each speaker shared some very candid remarks about their personal experiences and by the end, it was clear that while more work needs to be done, there is a sincere interest by companies, universities and the industry in general to work on doing the things needed to attract more women to the profession.

The training course I attended (Open source tools) lived up to it's billing and I came away with several invaluable tips and strategies to improve our program.

A huge thank you to the Women in App Sec Panel and OWASP in general for this opportunity to attend the premier Application Security Conference in the world."
|}
 

'''Tara Wilson, 2011 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Tara wilson.jpg|100px]]
| align="justify" |“Being fortunate enough to receive the Women in AppSec sponsorhsip is a unique and valuable experience. It is a great opportunity for women to have a chance to bolster their skills and dive deep into the world of application security. I found that attending the conference was not only a great way to experience what the OWASP community has to offer, but it also gives students a chance to network with a great group of people who are passionate about their field and willing to share a wealth of information.”
|}
 

'''Chandni Bhowmik, 2011 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Chandni_bhowmik.jpg|100px]]
| align="justify" |Chandni Bhowmik is currently completing an M.S. in Computer Security and Information Assurance at the Rochester Institute of Technology (RIT). Her first introduction to OWASP was through the project WebScarab during an application security lab last spring at RIT and her interest in OWASP grew ever since. Over the summer, she started programming open source web applications using built-in security features of Django and Python. She is interested in becoming an information security researcher, and hopes to leverage learning at OWASP AppSec USA 2011 in ad-hoc architecture, mobile platforms and over-all concepts of web application security. Besides secure programming, Chandni enjoys her current research involving digital image forensics and machine learning. In addition to attending school, she has interned in IT security and compliance at Paychex, a Rochester based payroll processing company, and gained industrial experience working an assistant systems engineer for Tata Consultancy Services, a global IT firm.
|}
 

=WIA SPONSORS=
We'd like to offer a warm thanks to the individuals and organizations that have sponsored the OWASP Women in Technology project. 
==Diamond Sponsors==
 
[[File:Netflix_Logo_Print_FourColorCMYK_Small.png]] 
==Platinum Sponsors==
==Gold Sponsors==
==Silver Sponsors==
 
[[File:Owasp_logo_ireland_small.jpg‎]] '''OWASP Dublin-Ireland''' 
[[File:Owaspjapan.png]] '''OWASP Japan''' 
[[File:New_OWASP_LA_Logo-08-2014.jpg]] '''OWASP Los Angeles''' 
[[File:Owaspnyc.jpeg]]'''OWASP NYC''' 
'''OWASP BOSTON''' ‎
'''OWASP DENVER''' ‎
'''OWASP MINNEAPOLIS ST. PAUL''' 
'''OWASP NETHERLANDS''' 
'''OWASP NORWAY''' 

=SPONSOR WIA=
==Sponsor WIA==
We'd like to offer a warm thanks to the individuals and organizations that have sponsored the OWASP Women in Technology project. If your organization would like to discuss sponsorship, please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information. 

'''Sponsorship Packages for AppSec USA 2015:''' 
'''Silver:''' Donate $500 or more, get your company name and logo on the WIA Wiki Sponsorship Tab from now until June 2016. (10 sponsorships available) 
'''Gold:''' Donate $1500 or more, get your company name and logo on the WIA Wiki Sponsorship Tab from now until June 2016 and put your literature on the table in the WIA meeting room at AppSec USA (8 sponsorships available). 
'''Platinum:''' Donate $2500 or more, all of the above place a banner stand in the WIA meeting room at AppSec USA and have your company logo/social handle on the screen at the WIA session. (5 Sponsorships available). 
'''Diamond:''' Donate $3500 or more, all of the above plus introduce the WIA speakers at the AppSec USA WIA session. (1 Sponsorship available).

=CONTACT US=

==Contact Us==

If you are interested in another piece of OWASP design for your event or project, please let us know by using the [http://owasp4.owasp.org/contactus.html OWASP Contact Us form].

<headertabs />

Women In AppSec

2015-08-20T20:05:04Z

Kerryjorichards: /* WIA SPONSORS */

=WELCOME=

==Women in Application Security Program==

The purpose of the Women in AppSec Program is to increase the participation of women in the field of application security. The program was successfully launched in 2011 at AppSec USA, and the aim is to run the program at every OWASP Global AppSec going forward. Most recently, at AppSec EU in Amsterndam in May 2015, a program with the theme "Women in AppSec - Making it Happen" was launched and both a panel and a workshop were included at the event.

The Women in AppSec program is for any OWASP member who believes that diversity is important to the success of the organization, as well as for women looking to learn more about AppSec or who want to make career connections with like-minded colleagues. This includes female undergraduate and graduate students, instructors, and professionals who are dedicated to information security or application development.

'''AppSec USA 2015''' 
Currently, there is an effort to plan activities for AppSec USA 2015. Volunteers are eagerly sought to support the program at AppSec USA! We are especially excited to invite the founders of the '''InfoSec Girls''' initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world. '''Donate now:''' 

<paypal>Women In AppSec</paypal>

'''Want to find out more?''' Join the weekly meeting - reach out via the [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support].

Regional conferences are also encouraged to host the Women in AppSec program. Contact us via the [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support] to discuss how to successfully run a program at your event.

{|
|-
! width="400" align="left" |
! width="400" align="left" |
|-
| align="left" | [[Image:WiAAPAC3.jpg| left|330px]] 
| align="left" | [[Image:IMG_5579.JPG|left|325px]]
| align="left" | [[Image:WiAAPAC2.jpg|left|330px]]

|}

==Contact Us==

If you are interested in another piece of OWASP design for your event or project, please let us know by using the [http://owasp4.owasp.org/contactus.html OWASP Contact Us form].

==Links==
*[https://www.isc2.org/PressReleaseDetails.aspx?id=11240 (ISC)²® Report Reveals Women's Perspective and Skills are Transforming the Information Security Industry October 29, 2013].

*[https://www.youtube.com/watch?v=62i4o15NbgA&list=PLpr-xdpM8wG8ODR2zWs06JkMmlRiLyBXU&index=42 Women in AppSec Panel at AppSec USA 2013: Women in Information Security: Who Are We? Where Are We Going? Why? -- Joan Goodchild (Audio Only)]

=ABOUT THE PROGRAM=

The OWASP Foundation, in recognition of value to both organizations and society, is working to support and enhance programs that increase the participation of women in the field of information and application security. The OWASP Foundation Women in AppSec Program provides merit-based funding for women to attend participating OWASP AppSec conferences. OWASP’s current program objective is to encourage female students at both the undergraduate and graduate levels, instructors, and professional working women who are dedicated to a career in information security and/or application development, to expand their skills and pursue application security. Interested applicants are encouraged to apply to the program running within their region of residence. 

'''AppSec USA 2015''' 
Join the AppSecUSA 2015 Women in AppSec Program Organizing Committee on the OWASP Women in AppSec Community Group: https://myowasp.force.com. We are planning several activities for the AppSec USA event.

We are especially excited to invite the founders of the InfoSec Girls initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world. 
'''Donate now:''' 
<paypal>Women In AppSec</paypal>

Sponsorship opportunities for commercial organizations and OWASP chapters are also available. Please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information about sponsorship packages.

=PREVIOUS WIA ACTIVITIES=

== AppSec EU 2015 ==
During AppSec EU there was a panel discussion and workshop supported by the Women in AppSec initiative. Through these sessions we hoped to encourage women to pursue a career in AppSec and help them realize it is an option for them. These sessions was be open to all so we can help build support for the women around us. Learn more here: [http://2015.appsec.eu/women-in-application-security/ http://2015.appsec.eu/women-in-application-security] 

'''Panel: "Women in AppSec - Making it Happen"''' 
During this panel session we discussed what can be done to Make it Happen for Women in AppSec going forward. What have those currently working in the field done to Make it Happen for themselves and other women; what tips and advice do they have to help you do to make a career for yourself or encourage those around you (sister, friend, daughter, etc…) to pursue a career in AppSec? What can we as professionals can do to help encourage girls to go for a career in AppSec?

'''Workshop''' 
During the workshop we introduced female attendees of the conference to what a career in App Sec can involve. We discussed application security and the many career paths available. We hope to build relationships that may lead to a mentoring program for these women.

== AppSec USA 2013 ==
Learn more about the program here: [http://2013.appsecusa.org/2013/activities/owasp-women-in-application-security-appsec-program/index.html http://2013.appsecusa.org/2013/activities/owasp-women-in-application-security-appsec-program/index.html]

==WIA Attendee Sponsorship==

In the past, when we have offered sponsorships, we have typically had two winners selected for the sponsorship award; however, the number of winners depends on how much you can afford to sponsor. We recommend that you raise $3000 USD for each winner, at least. In the past, we have given each winner a free conference pass, one free training, and free travel and accommodation to attend the event.
[[Image:IMG_5746.JPG|right|500x260px]]
Below is the list of eligibility criteria used to select WIA sponsorship winners at AppSec USA 2013.

* Has provided 2 responsive contacts as reference, and both references are familiar with the candidate, application security, and OWASP.
* Both references have provided letters of recommendation.
* Has relevant/appropriate achievement goals for attending the conference.
* Is the applicant from the region that the conference is taking place in.
* Has background in volunteering for OWASP or similar organizations.
* Has participated in one of OWASP's programs or activities?
* Is either studying, wishing to study, working in AppSec, or interested in working in AppSec.
* Has financial need.
* Is a paid OWASP member, and/or employer/school is an OWASP sponsor.
* Has an interest in exploring application security

We encourage you to create your own set of criteria that will fit the Women In AppSec that you are planning within your region. The criteria above is meant to be a guideline of what has been used in the past.

=PLANNING A WIA EVENT=
==Planning a WIA Event==

The majority of the planning involved in running the Women in AppSec Program occurs before the conference or regional event. Below, you will find a brief outline of the tasks your team will have to take on.

'''Planning & Selection Team''' 

The first step you will need to take care of is the selection of your planning and selection team. These are the individuals that will be helping you manage the pre-event planning process and the selection of the sessions during the event. You will typically need a team of 5-6 people. The selection committee will then be broken down into several sub-teams of one to two people who will then work on sponsorship, marketing, the grading process, and the call for entries.

'''Sub-Team Roles''' 

''Sponsorship''

Two people should be responsible for developing the materials and seeking out sponsorships for the program. They will be in charge of creating the sponsorship packages, flyers, and seeking out sponsorship from other chapters and organizations.

''Marketing''

At least two people should be responsible for marketing the event. Their job will consist of putting together press releases, keeping the event planners updated on progress, and
communicating progress to the overall community. They will also be responsible for getting the message out when the team is ready to start accepting applicants.

'''Budget''' 
As mentioned above, it is up to your team to decide what it is you wish to do during the event - that will determine the budget.

'''Sponsorship''' 
It is very important to start reaching out to the overall OWASP community and their corporate contacts as potential sponsorship leads. Develop a Sponsorship Strategy and put together a sponsorship flyer outlining the program, what you are seeking, and the benefits of sponsorship. Give incentive for sponsorship and details about the program to get potential sponsors interested. Make sure to include the successes of past Women in AppSec conference events. Once you have your materials and sponsorship packages sorted, you can get started with sponsorship seeking activities.

==During the conference==
Be sure the engage the women attending the conference in the sessions you have organized: encourage them to not only attend but to be active participants. It's not all about the women try and encourage some men to get involved and attend also, for this initiative to be successful it must be inclusive.

==Post-Conference==

After the conference, it is very important to gather feedback from the participants to make sure they enjoyed the experience. Ask them for a brief description about their experience, with a picture attached for the website. Then write up a review and lessons learned page to document the experience with the program. Make sure to include what can be improved upon in the future.

==Global AppSec Conferences==

[[Image:Appsec_APAC.jpg|right|x375px]]
OWASP AppSec conferences bring together industry, government, security researchers, and practitioners to discuss the state of the art in software security. This series was launched in the United States in 2004 and Europe in 2005. Global AppSec conferences are held annually in North America, Latin America, Europe, and Asia Pacific. Additionally, regional events are held in locations such as Brazil, China, India, Ireland, Israel, and Washington D.C just to name a few. The aim of the foundation is to bring the Women in AppSec Program to all of our regional and global events.

'''AppSec APAC'''

The AppSec APAC global conference takes place in the Asian-Pacific region. This conference is a reunion of local software security leaders, and aims to present cutting-edge ideas to attendees. OWASP events attract a worldwide audience interested in “what’s next”, and this global conference is no different. The conference is expected to draw 200-250 technologists each year from Government, Financial Services, Media, Pharmaceuticals, Healthcare, Technology, and many more. Women from the Asia-Pacific region are encouraged to apply to the program taking place during AppSec APAC.

'''AppSec EU'''

The AppSec EU global conference take place in the European region. Executives from Fortune 500 firms along with technical thought leaders such as security architects and lead developers, travel to hear the cutting-edge ideas presented by the software security industry's top talent. This conference is expected to draw 400-500 attendees each year from various regions within the Europe and beyond. Women from the European region are encouraged to apply to the program taking place during AppSec EU Research

'''AppSec Latam'''

The AppSec LATAM global conference takes place in the Latin American region. AppSec LATAM is a reunion of Latin American, software security leaders, providing a platform to discuss, participate in, and innovate within the software security industry. The conference is expected to draw 200-250 attendees from the Latin American region and beyond. Women in the Latin American region are encouraged to apply to the program taking place during AppSec LATAM.

'''AppSec USA'''

The AppSec USA global conference takes place in the North American region. AppSec USA is a world-class software security conference for technologists, auditors, risk managers, and entrepreneurs, gathering the world's top practitioner, to share the latest research and practices. This conference is expected to draw over 300 attendees within the North American region. AppSec USA is typically OWASP's biggest conference of the year so women are encouraged to apply to the program taking place during AppSec USA if they live or will be traveling from within North America.

=APPSEC USA 2015=
Planning is currently underway for AppSec USA 2015 WIA activities. We are exploring a networking room as well as other activities. Interested in getting involved? [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support].

Keep an eye on this space for more information!

==Bring the InfoSec Girls to AppSec USA 2015==
We are especially excited to invite the founders of the InfoSec Girls initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world. 
'''Donate now:''' 

<paypal>Women In AppSec</paypal> 

'''About InfoSec Girls''' 
Based in India, [https://infosecgirls.in/ InfoSec Girls] educates women about information security both at the community level and as a career option. Their kickoff event at C0c0n 2014 in Kochi, Kerala attracted 130 women and was the first event of it’s kind in the region.

Founders Apoorva Giri and Shruthi Kamath have spoken extensively on cybersecurity and women’s issues in India. Their efforts to bring awareness of cybersecurity to a wider audience has empowered women and girls to consider security careers as well as protect themselves online. They are also members of OWASP WIA.

At AppSec USA in September, they will inspire and inform your organization’s diversity and education programs, as well as give individual OWASP members ideas on how they can contribute to the application security education effort. 

'''Sponsorship opportunities''' 
Sponsorship opportunities for commercial organizations and OWASP chapters are also available. Please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information about sponsorship packages.

=PAST WINNERS=
==Previous Women in AppSec Winners==
Following their experience at AppSec, winners are encouraged to write a short piece about their experience at the conference and their participation in the Women in AppSec program. Here, they outline their experience with the Women in AppSec Program in their own words.

'''Carrie Schaper, 2013 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Carrie Schaper Small.jpg|100px]]
| align="justify" |"OWASP Appsec proved to be a great experience for me, uniting and interacting with friends, professionals, and colleagues from the Information Security space from across the US and Internationally whom were in attendance. The huge space and well organized functions such as the: trainings, expert talks, panels, bug-bounty, lock-picking village and social events all enhanced the conference experience. Participating on the Women in IT panel was a wonderful experience, as many women were in attendance and participated in collaborative discussions. OWASP Appsec held in NY this year, was a premier NY conference not to be missed. Thank you to OWASP, its attendees and organizers."
|}
 

'''Nancy Lornston, 2013 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Nancy Lorntson Small.jpg|100px]]
| align="justify" |"AppSec 2013 was an awesome experience! Nowhere in the world can you find the top security experts all in one place at one time (and participate in a marriage proposal!). The conference presentations were well organized and the speakers were prepared to share pros, cons, successes and failures of their work in order to advance the application security domain. The variety of vendors was terrific as well.

The Women in AppSec panel was an opportunity to advance women's position in the community. Each speaker shared some very candid remarks about their personal experiences and by the end, it was clear that while more work needs to be done, there is a sincere interest by companies, universities and the industry in general to work on doing the things needed to attract more women to the profession.

The training course I attended (Open source tools) lived up to it's billing and I came away with several invaluable tips and strategies to improve our program.

A huge thank you to the Women in App Sec Panel and OWASP in general for this opportunity to attend the premier Application Security Conference in the world."
|}
 

'''Tara Wilson, 2011 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Tara wilson.jpg|100px]]
| align="justify" |“Being fortunate enough to receive the Women in AppSec sponsorhsip is a unique and valuable experience. It is a great opportunity for women to have a chance to bolster their skills and dive deep into the world of application security. I found that attending the conference was not only a great way to experience what the OWASP community has to offer, but it also gives students a chance to network with a great group of people who are passionate about their field and willing to share a wealth of information.”
|}
 

'''Chandni Bhowmik, 2011 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Chandni_bhowmik.jpg|100px]]
| align="justify" |Chandni Bhowmik is currently completing an M.S. in Computer Security and Information Assurance at the Rochester Institute of Technology (RIT). Her first introduction to OWASP was through the project WebScarab during an application security lab last spring at RIT and her interest in OWASP grew ever since. Over the summer, she started programming open source web applications using built-in security features of Django and Python. She is interested in becoming an information security researcher, and hopes to leverage learning at OWASP AppSec USA 2011 in ad-hoc architecture, mobile platforms and over-all concepts of web application security. Besides secure programming, Chandni enjoys her current research involving digital image forensics and machine learning. In addition to attending school, she has interned in IT security and compliance at Paychex, a Rochester based payroll processing company, and gained industrial experience working an assistant systems engineer for Tata Consultancy Services, a global IT firm.
|}
 

=WIA SPONSORS=
We'd like to offer a warm thanks to the individuals and organizations that have sponsored the OWASP Women in Technology project. 
==Diamond Sponsors==
==Platinum Sponsors==
 
[[File:Netflix_Logo_Print_FourColorCMYK_Small.png]]

==Gold Sponsors==
==Silver Sponsors==
 
[[File:Owasp_logo_ireland_small.jpg‎]] '''OWASP Dublin-Ireland''' 
[[File:Owaspjapan.png]] '''OWASP Japan''' 
[[File:New_OWASP_LA_Logo-08-2014.jpg]] '''OWASP Los Angeles''' 
[[File:Owaspnyc.jpeg]]'''OWASP NYC''' 
'''OWASP BOSTON''' ‎
'''OWASP DENVER''' ‎
'''OWASP MINNEAPOLIS ST. PAUL''' 
'''OWASP NETHERLANDS''' 
'''OWASP NORWAY''' 

=SPONSOR WIA=
==Sponsor WIA==
We'd like to offer a warm thanks to the individuals and organizations that have sponsored the OWASP Women in Technology project. If your organization would like to discuss sponsorship, please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information. 

'''Sponsorship Packages for AppSec USA 2015:''' 
'''Silver:''' Donate $500 or more, get your company name and logo on the WIA Wiki Sponsorship Tab from now until June 2016. (10 sponsorships available) 
'''Gold:''' Donate $1500 or more, get your company name and logo on the WIA Wiki Sponsorship Tab from now until June 2016 and put your literature on the table in the WIA meeting room at AppSec USA (8 sponsorships available). 
'''Platinum:''' Donate $2500 or more, all of the above place a banner stand in the WIA meeting room at AppSec USA and have your company logo/social handle on the screen at the WIA session. (5 Sponsorships available). 
'''Diamond:''' Donate $3500 or more, all of the above plus introduce the WIA speakers at the AppSec USA WIA session. (1 Sponsorship available).

=CONTACT US=

==Contact Us==

If you are interested in another piece of OWASP design for your event or project, please let us know by using the [http://owasp4.owasp.org/contactus.html OWASP Contact Us form].

<headertabs />

File:Owaspjapan.png

2015-08-20T20:03:00Z

Kerryjorichards: owaspjapan logo

owaspjapan logo

Women In AppSec

2015-08-20T19:59:25Z

Kerryjorichards: /* Silver Sponsors */

=WELCOME=

==Women in Application Security Program==

The purpose of the Women in AppSec Program is to increase the participation of women in the field of application security. The program was successfully launched in 2011 at AppSec USA, and the aim is to run the program at every OWASP Global AppSec going forward. Most recently, at AppSec EU in Amsterndam in May 2015, a program with the theme "Women in AppSec - Making it Happen" was launched and both a panel and a workshop were included at the event.

The Women in AppSec program is for any OWASP member who believes that diversity is important to the success of the organization, as well as for women looking to learn more about AppSec or who want to make career connections with like-minded colleagues. This includes female undergraduate and graduate students, instructors, and professionals who are dedicated to information security or application development.

'''AppSec USA 2015''' 
Currently, there is an effort to plan activities for AppSec USA 2015. Volunteers are eagerly sought to support the program at AppSec USA! We are especially excited to invite the founders of the '''InfoSec Girls''' initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world. '''Donate now:''' 

<paypal>Women In AppSec</paypal>

'''Want to find out more?''' Join the weekly meeting - reach out via the [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support].

Regional conferences are also encouraged to host the Women in AppSec program. Contact us via the [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support] to discuss how to successfully run a program at your event.

{|
|-
! width="400" align="left" |
! width="400" align="left" |
|-
| align="left" | [[Image:WiAAPAC3.jpg| left|330px]] 
| align="left" | [[Image:IMG_5579.JPG|left|325px]]
| align="left" | [[Image:WiAAPAC2.jpg|left|330px]]

|}

==Contact Us==

If you are interested in another piece of OWASP design for your event or project, please let us know by using the [http://owasp4.owasp.org/contactus.html OWASP Contact Us form].

==Links==
*[https://www.isc2.org/PressReleaseDetails.aspx?id=11240 (ISC)²® Report Reveals Women's Perspective and Skills are Transforming the Information Security Industry October 29, 2013].

*[https://www.youtube.com/watch?v=62i4o15NbgA&list=PLpr-xdpM8wG8ODR2zWs06JkMmlRiLyBXU&index=42 Women in AppSec Panel at AppSec USA 2013: Women in Information Security: Who Are We? Where Are We Going? Why? -- Joan Goodchild (Audio Only)]

=ABOUT THE PROGRAM=

The OWASP Foundation, in recognition of value to both organizations and society, is working to support and enhance programs that increase the participation of women in the field of information and application security. The OWASP Foundation Women in AppSec Program provides merit-based funding for women to attend participating OWASP AppSec conferences. OWASP’s current program objective is to encourage female students at both the undergraduate and graduate levels, instructors, and professional working women who are dedicated to a career in information security and/or application development, to expand their skills and pursue application security. Interested applicants are encouraged to apply to the program running within their region of residence. 

'''AppSec USA 2015''' 
Join the AppSecUSA 2015 Women in AppSec Program Organizing Committee on the OWASP Women in AppSec Community Group: https://myowasp.force.com. We are planning several activities for the AppSec USA event.

We are especially excited to invite the founders of the InfoSec Girls initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world. 
'''Donate now:''' 
<paypal>Women In AppSec</paypal>

Sponsorship opportunities for commercial organizations and OWASP chapters are also available. Please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information about sponsorship packages.

=PREVIOUS WIA ACTIVITIES=

== AppSec EU 2015 ==
During AppSec EU there was a panel discussion and workshop supported by the Women in AppSec initiative. Through these sessions we hoped to encourage women to pursue a career in AppSec and help them realize it is an option for them. These sessions was be open to all so we can help build support for the women around us. Learn more here: [http://2015.appsec.eu/women-in-application-security/ http://2015.appsec.eu/women-in-application-security] 

'''Panel: "Women in AppSec - Making it Happen"''' 
During this panel session we discussed what can be done to Make it Happen for Women in AppSec going forward. What have those currently working in the field done to Make it Happen for themselves and other women; what tips and advice do they have to help you do to make a career for yourself or encourage those around you (sister, friend, daughter, etc…) to pursue a career in AppSec? What can we as professionals can do to help encourage girls to go for a career in AppSec?

'''Workshop''' 
During the workshop we introduced female attendees of the conference to what a career in App Sec can involve. We discussed application security and the many career paths available. We hope to build relationships that may lead to a mentoring program for these women.

== AppSec USA 2013 ==
Learn more about the program here: [http://2013.appsecusa.org/2013/activities/owasp-women-in-application-security-appsec-program/index.html http://2013.appsecusa.org/2013/activities/owasp-women-in-application-security-appsec-program/index.html]

==WIA Attendee Sponsorship==

In the past, when we have offered sponsorships, we have typically had two winners selected for the sponsorship award; however, the number of winners depends on how much you can afford to sponsor. We recommend that you raise $3000 USD for each winner, at least. In the past, we have given each winner a free conference pass, one free training, and free travel and accommodation to attend the event.
[[Image:IMG_5746.JPG|right|500x260px]]
Below is the list of eligibility criteria used to select WIA sponsorship winners at AppSec USA 2013.

* Has provided 2 responsive contacts as reference, and both references are familiar with the candidate, application security, and OWASP.
* Both references have provided letters of recommendation.
* Has relevant/appropriate achievement goals for attending the conference.
* Is the applicant from the region that the conference is taking place in.
* Has background in volunteering for OWASP or similar organizations.
* Has participated in one of OWASP's programs or activities?
* Is either studying, wishing to study, working in AppSec, or interested in working in AppSec.
* Has financial need.
* Is a paid OWASP member, and/or employer/school is an OWASP sponsor.
* Has an interest in exploring application security

We encourage you to create your own set of criteria that will fit the Women In AppSec that you are planning within your region. The criteria above is meant to be a guideline of what has been used in the past.

=PLANNING A WIA EVENT=
==Planning a WIA Event==

The majority of the planning involved in running the Women in AppSec Program occurs before the conference or regional event. Below, you will find a brief outline of the tasks your team will have to take on.

'''Planning & Selection Team''' 

The first step you will need to take care of is the selection of your planning and selection team. These are the individuals that will be helping you manage the pre-event planning process and the selection of the sessions during the event. You will typically need a team of 5-6 people. The selection committee will then be broken down into several sub-teams of one to two people who will then work on sponsorship, marketing, the grading process, and the call for entries.

'''Sub-Team Roles''' 

''Sponsorship''

Two people should be responsible for developing the materials and seeking out sponsorships for the program. They will be in charge of creating the sponsorship packages, flyers, and seeking out sponsorship from other chapters and organizations.

''Marketing''

At least two people should be responsible for marketing the event. Their job will consist of putting together press releases, keeping the event planners updated on progress, and
communicating progress to the overall community. They will also be responsible for getting the message out when the team is ready to start accepting applicants.

'''Budget''' 
As mentioned above, it is up to your team to decide what it is you wish to do during the event - that will determine the budget.

'''Sponsorship''' 
It is very important to start reaching out to the overall OWASP community and their corporate contacts as potential sponsorship leads. Develop a Sponsorship Strategy and put together a sponsorship flyer outlining the program, what you are seeking, and the benefits of sponsorship. Give incentive for sponsorship and details about the program to get potential sponsors interested. Make sure to include the successes of past Women in AppSec conference events. Once you have your materials and sponsorship packages sorted, you can get started with sponsorship seeking activities.

==During the conference==
Be sure the engage the women attending the conference in the sessions you have organized: encourage them to not only attend but to be active participants. It's not all about the women try and encourage some men to get involved and attend also, for this initiative to be successful it must be inclusive.

==Post-Conference==

After the conference, it is very important to gather feedback from the participants to make sure they enjoyed the experience. Ask them for a brief description about their experience, with a picture attached for the website. Then write up a review and lessons learned page to document the experience with the program. Make sure to include what can be improved upon in the future.

==Global AppSec Conferences==

[[Image:Appsec_APAC.jpg|right|x375px]]
OWASP AppSec conferences bring together industry, government, security researchers, and practitioners to discuss the state of the art in software security. This series was launched in the United States in 2004 and Europe in 2005. Global AppSec conferences are held annually in North America, Latin America, Europe, and Asia Pacific. Additionally, regional events are held in locations such as Brazil, China, India, Ireland, Israel, and Washington D.C just to name a few. The aim of the foundation is to bring the Women in AppSec Program to all of our regional and global events.

'''AppSec APAC'''

The AppSec APAC global conference takes place in the Asian-Pacific region. This conference is a reunion of local software security leaders, and aims to present cutting-edge ideas to attendees. OWASP events attract a worldwide audience interested in “what’s next”, and this global conference is no different. The conference is expected to draw 200-250 technologists each year from Government, Financial Services, Media, Pharmaceuticals, Healthcare, Technology, and many more. Women from the Asia-Pacific region are encouraged to apply to the program taking place during AppSec APAC.

'''AppSec EU'''

The AppSec EU global conference take place in the European region. Executives from Fortune 500 firms along with technical thought leaders such as security architects and lead developers, travel to hear the cutting-edge ideas presented by the software security industry's top talent. This conference is expected to draw 400-500 attendees each year from various regions within the Europe and beyond. Women from the European region are encouraged to apply to the program taking place during AppSec EU Research

'''AppSec Latam'''

The AppSec LATAM global conference takes place in the Latin American region. AppSec LATAM is a reunion of Latin American, software security leaders, providing a platform to discuss, participate in, and innovate within the software security industry. The conference is expected to draw 200-250 attendees from the Latin American region and beyond. Women in the Latin American region are encouraged to apply to the program taking place during AppSec LATAM.

'''AppSec USA'''

The AppSec USA global conference takes place in the North American region. AppSec USA is a world-class software security conference for technologists, auditors, risk managers, and entrepreneurs, gathering the world's top practitioner, to share the latest research and practices. This conference is expected to draw over 300 attendees within the North American region. AppSec USA is typically OWASP's biggest conference of the year so women are encouraged to apply to the program taking place during AppSec USA if they live or will be traveling from within North America.

=APPSEC USA 2015=
Planning is currently underway for AppSec USA 2015 WIA activities. We are exploring a networking room as well as other activities. Interested in getting involved? [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support].

Keep an eye on this space for more information!

==Bring the InfoSec Girls to AppSec USA 2015==
We are especially excited to invite the founders of the InfoSec Girls initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world. 
'''Donate now:''' 

<paypal>Women In AppSec</paypal> 

'''About InfoSec Girls''' 
Based in India, [https://infosecgirls.in/ InfoSec Girls] educates women about information security both at the community level and as a career option. Their kickoff event at C0c0n 2014 in Kochi, Kerala attracted 130 women and was the first event of it’s kind in the region.

Founders Apoorva Giri and Shruthi Kamath have spoken extensively on cybersecurity and women’s issues in India. Their efforts to bring awareness of cybersecurity to a wider audience has empowered women and girls to consider security careers as well as protect themselves online. They are also members of OWASP WIA.

At AppSec USA in September, they will inspire and inform your organization’s diversity and education programs, as well as give individual OWASP members ideas on how they can contribute to the application security education effort. 

'''Sponsorship opportunities''' 
Sponsorship opportunities for commercial organizations and OWASP chapters are also available. Please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information about sponsorship packages.

=PAST WINNERS=
==Previous Women in AppSec Winners==
Following their experience at AppSec, winners are encouraged to write a short piece about their experience at the conference and their participation in the Women in AppSec program. Here, they outline their experience with the Women in AppSec Program in their own words.

'''Carrie Schaper, 2013 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Carrie Schaper Small.jpg|100px]]
| align="justify" |"OWASP Appsec proved to be a great experience for me, uniting and interacting with friends, professionals, and colleagues from the Information Security space from across the US and Internationally whom were in attendance. The huge space and well organized functions such as the: trainings, expert talks, panels, bug-bounty, lock-picking village and social events all enhanced the conference experience. Participating on the Women in IT panel was a wonderful experience, as many women were in attendance and participated in collaborative discussions. OWASP Appsec held in NY this year, was a premier NY conference not to be missed. Thank you to OWASP, its attendees and organizers."
|}
 

'''Nancy Lornston, 2013 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Nancy Lorntson Small.jpg|100px]]
| align="justify" |"AppSec 2013 was an awesome experience! Nowhere in the world can you find the top security experts all in one place at one time (and participate in a marriage proposal!). The conference presentations were well organized and the speakers were prepared to share pros, cons, successes and failures of their work in order to advance the application security domain. The variety of vendors was terrific as well.

The Women in AppSec panel was an opportunity to advance women's position in the community. Each speaker shared some very candid remarks about their personal experiences and by the end, it was clear that while more work needs to be done, there is a sincere interest by companies, universities and the industry in general to work on doing the things needed to attract more women to the profession.

The training course I attended (Open source tools) lived up to it's billing and I came away with several invaluable tips and strategies to improve our program.

A huge thank you to the Women in App Sec Panel and OWASP in general for this opportunity to attend the premier Application Security Conference in the world."
|}
 

'''Tara Wilson, 2011 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Tara wilson.jpg|100px]]
| align="justify" |“Being fortunate enough to receive the Women in AppSec sponsorhsip is a unique and valuable experience. It is a great opportunity for women to have a chance to bolster their skills and dive deep into the world of application security. I found that attending the conference was not only a great way to experience what the OWASP community has to offer, but it also gives students a chance to network with a great group of people who are passionate about their field and willing to share a wealth of information.”
|}
 

'''Chandni Bhowmik, 2011 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Chandni_bhowmik.jpg|100px]]
| align="justify" |Chandni Bhowmik is currently completing an M.S. in Computer Security and Information Assurance at the Rochester Institute of Technology (RIT). Her first introduction to OWASP was through the project WebScarab during an application security lab last spring at RIT and her interest in OWASP grew ever since. Over the summer, she started programming open source web applications using built-in security features of Django and Python. She is interested in becoming an information security researcher, and hopes to leverage learning at OWASP AppSec USA 2011 in ad-hoc architecture, mobile platforms and over-all concepts of web application security. Besides secure programming, Chandni enjoys her current research involving digital image forensics and machine learning. In addition to attending school, she has interned in IT security and compliance at Paychex, a Rochester based payroll processing company, and gained industrial experience working an assistant systems engineer for Tata Consultancy Services, a global IT firm.
|}
 

=WIA SPONSORS=
We'd like to offer a warm thanks to the individuals and organizations that have sponsored the OWASP Women in Technology project. 
==Diamond Sponsors==
==Platinum Sponsors==
 
[[File:Netflix_Logo_Print_FourColorCMYK_Small.png]]

==Gold Sponsors==
==Silver Sponsors==
 '''OWASP BOSTON''' ‎
'''OWASP DENVER''' ‎
[[File:Owasp_logo_ireland_small.jpg‎]] '''OWASP Dublin-Ireland''' 
[[File:New_OWASP_LA_Logo-08-2014.jpg]] '''OWASP Los Angeles''' 
'''OWASP Minneapolis St. Paul''' 
'''OWASP NETHERLANDS''' 
'''OWASP NORWAY''' 
[[File:Owaspnyc.jpeg]]'''OWASP NYC'''

=SPONSOR WIA=
==Sponsor WIA==
We'd like to offer a warm thanks to the individuals and organizations that have sponsored the OWASP Women in Technology project. If your organization would like to discuss sponsorship, please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information. 

'''Sponsorship Packages for AppSec USA 2015:''' 
'''Silver:''' Donate $500 or more, get your company name and logo on the WIA Wiki Sponsorship Tab from now until June 2016. (10 sponsorships available) 
'''Gold:''' Donate $1500 or more, get your company name and logo on the WIA Wiki Sponsorship Tab from now until June 2016 and put your literature on the table in the WIA meeting room at AppSec USA (8 sponsorships available). 
'''Platinum:''' Donate $2500 or more, all of the above place a banner stand in the WIA meeting room at AppSec USA and have your company logo/social handle on the screen at the WIA session. (5 Sponsorships available). 
'''Diamond:''' Donate $3500 or more, all of the above plus introduce the WIA speakers at the AppSec USA WIA session. (1 Sponsorship available).

=CONTACT US=

==Contact Us==

If you are interested in another piece of OWASP design for your event or project, please let us know by using the [http://owasp4.owasp.org/contactus.html OWASP Contact Us form].

<headertabs />

Women In AppSec

2015-08-20T19:56:57Z

Kerryjorichards: /* WIA SPONSORS */

=WELCOME=

==Women in Application Security Program==

The purpose of the Women in AppSec Program is to increase the participation of women in the field of application security. The program was successfully launched in 2011 at AppSec USA, and the aim is to run the program at every OWASP Global AppSec going forward. Most recently, at AppSec EU in Amsterndam in May 2015, a program with the theme "Women in AppSec - Making it Happen" was launched and both a panel and a workshop were included at the event.

The Women in AppSec program is for any OWASP member who believes that diversity is important to the success of the organization, as well as for women looking to learn more about AppSec or who want to make career connections with like-minded colleagues. This includes female undergraduate and graduate students, instructors, and professionals who are dedicated to information security or application development.

'''AppSec USA 2015''' 
Currently, there is an effort to plan activities for AppSec USA 2015. Volunteers are eagerly sought to support the program at AppSec USA! We are especially excited to invite the founders of the '''InfoSec Girls''' initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world. '''Donate now:''' 

<paypal>Women In AppSec</paypal>

'''Want to find out more?''' Join the weekly meeting - reach out via the [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support].

Regional conferences are also encouraged to host the Women in AppSec program. Contact us via the [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support] to discuss how to successfully run a program at your event.

{|
|-
! width="400" align="left" |
! width="400" align="left" |
|-
| align="left" | [[Image:WiAAPAC3.jpg| left|330px]] 
| align="left" | [[Image:IMG_5579.JPG|left|325px]]
| align="left" | [[Image:WiAAPAC2.jpg|left|330px]]

|}

==Contact Us==

If you are interested in another piece of OWASP design for your event or project, please let us know by using the [http://owasp4.owasp.org/contactus.html OWASP Contact Us form].

==Links==
*[https://www.isc2.org/PressReleaseDetails.aspx?id=11240 (ISC)²® Report Reveals Women's Perspective and Skills are Transforming the Information Security Industry October 29, 2013].

*[https://www.youtube.com/watch?v=62i4o15NbgA&list=PLpr-xdpM8wG8ODR2zWs06JkMmlRiLyBXU&index=42 Women in AppSec Panel at AppSec USA 2013: Women in Information Security: Who Are We? Where Are We Going? Why? -- Joan Goodchild (Audio Only)]

=ABOUT THE PROGRAM=

The OWASP Foundation, in recognition of value to both organizations and society, is working to support and enhance programs that increase the participation of women in the field of information and application security. The OWASP Foundation Women in AppSec Program provides merit-based funding for women to attend participating OWASP AppSec conferences. OWASP’s current program objective is to encourage female students at both the undergraduate and graduate levels, instructors, and professional working women who are dedicated to a career in information security and/or application development, to expand their skills and pursue application security. Interested applicants are encouraged to apply to the program running within their region of residence. 

'''AppSec USA 2015''' 
Join the AppSecUSA 2015 Women in AppSec Program Organizing Committee on the OWASP Women in AppSec Community Group: https://myowasp.force.com. We are planning several activities for the AppSec USA event.

We are especially excited to invite the founders of the InfoSec Girls initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world. 
'''Donate now:''' 
<paypal>Women In AppSec</paypal>

Sponsorship opportunities for commercial organizations and OWASP chapters are also available. Please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information about sponsorship packages.

=PREVIOUS WIA ACTIVITIES=

== AppSec EU 2015 ==
During AppSec EU there was a panel discussion and workshop supported by the Women in AppSec initiative. Through these sessions we hoped to encourage women to pursue a career in AppSec and help them realize it is an option for them. These sessions was be open to all so we can help build support for the women around us. Learn more here: [http://2015.appsec.eu/women-in-application-security/ http://2015.appsec.eu/women-in-application-security] 

'''Panel: "Women in AppSec - Making it Happen"''' 
During this panel session we discussed what can be done to Make it Happen for Women in AppSec going forward. What have those currently working in the field done to Make it Happen for themselves and other women; what tips and advice do they have to help you do to make a career for yourself or encourage those around you (sister, friend, daughter, etc…) to pursue a career in AppSec? What can we as professionals can do to help encourage girls to go for a career in AppSec?

'''Workshop''' 
During the workshop we introduced female attendees of the conference to what a career in App Sec can involve. We discussed application security and the many career paths available. We hope to build relationships that may lead to a mentoring program for these women.

== AppSec USA 2013 ==
Learn more about the program here: [http://2013.appsecusa.org/2013/activities/owasp-women-in-application-security-appsec-program/index.html http://2013.appsecusa.org/2013/activities/owasp-women-in-application-security-appsec-program/index.html]

==WIA Attendee Sponsorship==

In the past, when we have offered sponsorships, we have typically had two winners selected for the sponsorship award; however, the number of winners depends on how much you can afford to sponsor. We recommend that you raise $3000 USD for each winner, at least. In the past, we have given each winner a free conference pass, one free training, and free travel and accommodation to attend the event.
[[Image:IMG_5746.JPG|right|500x260px]]
Below is the list of eligibility criteria used to select WIA sponsorship winners at AppSec USA 2013.

* Has provided 2 responsive contacts as reference, and both references are familiar with the candidate, application security, and OWASP.
* Both references have provided letters of recommendation.
* Has relevant/appropriate achievement goals for attending the conference.
* Is the applicant from the region that the conference is taking place in.
* Has background in volunteering for OWASP or similar organizations.
* Has participated in one of OWASP's programs or activities?
* Is either studying, wishing to study, working in AppSec, or interested in working in AppSec.
* Has financial need.
* Is a paid OWASP member, and/or employer/school is an OWASP sponsor.
* Has an interest in exploring application security

We encourage you to create your own set of criteria that will fit the Women In AppSec that you are planning within your region. The criteria above is meant to be a guideline of what has been used in the past.

=PLANNING A WIA EVENT=
==Planning a WIA Event==

The majority of the planning involved in running the Women in AppSec Program occurs before the conference or regional event. Below, you will find a brief outline of the tasks your team will have to take on.

'''Planning & Selection Team''' 

The first step you will need to take care of is the selection of your planning and selection team. These are the individuals that will be helping you manage the pre-event planning process and the selection of the sessions during the event. You will typically need a team of 5-6 people. The selection committee will then be broken down into several sub-teams of one to two people who will then work on sponsorship, marketing, the grading process, and the call for entries.

'''Sub-Team Roles''' 

''Sponsorship''

Two people should be responsible for developing the materials and seeking out sponsorships for the program. They will be in charge of creating the sponsorship packages, flyers, and seeking out sponsorship from other chapters and organizations.

''Marketing''

At least two people should be responsible for marketing the event. Their job will consist of putting together press releases, keeping the event planners updated on progress, and
communicating progress to the overall community. They will also be responsible for getting the message out when the team is ready to start accepting applicants.

'''Budget''' 
As mentioned above, it is up to your team to decide what it is you wish to do during the event - that will determine the budget.

'''Sponsorship''' 
It is very important to start reaching out to the overall OWASP community and their corporate contacts as potential sponsorship leads. Develop a Sponsorship Strategy and put together a sponsorship flyer outlining the program, what you are seeking, and the benefits of sponsorship. Give incentive for sponsorship and details about the program to get potential sponsors interested. Make sure to include the successes of past Women in AppSec conference events. Once you have your materials and sponsorship packages sorted, you can get started with sponsorship seeking activities.

==During the conference==
Be sure the engage the women attending the conference in the sessions you have organized: encourage them to not only attend but to be active participants. It's not all about the women try and encourage some men to get involved and attend also, for this initiative to be successful it must be inclusive.

==Post-Conference==

After the conference, it is very important to gather feedback from the participants to make sure they enjoyed the experience. Ask them for a brief description about their experience, with a picture attached for the website. Then write up a review and lessons learned page to document the experience with the program. Make sure to include what can be improved upon in the future.

==Global AppSec Conferences==

[[Image:Appsec_APAC.jpg|right|x375px]]
OWASP AppSec conferences bring together industry, government, security researchers, and practitioners to discuss the state of the art in software security. This series was launched in the United States in 2004 and Europe in 2005. Global AppSec conferences are held annually in North America, Latin America, Europe, and Asia Pacific. Additionally, regional events are held in locations such as Brazil, China, India, Ireland, Israel, and Washington D.C just to name a few. The aim of the foundation is to bring the Women in AppSec Program to all of our regional and global events.

'''AppSec APAC'''

The AppSec APAC global conference takes place in the Asian-Pacific region. This conference is a reunion of local software security leaders, and aims to present cutting-edge ideas to attendees. OWASP events attract a worldwide audience interested in “what’s next”, and this global conference is no different. The conference is expected to draw 200-250 technologists each year from Government, Financial Services, Media, Pharmaceuticals, Healthcare, Technology, and many more. Women from the Asia-Pacific region are encouraged to apply to the program taking place during AppSec APAC.

'''AppSec EU'''

The AppSec EU global conference take place in the European region. Executives from Fortune 500 firms along with technical thought leaders such as security architects and lead developers, travel to hear the cutting-edge ideas presented by the software security industry's top talent. This conference is expected to draw 400-500 attendees each year from various regions within the Europe and beyond. Women from the European region are encouraged to apply to the program taking place during AppSec EU Research

'''AppSec Latam'''

The AppSec LATAM global conference takes place in the Latin American region. AppSec LATAM is a reunion of Latin American, software security leaders, providing a platform to discuss, participate in, and innovate within the software security industry. The conference is expected to draw 200-250 attendees from the Latin American region and beyond. Women in the Latin American region are encouraged to apply to the program taking place during AppSec LATAM.

'''AppSec USA'''

The AppSec USA global conference takes place in the North American region. AppSec USA is a world-class software security conference for technologists, auditors, risk managers, and entrepreneurs, gathering the world's top practitioner, to share the latest research and practices. This conference is expected to draw over 300 attendees within the North American region. AppSec USA is typically OWASP's biggest conference of the year so women are encouraged to apply to the program taking place during AppSec USA if they live or will be traveling from within North America.

=APPSEC USA 2015=
Planning is currently underway for AppSec USA 2015 WIA activities. We are exploring a networking room as well as other activities. Interested in getting involved? [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support].

Keep an eye on this space for more information!

==Bring the InfoSec Girls to AppSec USA 2015==
We are especially excited to invite the founders of the InfoSec Girls initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world. 
'''Donate now:''' 

<paypal>Women In AppSec</paypal> 

'''About InfoSec Girls''' 
Based in India, [https://infosecgirls.in/ InfoSec Girls] educates women about information security both at the community level and as a career option. Their kickoff event at C0c0n 2014 in Kochi, Kerala attracted 130 women and was the first event of it’s kind in the region.

Founders Apoorva Giri and Shruthi Kamath have spoken extensively on cybersecurity and women’s issues in India. Their efforts to bring awareness of cybersecurity to a wider audience has empowered women and girls to consider security careers as well as protect themselves online. They are also members of OWASP WIA.

At AppSec USA in September, they will inspire and inform your organization’s diversity and education programs, as well as give individual OWASP members ideas on how they can contribute to the application security education effort. 

'''Sponsorship opportunities''' 
Sponsorship opportunities for commercial organizations and OWASP chapters are also available. Please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information about sponsorship packages.

=PAST WINNERS=
==Previous Women in AppSec Winners==
Following their experience at AppSec, winners are encouraged to write a short piece about their experience at the conference and their participation in the Women in AppSec program. Here, they outline their experience with the Women in AppSec Program in their own words.

'''Carrie Schaper, 2013 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Carrie Schaper Small.jpg|100px]]
| align="justify" |"OWASP Appsec proved to be a great experience for me, uniting and interacting with friends, professionals, and colleagues from the Information Security space from across the US and Internationally whom were in attendance. The huge space and well organized functions such as the: trainings, expert talks, panels, bug-bounty, lock-picking village and social events all enhanced the conference experience. Participating on the Women in IT panel was a wonderful experience, as many women were in attendance and participated in collaborative discussions. OWASP Appsec held in NY this year, was a premier NY conference not to be missed. Thank you to OWASP, its attendees and organizers."
|}
 

'''Nancy Lornston, 2013 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Nancy Lorntson Small.jpg|100px]]
| align="justify" |"AppSec 2013 was an awesome experience! Nowhere in the world can you find the top security experts all in one place at one time (and participate in a marriage proposal!). The conference presentations were well organized and the speakers were prepared to share pros, cons, successes and failures of their work in order to advance the application security domain. The variety of vendors was terrific as well.

The Women in AppSec panel was an opportunity to advance women's position in the community. Each speaker shared some very candid remarks about their personal experiences and by the end, it was clear that while more work needs to be done, there is a sincere interest by companies, universities and the industry in general to work on doing the things needed to attract more women to the profession.

The training course I attended (Open source tools) lived up to it's billing and I came away with several invaluable tips and strategies to improve our program.

A huge thank you to the Women in App Sec Panel and OWASP in general for this opportunity to attend the premier Application Security Conference in the world."
|}
 

'''Tara Wilson, 2011 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Tara wilson.jpg|100px]]
| align="justify" |“Being fortunate enough to receive the Women in AppSec sponsorhsip is a unique and valuable experience. It is a great opportunity for women to have a chance to bolster their skills and dive deep into the world of application security. I found that attending the conference was not only a great way to experience what the OWASP community has to offer, but it also gives students a chance to network with a great group of people who are passionate about their field and willing to share a wealth of information.”
|}
 

'''Chandni Bhowmik, 2011 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Chandni_bhowmik.jpg|100px]]
| align="justify" |Chandni Bhowmik is currently completing an M.S. in Computer Security and Information Assurance at the Rochester Institute of Technology (RIT). Her first introduction to OWASP was through the project WebScarab during an application security lab last spring at RIT and her interest in OWASP grew ever since. Over the summer, she started programming open source web applications using built-in security features of Django and Python. She is interested in becoming an information security researcher, and hopes to leverage learning at OWASP AppSec USA 2011 in ad-hoc architecture, mobile platforms and over-all concepts of web application security. Besides secure programming, Chandni enjoys her current research involving digital image forensics and machine learning. In addition to attending school, she has interned in IT security and compliance at Paychex, a Rochester based payroll processing company, and gained industrial experience working an assistant systems engineer for Tata Consultancy Services, a global IT firm.
|}
 

=WIA SPONSORS=
We'd like to offer a warm thanks to the individuals and organizations that have sponsored the OWASP Women in Technology project. 
==Diamond Sponsors==
==Platinum Sponsors==
 
[[File:Netflix_Logo_Print_FourColorCMYK_Small.png]]

==Gold Sponsors==
==Silver Sponsors==
‎[[File:Owasp_logo_ireland_small.jpg‎]] '''OWASP Dublin-Ireland''' 
[[File:New_OWASP_LA_Logo-08-2014.jpg]] '''OWASP Los Angeles''' 
'''OWASP Minneapolis St. Paul''' 
'''OWASP NETHERLANDS''' 
'''OWASP NORWAY''' 
[[File:Owaspnyc.jpeg]]'''OWASP NYC'''

=SPONSOR WIA=
==Sponsor WIA==
We'd like to offer a warm thanks to the individuals and organizations that have sponsored the OWASP Women in Technology project. If your organization would like to discuss sponsorship, please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information. 

'''Sponsorship Packages for AppSec USA 2015:''' 
'''Silver:''' Donate $500 or more, get your company name and logo on the WIA Wiki Sponsorship Tab from now until June 2016. (10 sponsorships available) 
'''Gold:''' Donate $1500 or more, get your company name and logo on the WIA Wiki Sponsorship Tab from now until June 2016 and put your literature on the table in the WIA meeting room at AppSec USA (8 sponsorships available). 
'''Platinum:''' Donate $2500 or more, all of the above place a banner stand in the WIA meeting room at AppSec USA and have your company logo/social handle on the screen at the WIA session. (5 Sponsorships available). 
'''Diamond:''' Donate $3500 or more, all of the above plus introduce the WIA speakers at the AppSec USA WIA session. (1 Sponsorship available).

=CONTACT US=

==Contact Us==

If you are interested in another piece of OWASP design for your event or project, please let us know by using the [http://owasp4.owasp.org/contactus.html OWASP Contact Us form].

<headertabs />

Women In AppSec

2015-08-18T20:58:49Z

Kerryjorichards: /* Platinum Sponsors */

=WELCOME=

==Women in Application Security Program==

The purpose of the Women in AppSec Program is to increase the participation of women in the field of application security. The program was successfully launched in 2011 at AppSec USA, and the aim is to run the program at every OWASP Global AppSec going forward. Most recently, at AppSec EU in Amsterndam in May 2015, a program with the theme "Women in AppSec - Making it Happen" was launched and both a panel and a workshop were included at the event.

The Women in AppSec program is for any OWASP member who believes that diversity is important to the success of the organization, as well as for women looking to learn more about AppSec or who want to make career connections with like-minded colleagues. This includes female undergraduate and graduate students, instructors, and professionals who are dedicated to information security or application development.

'''AppSec USA 2015''' 
Currently, there is an effort to plan activities for AppSec USA 2015. Volunteers are eagerly sought to support the program at AppSec USA! We are especially excited to invite the founders of the '''InfoSec Girls''' initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world. '''Donate now:''' 

<paypal>Women In AppSec</paypal>

'''Want to find out more?''' Join the weekly meeting - reach out via the [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support].

Regional conferences are also encouraged to host the Women in AppSec program. Contact us via the [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support] to discuss how to successfully run a program at your event.

{|
|-
! width="400" align="left" |
! width="400" align="left" |
|-
| align="left" | [[Image:WiAAPAC3.jpg| left|330px]] 
| align="left" | [[Image:IMG_5579.JPG|left|325px]]
| align="left" | [[Image:WiAAPAC2.jpg|left|330px]]

|}

==Contact Us==

If you are interested in another piece of OWASP design for your event or project, please let us know by using the [http://owasp4.owasp.org/contactus.html OWASP Contact Us form].

==Links==
*[https://www.isc2.org/PressReleaseDetails.aspx?id=11240 (ISC)²® Report Reveals Women's Perspective and Skills are Transforming the Information Security Industry October 29, 2013].

*[https://www.youtube.com/watch?v=62i4o15NbgA&list=PLpr-xdpM8wG8ODR2zWs06JkMmlRiLyBXU&index=42 Women in AppSec Panel at AppSec USA 2013: Women in Information Security: Who Are We? Where Are We Going? Why? -- Joan Goodchild (Audio Only)]

=ABOUT THE PROGRAM=

The OWASP Foundation, in recognition of value to both organizations and society, is working to support and enhance programs that increase the participation of women in the field of information and application security. The OWASP Foundation Women in AppSec Program provides merit-based funding for women to attend participating OWASP AppSec conferences. OWASP’s current program objective is to encourage female students at both the undergraduate and graduate levels, instructors, and professional working women who are dedicated to a career in information security and/or application development, to expand their skills and pursue application security. Interested applicants are encouraged to apply to the program running within their region of residence. 

'''AppSec USA 2015''' 
Join the AppSecUSA 2015 Women in AppSec Program Organizing Committee on the OWASP Women in AppSec Community Group: https://myowasp.force.com. We are planning several activities for the AppSec USA event.

We are especially excited to invite the founders of the InfoSec Girls initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world. 
'''Donate now:''' 
<paypal>Women In AppSec</paypal>

Sponsorship opportunities for commercial organizations and OWASP chapters are also available. Please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information about sponsorship packages.

=PREVIOUS WIA ACTIVITIES=

== AppSec EU 2015 ==
During AppSec EU there was a panel discussion and workshop supported by the Women in AppSec initiative. Through these sessions we hoped to encourage women to pursue a career in AppSec and help them realize it is an option for them. These sessions was be open to all so we can help build support for the women around us. Learn more here: [http://2015.appsec.eu/women-in-application-security/ http://2015.appsec.eu/women-in-application-security] 

'''Panel: "Women in AppSec - Making it Happen"''' 
During this panel session we discussed what can be done to Make it Happen for Women in AppSec going forward. What have those currently working in the field done to Make it Happen for themselves and other women; what tips and advice do they have to help you do to make a career for yourself or encourage those around you (sister, friend, daughter, etc…) to pursue a career in AppSec? What can we as professionals can do to help encourage girls to go for a career in AppSec?

'''Workshop''' 
During the workshop we introduced female attendees of the conference to what a career in App Sec can involve. We discussed application security and the many career paths available. We hope to build relationships that may lead to a mentoring program for these women.

== AppSec USA 2013 ==
Learn more about the program here: [http://2013.appsecusa.org/2013/activities/owasp-women-in-application-security-appsec-program/index.html http://2013.appsecusa.org/2013/activities/owasp-women-in-application-security-appsec-program/index.html]

==WIA Attendee Sponsorship==

In the past, when we have offered sponsorships, we have typically had two winners selected for the sponsorship award; however, the number of winners depends on how much you can afford to sponsor. We recommend that you raise $3000 USD for each winner, at least. In the past, we have given each winner a free conference pass, one free training, and free travel and accommodation to attend the event.
[[Image:IMG_5746.JPG|right|500x260px]]
Below is the list of eligibility criteria used to select WIA sponsorship winners at AppSec USA 2013.

* Has provided 2 responsive contacts as reference, and both references are familiar with the candidate, application security, and OWASP.
* Both references have provided letters of recommendation.
* Has relevant/appropriate achievement goals for attending the conference.
* Is the applicant from the region that the conference is taking place in.
* Has background in volunteering for OWASP or similar organizations.
* Has participated in one of OWASP's programs or activities?
* Is either studying, wishing to study, working in AppSec, or interested in working in AppSec.
* Has financial need.
* Is a paid OWASP member, and/or employer/school is an OWASP sponsor.
* Has an interest in exploring application security

We encourage you to create your own set of criteria that will fit the Women In AppSec that you are planning within your region. The criteria above is meant to be a guideline of what has been used in the past.

=PLANNING A WIA EVENT=
==Planning a WIA Event==

The majority of the planning involved in running the Women in AppSec Program occurs before the conference or regional event. Below, you will find a brief outline of the tasks your team will have to take on.

'''Planning & Selection Team''' 

The first step you will need to take care of is the selection of your planning and selection team. These are the individuals that will be helping you manage the pre-event planning process and the selection of the sessions during the event. You will typically need a team of 5-6 people. The selection committee will then be broken down into several sub-teams of one to two people who will then work on sponsorship, marketing, the grading process, and the call for entries.

'''Sub-Team Roles''' 

''Sponsorship''

Two people should be responsible for developing the materials and seeking out sponsorships for the program. They will be in charge of creating the sponsorship packages, flyers, and seeking out sponsorship from other chapters and organizations.

''Marketing''

At least two people should be responsible for marketing the event. Their job will consist of putting together press releases, keeping the event planners updated on progress, and
communicating progress to the overall community. They will also be responsible for getting the message out when the team is ready to start accepting applicants.

'''Budget''' 
As mentioned above, it is up to your team to decide what it is you wish to do during the event - that will determine the budget.

'''Sponsorship''' 
It is very important to start reaching out to the overall OWASP community and their corporate contacts as potential sponsorship leads. Develop a Sponsorship Strategy and put together a sponsorship flyer outlining the program, what you are seeking, and the benefits of sponsorship. Give incentive for sponsorship and details about the program to get potential sponsors interested. Make sure to include the successes of past Women in AppSec conference events. Once you have your materials and sponsorship packages sorted, you can get started with sponsorship seeking activities.

==During the conference==
Be sure the engage the women attending the conference in the sessions you have organized: encourage them to not only attend but to be active participants. It's not all about the women try and encourage some men to get involved and attend also, for this initiative to be successful it must be inclusive.

==Post-Conference==

After the conference, it is very important to gather feedback from the participants to make sure they enjoyed the experience. Ask them for a brief description about their experience, with a picture attached for the website. Then write up a review and lessons learned page to document the experience with the program. Make sure to include what can be improved upon in the future.

==Global AppSec Conferences==

[[Image:Appsec_APAC.jpg|right|x375px]]
OWASP AppSec conferences bring together industry, government, security researchers, and practitioners to discuss the state of the art in software security. This series was launched in the United States in 2004 and Europe in 2005. Global AppSec conferences are held annually in North America, Latin America, Europe, and Asia Pacific. Additionally, regional events are held in locations such as Brazil, China, India, Ireland, Israel, and Washington D.C just to name a few. The aim of the foundation is to bring the Women in AppSec Program to all of our regional and global events.

'''AppSec APAC'''

The AppSec APAC global conference takes place in the Asian-Pacific region. This conference is a reunion of local software security leaders, and aims to present cutting-edge ideas to attendees. OWASP events attract a worldwide audience interested in “what’s next”, and this global conference is no different. The conference is expected to draw 200-250 technologists each year from Government, Financial Services, Media, Pharmaceuticals, Healthcare, Technology, and many more. Women from the Asia-Pacific region are encouraged to apply to the program taking place during AppSec APAC.

'''AppSec EU'''

The AppSec EU global conference take place in the European region. Executives from Fortune 500 firms along with technical thought leaders such as security architects and lead developers, travel to hear the cutting-edge ideas presented by the software security industry's top talent. This conference is expected to draw 400-500 attendees each year from various regions within the Europe and beyond. Women from the European region are encouraged to apply to the program taking place during AppSec EU Research

'''AppSec Latam'''

The AppSec LATAM global conference takes place in the Latin American region. AppSec LATAM is a reunion of Latin American, software security leaders, providing a platform to discuss, participate in, and innovate within the software security industry. The conference is expected to draw 200-250 attendees from the Latin American region and beyond. Women in the Latin American region are encouraged to apply to the program taking place during AppSec LATAM.

'''AppSec USA'''

The AppSec USA global conference takes place in the North American region. AppSec USA is a world-class software security conference for technologists, auditors, risk managers, and entrepreneurs, gathering the world's top practitioner, to share the latest research and practices. This conference is expected to draw over 300 attendees within the North American region. AppSec USA is typically OWASP's biggest conference of the year so women are encouraged to apply to the program taking place during AppSec USA if they live or will be traveling from within North America.

=APPSEC USA 2015=
Planning is currently underway for AppSec USA 2015 WIA activities. We are exploring a networking room as well as other activities. Interested in getting involved? [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support].

Keep an eye on this space for more information!

==Bring the InfoSec Girls to AppSec USA 2015==
We are especially excited to invite the founders of the InfoSec Girls initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world. 
'''Donate now:''' 

<paypal>Women In AppSec</paypal> 

'''About InfoSec Girls''' 
Based in India, [https://infosecgirls.in/ InfoSec Girls] educates women about information security both at the community level and as a career option. Their kickoff event at C0c0n 2014 in Kochi, Kerala attracted 130 women and was the first event of it’s kind in the region.

Founders Apoorva Giri and Shruthi Kamath have spoken extensively on cybersecurity and women’s issues in India. Their efforts to bring awareness of cybersecurity to a wider audience has empowered women and girls to consider security careers as well as protect themselves online. They are also members of OWASP WIA.

At AppSec USA in September, they will inspire and inform your organization’s diversity and education programs, as well as give individual OWASP members ideas on how they can contribute to the application security education effort. 

'''Sponsorship opportunities''' 
Sponsorship opportunities for commercial organizations and OWASP chapters are also available. Please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information about sponsorship packages.

=PAST WINNERS=
==Previous Women in AppSec Winners==
Following their experience at AppSec, winners are encouraged to write a short piece about their experience at the conference and their participation in the Women in AppSec program. Here, they outline their experience with the Women in AppSec Program in their own words.

'''Carrie Schaper, 2013 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Carrie Schaper Small.jpg|100px]]
| align="justify" |"OWASP Appsec proved to be a great experience for me, uniting and interacting with friends, professionals, and colleagues from the Information Security space from across the US and Internationally whom were in attendance. The huge space and well organized functions such as the: trainings, expert talks, panels, bug-bounty, lock-picking village and social events all enhanced the conference experience. Participating on the Women in IT panel was a wonderful experience, as many women were in attendance and participated in collaborative discussions. OWASP Appsec held in NY this year, was a premier NY conference not to be missed. Thank you to OWASP, its attendees and organizers."
|}
 

'''Nancy Lornston, 2013 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Nancy Lorntson Small.jpg|100px]]
| align="justify" |"AppSec 2013 was an awesome experience! Nowhere in the world can you find the top security experts all in one place at one time (and participate in a marriage proposal!). The conference presentations were well organized and the speakers were prepared to share pros, cons, successes and failures of their work in order to advance the application security domain. The variety of vendors was terrific as well.

The Women in AppSec panel was an opportunity to advance women's position in the community. Each speaker shared some very candid remarks about their personal experiences and by the end, it was clear that while more work needs to be done, there is a sincere interest by companies, universities and the industry in general to work on doing the things needed to attract more women to the profession.

The training course I attended (Open source tools) lived up to it's billing and I came away with several invaluable tips and strategies to improve our program.

A huge thank you to the Women in App Sec Panel and OWASP in general for this opportunity to attend the premier Application Security Conference in the world."
|}
 

'''Tara Wilson, 2011 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Tara wilson.jpg|100px]]
| align="justify" |“Being fortunate enough to receive the Women in AppSec sponsorhsip is a unique and valuable experience. It is a great opportunity for women to have a chance to bolster their skills and dive deep into the world of application security. I found that attending the conference was not only a great way to experience what the OWASP community has to offer, but it also gives students a chance to network with a great group of people who are passionate about their field and willing to share a wealth of information.”
|}
 

'''Chandni Bhowmik, 2011 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Chandni_bhowmik.jpg|100px]]
| align="justify" |Chandni Bhowmik is currently completing an M.S. in Computer Security and Information Assurance at the Rochester Institute of Technology (RIT). Her first introduction to OWASP was through the project WebScarab during an application security lab last spring at RIT and her interest in OWASP grew ever since. Over the summer, she started programming open source web applications using built-in security features of Django and Python. She is interested in becoming an information security researcher, and hopes to leverage learning at OWASP AppSec USA 2011 in ad-hoc architecture, mobile platforms and over-all concepts of web application security. Besides secure programming, Chandni enjoys her current research involving digital image forensics and machine learning. In addition to attending school, she has interned in IT security and compliance at Paychex, a Rochester based payroll processing company, and gained industrial experience working an assistant systems engineer for Tata Consultancy Services, a global IT firm.
|}
 

=WIA SPONSORS=
We'd like to offer a warm thanks to the individuals and organizations that have sponsored the OWASP Women in Technology project. 
==Diamond Sponsors==
==Platinum Sponsors==
 
[[File:Netflix_Logo_Print_FourColorCMYK_Small.png]]

==Gold Sponsors==
==Silver Sponsors==
‎[[File:Owasp_logo_ireland_small.jpg‎]] '''Dublin-Ireland OWASP Chapter''' 
[[File:New_OWASP_LA_Logo-08-2014.jpg]] '''OWASP Los Angeles''' 
'''NETHERLANDS OWASP Chapter''' 
'''OWASP NORWAY Chapter''' 
[[File:Owaspnyc.jpeg]]'''OWASP NYC'''

=SPONSOR WIA=
==Sponsor WIA==
We'd like to offer a warm thanks to the individuals and organizations that have sponsored the OWASP Women in Technology project. If your organization would like to discuss sponsorship, please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information. 

'''Sponsorship Packages for AppSec USA 2015:''' 
'''Silver:''' Donate $500 or more, get your company name and logo on the WIA Wiki Sponsorship Tab from now until June 2016. (10 sponsorships available) 
'''Gold:''' Donate $1500 or more, get your company name and logo on the WIA Wiki Sponsorship Tab from now until June 2016 and put your literature on the table in the WIA meeting room at AppSec USA (8 sponsorships available). 
'''Platinum:''' Donate $2500 or more, all of the above place a banner stand in the WIA meeting room at AppSec USA and have your company logo/social handle on the screen at the WIA session. (5 Sponsorships available). 
'''Diamond:''' Donate $3500 or more, all of the above plus introduce the WIA speakers at the AppSec USA WIA session. (1 Sponsorship available).

=CONTACT US=

==Contact Us==

If you are interested in another piece of OWASP design for your event or project, please let us know by using the [http://owasp4.owasp.org/contactus.html OWASP Contact Us form].

<headertabs />

Women In AppSec

2015-08-18T20:58:38Z

Kerryjorichards: /* Platinum Sponsors */

=WELCOME=

==Women in Application Security Program==

The purpose of the Women in AppSec Program is to increase the participation of women in the field of application security. The program was successfully launched in 2011 at AppSec USA, and the aim is to run the program at every OWASP Global AppSec going forward. Most recently, at AppSec EU in Amsterndam in May 2015, a program with the theme "Women in AppSec - Making it Happen" was launched and both a panel and a workshop were included at the event.

The Women in AppSec program is for any OWASP member who believes that diversity is important to the success of the organization, as well as for women looking to learn more about AppSec or who want to make career connections with like-minded colleagues. This includes female undergraduate and graduate students, instructors, and professionals who are dedicated to information security or application development.

'''AppSec USA 2015''' 
Currently, there is an effort to plan activities for AppSec USA 2015. Volunteers are eagerly sought to support the program at AppSec USA! We are especially excited to invite the founders of the '''InfoSec Girls''' initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world. '''Donate now:''' 

<paypal>Women In AppSec</paypal>

'''Want to find out more?''' Join the weekly meeting - reach out via the [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support].

Regional conferences are also encouraged to host the Women in AppSec program. Contact us via the [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support] to discuss how to successfully run a program at your event.

{|
|-
! width="400" align="left" |
! width="400" align="left" |
|-
| align="left" | [[Image:WiAAPAC3.jpg| left|330px]] 
| align="left" | [[Image:IMG_5579.JPG|left|325px]]
| align="left" | [[Image:WiAAPAC2.jpg|left|330px]]

|}

==Contact Us==

If you are interested in another piece of OWASP design for your event or project, please let us know by using the [http://owasp4.owasp.org/contactus.html OWASP Contact Us form].

==Links==
*[https://www.isc2.org/PressReleaseDetails.aspx?id=11240 (ISC)²® Report Reveals Women's Perspective and Skills are Transforming the Information Security Industry October 29, 2013].

*[https://www.youtube.com/watch?v=62i4o15NbgA&list=PLpr-xdpM8wG8ODR2zWs06JkMmlRiLyBXU&index=42 Women in AppSec Panel at AppSec USA 2013: Women in Information Security: Who Are We? Where Are We Going? Why? -- Joan Goodchild (Audio Only)]

=ABOUT THE PROGRAM=

The OWASP Foundation, in recognition of value to both organizations and society, is working to support and enhance programs that increase the participation of women in the field of information and application security. The OWASP Foundation Women in AppSec Program provides merit-based funding for women to attend participating OWASP AppSec conferences. OWASP’s current program objective is to encourage female students at both the undergraduate and graduate levels, instructors, and professional working women who are dedicated to a career in information security and/or application development, to expand their skills and pursue application security. Interested applicants are encouraged to apply to the program running within their region of residence. 

'''AppSec USA 2015''' 
Join the AppSecUSA 2015 Women in AppSec Program Organizing Committee on the OWASP Women in AppSec Community Group: https://myowasp.force.com. We are planning several activities for the AppSec USA event.

We are especially excited to invite the founders of the InfoSec Girls initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world. 
'''Donate now:''' 
<paypal>Women In AppSec</paypal>

Sponsorship opportunities for commercial organizations and OWASP chapters are also available. Please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information about sponsorship packages.

=PREVIOUS WIA ACTIVITIES=

== AppSec EU 2015 ==
During AppSec EU there was a panel discussion and workshop supported by the Women in AppSec initiative. Through these sessions we hoped to encourage women to pursue a career in AppSec and help them realize it is an option for them. These sessions was be open to all so we can help build support for the women around us. Learn more here: [http://2015.appsec.eu/women-in-application-security/ http://2015.appsec.eu/women-in-application-security] 

'''Panel: "Women in AppSec - Making it Happen"''' 
During this panel session we discussed what can be done to Make it Happen for Women in AppSec going forward. What have those currently working in the field done to Make it Happen for themselves and other women; what tips and advice do they have to help you do to make a career for yourself or encourage those around you (sister, friend, daughter, etc…) to pursue a career in AppSec? What can we as professionals can do to help encourage girls to go for a career in AppSec?

'''Workshop''' 
During the workshop we introduced female attendees of the conference to what a career in App Sec can involve. We discussed application security and the many career paths available. We hope to build relationships that may lead to a mentoring program for these women.

== AppSec USA 2013 ==
Learn more about the program here: [http://2013.appsecusa.org/2013/activities/owasp-women-in-application-security-appsec-program/index.html http://2013.appsecusa.org/2013/activities/owasp-women-in-application-security-appsec-program/index.html]

==WIA Attendee Sponsorship==

In the past, when we have offered sponsorships, we have typically had two winners selected for the sponsorship award; however, the number of winners depends on how much you can afford to sponsor. We recommend that you raise $3000 USD for each winner, at least. In the past, we have given each winner a free conference pass, one free training, and free travel and accommodation to attend the event.
[[Image:IMG_5746.JPG|right|500x260px]]
Below is the list of eligibility criteria used to select WIA sponsorship winners at AppSec USA 2013.

* Has provided 2 responsive contacts as reference, and both references are familiar with the candidate, application security, and OWASP.
* Both references have provided letters of recommendation.
* Has relevant/appropriate achievement goals for attending the conference.
* Is the applicant from the region that the conference is taking place in.
* Has background in volunteering for OWASP or similar organizations.
* Has participated in one of OWASP's programs or activities?
* Is either studying, wishing to study, working in AppSec, or interested in working in AppSec.
* Has financial need.
* Is a paid OWASP member, and/or employer/school is an OWASP sponsor.
* Has an interest in exploring application security

We encourage you to create your own set of criteria that will fit the Women In AppSec that you are planning within your region. The criteria above is meant to be a guideline of what has been used in the past.

=PLANNING A WIA EVENT=
==Planning a WIA Event==

The majority of the planning involved in running the Women in AppSec Program occurs before the conference or regional event. Below, you will find a brief outline of the tasks your team will have to take on.

'''Planning & Selection Team''' 

The first step you will need to take care of is the selection of your planning and selection team. These are the individuals that will be helping you manage the pre-event planning process and the selection of the sessions during the event. You will typically need a team of 5-6 people. The selection committee will then be broken down into several sub-teams of one to two people who will then work on sponsorship, marketing, the grading process, and the call for entries.

'''Sub-Team Roles''' 

''Sponsorship''

Two people should be responsible for developing the materials and seeking out sponsorships for the program. They will be in charge of creating the sponsorship packages, flyers, and seeking out sponsorship from other chapters and organizations.

''Marketing''

At least two people should be responsible for marketing the event. Their job will consist of putting together press releases, keeping the event planners updated on progress, and
communicating progress to the overall community. They will also be responsible for getting the message out when the team is ready to start accepting applicants.

'''Budget''' 
As mentioned above, it is up to your team to decide what it is you wish to do during the event - that will determine the budget.

'''Sponsorship''' 
It is very important to start reaching out to the overall OWASP community and their corporate contacts as potential sponsorship leads. Develop a Sponsorship Strategy and put together a sponsorship flyer outlining the program, what you are seeking, and the benefits of sponsorship. Give incentive for sponsorship and details about the program to get potential sponsors interested. Make sure to include the successes of past Women in AppSec conference events. Once you have your materials and sponsorship packages sorted, you can get started with sponsorship seeking activities.

==During the conference==
Be sure the engage the women attending the conference in the sessions you have organized: encourage them to not only attend but to be active participants. It's not all about the women try and encourage some men to get involved and attend also, for this initiative to be successful it must be inclusive.

==Post-Conference==

After the conference, it is very important to gather feedback from the participants to make sure they enjoyed the experience. Ask them for a brief description about their experience, with a picture attached for the website. Then write up a review and lessons learned page to document the experience with the program. Make sure to include what can be improved upon in the future.

==Global AppSec Conferences==

[[Image:Appsec_APAC.jpg|right|x375px]]
OWASP AppSec conferences bring together industry, government, security researchers, and practitioners to discuss the state of the art in software security. This series was launched in the United States in 2004 and Europe in 2005. Global AppSec conferences are held annually in North America, Latin America, Europe, and Asia Pacific. Additionally, regional events are held in locations such as Brazil, China, India, Ireland, Israel, and Washington D.C just to name a few. The aim of the foundation is to bring the Women in AppSec Program to all of our regional and global events.

'''AppSec APAC'''

The AppSec APAC global conference takes place in the Asian-Pacific region. This conference is a reunion of local software security leaders, and aims to present cutting-edge ideas to attendees. OWASP events attract a worldwide audience interested in “what’s next”, and this global conference is no different. The conference is expected to draw 200-250 technologists each year from Government, Financial Services, Media, Pharmaceuticals, Healthcare, Technology, and many more. Women from the Asia-Pacific region are encouraged to apply to the program taking place during AppSec APAC.

'''AppSec EU'''

The AppSec EU global conference take place in the European region. Executives from Fortune 500 firms along with technical thought leaders such as security architects and lead developers, travel to hear the cutting-edge ideas presented by the software security industry's top talent. This conference is expected to draw 400-500 attendees each year from various regions within the Europe and beyond. Women from the European region are encouraged to apply to the program taking place during AppSec EU Research

'''AppSec Latam'''

The AppSec LATAM global conference takes place in the Latin American region. AppSec LATAM is a reunion of Latin American, software security leaders, providing a platform to discuss, participate in, and innovate within the software security industry. The conference is expected to draw 200-250 attendees from the Latin American region and beyond. Women in the Latin American region are encouraged to apply to the program taking place during AppSec LATAM.

'''AppSec USA'''

The AppSec USA global conference takes place in the North American region. AppSec USA is a world-class software security conference for technologists, auditors, risk managers, and entrepreneurs, gathering the world's top practitioner, to share the latest research and practices. This conference is expected to draw over 300 attendees within the North American region. AppSec USA is typically OWASP's biggest conference of the year so women are encouraged to apply to the program taking place during AppSec USA if they live or will be traveling from within North America.

=APPSEC USA 2015=
Planning is currently underway for AppSec USA 2015 WIA activities. We are exploring a networking room as well as other activities. Interested in getting involved? [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support].

Keep an eye on this space for more information!

==Bring the InfoSec Girls to AppSec USA 2015==
We are especially excited to invite the founders of the InfoSec Girls initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world. 
'''Donate now:''' 

<paypal>Women In AppSec</paypal> 

'''About InfoSec Girls''' 
Based in India, [https://infosecgirls.in/ InfoSec Girls] educates women about information security both at the community level and as a career option. Their kickoff event at C0c0n 2014 in Kochi, Kerala attracted 130 women and was the first event of it’s kind in the region.

Founders Apoorva Giri and Shruthi Kamath have spoken extensively on cybersecurity and women’s issues in India. Their efforts to bring awareness of cybersecurity to a wider audience has empowered women and girls to consider security careers as well as protect themselves online. They are also members of OWASP WIA.

At AppSec USA in September, they will inspire and inform your organization’s diversity and education programs, as well as give individual OWASP members ideas on how they can contribute to the application security education effort. 

'''Sponsorship opportunities''' 
Sponsorship opportunities for commercial organizations and OWASP chapters are also available. Please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information about sponsorship packages.

=PAST WINNERS=
==Previous Women in AppSec Winners==
Following their experience at AppSec, winners are encouraged to write a short piece about their experience at the conference and their participation in the Women in AppSec program. Here, they outline their experience with the Women in AppSec Program in their own words.

'''Carrie Schaper, 2013 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Carrie Schaper Small.jpg|100px]]
| align="justify" |"OWASP Appsec proved to be a great experience for me, uniting and interacting with friends, professionals, and colleagues from the Information Security space from across the US and Internationally whom were in attendance. The huge space and well organized functions such as the: trainings, expert talks, panels, bug-bounty, lock-picking village and social events all enhanced the conference experience. Participating on the Women in IT panel was a wonderful experience, as many women were in attendance and participated in collaborative discussions. OWASP Appsec held in NY this year, was a premier NY conference not to be missed. Thank you to OWASP, its attendees and organizers."
|}
 

'''Nancy Lornston, 2013 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Nancy Lorntson Small.jpg|100px]]
| align="justify" |"AppSec 2013 was an awesome experience! Nowhere in the world can you find the top security experts all in one place at one time (and participate in a marriage proposal!). The conference presentations were well organized and the speakers were prepared to share pros, cons, successes and failures of their work in order to advance the application security domain. The variety of vendors was terrific as well.

The Women in AppSec panel was an opportunity to advance women's position in the community. Each speaker shared some very candid remarks about their personal experiences and by the end, it was clear that while more work needs to be done, there is a sincere interest by companies, universities and the industry in general to work on doing the things needed to attract more women to the profession.

The training course I attended (Open source tools) lived up to it's billing and I came away with several invaluable tips and strategies to improve our program.

A huge thank you to the Women in App Sec Panel and OWASP in general for this opportunity to attend the premier Application Security Conference in the world."
|}
 

'''Tara Wilson, 2011 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Tara wilson.jpg|100px]]
| align="justify" |“Being fortunate enough to receive the Women in AppSec sponsorhsip is a unique and valuable experience. It is a great opportunity for women to have a chance to bolster their skills and dive deep into the world of application security. I found that attending the conference was not only a great way to experience what the OWASP community has to offer, but it also gives students a chance to network with a great group of people who are passionate about their field and willing to share a wealth of information.”
|}
 

'''Chandni Bhowmik, 2011 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Chandni_bhowmik.jpg|100px]]
| align="justify" |Chandni Bhowmik is currently completing an M.S. in Computer Security and Information Assurance at the Rochester Institute of Technology (RIT). Her first introduction to OWASP was through the project WebScarab during an application security lab last spring at RIT and her interest in OWASP grew ever since. Over the summer, she started programming open source web applications using built-in security features of Django and Python. She is interested in becoming an information security researcher, and hopes to leverage learning at OWASP AppSec USA 2011 in ad-hoc architecture, mobile platforms and over-all concepts of web application security. Besides secure programming, Chandni enjoys her current research involving digital image forensics and machine learning. In addition to attending school, she has interned in IT security and compliance at Paychex, a Rochester based payroll processing company, and gained industrial experience working an assistant systems engineer for Tata Consultancy Services, a global IT firm.
|}
 

=WIA SPONSORS=
We'd like to offer a warm thanks to the individuals and organizations that have sponsored the OWASP Women in Technology project. 
==Diamond Sponsors==
==Platinum Sponsors==

[[File:Netflix_Logo_Print_FourColorCMYK_Small.png]]

==Gold Sponsors==
==Silver Sponsors==
‎[[File:Owasp_logo_ireland_small.jpg‎]] '''Dublin-Ireland OWASP Chapter''' 
[[File:New_OWASP_LA_Logo-08-2014.jpg]] '''OWASP Los Angeles''' 
'''NETHERLANDS OWASP Chapter''' 
'''OWASP NORWAY Chapter''' 
[[File:Owaspnyc.jpeg]]'''OWASP NYC'''

=SPONSOR WIA=
==Sponsor WIA==
We'd like to offer a warm thanks to the individuals and organizations that have sponsored the OWASP Women in Technology project. If your organization would like to discuss sponsorship, please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information. 

'''Sponsorship Packages for AppSec USA 2015:''' 
'''Silver:''' Donate $500 or more, get your company name and logo on the WIA Wiki Sponsorship Tab from now until June 2016. (10 sponsorships available) 
'''Gold:''' Donate $1500 or more, get your company name and logo on the WIA Wiki Sponsorship Tab from now until June 2016 and put your literature on the table in the WIA meeting room at AppSec USA (8 sponsorships available). 
'''Platinum:''' Donate $2500 or more, all of the above place a banner stand in the WIA meeting room at AppSec USA and have your company logo/social handle on the screen at the WIA session. (5 Sponsorships available). 
'''Diamond:''' Donate $3500 or more, all of the above plus introduce the WIA speakers at the AppSec USA WIA session. (1 Sponsorship available).

=CONTACT US=

==Contact Us==

If you are interested in another piece of OWASP design for your event or project, please let us know by using the [http://owasp4.owasp.org/contactus.html OWASP Contact Us form].

<headertabs />

File:Netflix Logo Print FourColorCMYK Small.png

2015-08-18T20:58:14Z

Kerryjorichards: Small Netflix Logo

Small Netflix Logo

File:Netflix Logo Print FourColorCMYK.png

2015-08-18T20:54:51Z

Kerryjorichards: Netflix Logo

Netflix Logo

Women In AppSec

2015-08-17T14:52:27Z

Kerryjorichards: /* Silver Sponsors */

=WELCOME=

==Women in Application Security Program==

The purpose of the Women in AppSec Program is to increase the participation of women in the field of application security. The program was successfully launched in 2011 at AppSec USA, and the aim is to run the program at every OWASP Global AppSec going forward. Most recently, at AppSec EU in Amsterndam in May 2015, a program with the theme "Women in AppSec - Making it Happen" was launched and both a panel and a workshop were included at the event.

The Women in AppSec program is for any OWASP member who believes that diversity is important to the success of the organization, as well as for women looking to learn more about AppSec or who want to make career connections with like-minded colleagues. This includes female undergraduate and graduate students, instructors, and professionals who are dedicated to information security or application development.

'''AppSec USA 2015''' 
Currently, there is an effort to plan activities for AppSec USA 2015. Volunteers are eagerly sought to support the program at AppSec USA! We are especially excited to invite the founders of the '''InfoSec Girls''' initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world. '''Donate now:''' 

<paypal>Women In AppSec</paypal>

'''Want to find out more?''' Join the weekly meeting - reach out via the [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support].

Regional conferences are also encouraged to host the Women in AppSec program. Contact us via the [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support] to discuss how to successfully run a program at your event.

{|
|-
! width="400" align="left" |
! width="400" align="left" |
|-
| align="left" | [[Image:WiAAPAC3.jpg| left|330px]] 
| align="left" | [[Image:IMG_5579.JPG|left|325px]]
| align="left" | [[Image:WiAAPAC2.jpg|left|330px]]

|}

==Contact Us==

If you are interested in another piece of OWASP design for your event or project, please let us know by using the [http://owasp4.owasp.org/contactus.html OWASP Contact Us form].

==Links==
*[https://www.isc2.org/PressReleaseDetails.aspx?id=11240 (ISC)²® Report Reveals Women's Perspective and Skills are Transforming the Information Security Industry October 29, 2013].

*[https://www.youtube.com/watch?v=62i4o15NbgA&list=PLpr-xdpM8wG8ODR2zWs06JkMmlRiLyBXU&index=42 Women in AppSec Panel at AppSec USA 2013: Women in Information Security: Who Are We? Where Are We Going? Why? -- Joan Goodchild (Audio Only)]

=ABOUT THE PROGRAM=

The OWASP Foundation, in recognition of value to both organizations and society, is working to support and enhance programs that increase the participation of women in the field of information and application security. The OWASP Foundation Women in AppSec Program provides merit-based funding for women to attend participating OWASP AppSec conferences. OWASP’s current program objective is to encourage female students at both the undergraduate and graduate levels, instructors, and professional working women who are dedicated to a career in information security and/or application development, to expand their skills and pursue application security. Interested applicants are encouraged to apply to the program running within their region of residence. 

'''AppSec USA 2015''' 
Join the AppSecUSA 2015 Women in AppSec Program Organizing Committee on the OWASP Women in AppSec Community Group: https://myowasp.force.com. We are planning several activities for the AppSec USA event.

We are especially excited to invite the founders of the InfoSec Girls initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world. 
'''Donate now:''' 
<paypal>Women In AppSec</paypal>

Sponsorship opportunities for commercial organizations and OWASP chapters are also available. Please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information about sponsorship packages.

=PREVIOUS WIA ACTIVITIES=

== AppSec EU 2015 ==
During AppSec EU there was a panel discussion and workshop supported by the Women in AppSec initiative. Through these sessions we hoped to encourage women to pursue a career in AppSec and help them realize it is an option for them. These sessions was be open to all so we can help build support for the women around us. Learn more here: [http://2015.appsec.eu/women-in-application-security/ http://2015.appsec.eu/women-in-application-security] 

'''Panel: "Women in AppSec - Making it Happen"''' 
During this panel session we discussed what can be done to Make it Happen for Women in AppSec going forward. What have those currently working in the field done to Make it Happen for themselves and other women; what tips and advice do they have to help you do to make a career for yourself or encourage those around you (sister, friend, daughter, etc…) to pursue a career in AppSec? What can we as professionals can do to help encourage girls to go for a career in AppSec?

'''Workshop''' 
During the workshop we introduced female attendees of the conference to what a career in App Sec can involve. We discussed application security and the many career paths available. We hope to build relationships that may lead to a mentoring program for these women.

== AppSec USA 2013 ==
Learn more about the program here: [http://2013.appsecusa.org/2013/activities/owasp-women-in-application-security-appsec-program/index.html http://2013.appsecusa.org/2013/activities/owasp-women-in-application-security-appsec-program/index.html]

==WIA Attendee Sponsorship==

In the past, when we have offered sponsorships, we have typically had two winners selected for the sponsorship award; however, the number of winners depends on how much you can afford to sponsor. We recommend that you raise $3000 USD for each winner, at least. In the past, we have given each winner a free conference pass, one free training, and free travel and accommodation to attend the event.
[[Image:IMG_5746.JPG|right|500x260px]]
Below is the list of eligibility criteria used to select WIA sponsorship winners at AppSec USA 2013.

* Has provided 2 responsive contacts as reference, and both references are familiar with the candidate, application security, and OWASP.
* Both references have provided letters of recommendation.
* Has relevant/appropriate achievement goals for attending the conference.
* Is the applicant from the region that the conference is taking place in.
* Has background in volunteering for OWASP or similar organizations.
* Has participated in one of OWASP's programs or activities?
* Is either studying, wishing to study, working in AppSec, or interested in working in AppSec.
* Has financial need.
* Is a paid OWASP member, and/or employer/school is an OWASP sponsor.
* Has an interest in exploring application security

We encourage you to create your own set of criteria that will fit the Women In AppSec that you are planning within your region. The criteria above is meant to be a guideline of what has been used in the past.

=PLANNING A WIA EVENT=
==Planning a WIA Event==

The majority of the planning involved in running the Women in AppSec Program occurs before the conference or regional event. Below, you will find a brief outline of the tasks your team will have to take on.

'''Planning & Selection Team''' 

The first step you will need to take care of is the selection of your planning and selection team. These are the individuals that will be helping you manage the pre-event planning process and the selection of the sessions during the event. You will typically need a team of 5-6 people. The selection committee will then be broken down into several sub-teams of one to two people who will then work on sponsorship, marketing, the grading process, and the call for entries.

'''Sub-Team Roles''' 

''Sponsorship''

Two people should be responsible for developing the materials and seeking out sponsorships for the program. They will be in charge of creating the sponsorship packages, flyers, and seeking out sponsorship from other chapters and organizations.

''Marketing''

At least two people should be responsible for marketing the event. Their job will consist of putting together press releases, keeping the event planners updated on progress, and
communicating progress to the overall community. They will also be responsible for getting the message out when the team is ready to start accepting applicants.

'''Budget''' 
As mentioned above, it is up to your team to decide what it is you wish to do during the event - that will determine the budget.

'''Sponsorship''' 
It is very important to start reaching out to the overall OWASP community and their corporate contacts as potential sponsorship leads. Develop a Sponsorship Strategy and put together a sponsorship flyer outlining the program, what you are seeking, and the benefits of sponsorship. Give incentive for sponsorship and details about the program to get potential sponsors interested. Make sure to include the successes of past Women in AppSec conference events. Once you have your materials and sponsorship packages sorted, you can get started with sponsorship seeking activities.

==During the conference==
Be sure the engage the women attending the conference in the sessions you have organized: encourage them to not only attend but to be active participants. It's not all about the women try and encourage some men to get involved and attend also, for this initiative to be successful it must be inclusive.

==Post-Conference==

After the conference, it is very important to gather feedback from the participants to make sure they enjoyed the experience. Ask them for a brief description about their experience, with a picture attached for the website. Then write up a review and lessons learned page to document the experience with the program. Make sure to include what can be improved upon in the future.

==Global AppSec Conferences==

[[Image:Appsec_APAC.jpg|right|x375px]]
OWASP AppSec conferences bring together industry, government, security researchers, and practitioners to discuss the state of the art in software security. This series was launched in the United States in 2004 and Europe in 2005. Global AppSec conferences are held annually in North America, Latin America, Europe, and Asia Pacific. Additionally, regional events are held in locations such as Brazil, China, India, Ireland, Israel, and Washington D.C just to name a few. The aim of the foundation is to bring the Women in AppSec Program to all of our regional and global events.

'''AppSec APAC'''

The AppSec APAC global conference takes place in the Asian-Pacific region. This conference is a reunion of local software security leaders, and aims to present cutting-edge ideas to attendees. OWASP events attract a worldwide audience interested in “what’s next”, and this global conference is no different. The conference is expected to draw 200-250 technologists each year from Government, Financial Services, Media, Pharmaceuticals, Healthcare, Technology, and many more. Women from the Asia-Pacific region are encouraged to apply to the program taking place during AppSec APAC.

'''AppSec EU'''

The AppSec EU global conference take place in the European region. Executives from Fortune 500 firms along with technical thought leaders such as security architects and lead developers, travel to hear the cutting-edge ideas presented by the software security industry's top talent. This conference is expected to draw 400-500 attendees each year from various regions within the Europe and beyond. Women from the European region are encouraged to apply to the program taking place during AppSec EU Research

'''AppSec Latam'''

The AppSec LATAM global conference takes place in the Latin American region. AppSec LATAM is a reunion of Latin American, software security leaders, providing a platform to discuss, participate in, and innovate within the software security industry. The conference is expected to draw 200-250 attendees from the Latin American region and beyond. Women in the Latin American region are encouraged to apply to the program taking place during AppSec LATAM.

'''AppSec USA'''

The AppSec USA global conference takes place in the North American region. AppSec USA is a world-class software security conference for technologists, auditors, risk managers, and entrepreneurs, gathering the world's top practitioner, to share the latest research and practices. This conference is expected to draw over 300 attendees within the North American region. AppSec USA is typically OWASP's biggest conference of the year so women are encouraged to apply to the program taking place during AppSec USA if they live or will be traveling from within North America.

=APPSEC USA 2015=
Planning is currently underway for AppSec USA 2015 WIA activities. We are exploring a networking room as well as other activities. Interested in getting involved? [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support].

Keep an eye on this space for more information!

==Bring the InfoSec Girls to AppSec USA 2015==
We are especially excited to invite the founders of the InfoSec Girls initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world. 
'''Donate now:''' 

<paypal>Women In AppSec</paypal> 

'''About InfoSec Girls''' 
Based in India, [https://infosecgirls.in/ InfoSec Girls] educates women about information security both at the community level and as a career option. Their kickoff event at C0c0n 2014 in Kochi, Kerala attracted 130 women and was the first event of it’s kind in the region.

Founders Apoorva Giri and Shruthi Kamath have spoken extensively on cybersecurity and women’s issues in India. Their efforts to bring awareness of cybersecurity to a wider audience has empowered women and girls to consider security careers as well as protect themselves online. They are also members of OWASP WIA.

At AppSec USA in September, they will inspire and inform your organization’s diversity and education programs, as well as give individual OWASP members ideas on how they can contribute to the application security education effort. 

'''Sponsorship opportunities''' 
Sponsorship opportunities for commercial organizations and OWASP chapters are also available. Please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information about sponsorship packages.

=PAST WINNERS=
==Previous Women in AppSec Winners==
Following their experience at AppSec, winners are encouraged to write a short piece about their experience at the conference and their participation in the Women in AppSec program. Here, they outline their experience with the Women in AppSec Program in their own words.

'''Carrie Schaper, 2013 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Carrie Schaper Small.jpg|100px]]
| align="justify" |"OWASP Appsec proved to be a great experience for me, uniting and interacting with friends, professionals, and colleagues from the Information Security space from across the US and Internationally whom were in attendance. The huge space and well organized functions such as the: trainings, expert talks, panels, bug-bounty, lock-picking village and social events all enhanced the conference experience. Participating on the Women in IT panel was a wonderful experience, as many women were in attendance and participated in collaborative discussions. OWASP Appsec held in NY this year, was a premier NY conference not to be missed. Thank you to OWASP, its attendees and organizers."
|}
 

'''Nancy Lornston, 2013 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Nancy Lorntson Small.jpg|100px]]
| align="justify" |"AppSec 2013 was an awesome experience! Nowhere in the world can you find the top security experts all in one place at one time (and participate in a marriage proposal!). The conference presentations were well organized and the speakers were prepared to share pros, cons, successes and failures of their work in order to advance the application security domain. The variety of vendors was terrific as well.

The Women in AppSec panel was an opportunity to advance women's position in the community. Each speaker shared some very candid remarks about their personal experiences and by the end, it was clear that while more work needs to be done, there is a sincere interest by companies, universities and the industry in general to work on doing the things needed to attract more women to the profession.

The training course I attended (Open source tools) lived up to it's billing and I came away with several invaluable tips and strategies to improve our program.

A huge thank you to the Women in App Sec Panel and OWASP in general for this opportunity to attend the premier Application Security Conference in the world."
|}
 

'''Tara Wilson, 2011 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Tara wilson.jpg|100px]]
| align="justify" |“Being fortunate enough to receive the Women in AppSec sponsorhsip is a unique and valuable experience. It is a great opportunity for women to have a chance to bolster their skills and dive deep into the world of application security. I found that attending the conference was not only a great way to experience what the OWASP community has to offer, but it also gives students a chance to network with a great group of people who are passionate about their field and willing to share a wealth of information.”
|}
 

'''Chandni Bhowmik, 2011 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Chandni_bhowmik.jpg|100px]]
| align="justify" |Chandni Bhowmik is currently completing an M.S. in Computer Security and Information Assurance at the Rochester Institute of Technology (RIT). Her first introduction to OWASP was through the project WebScarab during an application security lab last spring at RIT and her interest in OWASP grew ever since. Over the summer, she started programming open source web applications using built-in security features of Django and Python. She is interested in becoming an information security researcher, and hopes to leverage learning at OWASP AppSec USA 2011 in ad-hoc architecture, mobile platforms and over-all concepts of web application security. Besides secure programming, Chandni enjoys her current research involving digital image forensics and machine learning. In addition to attending school, she has interned in IT security and compliance at Paychex, a Rochester based payroll processing company, and gained industrial experience working an assistant systems engineer for Tata Consultancy Services, a global IT firm.
|}
 

=WIA SPONSORS=
We'd like to offer a warm thanks to the individuals and organizations that have sponsored the OWASP Women in Technology project. 
==Diamond Sponsors==
==Platinum Sponsors==
==Gold Sponsors==
==Silver Sponsors==
‎[[File:Owasp_logo_ireland_small.jpg‎]] '''Dublin-Ireland OWASP Chapter''' 
[[File:New_OWASP_LA_Logo-08-2014.jpg]] '''OWASP Los Angeles''' 
'''NETHERLANDS OWASP Chapter''' 
'''OWASP NORWAY Chapter''' 
[[File:Owaspnyc.jpeg]]'''OWASP NYC'''

=SPONSOR WIA=
==Sponsor WIA==
We'd like to offer a warm thanks to the individuals and organizations that have sponsored the OWASP Women in Technology project. If your organization would like to discuss sponsorship, please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information. 

'''Sponsorship Packages for AppSec USA 2015:''' 
'''Silver:''' Donate $500 or more, get your company name and logo on the WIA Wiki Sponsorship Tab from now until June 2016. (10 sponsorships available) 
'''Gold:''' Donate $1500 or more, get your company name and logo on the WIA Wiki Sponsorship Tab from now until June 2016 and put your literature on the table in the WIA meeting room at AppSec USA (8 sponsorships available). 
'''Platinum:''' Donate $2500 or more, all of the above place a banner stand in the WIA meeting room at AppSec USA and have your company logo/social handle on the screen at the WIA session. (5 Sponsorships available). 
'''Diamond:''' Donate $3500 or more, all of the above plus introduce the WIA speakers at the AppSec USA WIA session. (1 Sponsorship available).

=CONTACT US=

==Contact Us==

If you are interested in another piece of OWASP design for your event or project, please let us know by using the [http://owasp4.owasp.org/contactus.html OWASP Contact Us form].

<headertabs />

Women In AppSec

2015-08-17T14:08:18Z

Kerryjorichards: /* Silver Sponsors */

=WELCOME=

==Women in Application Security Program==

The purpose of the Women in AppSec Program is to increase the participation of women in the field of application security. The program was successfully launched in 2011 at AppSec USA, and the aim is to run the program at every OWASP Global AppSec going forward. Most recently, at AppSec EU in Amsterndam in May 2015, a program with the theme "Women in AppSec - Making it Happen" was launched and both a panel and a workshop were included at the event.

The Women in AppSec program is for any OWASP member who believes that diversity is important to the success of the organization, as well as for women looking to learn more about AppSec or who want to make career connections with like-minded colleagues. This includes female undergraduate and graduate students, instructors, and professionals who are dedicated to information security or application development.

'''AppSec USA 2015''' 
Currently, there is an effort to plan activities for AppSec USA 2015. Volunteers are eagerly sought to support the program at AppSec USA! We are especially excited to invite the founders of the '''InfoSec Girls''' initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world. '''Donate now:''' 

<paypal>Women In AppSec</paypal>

'''Want to find out more?''' Join the weekly meeting - reach out via the [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support].

Regional conferences are also encouraged to host the Women in AppSec program. Contact us via the [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support] to discuss how to successfully run a program at your event.

{|
|-
! width="400" align="left" |
! width="400" align="left" |
|-
| align="left" | [[Image:WiAAPAC3.jpg| left|330px]] 
| align="left" | [[Image:IMG_5579.JPG|left|325px]]
| align="left" | [[Image:WiAAPAC2.jpg|left|330px]]

|}

==Contact Us==

If you are interested in another piece of OWASP design for your event or project, please let us know by using the [http://owasp4.owasp.org/contactus.html OWASP Contact Us form].

==Links==
*[https://www.isc2.org/PressReleaseDetails.aspx?id=11240 (ISC)²® Report Reveals Women's Perspective and Skills are Transforming the Information Security Industry October 29, 2013].

*[https://www.youtube.com/watch?v=62i4o15NbgA&list=PLpr-xdpM8wG8ODR2zWs06JkMmlRiLyBXU&index=42 Women in AppSec Panel at AppSec USA 2013: Women in Information Security: Who Are We? Where Are We Going? Why? -- Joan Goodchild (Audio Only)]

=ABOUT THE PROGRAM=

The OWASP Foundation, in recognition of value to both organizations and society, is working to support and enhance programs that increase the participation of women in the field of information and application security. The OWASP Foundation Women in AppSec Program provides merit-based funding for women to attend participating OWASP AppSec conferences. OWASP’s current program objective is to encourage female students at both the undergraduate and graduate levels, instructors, and professional working women who are dedicated to a career in information security and/or application development, to expand their skills and pursue application security. Interested applicants are encouraged to apply to the program running within their region of residence. 

'''AppSec USA 2015''' 
Join the AppSecUSA 2015 Women in AppSec Program Organizing Committee on the OWASP Women in AppSec Community Group: https://myowasp.force.com. We are planning several activities for the AppSec USA event.

We are especially excited to invite the founders of the InfoSec Girls initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world. 
'''Donate now:''' 
<paypal>Women In AppSec</paypal>

Sponsorship opportunities for commercial organizations and OWASP chapters are also available. Please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information about sponsorship packages.

=PREVIOUS WIA ACTIVITIES=

== AppSec EU 2015 ==
During AppSec EU there was a panel discussion and workshop supported by the Women in AppSec initiative. Through these sessions we hoped to encourage women to pursue a career in AppSec and help them realize it is an option for them. These sessions was be open to all so we can help build support for the women around us. Learn more here: [http://2015.appsec.eu/women-in-application-security/ http://2015.appsec.eu/women-in-application-security] 

'''Panel: "Women in AppSec - Making it Happen"''' 
During this panel session we discussed what can be done to Make it Happen for Women in AppSec going forward. What have those currently working in the field done to Make it Happen for themselves and other women; what tips and advice do they have to help you do to make a career for yourself or encourage those around you (sister, friend, daughter, etc…) to pursue a career in AppSec? What can we as professionals can do to help encourage girls to go for a career in AppSec?

'''Workshop''' 
During the workshop we introduced female attendees of the conference to what a career in App Sec can involve. We discussed application security and the many career paths available. We hope to build relationships that may lead to a mentoring program for these women.

== AppSec USA 2013 ==
Learn more about the program here: [http://2013.appsecusa.org/2013/activities/owasp-women-in-application-security-appsec-program/index.html http://2013.appsecusa.org/2013/activities/owasp-women-in-application-security-appsec-program/index.html]

==WIA Attendee Sponsorship==

In the past, when we have offered sponsorships, we have typically had two winners selected for the sponsorship award; however, the number of winners depends on how much you can afford to sponsor. We recommend that you raise $3000 USD for each winner, at least. In the past, we have given each winner a free conference pass, one free training, and free travel and accommodation to attend the event.
[[Image:IMG_5746.JPG|right|500x260px]]
Below is the list of eligibility criteria used to select WIA sponsorship winners at AppSec USA 2013.

* Has provided 2 responsive contacts as reference, and both references are familiar with the candidate, application security, and OWASP.
* Both references have provided letters of recommendation.
* Has relevant/appropriate achievement goals for attending the conference.
* Is the applicant from the region that the conference is taking place in.
* Has background in volunteering for OWASP or similar organizations.
* Has participated in one of OWASP's programs or activities?
* Is either studying, wishing to study, working in AppSec, or interested in working in AppSec.
* Has financial need.
* Is a paid OWASP member, and/or employer/school is an OWASP sponsor.
* Has an interest in exploring application security

We encourage you to create your own set of criteria that will fit the Women In AppSec that you are planning within your region. The criteria above is meant to be a guideline of what has been used in the past.

=PLANNING A WIA EVENT=
==Planning a WIA Event==

The majority of the planning involved in running the Women in AppSec Program occurs before the conference or regional event. Below, you will find a brief outline of the tasks your team will have to take on.

'''Planning & Selection Team''' 

The first step you will need to take care of is the selection of your planning and selection team. These are the individuals that will be helping you manage the pre-event planning process and the selection of the sessions during the event. You will typically need a team of 5-6 people. The selection committee will then be broken down into several sub-teams of one to two people who will then work on sponsorship, marketing, the grading process, and the call for entries.

'''Sub-Team Roles''' 

''Sponsorship''

Two people should be responsible for developing the materials and seeking out sponsorships for the program. They will be in charge of creating the sponsorship packages, flyers, and seeking out sponsorship from other chapters and organizations.

''Marketing''

At least two people should be responsible for marketing the event. Their job will consist of putting together press releases, keeping the event planners updated on progress, and
communicating progress to the overall community. They will also be responsible for getting the message out when the team is ready to start accepting applicants.

'''Budget''' 
As mentioned above, it is up to your team to decide what it is you wish to do during the event - that will determine the budget.

'''Sponsorship''' 
It is very important to start reaching out to the overall OWASP community and their corporate contacts as potential sponsorship leads. Develop a Sponsorship Strategy and put together a sponsorship flyer outlining the program, what you are seeking, and the benefits of sponsorship. Give incentive for sponsorship and details about the program to get potential sponsors interested. Make sure to include the successes of past Women in AppSec conference events. Once you have your materials and sponsorship packages sorted, you can get started with sponsorship seeking activities.

==During the conference==
Be sure the engage the women attending the conference in the sessions you have organized: encourage them to not only attend but to be active participants. It's not all about the women try and encourage some men to get involved and attend also, for this initiative to be successful it must be inclusive.

==Post-Conference==

After the conference, it is very important to gather feedback from the participants to make sure they enjoyed the experience. Ask them for a brief description about their experience, with a picture attached for the website. Then write up a review and lessons learned page to document the experience with the program. Make sure to include what can be improved upon in the future.

==Global AppSec Conferences==

[[Image:Appsec_APAC.jpg|right|x375px]]
OWASP AppSec conferences bring together industry, government, security researchers, and practitioners to discuss the state of the art in software security. This series was launched in the United States in 2004 and Europe in 2005. Global AppSec conferences are held annually in North America, Latin America, Europe, and Asia Pacific. Additionally, regional events are held in locations such as Brazil, China, India, Ireland, Israel, and Washington D.C just to name a few. The aim of the foundation is to bring the Women in AppSec Program to all of our regional and global events.

'''AppSec APAC'''

The AppSec APAC global conference takes place in the Asian-Pacific region. This conference is a reunion of local software security leaders, and aims to present cutting-edge ideas to attendees. OWASP events attract a worldwide audience interested in “what’s next”, and this global conference is no different. The conference is expected to draw 200-250 technologists each year from Government, Financial Services, Media, Pharmaceuticals, Healthcare, Technology, and many more. Women from the Asia-Pacific region are encouraged to apply to the program taking place during AppSec APAC.

'''AppSec EU'''

The AppSec EU global conference take place in the European region. Executives from Fortune 500 firms along with technical thought leaders such as security architects and lead developers, travel to hear the cutting-edge ideas presented by the software security industry's top talent. This conference is expected to draw 400-500 attendees each year from various regions within the Europe and beyond. Women from the European region are encouraged to apply to the program taking place during AppSec EU Research

'''AppSec Latam'''

The AppSec LATAM global conference takes place in the Latin American region. AppSec LATAM is a reunion of Latin American, software security leaders, providing a platform to discuss, participate in, and innovate within the software security industry. The conference is expected to draw 200-250 attendees from the Latin American region and beyond. Women in the Latin American region are encouraged to apply to the program taking place during AppSec LATAM.

'''AppSec USA'''

The AppSec USA global conference takes place in the North American region. AppSec USA is a world-class software security conference for technologists, auditors, risk managers, and entrepreneurs, gathering the world's top practitioner, to share the latest research and practices. This conference is expected to draw over 300 attendees within the North American region. AppSec USA is typically OWASP's biggest conference of the year so women are encouraged to apply to the program taking place during AppSec USA if they live or will be traveling from within North America.

=APPSEC USA 2015=
Planning is currently underway for AppSec USA 2015 WIA activities. We are exploring a networking room as well as other activities. Interested in getting involved? [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support].

Keep an eye on this space for more information!

==Bring the InfoSec Girls to AppSec USA 2015==
We are especially excited to invite the founders of the InfoSec Girls initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world. 
'''Donate now:''' 

<paypal>Women In AppSec</paypal> 

'''About InfoSec Girls''' 
Based in India, [https://infosecgirls.in/ InfoSec Girls] educates women about information security both at the community level and as a career option. Their kickoff event at C0c0n 2014 in Kochi, Kerala attracted 130 women and was the first event of it’s kind in the region.

Founders Apoorva Giri and Shruthi Kamath have spoken extensively on cybersecurity and women’s issues in India. Their efforts to bring awareness of cybersecurity to a wider audience has empowered women and girls to consider security careers as well as protect themselves online. They are also members of OWASP WIA.

At AppSec USA in September, they will inspire and inform your organization’s diversity and education programs, as well as give individual OWASP members ideas on how they can contribute to the application security education effort. 

'''Sponsorship opportunities''' 
Sponsorship opportunities for commercial organizations and OWASP chapters are also available. Please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information about sponsorship packages.

=PAST WINNERS=
==Previous Women in AppSec Winners==
Following their experience at AppSec, winners are encouraged to write a short piece about their experience at the conference and their participation in the Women in AppSec program. Here, they outline their experience with the Women in AppSec Program in their own words.

'''Carrie Schaper, 2013 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Carrie Schaper Small.jpg|100px]]
| align="justify" |"OWASP Appsec proved to be a great experience for me, uniting and interacting with friends, professionals, and colleagues from the Information Security space from across the US and Internationally whom were in attendance. The huge space and well organized functions such as the: trainings, expert talks, panels, bug-bounty, lock-picking village and social events all enhanced the conference experience. Participating on the Women in IT panel was a wonderful experience, as many women were in attendance and participated in collaborative discussions. OWASP Appsec held in NY this year, was a premier NY conference not to be missed. Thank you to OWASP, its attendees and organizers."
|}
 

'''Nancy Lornston, 2013 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Nancy Lorntson Small.jpg|100px]]
| align="justify" |"AppSec 2013 was an awesome experience! Nowhere in the world can you find the top security experts all in one place at one time (and participate in a marriage proposal!). The conference presentations were well organized and the speakers were prepared to share pros, cons, successes and failures of their work in order to advance the application security domain. The variety of vendors was terrific as well.

The Women in AppSec panel was an opportunity to advance women's position in the community. Each speaker shared some very candid remarks about their personal experiences and by the end, it was clear that while more work needs to be done, there is a sincere interest by companies, universities and the industry in general to work on doing the things needed to attract more women to the profession.

The training course I attended (Open source tools) lived up to it's billing and I came away with several invaluable tips and strategies to improve our program.

A huge thank you to the Women in App Sec Panel and OWASP in general for this opportunity to attend the premier Application Security Conference in the world."
|}
 

'''Tara Wilson, 2011 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Tara wilson.jpg|100px]]
| align="justify" |“Being fortunate enough to receive the Women in AppSec sponsorhsip is a unique and valuable experience. It is a great opportunity for women to have a chance to bolster their skills and dive deep into the world of application security. I found that attending the conference was not only a great way to experience what the OWASP community has to offer, but it also gives students a chance to network with a great group of people who are passionate about their field and willing to share a wealth of information.”
|}
 

'''Chandni Bhowmik, 2011 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Chandni_bhowmik.jpg|100px]]
| align="justify" |Chandni Bhowmik is currently completing an M.S. in Computer Security and Information Assurance at the Rochester Institute of Technology (RIT). Her first introduction to OWASP was through the project WebScarab during an application security lab last spring at RIT and her interest in OWASP grew ever since. Over the summer, she started programming open source web applications using built-in security features of Django and Python. She is interested in becoming an information security researcher, and hopes to leverage learning at OWASP AppSec USA 2011 in ad-hoc architecture, mobile platforms and over-all concepts of web application security. Besides secure programming, Chandni enjoys her current research involving digital image forensics and machine learning. In addition to attending school, she has interned in IT security and compliance at Paychex, a Rochester based payroll processing company, and gained industrial experience working an assistant systems engineer for Tata Consultancy Services, a global IT firm.
|}
 

=WIA SPONSORS=
We'd like to offer a warm thanks to the individuals and organizations that have sponsored the OWASP Women in Technology project. 
==Diamond Sponsors==
==Platinum Sponsors==
==Gold Sponsors==
==Silver Sponsors==
‎[[File:Owasp_logo_ireland_small.jpg‎]] '''Dublin-Ireland OWASP Chapter''' 
[[File:New_OWASP_LA_Logo-08-2014.jpg]] '''OWASP Los Angeles''' 
'''Netherlands OWASP Chapter''' 
[[File:Owaspnyc.jpeg]]'''OWASP NYC'''

=SPONSOR WIA=
==Sponsor WIA==
We'd like to offer a warm thanks to the individuals and organizations that have sponsored the OWASP Women in Technology project. If your organization would like to discuss sponsorship, please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information. 

'''Sponsorship Packages for AppSec USA 2015:''' 
'''Silver:''' Donate $500 or more, get your company name and logo on the WIA Wiki Sponsorship Tab from now until June 2016. (10 sponsorships available) 
'''Gold:''' Donate $1500 or more, get your company name and logo on the WIA Wiki Sponsorship Tab from now until June 2016 and put your literature on the table in the WIA meeting room at AppSec USA (8 sponsorships available). 
'''Platinum:''' Donate $2500 or more, all of the above place a banner stand in the WIA meeting room at AppSec USA and have your company logo/social handle on the screen at the WIA session. (5 Sponsorships available). 
'''Diamond:''' Donate $3500 or more, all of the above plus introduce the WIA speakers at the AppSec USA WIA session. (1 Sponsorship available).

=CONTACT US=

==Contact Us==

If you are interested in another piece of OWASP design for your event or project, please let us know by using the [http://owasp4.owasp.org/contactus.html OWASP Contact Us form].

<headertabs />

Women In AppSec

2015-08-17T14:01:11Z

Kerryjorichards: /* Silver Sponsors */

=WELCOME=

==Women in Application Security Program==

The purpose of the Women in AppSec Program is to increase the participation of women in the field of application security. The program was successfully launched in 2011 at AppSec USA, and the aim is to run the program at every OWASP Global AppSec going forward. Most recently, at AppSec EU in Amsterndam in May 2015, a program with the theme "Women in AppSec - Making it Happen" was launched and both a panel and a workshop were included at the event.

The Women in AppSec program is for any OWASP member who believes that diversity is important to the success of the organization, as well as for women looking to learn more about AppSec or who want to make career connections with like-minded colleagues. This includes female undergraduate and graduate students, instructors, and professionals who are dedicated to information security or application development.

'''AppSec USA 2015''' 
Currently, there is an effort to plan activities for AppSec USA 2015. Volunteers are eagerly sought to support the program at AppSec USA! We are especially excited to invite the founders of the '''InfoSec Girls''' initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world. '''Donate now:''' 

<paypal>Women In AppSec</paypal>

'''Want to find out more?''' Join the weekly meeting - reach out via the [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support].

Regional conferences are also encouraged to host the Women in AppSec program. Contact us via the [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support] to discuss how to successfully run a program at your event.

{|
|-
! width="400" align="left" |
! width="400" align="left" |
|-
| align="left" | [[Image:WiAAPAC3.jpg| left|330px]] 
| align="left" | [[Image:IMG_5579.JPG|left|325px]]
| align="left" | [[Image:WiAAPAC2.jpg|left|330px]]

|}

==Contact Us==

If you are interested in another piece of OWASP design for your event or project, please let us know by using the [http://owasp4.owasp.org/contactus.html OWASP Contact Us form].

==Links==
*[https://www.isc2.org/PressReleaseDetails.aspx?id=11240 (ISC)²® Report Reveals Women's Perspective and Skills are Transforming the Information Security Industry October 29, 2013].

*[https://www.youtube.com/watch?v=62i4o15NbgA&list=PLpr-xdpM8wG8ODR2zWs06JkMmlRiLyBXU&index=42 Women in AppSec Panel at AppSec USA 2013: Women in Information Security: Who Are We? Where Are We Going? Why? -- Joan Goodchild (Audio Only)]

=ABOUT THE PROGRAM=

The OWASP Foundation, in recognition of value to both organizations and society, is working to support and enhance programs that increase the participation of women in the field of information and application security. The OWASP Foundation Women in AppSec Program provides merit-based funding for women to attend participating OWASP AppSec conferences. OWASP’s current program objective is to encourage female students at both the undergraduate and graduate levels, instructors, and professional working women who are dedicated to a career in information security and/or application development, to expand their skills and pursue application security. Interested applicants are encouraged to apply to the program running within their region of residence. 

'''AppSec USA 2015''' 
Join the AppSecUSA 2015 Women in AppSec Program Organizing Committee on the OWASP Women in AppSec Community Group: https://myowasp.force.com. We are planning several activities for the AppSec USA event.

We are especially excited to invite the founders of the InfoSec Girls initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world. 
'''Donate now:''' 
<paypal>Women In AppSec</paypal>

Sponsorship opportunities for commercial organizations and OWASP chapters are also available. Please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information about sponsorship packages.

=PREVIOUS WIA ACTIVITIES=

== AppSec EU 2015 ==
During AppSec EU there was a panel discussion and workshop supported by the Women in AppSec initiative. Through these sessions we hoped to encourage women to pursue a career in AppSec and help them realize it is an option for them. These sessions was be open to all so we can help build support for the women around us. Learn more here: [http://2015.appsec.eu/women-in-application-security/ http://2015.appsec.eu/women-in-application-security] 

'''Panel: "Women in AppSec - Making it Happen"''' 
During this panel session we discussed what can be done to Make it Happen for Women in AppSec going forward. What have those currently working in the field done to Make it Happen for themselves and other women; what tips and advice do they have to help you do to make a career for yourself or encourage those around you (sister, friend, daughter, etc…) to pursue a career in AppSec? What can we as professionals can do to help encourage girls to go for a career in AppSec?

'''Workshop''' 
During the workshop we introduced female attendees of the conference to what a career in App Sec can involve. We discussed application security and the many career paths available. We hope to build relationships that may lead to a mentoring program for these women.

== AppSec USA 2013 ==
Learn more about the program here: [http://2013.appsecusa.org/2013/activities/owasp-women-in-application-security-appsec-program/index.html http://2013.appsecusa.org/2013/activities/owasp-women-in-application-security-appsec-program/index.html]

==WIA Attendee Sponsorship==

In the past, when we have offered sponsorships, we have typically had two winners selected for the sponsorship award; however, the number of winners depends on how much you can afford to sponsor. We recommend that you raise $3000 USD for each winner, at least. In the past, we have given each winner a free conference pass, one free training, and free travel and accommodation to attend the event.
[[Image:IMG_5746.JPG|right|500x260px]]
Below is the list of eligibility criteria used to select WIA sponsorship winners at AppSec USA 2013.

* Has provided 2 responsive contacts as reference, and both references are familiar with the candidate, application security, and OWASP.
* Both references have provided letters of recommendation.
* Has relevant/appropriate achievement goals for attending the conference.
* Is the applicant from the region that the conference is taking place in.
* Has background in volunteering for OWASP or similar organizations.
* Has participated in one of OWASP's programs or activities?
* Is either studying, wishing to study, working in AppSec, or interested in working in AppSec.
* Has financial need.
* Is a paid OWASP member, and/or employer/school is an OWASP sponsor.
* Has an interest in exploring application security

We encourage you to create your own set of criteria that will fit the Women In AppSec that you are planning within your region. The criteria above is meant to be a guideline of what has been used in the past.

=PLANNING A WIA EVENT=
==Planning a WIA Event==

The majority of the planning involved in running the Women in AppSec Program occurs before the conference or regional event. Below, you will find a brief outline of the tasks your team will have to take on.

'''Planning & Selection Team''' 

The first step you will need to take care of is the selection of your planning and selection team. These are the individuals that will be helping you manage the pre-event planning process and the selection of the sessions during the event. You will typically need a team of 5-6 people. The selection committee will then be broken down into several sub-teams of one to two people who will then work on sponsorship, marketing, the grading process, and the call for entries.

'''Sub-Team Roles''' 

''Sponsorship''

Two people should be responsible for developing the materials and seeking out sponsorships for the program. They will be in charge of creating the sponsorship packages, flyers, and seeking out sponsorship from other chapters and organizations.

''Marketing''

At least two people should be responsible for marketing the event. Their job will consist of putting together press releases, keeping the event planners updated on progress, and
communicating progress to the overall community. They will also be responsible for getting the message out when the team is ready to start accepting applicants.

'''Budget''' 
As mentioned above, it is up to your team to decide what it is you wish to do during the event - that will determine the budget.

'''Sponsorship''' 
It is very important to start reaching out to the overall OWASP community and their corporate contacts as potential sponsorship leads. Develop a Sponsorship Strategy and put together a sponsorship flyer outlining the program, what you are seeking, and the benefits of sponsorship. Give incentive for sponsorship and details about the program to get potential sponsors interested. Make sure to include the successes of past Women in AppSec conference events. Once you have your materials and sponsorship packages sorted, you can get started with sponsorship seeking activities.

==During the conference==
Be sure the engage the women attending the conference in the sessions you have organized: encourage them to not only attend but to be active participants. It's not all about the women try and encourage some men to get involved and attend also, for this initiative to be successful it must be inclusive.

==Post-Conference==

After the conference, it is very important to gather feedback from the participants to make sure they enjoyed the experience. Ask them for a brief description about their experience, with a picture attached for the website. Then write up a review and lessons learned page to document the experience with the program. Make sure to include what can be improved upon in the future.

==Global AppSec Conferences==

[[Image:Appsec_APAC.jpg|right|x375px]]
OWASP AppSec conferences bring together industry, government, security researchers, and practitioners to discuss the state of the art in software security. This series was launched in the United States in 2004 and Europe in 2005. Global AppSec conferences are held annually in North America, Latin America, Europe, and Asia Pacific. Additionally, regional events are held in locations such as Brazil, China, India, Ireland, Israel, and Washington D.C just to name a few. The aim of the foundation is to bring the Women in AppSec Program to all of our regional and global events.

'''AppSec APAC'''

The AppSec APAC global conference takes place in the Asian-Pacific region. This conference is a reunion of local software security leaders, and aims to present cutting-edge ideas to attendees. OWASP events attract a worldwide audience interested in “what’s next”, and this global conference is no different. The conference is expected to draw 200-250 technologists each year from Government, Financial Services, Media, Pharmaceuticals, Healthcare, Technology, and many more. Women from the Asia-Pacific region are encouraged to apply to the program taking place during AppSec APAC.

'''AppSec EU'''

The AppSec EU global conference take place in the European region. Executives from Fortune 500 firms along with technical thought leaders such as security architects and lead developers, travel to hear the cutting-edge ideas presented by the software security industry's top talent. This conference is expected to draw 400-500 attendees each year from various regions within the Europe and beyond. Women from the European region are encouraged to apply to the program taking place during AppSec EU Research

'''AppSec Latam'''

The AppSec LATAM global conference takes place in the Latin American region. AppSec LATAM is a reunion of Latin American, software security leaders, providing a platform to discuss, participate in, and innovate within the software security industry. The conference is expected to draw 200-250 attendees from the Latin American region and beyond. Women in the Latin American region are encouraged to apply to the program taking place during AppSec LATAM.

'''AppSec USA'''

The AppSec USA global conference takes place in the North American region. AppSec USA is a world-class software security conference for technologists, auditors, risk managers, and entrepreneurs, gathering the world's top practitioner, to share the latest research and practices. This conference is expected to draw over 300 attendees within the North American region. AppSec USA is typically OWASP's biggest conference of the year so women are encouraged to apply to the program taking place during AppSec USA if they live or will be traveling from within North America.

=APPSEC USA 2015=
Planning is currently underway for AppSec USA 2015 WIA activities. We are exploring a networking room as well as other activities. Interested in getting involved? [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support].

Keep an eye on this space for more information!

==Bring the InfoSec Girls to AppSec USA 2015==
We are especially excited to invite the founders of the InfoSec Girls initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world. 
'''Donate now:''' 

<paypal>Women In AppSec</paypal> 

'''About InfoSec Girls''' 
Based in India, [https://infosecgirls.in/ InfoSec Girls] educates women about information security both at the community level and as a career option. Their kickoff event at C0c0n 2014 in Kochi, Kerala attracted 130 women and was the first event of it’s kind in the region.

Founders Apoorva Giri and Shruthi Kamath have spoken extensively on cybersecurity and women’s issues in India. Their efforts to bring awareness of cybersecurity to a wider audience has empowered women and girls to consider security careers as well as protect themselves online. They are also members of OWASP WIA.

At AppSec USA in September, they will inspire and inform your organization’s diversity and education programs, as well as give individual OWASP members ideas on how they can contribute to the application security education effort. 

'''Sponsorship opportunities''' 
Sponsorship opportunities for commercial organizations and OWASP chapters are also available. Please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information about sponsorship packages.

=PAST WINNERS=
==Previous Women in AppSec Winners==
Following their experience at AppSec, winners are encouraged to write a short piece about their experience at the conference and their participation in the Women in AppSec program. Here, they outline their experience with the Women in AppSec Program in their own words.

'''Carrie Schaper, 2013 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Carrie Schaper Small.jpg|100px]]
| align="justify" |"OWASP Appsec proved to be a great experience for me, uniting and interacting with friends, professionals, and colleagues from the Information Security space from across the US and Internationally whom were in attendance. The huge space and well organized functions such as the: trainings, expert talks, panels, bug-bounty, lock-picking village and social events all enhanced the conference experience. Participating on the Women in IT panel was a wonderful experience, as many women were in attendance and participated in collaborative discussions. OWASP Appsec held in NY this year, was a premier NY conference not to be missed. Thank you to OWASP, its attendees and organizers."
|}
 

'''Nancy Lornston, 2013 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Nancy Lorntson Small.jpg|100px]]
| align="justify" |"AppSec 2013 was an awesome experience! Nowhere in the world can you find the top security experts all in one place at one time (and participate in a marriage proposal!). The conference presentations were well organized and the speakers were prepared to share pros, cons, successes and failures of their work in order to advance the application security domain. The variety of vendors was terrific as well.

The Women in AppSec panel was an opportunity to advance women's position in the community. Each speaker shared some very candid remarks about their personal experiences and by the end, it was clear that while more work needs to be done, there is a sincere interest by companies, universities and the industry in general to work on doing the things needed to attract more women to the profession.

The training course I attended (Open source tools) lived up to it's billing and I came away with several invaluable tips and strategies to improve our program.

A huge thank you to the Women in App Sec Panel and OWASP in general for this opportunity to attend the premier Application Security Conference in the world."
|}
 

'''Tara Wilson, 2011 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Tara wilson.jpg|100px]]
| align="justify" |“Being fortunate enough to receive the Women in AppSec sponsorhsip is a unique and valuable experience. It is a great opportunity for women to have a chance to bolster their skills and dive deep into the world of application security. I found that attending the conference was not only a great way to experience what the OWASP community has to offer, but it also gives students a chance to network with a great group of people who are passionate about their field and willing to share a wealth of information.”
|}
 

'''Chandni Bhowmik, 2011 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Chandni_bhowmik.jpg|100px]]
| align="justify" |Chandni Bhowmik is currently completing an M.S. in Computer Security and Information Assurance at the Rochester Institute of Technology (RIT). Her first introduction to OWASP was through the project WebScarab during an application security lab last spring at RIT and her interest in OWASP grew ever since. Over the summer, she started programming open source web applications using built-in security features of Django and Python. She is interested in becoming an information security researcher, and hopes to leverage learning at OWASP AppSec USA 2011 in ad-hoc architecture, mobile platforms and over-all concepts of web application security. Besides secure programming, Chandni enjoys her current research involving digital image forensics and machine learning. In addition to attending school, she has interned in IT security and compliance at Paychex, a Rochester based payroll processing company, and gained industrial experience working an assistant systems engineer for Tata Consultancy Services, a global IT firm.
|}
 

=WIA SPONSORS=
We'd like to offer a warm thanks to the individuals and organizations that have sponsored the OWASP Women in Technology project. 
==Diamond Sponsors==
==Platinum Sponsors==
==Gold Sponsors==
==Silver Sponsors==
‎[[File:Owasp_logo_ireland_small.jpg ‎]] '''Dublin-Ireland OWASP Chapter''' 
[[File:New_OWASP_LA_Logo-08-2014.jpg]] '''OWASP Los Angeles''' 
'''Netherlands OWASP Chapter''' 
[[File:Owaspnyc.jpeg]]'''OWASP NYC'''

=SPONSOR WIA=
==Sponsor WIA==
We'd like to offer a warm thanks to the individuals and organizations that have sponsored the OWASP Women in Technology project. If your organization would like to discuss sponsorship, please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information. 

'''Sponsorship Packages for AppSec USA 2015:''' 
'''Silver:''' Donate $500 or more, get your company name and logo on the WIA Wiki Sponsorship Tab from now until June 2016. (10 sponsorships available) 
'''Gold:''' Donate $1500 or more, get your company name and logo on the WIA Wiki Sponsorship Tab from now until June 2016 and put your literature on the table in the WIA meeting room at AppSec USA (8 sponsorships available). 
'''Platinum:''' Donate $2500 or more, all of the above place a banner stand in the WIA meeting room at AppSec USA and have your company logo/social handle on the screen at the WIA session. (5 Sponsorships available). 
'''Diamond:''' Donate $3500 or more, all of the above plus introduce the WIA speakers at the AppSec USA WIA session. (1 Sponsorship available).

=CONTACT US=

==Contact Us==

If you are interested in another piece of OWASP design for your event or project, please let us know by using the [http://owasp4.owasp.org/contactus.html OWASP Contact Us form].

<headertabs />

File:Owaspnyc.jpeg

2015-08-17T13:54:32Z

Kerryjorichards: OWASP NYC logo (from meetup page)

OWASP NYC logo (from meetup page)

Women In AppSec

2015-08-14T17:03:59Z

Kerryjorichards: /* PLANNING A WIA EVENT */

=WELCOME=

==Women in Application Security Program==

The purpose of the Women in AppSec Program is to increase the participation of women in the field of application security. The program was successfully launched in 2011 at AppSec USA, and the aim is to run the program at every OWASP Global AppSec going forward. Most recently, at AppSec EU in Amsterndam in May 2015, a program with the theme "Women in AppSec - Making it Happen" was launched and both a panel and a workshop were included at the event.

The Women in AppSec program is for any OWASP member who believes that diversity is important to the success of the organization, as well as for women looking to learn more about AppSec or who want to make career connections with like-minded colleagues. This includes female undergraduate and graduate students, instructors, and professionals who are dedicated to information security or application development.

'''AppSec USA 2015''' 
Currently, there is an effort to plan activities for AppSec USA 2015. Volunteers are eagerly sought to support the program at AppSec USA! We are especially excited to invite the founders of the '''InfoSec Girls''' initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world. '''Donate now:''' 

<paypal>Women In AppSec</paypal>

'''Want to find out more?''' Join the weekly meeting - reach out via the [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support].

Regional conferences are also encouraged to host the Women in AppSec program. Contact us via the [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support] to discuss how to successfully run a program at your event.

{|
|-
! width="400" align="left" |
! width="400" align="left" |
|-
| align="left" | [[Image:WiAAPAC3.jpg| left|330px]] 
| align="left" | [[Image:IMG_5579.JPG|left|325px]]
| align="left" | [[Image:WiAAPAC2.jpg|left|330px]]

|}

==Contact Us==

If you are interested in another piece of OWASP design for your event or project, please let us know by using the [http://owasp4.owasp.org/contactus.html OWASP Contact Us form].

==Links==
*[https://www.isc2.org/PressReleaseDetails.aspx?id=11240 (ISC)²® Report Reveals Women's Perspective and Skills are Transforming the Information Security Industry October 29, 2013].

*[https://www.youtube.com/watch?v=62i4o15NbgA&list=PLpr-xdpM8wG8ODR2zWs06JkMmlRiLyBXU&index=42 Women in AppSec Panel at AppSec USA 2013: Women in Information Security: Who Are We? Where Are We Going? Why? -- Joan Goodchild (Audio Only)]

=ABOUT THE PROGRAM=

The OWASP Foundation, in recognition of value to both organizations and society, is working to support and enhance programs that increase the participation of women in the field of information and application security. The OWASP Foundation Women in AppSec Program provides merit-based funding for women to attend participating OWASP AppSec conferences. OWASP’s current program objective is to encourage female students at both the undergraduate and graduate levels, instructors, and professional working women who are dedicated to a career in information security and/or application development, to expand their skills and pursue application security. Interested applicants are encouraged to apply to the program running within their region of residence. 

'''AppSec USA 2015''' 
Join the AppSecUSA 2015 Women in AppSec Program Organizing Committee on the OWASP Women in AppSec Community Group: https://myowasp.force.com. We are planning several activities for the AppSec USA event.

We are especially excited to invite the founders of the InfoSec Girls initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world. 
'''Donate now:''' 
<paypal>Women In AppSec</paypal>

Sponsorship opportunities for commercial organizations and OWASP chapters are also available. Please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information about sponsorship packages.

=PREVIOUS WIA ACTIVITIES=

== AppSec EU 2015 ==
During AppSec EU there was a panel discussion and workshop supported by the Women in AppSec initiative. Through these sessions we hoped to encourage women to pursue a career in AppSec and help them realize it is an option for them. These sessions was be open to all so we can help build support for the women around us. Learn more here: [http://2015.appsec.eu/women-in-application-security/ http://2015.appsec.eu/women-in-application-security] 

'''Panel: "Women in AppSec - Making it Happen"''' 
During this panel session we discussed what can be done to Make it Happen for Women in AppSec going forward. What have those currently working in the field done to Make it Happen for themselves and other women; what tips and advice do they have to help you do to make a career for yourself or encourage those around you (sister, friend, daughter, etc…) to pursue a career in AppSec? What can we as professionals can do to help encourage girls to go for a career in AppSec?

'''Workshop''' 
During the workshop we introduced female attendees of the conference to what a career in App Sec can involve. We discussed application security and the many career paths available. We hope to build relationships that may lead to a mentoring program for these women.

== AppSec USA 2013 ==
Learn more about the program here: [http://2013.appsecusa.org/2013/activities/owasp-women-in-application-security-appsec-program/index.html http://2013.appsecusa.org/2013/activities/owasp-women-in-application-security-appsec-program/index.html]

==WIA Attendee Sponsorship==

In the past, when we have offered sponsorships, we have typically had two winners selected for the sponsorship award; however, the number of winners depends on how much you can afford to sponsor. We recommend that you raise $3000 USD for each winner, at least. In the past, we have given each winner a free conference pass, one free training, and free travel and accommodation to attend the event.
[[Image:IMG_5746.JPG|right|500x260px]]
Below is the list of eligibility criteria used to select WIA sponsorship winners at AppSec USA 2013.

* Has provided 2 responsive contacts as reference, and both references are familiar with the candidate, application security, and OWASP.
* Both references have provided letters of recommendation.
* Has relevant/appropriate achievement goals for attending the conference.
* Is the applicant from the region that the conference is taking place in.
* Has background in volunteering for OWASP or similar organizations.
* Has participated in one of OWASP's programs or activities?
* Is either studying, wishing to study, working in AppSec, or interested in working in AppSec.
* Has financial need.
* Is a paid OWASP member, and/or employer/school is an OWASP sponsor.
* Has an interest in exploring application security

We encourage you to create your own set of criteria that will fit the Women In AppSec that you are planning within your region. The criteria above is meant to be a guideline of what has been used in the past.

=PLANNING A WIA EVENT=
==Planning a WIA Event==

The majority of the planning involved in running the Women in AppSec Program occurs before the conference or regional event. Below, you will find a brief outline of the tasks your team will have to take on.

'''Planning & Selection Team''' 

The first step you will need to take care of is the selection of your planning and selection team. These are the individuals that will be helping you manage the pre-event planning process and the selection of the sessions during the event. You will typically need a team of 5-6 people. The selection committee will then be broken down into several sub-teams of one to two people who will then work on sponsorship, marketing, the grading process, and the call for entries.

'''Sub-Team Roles''' 

''Sponsorship''

Two people should be responsible for developing the materials and seeking out sponsorships for the program. They will be in charge of creating the sponsorship packages, flyers, and seeking out sponsorship from other chapters and organizations.

''Marketing''

At least two people should be responsible for marketing the event. Their job will consist of putting together press releases, keeping the event planners updated on progress, and
communicating progress to the overall community. They will also be responsible for getting the message out when the team is ready to start accepting applicants.

'''Budget''' 
As mentioned above, it is up to your team to decide what it is you wish to do during the event - that will determine the budget.

'''Sponsorship''' 
It is very important to start reaching out to the overall OWASP community and their corporate contacts as potential sponsorship leads. Develop a Sponsorship Strategy and put together a sponsorship flyer outlining the program, what you are seeking, and the benefits of sponsorship. Give incentive for sponsorship and details about the program to get potential sponsors interested. Make sure to include the successes of past Women in AppSec conference events. Once you have your materials and sponsorship packages sorted, you can get started with sponsorship seeking activities.

==During the conference==
Be sure the engage the women attending the conference in the sessions you have organized: encourage them to not only attend but to be active participants. It's not all about the women try and encourage some men to get involved and attend also, for this initiative to be successful it must be inclusive.

==Post-Conference==

After the conference, it is very important to gather feedback from the participants to make sure they enjoyed the experience. Ask them for a brief description about their experience, with a picture attached for the website. Then write up a review and lessons learned page to document the experience with the program. Make sure to include what can be improved upon in the future.

==Global AppSec Conferences==

[[Image:Appsec_APAC.jpg|right|x375px]]
OWASP AppSec conferences bring together industry, government, security researchers, and practitioners to discuss the state of the art in software security. This series was launched in the United States in 2004 and Europe in 2005. Global AppSec conferences are held annually in North America, Latin America, Europe, and Asia Pacific. Additionally, regional events are held in locations such as Brazil, China, India, Ireland, Israel, and Washington D.C just to name a few. The aim of the foundation is to bring the Women in AppSec Program to all of our regional and global events.

'''AppSec APAC'''

The AppSec APAC global conference takes place in the Asian-Pacific region. This conference is a reunion of local software security leaders, and aims to present cutting-edge ideas to attendees. OWASP events attract a worldwide audience interested in “what’s next”, and this global conference is no different. The conference is expected to draw 200-250 technologists each year from Government, Financial Services, Media, Pharmaceuticals, Healthcare, Technology, and many more. Women from the Asia-Pacific region are encouraged to apply to the program taking place during AppSec APAC.

'''AppSec EU'''

The AppSec EU global conference take place in the European region. Executives from Fortune 500 firms along with technical thought leaders such as security architects and lead developers, travel to hear the cutting-edge ideas presented by the software security industry's top talent. This conference is expected to draw 400-500 attendees each year from various regions within the Europe and beyond. Women from the European region are encouraged to apply to the program taking place during AppSec EU Research

'''AppSec Latam'''

The AppSec LATAM global conference takes place in the Latin American region. AppSec LATAM is a reunion of Latin American, software security leaders, providing a platform to discuss, participate in, and innovate within the software security industry. The conference is expected to draw 200-250 attendees from the Latin American region and beyond. Women in the Latin American region are encouraged to apply to the program taking place during AppSec LATAM.

'''AppSec USA'''

The AppSec USA global conference takes place in the North American region. AppSec USA is a world-class software security conference for technologists, auditors, risk managers, and entrepreneurs, gathering the world's top practitioner, to share the latest research and practices. This conference is expected to draw over 300 attendees within the North American region. AppSec USA is typically OWASP's biggest conference of the year so women are encouraged to apply to the program taking place during AppSec USA if they live or will be traveling from within North America.

=APPSEC USA 2015=
Planning is currently underway for AppSec USA 2015 WIA activities. We are exploring a networking room as well as other activities. Interested in getting involved? [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support].

Keep an eye on this space for more information!

==Bring the InfoSec Girls to AppSec USA 2015==
We are especially excited to invite the founders of the InfoSec Girls initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world. 
'''Donate now:''' 

<paypal>Women In AppSec</paypal> 

'''About InfoSec Girls''' 
Based in India, [https://infosecgirls.in/ InfoSec Girls] educates women about information security both at the community level and as a career option. Their kickoff event at C0c0n 2014 in Kochi, Kerala attracted 130 women and was the first event of it’s kind in the region.

Founders Apoorva Giri and Shruthi Kamath have spoken extensively on cybersecurity and women’s issues in India. Their efforts to bring awareness of cybersecurity to a wider audience has empowered women and girls to consider security careers as well as protect themselves online. They are also members of OWASP WIA.

At AppSec USA in September, they will inspire and inform your organization’s diversity and education programs, as well as give individual OWASP members ideas on how they can contribute to the application security education effort. 

'''Sponsorship opportunities''' 
Sponsorship opportunities for commercial organizations and OWASP chapters are also available. Please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information about sponsorship packages.

=PAST WINNERS=
==Previous Women in AppSec Winners==
Following their experience at AppSec, winners are encouraged to write a short piece about their experience at the conference and their participation in the Women in AppSec program. Here, they outline their experience with the Women in AppSec Program in their own words.

'''Carrie Schaper, 2013 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Carrie Schaper Small.jpg|100px]]
| align="justify" |"OWASP Appsec proved to be a great experience for me, uniting and interacting with friends, professionals, and colleagues from the Information Security space from across the US and Internationally whom were in attendance. The huge space and well organized functions such as the: trainings, expert talks, panels, bug-bounty, lock-picking village and social events all enhanced the conference experience. Participating on the Women in IT panel was a wonderful experience, as many women were in attendance and participated in collaborative discussions. OWASP Appsec held in NY this year, was a premier NY conference not to be missed. Thank you to OWASP, its attendees and organizers."
|}
 

'''Nancy Lornston, 2013 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Nancy Lorntson Small.jpg|100px]]
| align="justify" |"AppSec 2013 was an awesome experience! Nowhere in the world can you find the top security experts all in one place at one time (and participate in a marriage proposal!). The conference presentations were well organized and the speakers were prepared to share pros, cons, successes and failures of their work in order to advance the application security domain. The variety of vendors was terrific as well.

The Women in AppSec panel was an opportunity to advance women's position in the community. Each speaker shared some very candid remarks about their personal experiences and by the end, it was clear that while more work needs to be done, there is a sincere interest by companies, universities and the industry in general to work on doing the things needed to attract more women to the profession.

The training course I attended (Open source tools) lived up to it's billing and I came away with several invaluable tips and strategies to improve our program.

A huge thank you to the Women in App Sec Panel and OWASP in general for this opportunity to attend the premier Application Security Conference in the world."
|}
 

'''Tara Wilson, 2011 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Tara wilson.jpg|100px]]
| align="justify" |“Being fortunate enough to receive the Women in AppSec sponsorhsip is a unique and valuable experience. It is a great opportunity for women to have a chance to bolster their skills and dive deep into the world of application security. I found that attending the conference was not only a great way to experience what the OWASP community has to offer, but it also gives students a chance to network with a great group of people who are passionate about their field and willing to share a wealth of information.”
|}
 

'''Chandni Bhowmik, 2011 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Chandni_bhowmik.jpg|100px]]
| align="justify" |Chandni Bhowmik is currently completing an M.S. in Computer Security and Information Assurance at the Rochester Institute of Technology (RIT). Her first introduction to OWASP was through the project WebScarab during an application security lab last spring at RIT and her interest in OWASP grew ever since. Over the summer, she started programming open source web applications using built-in security features of Django and Python. She is interested in becoming an information security researcher, and hopes to leverage learning at OWASP AppSec USA 2011 in ad-hoc architecture, mobile platforms and over-all concepts of web application security. Besides secure programming, Chandni enjoys her current research involving digital image forensics and machine learning. In addition to attending school, she has interned in IT security and compliance at Paychex, a Rochester based payroll processing company, and gained industrial experience working an assistant systems engineer for Tata Consultancy Services, a global IT firm.
|}
 

=WIA SPONSORS=
We'd like to offer a warm thanks to the individuals and organizations that have sponsored the OWASP Women in Technology project. 
==Diamond Sponsors==
==Platinum Sponsors==
==Gold Sponsors==
==Silver Sponsors==
'''Netherlands OWASP Chapter''' 
‎[[File:Owasp_logo_ireland_small.jpg ‎]] '''Dublin-Ireland OWASP Chapter''' 
[[File:New_OWASP_LA_Logo-08-2014.jpg]] '''OWASP Los Angeles'''

=SPONSOR WIA=
==Sponsor WIA==
We'd like to offer a warm thanks to the individuals and organizations that have sponsored the OWASP Women in Technology project. If your organization would like to discuss sponsorship, please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information. 

'''Sponsorship Packages for AppSec USA 2015:''' 
'''Silver:''' Donate $500 or more, get your company name and logo on the WIA Wiki Sponsorship Tab from now until June 2016. (10 sponsorships available) 
'''Gold:''' Donate $1500 or more, get your company name and logo on the WIA Wiki Sponsorship Tab from now until June 2016 and put your literature on the table in the WIA meeting room at AppSec USA (8 sponsorships available). 
'''Platinum:''' Donate $2500 or more, all of the above place a banner stand in the WIA meeting room at AppSec USA and have your company logo/social handle on the screen at the WIA session. (5 Sponsorships available). 
'''Diamond:''' Donate $3500 or more, all of the above plus introduce the WIA speakers at the AppSec USA WIA session. (1 Sponsorship available).

=CONTACT US=

==Contact Us==

If you are interested in another piece of OWASP design for your event or project, please let us know by using the [http://owasp4.owasp.org/contactus.html OWASP Contact Us form].

<headertabs />

Women In AppSec

2015-08-14T16:08:38Z

Kerryjorichards: /* Silver Sponsors */

=WELCOME=

==Women in Application Security Program==

The purpose of the Women in AppSec Program is to increase the participation of women in the field of application security. The program was successfully launched in 2011 at AppSec USA, and the aim is to run the program at every OWASP Global AppSec going forward. Most recently, at AppSec EU in Amsterndam in May 2015, a program with the theme "Women in AppSec - Making it Happen" was launched and both a panel and a workshop were included at the event.

The Women in AppSec program is for any OWASP member who believes that diversity is important to the success of the organization, as well as for women looking to learn more about AppSec or who want to make career connections with like-minded colleagues. This includes female undergraduate and graduate students, instructors, and professionals who are dedicated to information security or application development.

'''AppSec USA 2015''' 
Currently, there is an effort to plan activities for AppSec USA 2015. Volunteers are eagerly sought to support the program at AppSec USA! We are especially excited to invite the founders of the '''InfoSec Girls''' initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world. '''Donate now:''' 

<paypal>Women In AppSec</paypal>

'''Want to find out more?''' Join the weekly meeting - reach out via the [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support].

Regional conferences are also encouraged to host the Women in AppSec program. Contact us via the [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support] to discuss how to successfully run a program at your event.

{|
|-
! width="400" align="left" |
! width="400" align="left" |
|-
| align="left" | [[Image:WiAAPAC3.jpg| left|330px]] 
| align="left" | [[Image:IMG_5579.JPG|left|325px]]
| align="left" | [[Image:WiAAPAC2.jpg|left|330px]]

|}

==Contact Us==

If you are interested in another piece of OWASP design for your event or project, please let us know by using the [http://owasp4.owasp.org/contactus.html OWASP Contact Us form].

==Links==
*[https://www.isc2.org/PressReleaseDetails.aspx?id=11240 (ISC)²® Report Reveals Women's Perspective and Skills are Transforming the Information Security Industry October 29, 2013].

*[https://www.youtube.com/watch?v=62i4o15NbgA&list=PLpr-xdpM8wG8ODR2zWs06JkMmlRiLyBXU&index=42 Women in AppSec Panel at AppSec USA 2013: Women in Information Security: Who Are We? Where Are We Going? Why? -- Joan Goodchild (Audio Only)]

=ABOUT THE PROGRAM=

The OWASP Foundation, in recognition of value to both organizations and society, is working to support and enhance programs that increase the participation of women in the field of information and application security. The OWASP Foundation Women in AppSec Program provides merit-based funding for women to attend participating OWASP AppSec conferences. OWASP’s current program objective is to encourage female students at both the undergraduate and graduate levels, instructors, and professional working women who are dedicated to a career in information security and/or application development, to expand their skills and pursue application security. Interested applicants are encouraged to apply to the program running within their region of residence. 

'''AppSec USA 2015''' 
Join the AppSecUSA 2015 Women in AppSec Program Organizing Committee on the OWASP Women in AppSec Community Group: https://myowasp.force.com. We are planning several activities for the AppSec USA event.

We are especially excited to invite the founders of the InfoSec Girls initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world. 
'''Donate now:''' 
<paypal>Women In AppSec</paypal>

Sponsorship opportunities for commercial organizations and OWASP chapters are also available. Please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information about sponsorship packages.

=PREVIOUS WIA ACTIVITIES=

== AppSec EU 2015 ==
During AppSec EU there was a panel discussion and workshop supported by the Women in AppSec initiative. Through these sessions we hoped to encourage women to pursue a career in AppSec and help them realize it is an option for them. These sessions was be open to all so we can help build support for the women around us. Learn more here: [http://2015.appsec.eu/women-in-application-security/ http://2015.appsec.eu/women-in-application-security] 

'''Panel: "Women in AppSec - Making it Happen"''' 
During this panel session we discussed what can be done to Make it Happen for Women in AppSec going forward. What have those currently working in the field done to Make it Happen for themselves and other women; what tips and advice do they have to help you do to make a career for yourself or encourage those around you (sister, friend, daughter, etc…) to pursue a career in AppSec? What can we as professionals can do to help encourage girls to go for a career in AppSec?

'''Workshop''' 
During the workshop we introduced female attendees of the conference to what a career in App Sec can involve. We discussed application security and the many career paths available. We hope to build relationships that may lead to a mentoring program for these women.

== AppSec USA 2013 ==
Learn more about the program here: [http://2013.appsecusa.org/2013/activities/owasp-women-in-application-security-appsec-program/index.html http://2013.appsecusa.org/2013/activities/owasp-women-in-application-security-appsec-program/index.html]

==WIA Attendee Sponsorship==

In the past, when we have offered sponsorships, we have typically had two winners selected for the sponsorship award; however, the number of winners depends on how much you can afford to sponsor. We recommend that you raise $3000 USD for each winner, at least. In the past, we have given each winner a free conference pass, one free training, and free travel and accommodation to attend the event.
[[Image:IMG_5746.JPG|right|500x260px]]
Below is the list of eligibility criteria used to select WIA sponsorship winners at AppSec USA 2013.

* Has provided 2 responsive contacts as reference, and both references are familiar with the candidate, application security, and OWASP.
* Both references have provided letters of recommendation.
* Has relevant/appropriate achievement goals for attending the conference.
* Is the applicant from the region that the conference is taking place in.
* Has background in volunteering for OWASP or similar organizations.
* Has participated in one of OWASP's programs or activities?
* Is either studying, wishing to study, working in AppSec, or interested in working in AppSec.
* Has financial need.
* Is a paid OWASP member, and/or employer/school is an OWASP sponsor.
* Has an interest in exploring application security

We encourage you to create your own set of criteria that will fit the Women In AppSec that you are planning within your region. The criteria above is meant to be a guideline of what has been used in the past.

=PLANNING A WIA EVENT=
==Planning a WIA Event==

The majority of the planning involved in running the Women in AppSec Program occurs before the conference or regional event. Below, you will find a brief outline of the tasks your team will have to take on.

====Planning & Selection Team====

The first step you will need to take care of is the selection of your planning and selection team. These are the individuals that will be helping you manage the pre-event planning process and the selection of the sessions during the event. You will typically need a team of 5-6 people. The selection committee will then be broken down into several sub-teams of one to two people who will then work on sponsorship, marketing, the grading process, and the call for entries.

==== Sub-Team Roles ====

'''Sponsorship'''

Two people should be responsible for developing the materials and seeking out sponsorships for the program. They will be in charge of creating the sponsorship packages, flyers, and seeking out sponsorship from other chapters and organizations.

'''Marketing'''

At least two people should be responsible for marketing the event. Their job will consist of putting together press releases, keeping the event planners updated on progress, and
communicating progress to the overall community. They will also be responsible for getting the message out when the team is ready to start accepting applicants.

====Budget====
As mentioned above, it is up to your team to decide what it is you wish to do during the event - that will determine the budget.

====Sponsorship====
It is very important to start reaching out to the overall OWASP community and their corporate contacts as potential sponsorship leads. Develop a Sponsorship Strategy and put together a sponsorship flyer outlining the program, what you are seeking, and the benefits of sponsorship. Give incentive for sponsorship and details about the program to get potential sponsors interested. Make sure to include the successes of past Women in AppSec conference events. Once you have your materials and sponsorship packages sorted, you can get started with sponsorship seeking activities.

==During the conference==
Be sure the engage the women attending the conference in the sessions you have organized: encourage them to not only attend but to be active participants. It's not all about the women try and encourage some men to get involved and attend also, for this initiative to be successful it must be inclusive.

==Post-Conference==

After the conference, it is very important to gather feedback from the participants to make sure they enjoyed the experience. Ask them for a brief description about their experience, with a picture attached for the website. Then write up a review and lessons learned page to document the experience with the program. Make sure to include what can be improved upon in the future.

==Global AppSec Conferences==

[[Image:Appsec_APAC.jpg|right|x375px]]
OWASP AppSec conferences bring together industry, government, security researchers, and practitioners to discuss the state of the art in software security. This series was launched in the United States in 2004 and Europe in 2005. Global AppSec conferences are held annually in North America, Latin America, Europe, and Asia Pacific. Additionally, regional events are held in locations such as Brazil, China, India, Ireland, Israel, and Washington D.C just to name a few. The aim of the foundation is to bring the Women in AppSec Program to all of our regional and global events.

'''AppSec APAC'''

The AppSec APAC global conference takes place in the Asian-Pacific region. This conference is a reunion of local software security leaders, and aims to present cutting-edge ideas to attendees. OWASP events attract a worldwide audience interested in “what’s next”, and this global conference is no different. The conference is expected to draw 200-250 technologists each year from Government, Financial Services, Media, Pharmaceuticals, Healthcare, Technology, and many more. Women from the Asia-Pacific region are encouraged to apply to the program taking place during AppSec APAC.

'''AppSec EU'''

The AppSec EU global conference take place in the European region. Executives from Fortune 500 firms along with technical thought leaders such as security architects and lead developers, travel to hear the cutting-edge ideas presented by the software security industry's top talent. This conference is expected to draw 400-500 attendees each year from various regions within the Europe and beyond. Women from the European region are encouraged to apply to the program taking place during AppSec EU Research

'''AppSec Latam'''

The AppSec LATAM global conference takes place in the Latin American region. AppSec LATAM is a reunion of Latin American, software security leaders, providing a platform to discuss, participate in, and innovate within the software security industry. The conference is expected to draw 200-250 attendees from the Latin American region and beyond. Women in the Latin American region are encouraged to apply to the program taking place during AppSec LATAM.

'''AppSec USA'''

The AppSec USA global conference takes place in the North American region. AppSec USA is a world-class software security conference for technologists, auditors, risk managers, and entrepreneurs, gathering the world's top practitioner, to share the latest research and practices. This conference is expected to draw over 300 attendees within the North American region. AppSec USA is typically OWASP's biggest conference of the year so women are encouraged to apply to the program taking place during AppSec USA if they live or will be traveling from within North America.

=APPSEC USA 2015=
Planning is currently underway for AppSec USA 2015 WIA activities. We are exploring a networking room as well as other activities. Interested in getting involved? [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support].

Keep an eye on this space for more information!

==Bring the InfoSec Girls to AppSec USA 2015==
We are especially excited to invite the founders of the InfoSec Girls initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world. 
'''Donate now:''' 

<paypal>Women In AppSec</paypal> 

'''About InfoSec Girls''' 
Based in India, [https://infosecgirls.in/ InfoSec Girls] educates women about information security both at the community level and as a career option. Their kickoff event at C0c0n 2014 in Kochi, Kerala attracted 130 women and was the first event of it’s kind in the region.

Founders Apoorva Giri and Shruthi Kamath have spoken extensively on cybersecurity and women’s issues in India. Their efforts to bring awareness of cybersecurity to a wider audience has empowered women and girls to consider security careers as well as protect themselves online. They are also members of OWASP WIA.

At AppSec USA in September, they will inspire and inform your organization’s diversity and education programs, as well as give individual OWASP members ideas on how they can contribute to the application security education effort. 

'''Sponsorship opportunities''' 
Sponsorship opportunities for commercial organizations and OWASP chapters are also available. Please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information about sponsorship packages.

=PAST WINNERS=
==Previous Women in AppSec Winners==
Following their experience at AppSec, winners are encouraged to write a short piece about their experience at the conference and their participation in the Women in AppSec program. Here, they outline their experience with the Women in AppSec Program in their own words.

'''Carrie Schaper, 2013 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Carrie Schaper Small.jpg|100px]]
| align="justify" |"OWASP Appsec proved to be a great experience for me, uniting and interacting with friends, professionals, and colleagues from the Information Security space from across the US and Internationally whom were in attendance. The huge space and well organized functions such as the: trainings, expert talks, panels, bug-bounty, lock-picking village and social events all enhanced the conference experience. Participating on the Women in IT panel was a wonderful experience, as many women were in attendance and participated in collaborative discussions. OWASP Appsec held in NY this year, was a premier NY conference not to be missed. Thank you to OWASP, its attendees and organizers."
|}
 

'''Nancy Lornston, 2013 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Nancy Lorntson Small.jpg|100px]]
| align="justify" |"AppSec 2013 was an awesome experience! Nowhere in the world can you find the top security experts all in one place at one time (and participate in a marriage proposal!). The conference presentations were well organized and the speakers were prepared to share pros, cons, successes and failures of their work in order to advance the application security domain. The variety of vendors was terrific as well.

The Women in AppSec panel was an opportunity to advance women's position in the community. Each speaker shared some very candid remarks about their personal experiences and by the end, it was clear that while more work needs to be done, there is a sincere interest by companies, universities and the industry in general to work on doing the things needed to attract more women to the profession.

The training course I attended (Open source tools) lived up to it's billing and I came away with several invaluable tips and strategies to improve our program.

A huge thank you to the Women in App Sec Panel and OWASP in general for this opportunity to attend the premier Application Security Conference in the world."
|}
 

'''Tara Wilson, 2011 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Tara wilson.jpg|100px]]
| align="justify" |“Being fortunate enough to receive the Women in AppSec sponsorhsip is a unique and valuable experience. It is a great opportunity for women to have a chance to bolster their skills and dive deep into the world of application security. I found that attending the conference was not only a great way to experience what the OWASP community has to offer, but it also gives students a chance to network with a great group of people who are passionate about their field and willing to share a wealth of information.”
|}
 

'''Chandni Bhowmik, 2011 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Chandni_bhowmik.jpg|100px]]
| align="justify" |Chandni Bhowmik is currently completing an M.S. in Computer Security and Information Assurance at the Rochester Institute of Technology (RIT). Her first introduction to OWASP was through the project WebScarab during an application security lab last spring at RIT and her interest in OWASP grew ever since. Over the summer, she started programming open source web applications using built-in security features of Django and Python. She is interested in becoming an information security researcher, and hopes to leverage learning at OWASP AppSec USA 2011 in ad-hoc architecture, mobile platforms and over-all concepts of web application security. Besides secure programming, Chandni enjoys her current research involving digital image forensics and machine learning. In addition to attending school, she has interned in IT security and compliance at Paychex, a Rochester based payroll processing company, and gained industrial experience working an assistant systems engineer for Tata Consultancy Services, a global IT firm.
|}
 

=WIA SPONSORS=
We'd like to offer a warm thanks to the individuals and organizations that have sponsored the OWASP Women in Technology project. 
==Diamond Sponsors==
==Platinum Sponsors==
==Gold Sponsors==
==Silver Sponsors==
'''Netherlands OWASP Chapter''' 
‎[[File:Owasp_logo_ireland_small.jpg ‎]] '''Dublin-Ireland OWASP Chapter''' 
[[File:New_OWASP_LA_Logo-08-2014.jpg]] '''OWASP Los Angeles'''

=SPONSOR WIA=
==Sponsor WIA==
We'd like to offer a warm thanks to the individuals and organizations that have sponsored the OWASP Women in Technology project. If your organization would like to discuss sponsorship, please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information. 

'''Sponsorship Packages for AppSec USA 2015:''' 
'''Silver:''' Donate $500 or more, get your company name and logo on the WIA Wiki Sponsorship Tab from now until June 2016. (10 sponsorships available) 
'''Gold:''' Donate $1500 or more, get your company name and logo on the WIA Wiki Sponsorship Tab from now until June 2016 and put your literature on the table in the WIA meeting room at AppSec USA (8 sponsorships available). 
'''Platinum:''' Donate $2500 or more, all of the above place a banner stand in the WIA meeting room at AppSec USA and have your company logo/social handle on the screen at the WIA session. (5 Sponsorships available). 
'''Diamond:''' Donate $3500 or more, all of the above plus introduce the WIA speakers at the AppSec USA WIA session. (1 Sponsorship available).

=CONTACT US=

==Contact Us==

If you are interested in another piece of OWASP design for your event or project, please let us know by using the [http://owasp4.owasp.org/contactus.html OWASP Contact Us form].

<headertabs />

Women In AppSec

2015-08-14T16:08:20Z

Kerryjorichards: /* Silver Sponsors */

=WELCOME=

==Women in Application Security Program==

The purpose of the Women in AppSec Program is to increase the participation of women in the field of application security. The program was successfully launched in 2011 at AppSec USA, and the aim is to run the program at every OWASP Global AppSec going forward. Most recently, at AppSec EU in Amsterndam in May 2015, a program with the theme "Women in AppSec - Making it Happen" was launched and both a panel and a workshop were included at the event.

The Women in AppSec program is for any OWASP member who believes that diversity is important to the success of the organization, as well as for women looking to learn more about AppSec or who want to make career connections with like-minded colleagues. This includes female undergraduate and graduate students, instructors, and professionals who are dedicated to information security or application development.

'''AppSec USA 2015''' 
Currently, there is an effort to plan activities for AppSec USA 2015. Volunteers are eagerly sought to support the program at AppSec USA! We are especially excited to invite the founders of the '''InfoSec Girls''' initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world. '''Donate now:''' 

<paypal>Women In AppSec</paypal>

'''Want to find out more?''' Join the weekly meeting - reach out via the [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support].

Regional conferences are also encouraged to host the Women in AppSec program. Contact us via the [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support] to discuss how to successfully run a program at your event.

{|
|-
! width="400" align="left" |
! width="400" align="left" |
|-
| align="left" | [[Image:WiAAPAC3.jpg| left|330px]] 
| align="left" | [[Image:IMG_5579.JPG|left|325px]]
| align="left" | [[Image:WiAAPAC2.jpg|left|330px]]

|}

==Contact Us==

If you are interested in another piece of OWASP design for your event or project, please let us know by using the [http://owasp4.owasp.org/contactus.html OWASP Contact Us form].

==Links==
*[https://www.isc2.org/PressReleaseDetails.aspx?id=11240 (ISC)²® Report Reveals Women's Perspective and Skills are Transforming the Information Security Industry October 29, 2013].

*[https://www.youtube.com/watch?v=62i4o15NbgA&list=PLpr-xdpM8wG8ODR2zWs06JkMmlRiLyBXU&index=42 Women in AppSec Panel at AppSec USA 2013: Women in Information Security: Who Are We? Where Are We Going? Why? -- Joan Goodchild (Audio Only)]

=ABOUT THE PROGRAM=

The OWASP Foundation, in recognition of value to both organizations and society, is working to support and enhance programs that increase the participation of women in the field of information and application security. The OWASP Foundation Women in AppSec Program provides merit-based funding for women to attend participating OWASP AppSec conferences. OWASP’s current program objective is to encourage female students at both the undergraduate and graduate levels, instructors, and professional working women who are dedicated to a career in information security and/or application development, to expand their skills and pursue application security. Interested applicants are encouraged to apply to the program running within their region of residence. 

'''AppSec USA 2015''' 
Join the AppSecUSA 2015 Women in AppSec Program Organizing Committee on the OWASP Women in AppSec Community Group: https://myowasp.force.com. We are planning several activities for the AppSec USA event.

We are especially excited to invite the founders of the InfoSec Girls initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world. 
'''Donate now:''' 
<paypal>Women In AppSec</paypal>

Sponsorship opportunities for commercial organizations and OWASP chapters are also available. Please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information about sponsorship packages.

=PREVIOUS WIA ACTIVITIES=

== AppSec EU 2015 ==
During AppSec EU there was a panel discussion and workshop supported by the Women in AppSec initiative. Through these sessions we hoped to encourage women to pursue a career in AppSec and help them realize it is an option for them. These sessions was be open to all so we can help build support for the women around us. Learn more here: [http://2015.appsec.eu/women-in-application-security/ http://2015.appsec.eu/women-in-application-security] 

'''Panel: "Women in AppSec - Making it Happen"''' 
During this panel session we discussed what can be done to Make it Happen for Women in AppSec going forward. What have those currently working in the field done to Make it Happen for themselves and other women; what tips and advice do they have to help you do to make a career for yourself or encourage those around you (sister, friend, daughter, etc…) to pursue a career in AppSec? What can we as professionals can do to help encourage girls to go for a career in AppSec?

'''Workshop''' 
During the workshop we introduced female attendees of the conference to what a career in App Sec can involve. We discussed application security and the many career paths available. We hope to build relationships that may lead to a mentoring program for these women.

== AppSec USA 2013 ==
Learn more about the program here: [http://2013.appsecusa.org/2013/activities/owasp-women-in-application-security-appsec-program/index.html http://2013.appsecusa.org/2013/activities/owasp-women-in-application-security-appsec-program/index.html]

==WIA Attendee Sponsorship==

In the past, when we have offered sponsorships, we have typically had two winners selected for the sponsorship award; however, the number of winners depends on how much you can afford to sponsor. We recommend that you raise $3000 USD for each winner, at least. In the past, we have given each winner a free conference pass, one free training, and free travel and accommodation to attend the event.
[[Image:IMG_5746.JPG|right|500x260px]]
Below is the list of eligibility criteria used to select WIA sponsorship winners at AppSec USA 2013.

* Has provided 2 responsive contacts as reference, and both references are familiar with the candidate, application security, and OWASP.
* Both references have provided letters of recommendation.
* Has relevant/appropriate achievement goals for attending the conference.
* Is the applicant from the region that the conference is taking place in.
* Has background in volunteering for OWASP or similar organizations.
* Has participated in one of OWASP's programs or activities?
* Is either studying, wishing to study, working in AppSec, or interested in working in AppSec.
* Has financial need.
* Is a paid OWASP member, and/or employer/school is an OWASP sponsor.
* Has an interest in exploring application security

We encourage you to create your own set of criteria that will fit the Women In AppSec that you are planning within your region. The criteria above is meant to be a guideline of what has been used in the past.

=PLANNING A WIA EVENT=
==Planning a WIA Event==

The majority of the planning involved in running the Women in AppSec Program occurs before the conference or regional event. Below, you will find a brief outline of the tasks your team will have to take on.

====Planning & Selection Team====

The first step you will need to take care of is the selection of your planning and selection team. These are the individuals that will be helping you manage the pre-event planning process and the selection of the sessions during the event. You will typically need a team of 5-6 people. The selection committee will then be broken down into several sub-teams of one to two people who will then work on sponsorship, marketing, the grading process, and the call for entries.

==== Sub-Team Roles ====

'''Sponsorship'''

Two people should be responsible for developing the materials and seeking out sponsorships for the program. They will be in charge of creating the sponsorship packages, flyers, and seeking out sponsorship from other chapters and organizations.

'''Marketing'''

At least two people should be responsible for marketing the event. Their job will consist of putting together press releases, keeping the event planners updated on progress, and
communicating progress to the overall community. They will also be responsible for getting the message out when the team is ready to start accepting applicants.

====Budget====
As mentioned above, it is up to your team to decide what it is you wish to do during the event - that will determine the budget.

====Sponsorship====
It is very important to start reaching out to the overall OWASP community and their corporate contacts as potential sponsorship leads. Develop a Sponsorship Strategy and put together a sponsorship flyer outlining the program, what you are seeking, and the benefits of sponsorship. Give incentive for sponsorship and details about the program to get potential sponsors interested. Make sure to include the successes of past Women in AppSec conference events. Once you have your materials and sponsorship packages sorted, you can get started with sponsorship seeking activities.

==During the conference==
Be sure the engage the women attending the conference in the sessions you have organized: encourage them to not only attend but to be active participants. It's not all about the women try and encourage some men to get involved and attend also, for this initiative to be successful it must be inclusive.

==Post-Conference==

After the conference, it is very important to gather feedback from the participants to make sure they enjoyed the experience. Ask them for a brief description about their experience, with a picture attached for the website. Then write up a review and lessons learned page to document the experience with the program. Make sure to include what can be improved upon in the future.

==Global AppSec Conferences==

[[Image:Appsec_APAC.jpg|right|x375px]]
OWASP AppSec conferences bring together industry, government, security researchers, and practitioners to discuss the state of the art in software security. This series was launched in the United States in 2004 and Europe in 2005. Global AppSec conferences are held annually in North America, Latin America, Europe, and Asia Pacific. Additionally, regional events are held in locations such as Brazil, China, India, Ireland, Israel, and Washington D.C just to name a few. The aim of the foundation is to bring the Women in AppSec Program to all of our regional and global events.

'''AppSec APAC'''

The AppSec APAC global conference takes place in the Asian-Pacific region. This conference is a reunion of local software security leaders, and aims to present cutting-edge ideas to attendees. OWASP events attract a worldwide audience interested in “what’s next”, and this global conference is no different. The conference is expected to draw 200-250 technologists each year from Government, Financial Services, Media, Pharmaceuticals, Healthcare, Technology, and many more. Women from the Asia-Pacific region are encouraged to apply to the program taking place during AppSec APAC.

'''AppSec EU'''

The AppSec EU global conference take place in the European region. Executives from Fortune 500 firms along with technical thought leaders such as security architects and lead developers, travel to hear the cutting-edge ideas presented by the software security industry's top talent. This conference is expected to draw 400-500 attendees each year from various regions within the Europe and beyond. Women from the European region are encouraged to apply to the program taking place during AppSec EU Research

'''AppSec Latam'''

The AppSec LATAM global conference takes place in the Latin American region. AppSec LATAM is a reunion of Latin American, software security leaders, providing a platform to discuss, participate in, and innovate within the software security industry. The conference is expected to draw 200-250 attendees from the Latin American region and beyond. Women in the Latin American region are encouraged to apply to the program taking place during AppSec LATAM.

'''AppSec USA'''

The AppSec USA global conference takes place in the North American region. AppSec USA is a world-class software security conference for technologists, auditors, risk managers, and entrepreneurs, gathering the world's top practitioner, to share the latest research and practices. This conference is expected to draw over 300 attendees within the North American region. AppSec USA is typically OWASP's biggest conference of the year so women are encouraged to apply to the program taking place during AppSec USA if they live or will be traveling from within North America.

=APPSEC USA 2015=
Planning is currently underway for AppSec USA 2015 WIA activities. We are exploring a networking room as well as other activities. Interested in getting involved? [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support].

Keep an eye on this space for more information!

==Bring the InfoSec Girls to AppSec USA 2015==
We are especially excited to invite the founders of the InfoSec Girls initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world. 
'''Donate now:''' 

<paypal>Women In AppSec</paypal> 

'''About InfoSec Girls''' 
Based in India, [https://infosecgirls.in/ InfoSec Girls] educates women about information security both at the community level and as a career option. Their kickoff event at C0c0n 2014 in Kochi, Kerala attracted 130 women and was the first event of it’s kind in the region.

Founders Apoorva Giri and Shruthi Kamath have spoken extensively on cybersecurity and women’s issues in India. Their efforts to bring awareness of cybersecurity to a wider audience has empowered women and girls to consider security careers as well as protect themselves online. They are also members of OWASP WIA.

At AppSec USA in September, they will inspire and inform your organization’s diversity and education programs, as well as give individual OWASP members ideas on how they can contribute to the application security education effort. 

'''Sponsorship opportunities''' 
Sponsorship opportunities for commercial organizations and OWASP chapters are also available. Please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information about sponsorship packages.

=PAST WINNERS=
==Previous Women in AppSec Winners==
Following their experience at AppSec, winners are encouraged to write a short piece about their experience at the conference and their participation in the Women in AppSec program. Here, they outline their experience with the Women in AppSec Program in their own words.

'''Carrie Schaper, 2013 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Carrie Schaper Small.jpg|100px]]
| align="justify" |"OWASP Appsec proved to be a great experience for me, uniting and interacting with friends, professionals, and colleagues from the Information Security space from across the US and Internationally whom were in attendance. The huge space and well organized functions such as the: trainings, expert talks, panels, bug-bounty, lock-picking village and social events all enhanced the conference experience. Participating on the Women in IT panel was a wonderful experience, as many women were in attendance and participated in collaborative discussions. OWASP Appsec held in NY this year, was a premier NY conference not to be missed. Thank you to OWASP, its attendees and organizers."
|}
 

'''Nancy Lornston, 2013 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Nancy Lorntson Small.jpg|100px]]
| align="justify" |"AppSec 2013 was an awesome experience! Nowhere in the world can you find the top security experts all in one place at one time (and participate in a marriage proposal!). The conference presentations were well organized and the speakers were prepared to share pros, cons, successes and failures of their work in order to advance the application security domain. The variety of vendors was terrific as well.

The Women in AppSec panel was an opportunity to advance women's position in the community. Each speaker shared some very candid remarks about their personal experiences and by the end, it was clear that while more work needs to be done, there is a sincere interest by companies, universities and the industry in general to work on doing the things needed to attract more women to the profession.

The training course I attended (Open source tools) lived up to it's billing and I came away with several invaluable tips and strategies to improve our program.

A huge thank you to the Women in App Sec Panel and OWASP in general for this opportunity to attend the premier Application Security Conference in the world."
|}
 

'''Tara Wilson, 2011 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Tara wilson.jpg|100px]]
| align="justify" |“Being fortunate enough to receive the Women in AppSec sponsorhsip is a unique and valuable experience. It is a great opportunity for women to have a chance to bolster their skills and dive deep into the world of application security. I found that attending the conference was not only a great way to experience what the OWASP community has to offer, but it also gives students a chance to network with a great group of people who are passionate about their field and willing to share a wealth of information.”
|}
 

'''Chandni Bhowmik, 2011 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Chandni_bhowmik.jpg|100px]]
| align="justify" |Chandni Bhowmik is currently completing an M.S. in Computer Security and Information Assurance at the Rochester Institute of Technology (RIT). Her first introduction to OWASP was through the project WebScarab during an application security lab last spring at RIT and her interest in OWASP grew ever since. Over the summer, she started programming open source web applications using built-in security features of Django and Python. She is interested in becoming an information security researcher, and hopes to leverage learning at OWASP AppSec USA 2011 in ad-hoc architecture, mobile platforms and over-all concepts of web application security. Besides secure programming, Chandni enjoys her current research involving digital image forensics and machine learning. In addition to attending school, she has interned in IT security and compliance at Paychex, a Rochester based payroll processing company, and gained industrial experience working an assistant systems engineer for Tata Consultancy Services, a global IT firm.
|}
 

=WIA SPONSORS=
We'd like to offer a warm thanks to the individuals and organizations that have sponsored the OWASP Women in Technology project. 
==Diamond Sponsors==
==Platinum Sponsors==
==Gold Sponsors==
==Silver Sponsors==
'''Netherlands OWASP Chapter''' 
‎[[File:Owasp_logo_ireland_small.jpg ‎]] '''Dublin-Ireland OWASP Chapter''' 
[[File:New_OWASP_LA_Logo-08-2014.jpg]] '''OWASP Los Angeles'''

=SPONSOR WIA=
==Sponsor WIA==
We'd like to offer a warm thanks to the individuals and organizations that have sponsored the OWASP Women in Technology project. If your organization would like to discuss sponsorship, please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information. 

'''Sponsorship Packages for AppSec USA 2015:''' 
'''Silver:''' Donate $500 or more, get your company name and logo on the WIA Wiki Sponsorship Tab from now until June 2016. (10 sponsorships available) 
'''Gold:''' Donate $1500 or more, get your company name and logo on the WIA Wiki Sponsorship Tab from now until June 2016 and put your literature on the table in the WIA meeting room at AppSec USA (8 sponsorships available). 
'''Platinum:''' Donate $2500 or more, all of the above place a banner stand in the WIA meeting room at AppSec USA and have your company logo/social handle on the screen at the WIA session. (5 Sponsorships available). 
'''Diamond:''' Donate $3500 or more, all of the above plus introduce the WIA speakers at the AppSec USA WIA session. (1 Sponsorship available).

=CONTACT US=

==Contact Us==

If you are interested in another piece of OWASP design for your event or project, please let us know by using the [http://owasp4.owasp.org/contactus.html OWASP Contact Us form].

<headertabs />

Women In AppSec

2015-08-14T16:07:39Z

Kerryjorichards: /* WIA SPONSORS */

=WELCOME=

==Women in Application Security Program==

The purpose of the Women in AppSec Program is to increase the participation of women in the field of application security. The program was successfully launched in 2011 at AppSec USA, and the aim is to run the program at every OWASP Global AppSec going forward. Most recently, at AppSec EU in Amsterndam in May 2015, a program with the theme "Women in AppSec - Making it Happen" was launched and both a panel and a workshop were included at the event.

The Women in AppSec program is for any OWASP member who believes that diversity is important to the success of the organization, as well as for women looking to learn more about AppSec or who want to make career connections with like-minded colleagues. This includes female undergraduate and graduate students, instructors, and professionals who are dedicated to information security or application development.

'''AppSec USA 2015''' 
Currently, there is an effort to plan activities for AppSec USA 2015. Volunteers are eagerly sought to support the program at AppSec USA! We are especially excited to invite the founders of the '''InfoSec Girls''' initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world. '''Donate now:''' 

<paypal>Women In AppSec</paypal>

'''Want to find out more?''' Join the weekly meeting - reach out via the [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support].

Regional conferences are also encouraged to host the Women in AppSec program. Contact us via the [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support] to discuss how to successfully run a program at your event.

{|
|-
! width="400" align="left" |
! width="400" align="left" |
|-
| align="left" | [[Image:WiAAPAC3.jpg| left|330px]] 
| align="left" | [[Image:IMG_5579.JPG|left|325px]]
| align="left" | [[Image:WiAAPAC2.jpg|left|330px]]

|}

==Contact Us==

If you are interested in another piece of OWASP design for your event or project, please let us know by using the [http://owasp4.owasp.org/contactus.html OWASP Contact Us form].

==Links==
*[https://www.isc2.org/PressReleaseDetails.aspx?id=11240 (ISC)²® Report Reveals Women's Perspective and Skills are Transforming the Information Security Industry October 29, 2013].

*[https://www.youtube.com/watch?v=62i4o15NbgA&list=PLpr-xdpM8wG8ODR2zWs06JkMmlRiLyBXU&index=42 Women in AppSec Panel at AppSec USA 2013: Women in Information Security: Who Are We? Where Are We Going? Why? -- Joan Goodchild (Audio Only)]

=ABOUT THE PROGRAM=

The OWASP Foundation, in recognition of value to both organizations and society, is working to support and enhance programs that increase the participation of women in the field of information and application security. The OWASP Foundation Women in AppSec Program provides merit-based funding for women to attend participating OWASP AppSec conferences. OWASP’s current program objective is to encourage female students at both the undergraduate and graduate levels, instructors, and professional working women who are dedicated to a career in information security and/or application development, to expand their skills and pursue application security. Interested applicants are encouraged to apply to the program running within their region of residence. 

'''AppSec USA 2015''' 
Join the AppSecUSA 2015 Women in AppSec Program Organizing Committee on the OWASP Women in AppSec Community Group: https://myowasp.force.com. We are planning several activities for the AppSec USA event.

We are especially excited to invite the founders of the InfoSec Girls initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world. 
'''Donate now:''' 
<paypal>Women In AppSec</paypal>

Sponsorship opportunities for commercial organizations and OWASP chapters are also available. Please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information about sponsorship packages.

=PREVIOUS WIA ACTIVITIES=

== AppSec EU 2015 ==
During AppSec EU there was a panel discussion and workshop supported by the Women in AppSec initiative. Through these sessions we hoped to encourage women to pursue a career in AppSec and help them realize it is an option for them. These sessions was be open to all so we can help build support for the women around us. Learn more here: [http://2015.appsec.eu/women-in-application-security/ http://2015.appsec.eu/women-in-application-security] 

'''Panel: "Women in AppSec - Making it Happen"''' 
During this panel session we discussed what can be done to Make it Happen for Women in AppSec going forward. What have those currently working in the field done to Make it Happen for themselves and other women; what tips and advice do they have to help you do to make a career for yourself or encourage those around you (sister, friend, daughter, etc…) to pursue a career in AppSec? What can we as professionals can do to help encourage girls to go for a career in AppSec?

'''Workshop''' 
During the workshop we introduced female attendees of the conference to what a career in App Sec can involve. We discussed application security and the many career paths available. We hope to build relationships that may lead to a mentoring program for these women.

== AppSec USA 2013 ==
Learn more about the program here: [http://2013.appsecusa.org/2013/activities/owasp-women-in-application-security-appsec-program/index.html http://2013.appsecusa.org/2013/activities/owasp-women-in-application-security-appsec-program/index.html]

==WIA Attendee Sponsorship==

In the past, when we have offered sponsorships, we have typically had two winners selected for the sponsorship award; however, the number of winners depends on how much you can afford to sponsor. We recommend that you raise $3000 USD for each winner, at least. In the past, we have given each winner a free conference pass, one free training, and free travel and accommodation to attend the event.
[[Image:IMG_5746.JPG|right|500x260px]]
Below is the list of eligibility criteria used to select WIA sponsorship winners at AppSec USA 2013.

* Has provided 2 responsive contacts as reference, and both references are familiar with the candidate, application security, and OWASP.
* Both references have provided letters of recommendation.
* Has relevant/appropriate achievement goals for attending the conference.
* Is the applicant from the region that the conference is taking place in.
* Has background in volunteering for OWASP or similar organizations.
* Has participated in one of OWASP's programs or activities?
* Is either studying, wishing to study, working in AppSec, or interested in working in AppSec.
* Has financial need.
* Is a paid OWASP member, and/or employer/school is an OWASP sponsor.
* Has an interest in exploring application security

We encourage you to create your own set of criteria that will fit the Women In AppSec that you are planning within your region. The criteria above is meant to be a guideline of what has been used in the past.

=PLANNING A WIA EVENT=
==Planning a WIA Event==

The majority of the planning involved in running the Women in AppSec Program occurs before the conference or regional event. Below, you will find a brief outline of the tasks your team will have to take on.

====Planning & Selection Team====

The first step you will need to take care of is the selection of your planning and selection team. These are the individuals that will be helping you manage the pre-event planning process and the selection of the sessions during the event. You will typically need a team of 5-6 people. The selection committee will then be broken down into several sub-teams of one to two people who will then work on sponsorship, marketing, the grading process, and the call for entries.

==== Sub-Team Roles ====

'''Sponsorship'''

Two people should be responsible for developing the materials and seeking out sponsorships for the program. They will be in charge of creating the sponsorship packages, flyers, and seeking out sponsorship from other chapters and organizations.

'''Marketing'''

At least two people should be responsible for marketing the event. Their job will consist of putting together press releases, keeping the event planners updated on progress, and
communicating progress to the overall community. They will also be responsible for getting the message out when the team is ready to start accepting applicants.

====Budget====
As mentioned above, it is up to your team to decide what it is you wish to do during the event - that will determine the budget.

====Sponsorship====
It is very important to start reaching out to the overall OWASP community and their corporate contacts as potential sponsorship leads. Develop a Sponsorship Strategy and put together a sponsorship flyer outlining the program, what you are seeking, and the benefits of sponsorship. Give incentive for sponsorship and details about the program to get potential sponsors interested. Make sure to include the successes of past Women in AppSec conference events. Once you have your materials and sponsorship packages sorted, you can get started with sponsorship seeking activities.

==During the conference==
Be sure the engage the women attending the conference in the sessions you have organized: encourage them to not only attend but to be active participants. It's not all about the women try and encourage some men to get involved and attend also, for this initiative to be successful it must be inclusive.

==Post-Conference==

After the conference, it is very important to gather feedback from the participants to make sure they enjoyed the experience. Ask them for a brief description about their experience, with a picture attached for the website. Then write up a review and lessons learned page to document the experience with the program. Make sure to include what can be improved upon in the future.

==Global AppSec Conferences==

[[Image:Appsec_APAC.jpg|right|x375px]]
OWASP AppSec conferences bring together industry, government, security researchers, and practitioners to discuss the state of the art in software security. This series was launched in the United States in 2004 and Europe in 2005. Global AppSec conferences are held annually in North America, Latin America, Europe, and Asia Pacific. Additionally, regional events are held in locations such as Brazil, China, India, Ireland, Israel, and Washington D.C just to name a few. The aim of the foundation is to bring the Women in AppSec Program to all of our regional and global events.

'''AppSec APAC'''

The AppSec APAC global conference takes place in the Asian-Pacific region. This conference is a reunion of local software security leaders, and aims to present cutting-edge ideas to attendees. OWASP events attract a worldwide audience interested in “what’s next”, and this global conference is no different. The conference is expected to draw 200-250 technologists each year from Government, Financial Services, Media, Pharmaceuticals, Healthcare, Technology, and many more. Women from the Asia-Pacific region are encouraged to apply to the program taking place during AppSec APAC.

'''AppSec EU'''

The AppSec EU global conference take place in the European region. Executives from Fortune 500 firms along with technical thought leaders such as security architects and lead developers, travel to hear the cutting-edge ideas presented by the software security industry's top talent. This conference is expected to draw 400-500 attendees each year from various regions within the Europe and beyond. Women from the European region are encouraged to apply to the program taking place during AppSec EU Research

'''AppSec Latam'''

The AppSec LATAM global conference takes place in the Latin American region. AppSec LATAM is a reunion of Latin American, software security leaders, providing a platform to discuss, participate in, and innovate within the software security industry. The conference is expected to draw 200-250 attendees from the Latin American region and beyond. Women in the Latin American region are encouraged to apply to the program taking place during AppSec LATAM.

'''AppSec USA'''

The AppSec USA global conference takes place in the North American region. AppSec USA is a world-class software security conference for technologists, auditors, risk managers, and entrepreneurs, gathering the world's top practitioner, to share the latest research and practices. This conference is expected to draw over 300 attendees within the North American region. AppSec USA is typically OWASP's biggest conference of the year so women are encouraged to apply to the program taking place during AppSec USA if they live or will be traveling from within North America.

=APPSEC USA 2015=
Planning is currently underway for AppSec USA 2015 WIA activities. We are exploring a networking room as well as other activities. Interested in getting involved? [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support].

Keep an eye on this space for more information!

==Bring the InfoSec Girls to AppSec USA 2015==
We are especially excited to invite the founders of the InfoSec Girls initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world. 
'''Donate now:''' 

<paypal>Women In AppSec</paypal> 

'''About InfoSec Girls''' 
Based in India, [https://infosecgirls.in/ InfoSec Girls] educates women about information security both at the community level and as a career option. Their kickoff event at C0c0n 2014 in Kochi, Kerala attracted 130 women and was the first event of it’s kind in the region.

Founders Apoorva Giri and Shruthi Kamath have spoken extensively on cybersecurity and women’s issues in India. Their efforts to bring awareness of cybersecurity to a wider audience has empowered women and girls to consider security careers as well as protect themselves online. They are also members of OWASP WIA.

At AppSec USA in September, they will inspire and inform your organization’s diversity and education programs, as well as give individual OWASP members ideas on how they can contribute to the application security education effort. 

'''Sponsorship opportunities''' 
Sponsorship opportunities for commercial organizations and OWASP chapters are also available. Please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information about sponsorship packages.

=PAST WINNERS=
==Previous Women in AppSec Winners==
Following their experience at AppSec, winners are encouraged to write a short piece about their experience at the conference and their participation in the Women in AppSec program. Here, they outline their experience with the Women in AppSec Program in their own words.

'''Carrie Schaper, 2013 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Carrie Schaper Small.jpg|100px]]
| align="justify" |"OWASP Appsec proved to be a great experience for me, uniting and interacting with friends, professionals, and colleagues from the Information Security space from across the US and Internationally whom were in attendance. The huge space and well organized functions such as the: trainings, expert talks, panels, bug-bounty, lock-picking village and social events all enhanced the conference experience. Participating on the Women in IT panel was a wonderful experience, as many women were in attendance and participated in collaborative discussions. OWASP Appsec held in NY this year, was a premier NY conference not to be missed. Thank you to OWASP, its attendees and organizers."
|}
 

'''Nancy Lornston, 2013 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Nancy Lorntson Small.jpg|100px]]
| align="justify" |"AppSec 2013 was an awesome experience! Nowhere in the world can you find the top security experts all in one place at one time (and participate in a marriage proposal!). The conference presentations were well organized and the speakers were prepared to share pros, cons, successes and failures of their work in order to advance the application security domain. The variety of vendors was terrific as well.

The Women in AppSec panel was an opportunity to advance women's position in the community. Each speaker shared some very candid remarks about their personal experiences and by the end, it was clear that while more work needs to be done, there is a sincere interest by companies, universities and the industry in general to work on doing the things needed to attract more women to the profession.

The training course I attended (Open source tools) lived up to it's billing and I came away with several invaluable tips and strategies to improve our program.

A huge thank you to the Women in App Sec Panel and OWASP in general for this opportunity to attend the premier Application Security Conference in the world."
|}
 

'''Tara Wilson, 2011 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Tara wilson.jpg|100px]]
| align="justify" |“Being fortunate enough to receive the Women in AppSec sponsorhsip is a unique and valuable experience. It is a great opportunity for women to have a chance to bolster their skills and dive deep into the world of application security. I found that attending the conference was not only a great way to experience what the OWASP community has to offer, but it also gives students a chance to network with a great group of people who are passionate about their field and willing to share a wealth of information.”
|}
 

'''Chandni Bhowmik, 2011 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Chandni_bhowmik.jpg|100px]]
| align="justify" |Chandni Bhowmik is currently completing an M.S. in Computer Security and Information Assurance at the Rochester Institute of Technology (RIT). Her first introduction to OWASP was through the project WebScarab during an application security lab last spring at RIT and her interest in OWASP grew ever since. Over the summer, she started programming open source web applications using built-in security features of Django and Python. She is interested in becoming an information security researcher, and hopes to leverage learning at OWASP AppSec USA 2011 in ad-hoc architecture, mobile platforms and over-all concepts of web application security. Besides secure programming, Chandni enjoys her current research involving digital image forensics and machine learning. In addition to attending school, she has interned in IT security and compliance at Paychex, a Rochester based payroll processing company, and gained industrial experience working an assistant systems engineer for Tata Consultancy Services, a global IT firm.
|}
 

=WIA SPONSORS=
We'd like to offer a warm thanks to the individuals and organizations that have sponsored the OWASP Women in Technology project. 
==Diamond Sponsors==
==Platinum Sponsors==
==Gold Sponsors==
==Silver Sponsors==
'''Netherlands OWASP Chapter''' 
'''Dublin-Ireland OWASP Chapter''' ‎[[File:Owasp_logo_ireland_small.jpg ‎]] 
'''OWASP Los Angeles''' [[File:New_OWASP_LA_Logo-08-2014.jpg]]

=SPONSOR WIA=
==Sponsor WIA==
We'd like to offer a warm thanks to the individuals and organizations that have sponsored the OWASP Women in Technology project. If your organization would like to discuss sponsorship, please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information. 

'''Sponsorship Packages for AppSec USA 2015:''' 
'''Silver:''' Donate $500 or more, get your company name and logo on the WIA Wiki Sponsorship Tab from now until June 2016. (10 sponsorships available) 
'''Gold:''' Donate $1500 or more, get your company name and logo on the WIA Wiki Sponsorship Tab from now until June 2016 and put your literature on the table in the WIA meeting room at AppSec USA (8 sponsorships available). 
'''Platinum:''' Donate $2500 or more, all of the above place a banner stand in the WIA meeting room at AppSec USA and have your company logo/social handle on the screen at the WIA session. (5 Sponsorships available). 
'''Diamond:''' Donate $3500 or more, all of the above plus introduce the WIA speakers at the AppSec USA WIA session. (1 Sponsorship available).

=CONTACT US=

==Contact Us==

If you are interested in another piece of OWASP design for your event or project, please let us know by using the [http://owasp4.owasp.org/contactus.html OWASP Contact Us form].

<headertabs />

Women In AppSec

2015-08-14T16:07:02Z

Kerryjorichards: /* WIA SPONSORS */

=WELCOME=

==Women in Application Security Program==

The purpose of the Women in AppSec Program is to increase the participation of women in the field of application security. The program was successfully launched in 2011 at AppSec USA, and the aim is to run the program at every OWASP Global AppSec going forward. Most recently, at AppSec EU in Amsterndam in May 2015, a program with the theme "Women in AppSec - Making it Happen" was launched and both a panel and a workshop were included at the event.

The Women in AppSec program is for any OWASP member who believes that diversity is important to the success of the organization, as well as for women looking to learn more about AppSec or who want to make career connections with like-minded colleagues. This includes female undergraduate and graduate students, instructors, and professionals who are dedicated to information security or application development.

'''AppSec USA 2015''' 
Currently, there is an effort to plan activities for AppSec USA 2015. Volunteers are eagerly sought to support the program at AppSec USA! We are especially excited to invite the founders of the '''InfoSec Girls''' initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world. '''Donate now:''' 

<paypal>Women In AppSec</paypal>

'''Want to find out more?''' Join the weekly meeting - reach out via the [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support].

Regional conferences are also encouraged to host the Women in AppSec program. Contact us via the [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support] to discuss how to successfully run a program at your event.

{|
|-
! width="400" align="left" |
! width="400" align="left" |
|-
| align="left" | [[Image:WiAAPAC3.jpg| left|330px]] 
| align="left" | [[Image:IMG_5579.JPG|left|325px]]
| align="left" | [[Image:WiAAPAC2.jpg|left|330px]]

|}

==Contact Us==

If you are interested in another piece of OWASP design for your event or project, please let us know by using the [http://owasp4.owasp.org/contactus.html OWASP Contact Us form].

==Links==
*[https://www.isc2.org/PressReleaseDetails.aspx?id=11240 (ISC)²® Report Reveals Women's Perspective and Skills are Transforming the Information Security Industry October 29, 2013].

*[https://www.youtube.com/watch?v=62i4o15NbgA&list=PLpr-xdpM8wG8ODR2zWs06JkMmlRiLyBXU&index=42 Women in AppSec Panel at AppSec USA 2013: Women in Information Security: Who Are We? Where Are We Going? Why? -- Joan Goodchild (Audio Only)]

=ABOUT THE PROGRAM=

The OWASP Foundation, in recognition of value to both organizations and society, is working to support and enhance programs that increase the participation of women in the field of information and application security. The OWASP Foundation Women in AppSec Program provides merit-based funding for women to attend participating OWASP AppSec conferences. OWASP’s current program objective is to encourage female students at both the undergraduate and graduate levels, instructors, and professional working women who are dedicated to a career in information security and/or application development, to expand their skills and pursue application security. Interested applicants are encouraged to apply to the program running within their region of residence. 

'''AppSec USA 2015''' 
Join the AppSecUSA 2015 Women in AppSec Program Organizing Committee on the OWASP Women in AppSec Community Group: https://myowasp.force.com. We are planning several activities for the AppSec USA event.

We are especially excited to invite the founders of the InfoSec Girls initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world. 
'''Donate now:''' 
<paypal>Women In AppSec</paypal>

Sponsorship opportunities for commercial organizations and OWASP chapters are also available. Please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information about sponsorship packages.

=PREVIOUS WIA ACTIVITIES=

== AppSec EU 2015 ==
During AppSec EU there was a panel discussion and workshop supported by the Women in AppSec initiative. Through these sessions we hoped to encourage women to pursue a career in AppSec and help them realize it is an option for them. These sessions was be open to all so we can help build support for the women around us. Learn more here: [http://2015.appsec.eu/women-in-application-security/ http://2015.appsec.eu/women-in-application-security] 

'''Panel: "Women in AppSec - Making it Happen"''' 
During this panel session we discussed what can be done to Make it Happen for Women in AppSec going forward. What have those currently working in the field done to Make it Happen for themselves and other women; what tips and advice do they have to help you do to make a career for yourself or encourage those around you (sister, friend, daughter, etc…) to pursue a career in AppSec? What can we as professionals can do to help encourage girls to go for a career in AppSec?

'''Workshop''' 
During the workshop we introduced female attendees of the conference to what a career in App Sec can involve. We discussed application security and the many career paths available. We hope to build relationships that may lead to a mentoring program for these women.

== AppSec USA 2013 ==
Learn more about the program here: [http://2013.appsecusa.org/2013/activities/owasp-women-in-application-security-appsec-program/index.html http://2013.appsecusa.org/2013/activities/owasp-women-in-application-security-appsec-program/index.html]

==WIA Attendee Sponsorship==

In the past, when we have offered sponsorships, we have typically had two winners selected for the sponsorship award; however, the number of winners depends on how much you can afford to sponsor. We recommend that you raise $3000 USD for each winner, at least. In the past, we have given each winner a free conference pass, one free training, and free travel and accommodation to attend the event.
[[Image:IMG_5746.JPG|right|500x260px]]
Below is the list of eligibility criteria used to select WIA sponsorship winners at AppSec USA 2013.

* Has provided 2 responsive contacts as reference, and both references are familiar with the candidate, application security, and OWASP.
* Both references have provided letters of recommendation.
* Has relevant/appropriate achievement goals for attending the conference.
* Is the applicant from the region that the conference is taking place in.
* Has background in volunteering for OWASP or similar organizations.
* Has participated in one of OWASP's programs or activities?
* Is either studying, wishing to study, working in AppSec, or interested in working in AppSec.
* Has financial need.
* Is a paid OWASP member, and/or employer/school is an OWASP sponsor.
* Has an interest in exploring application security

We encourage you to create your own set of criteria that will fit the Women In AppSec that you are planning within your region. The criteria above is meant to be a guideline of what has been used in the past.

=PLANNING A WIA EVENT=
==Planning a WIA Event==

The majority of the planning involved in running the Women in AppSec Program occurs before the conference or regional event. Below, you will find a brief outline of the tasks your team will have to take on.

====Planning & Selection Team====

The first step you will need to take care of is the selection of your planning and selection team. These are the individuals that will be helping you manage the pre-event planning process and the selection of the sessions during the event. You will typically need a team of 5-6 people. The selection committee will then be broken down into several sub-teams of one to two people who will then work on sponsorship, marketing, the grading process, and the call for entries.

==== Sub-Team Roles ====

'''Sponsorship'''

Two people should be responsible for developing the materials and seeking out sponsorships for the program. They will be in charge of creating the sponsorship packages, flyers, and seeking out sponsorship from other chapters and organizations.

'''Marketing'''

At least two people should be responsible for marketing the event. Their job will consist of putting together press releases, keeping the event planners updated on progress, and
communicating progress to the overall community. They will also be responsible for getting the message out when the team is ready to start accepting applicants.

====Budget====
As mentioned above, it is up to your team to decide what it is you wish to do during the event - that will determine the budget.

====Sponsorship====
It is very important to start reaching out to the overall OWASP community and their corporate contacts as potential sponsorship leads. Develop a Sponsorship Strategy and put together a sponsorship flyer outlining the program, what you are seeking, and the benefits of sponsorship. Give incentive for sponsorship and details about the program to get potential sponsors interested. Make sure to include the successes of past Women in AppSec conference events. Once you have your materials and sponsorship packages sorted, you can get started with sponsorship seeking activities.

==During the conference==
Be sure the engage the women attending the conference in the sessions you have organized: encourage them to not only attend but to be active participants. It's not all about the women try and encourage some men to get involved and attend also, for this initiative to be successful it must be inclusive.

==Post-Conference==

After the conference, it is very important to gather feedback from the participants to make sure they enjoyed the experience. Ask them for a brief description about their experience, with a picture attached for the website. Then write up a review and lessons learned page to document the experience with the program. Make sure to include what can be improved upon in the future.

==Global AppSec Conferences==

[[Image:Appsec_APAC.jpg|right|x375px]]
OWASP AppSec conferences bring together industry, government, security researchers, and practitioners to discuss the state of the art in software security. This series was launched in the United States in 2004 and Europe in 2005. Global AppSec conferences are held annually in North America, Latin America, Europe, and Asia Pacific. Additionally, regional events are held in locations such as Brazil, China, India, Ireland, Israel, and Washington D.C just to name a few. The aim of the foundation is to bring the Women in AppSec Program to all of our regional and global events.

'''AppSec APAC'''

The AppSec APAC global conference takes place in the Asian-Pacific region. This conference is a reunion of local software security leaders, and aims to present cutting-edge ideas to attendees. OWASP events attract a worldwide audience interested in “what’s next”, and this global conference is no different. The conference is expected to draw 200-250 technologists each year from Government, Financial Services, Media, Pharmaceuticals, Healthcare, Technology, and many more. Women from the Asia-Pacific region are encouraged to apply to the program taking place during AppSec APAC.

'''AppSec EU'''

The AppSec EU global conference take place in the European region. Executives from Fortune 500 firms along with technical thought leaders such as security architects and lead developers, travel to hear the cutting-edge ideas presented by the software security industry's top talent. This conference is expected to draw 400-500 attendees each year from various regions within the Europe and beyond. Women from the European region are encouraged to apply to the program taking place during AppSec EU Research

'''AppSec Latam'''

The AppSec LATAM global conference takes place in the Latin American region. AppSec LATAM is a reunion of Latin American, software security leaders, providing a platform to discuss, participate in, and innovate within the software security industry. The conference is expected to draw 200-250 attendees from the Latin American region and beyond. Women in the Latin American region are encouraged to apply to the program taking place during AppSec LATAM.

'''AppSec USA'''

The AppSec USA global conference takes place in the North American region. AppSec USA is a world-class software security conference for technologists, auditors, risk managers, and entrepreneurs, gathering the world's top practitioner, to share the latest research and practices. This conference is expected to draw over 300 attendees within the North American region. AppSec USA is typically OWASP's biggest conference of the year so women are encouraged to apply to the program taking place during AppSec USA if they live or will be traveling from within North America.

=APPSEC USA 2015=
Planning is currently underway for AppSec USA 2015 WIA activities. We are exploring a networking room as well as other activities. Interested in getting involved? [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support].

Keep an eye on this space for more information!

==Bring the InfoSec Girls to AppSec USA 2015==
We are especially excited to invite the founders of the InfoSec Girls initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world. 
'''Donate now:''' 

<paypal>Women In AppSec</paypal> 

'''About InfoSec Girls''' 
Based in India, [https://infosecgirls.in/ InfoSec Girls] educates women about information security both at the community level and as a career option. Their kickoff event at C0c0n 2014 in Kochi, Kerala attracted 130 women and was the first event of it’s kind in the region.

Founders Apoorva Giri and Shruthi Kamath have spoken extensively on cybersecurity and women’s issues in India. Their efforts to bring awareness of cybersecurity to a wider audience has empowered women and girls to consider security careers as well as protect themselves online. They are also members of OWASP WIA.

At AppSec USA in September, they will inspire and inform your organization’s diversity and education programs, as well as give individual OWASP members ideas on how they can contribute to the application security education effort. 

'''Sponsorship opportunities''' 
Sponsorship opportunities for commercial organizations and OWASP chapters are also available. Please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information about sponsorship packages.

=PAST WINNERS=
==Previous Women in AppSec Winners==
Following their experience at AppSec, winners are encouraged to write a short piece about their experience at the conference and their participation in the Women in AppSec program. Here, they outline their experience with the Women in AppSec Program in their own words.

'''Carrie Schaper, 2013 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Carrie Schaper Small.jpg|100px]]
| align="justify" |"OWASP Appsec proved to be a great experience for me, uniting and interacting with friends, professionals, and colleagues from the Information Security space from across the US and Internationally whom were in attendance. The huge space and well organized functions such as the: trainings, expert talks, panels, bug-bounty, lock-picking village and social events all enhanced the conference experience. Participating on the Women in IT panel was a wonderful experience, as many women were in attendance and participated in collaborative discussions. OWASP Appsec held in NY this year, was a premier NY conference not to be missed. Thank you to OWASP, its attendees and organizers."
|}
 

'''Nancy Lornston, 2013 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Nancy Lorntson Small.jpg|100px]]
| align="justify" |"AppSec 2013 was an awesome experience! Nowhere in the world can you find the top security experts all in one place at one time (and participate in a marriage proposal!). The conference presentations were well organized and the speakers were prepared to share pros, cons, successes and failures of their work in order to advance the application security domain. The variety of vendors was terrific as well.

The Women in AppSec panel was an opportunity to advance women's position in the community. Each speaker shared some very candid remarks about their personal experiences and by the end, it was clear that while more work needs to be done, there is a sincere interest by companies, universities and the industry in general to work on doing the things needed to attract more women to the profession.

The training course I attended (Open source tools) lived up to it's billing and I came away with several invaluable tips and strategies to improve our program.

A huge thank you to the Women in App Sec Panel and OWASP in general for this opportunity to attend the premier Application Security Conference in the world."
|}
 

'''Tara Wilson, 2011 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Tara wilson.jpg|100px]]
| align="justify" |“Being fortunate enough to receive the Women in AppSec sponsorhsip is a unique and valuable experience. It is a great opportunity for women to have a chance to bolster their skills and dive deep into the world of application security. I found that attending the conference was not only a great way to experience what the OWASP community has to offer, but it also gives students a chance to network with a great group of people who are passionate about their field and willing to share a wealth of information.”
|}
 

'''Chandni Bhowmik, 2011 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Chandni_bhowmik.jpg|100px]]
| align="justify" |Chandni Bhowmik is currently completing an M.S. in Computer Security and Information Assurance at the Rochester Institute of Technology (RIT). Her first introduction to OWASP was through the project WebScarab during an application security lab last spring at RIT and her interest in OWASP grew ever since. Over the summer, she started programming open source web applications using built-in security features of Django and Python. She is interested in becoming an information security researcher, and hopes to leverage learning at OWASP AppSec USA 2011 in ad-hoc architecture, mobile platforms and over-all concepts of web application security. Besides secure programming, Chandni enjoys her current research involving digital image forensics and machine learning. In addition to attending school, she has interned in IT security and compliance at Paychex, a Rochester based payroll processing company, and gained industrial experience working an assistant systems engineer for Tata Consultancy Services, a global IT firm.
|}
 

=WIA SPONSORS=
==Our Sponsors==
We'd like to offer a warm thanks to the individuals and organizations that have sponsored the OWASP Women in Technology project. 
==Diamond Sponsors==
==Platinum Sponsors==
==Gold Sponsors==
==Silver Sponsors==
'''Netherlands OWASP Chapter''' 
'''Dublin-Ireland OWASP Chapter''' ‎[[File:Owasp_logo_ireland_small.jpg ‎]] 
'''OWASP Los Angeles''' [[File:New_OWASP_LA_Logo-08-2014.jpg]]

=SPONSOR WIA=
==Sponsor WIA==
We'd like to offer a warm thanks to the individuals and organizations that have sponsored the OWASP Women in Technology project. If your organization would like to discuss sponsorship, please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information. 

'''Sponsorship Packages for AppSec USA 2015:''' 
'''Silver:''' Donate $500 or more, get your company name and logo on the WIA Wiki Sponsorship Tab from now until June 2016. (10 sponsorships available) 
'''Gold:''' Donate $1500 or more, get your company name and logo on the WIA Wiki Sponsorship Tab from now until June 2016 and put your literature on the table in the WIA meeting room at AppSec USA (8 sponsorships available). 
'''Platinum:''' Donate $2500 or more, all of the above place a banner stand in the WIA meeting room at AppSec USA and have your company logo/social handle on the screen at the WIA session. (5 Sponsorships available). 
'''Diamond:''' Donate $3500 or more, all of the above plus introduce the WIA speakers at the AppSec USA WIA session. (1 Sponsorship available).

=CONTACT US=

==Contact Us==

If you are interested in another piece of OWASP design for your event or project, please let us know by using the [http://owasp4.owasp.org/contactus.html OWASP Contact Us form].

<headertabs />

Women In AppSec

2015-08-14T16:01:10Z

Kerryjorichards: /* WIA SPONSORS */

=WELCOME=

==Women in Application Security Program==

The purpose of the Women in AppSec Program is to increase the participation of women in the field of application security. The program was successfully launched in 2011 at AppSec USA, and the aim is to run the program at every OWASP Global AppSec going forward. Most recently, at AppSec EU in Amsterndam in May 2015, a program with the theme "Women in AppSec - Making it Happen" was launched and both a panel and a workshop were included at the event.

The Women in AppSec program is for any OWASP member who believes that diversity is important to the success of the organization, as well as for women looking to learn more about AppSec or who want to make career connections with like-minded colleagues. This includes female undergraduate and graduate students, instructors, and professionals who are dedicated to information security or application development.

'''AppSec USA 2015''' 
Currently, there is an effort to plan activities for AppSec USA 2015. Volunteers are eagerly sought to support the program at AppSec USA! We are especially excited to invite the founders of the '''InfoSec Girls''' initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world. '''Donate now:''' 

<paypal>Women In AppSec</paypal>

'''Want to find out more?''' Join the weekly meeting - reach out via the [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support].

Regional conferences are also encouraged to host the Women in AppSec program. Contact us via the [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support] to discuss how to successfully run a program at your event.

{|
|-
! width="400" align="left" |
! width="400" align="left" |
|-
| align="left" | [[Image:WiAAPAC3.jpg| left|330px]] 
| align="left" | [[Image:IMG_5579.JPG|left|325px]]
| align="left" | [[Image:WiAAPAC2.jpg|left|330px]]

|}

==Contact Us==

If you are interested in another piece of OWASP design for your event or project, please let us know by using the [http://owasp4.owasp.org/contactus.html OWASP Contact Us form].

==Links==
*[https://www.isc2.org/PressReleaseDetails.aspx?id=11240 (ISC)²® Report Reveals Women's Perspective and Skills are Transforming the Information Security Industry October 29, 2013].

*[https://www.youtube.com/watch?v=62i4o15NbgA&list=PLpr-xdpM8wG8ODR2zWs06JkMmlRiLyBXU&index=42 Women in AppSec Panel at AppSec USA 2013: Women in Information Security: Who Are We? Where Are We Going? Why? -- Joan Goodchild (Audio Only)]

=ABOUT THE PROGRAM=

The OWASP Foundation, in recognition of value to both organizations and society, is working to support and enhance programs that increase the participation of women in the field of information and application security. The OWASP Foundation Women in AppSec Program provides merit-based funding for women to attend participating OWASP AppSec conferences. OWASP’s current program objective is to encourage female students at both the undergraduate and graduate levels, instructors, and professional working women who are dedicated to a career in information security and/or application development, to expand their skills and pursue application security. Interested applicants are encouraged to apply to the program running within their region of residence. 

'''AppSec USA 2015''' 
Join the AppSecUSA 2015 Women in AppSec Program Organizing Committee on the OWASP Women in AppSec Community Group: https://myowasp.force.com. We are planning several activities for the AppSec USA event.

We are especially excited to invite the founders of the InfoSec Girls initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world. 
'''Donate now:''' 
<paypal>Women In AppSec</paypal>

Sponsorship opportunities for commercial organizations and OWASP chapters are also available. Please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information about sponsorship packages.

=PREVIOUS WIA ACTIVITIES=

== AppSec EU 2015 ==
During AppSec EU there was a panel discussion and workshop supported by the Women in AppSec initiative. Through these sessions we hoped to encourage women to pursue a career in AppSec and help them realize it is an option for them. These sessions was be open to all so we can help build support for the women around us. Learn more here: [http://2015.appsec.eu/women-in-application-security/ http://2015.appsec.eu/women-in-application-security] 

'''Panel: "Women in AppSec - Making it Happen"''' 
During this panel session we discussed what can be done to Make it Happen for Women in AppSec going forward. What have those currently working in the field done to Make it Happen for themselves and other women; what tips and advice do they have to help you do to make a career for yourself or encourage those around you (sister, friend, daughter, etc…) to pursue a career in AppSec? What can we as professionals can do to help encourage girls to go for a career in AppSec?

'''Workshop''' 
During the workshop we introduced female attendees of the conference to what a career in App Sec can involve. We discussed application security and the many career paths available. We hope to build relationships that may lead to a mentoring program for these women.

== AppSec USA 2013 ==
Learn more about the program here: [http://2013.appsecusa.org/2013/activities/owasp-women-in-application-security-appsec-program/index.html http://2013.appsecusa.org/2013/activities/owasp-women-in-application-security-appsec-program/index.html]

==WIA Attendee Sponsorship==

In the past, when we have offered sponsorships, we have typically had two winners selected for the sponsorship award; however, the number of winners depends on how much you can afford to sponsor. We recommend that you raise $3000 USD for each winner, at least. In the past, we have given each winner a free conference pass, one free training, and free travel and accommodation to attend the event.
[[Image:IMG_5746.JPG|right|500x260px]]
Below is the list of eligibility criteria used to select WIA sponsorship winners at AppSec USA 2013.

* Has provided 2 responsive contacts as reference, and both references are familiar with the candidate, application security, and OWASP.
* Both references have provided letters of recommendation.
* Has relevant/appropriate achievement goals for attending the conference.
* Is the applicant from the region that the conference is taking place in.
* Has background in volunteering for OWASP or similar organizations.
* Has participated in one of OWASP's programs or activities?
* Is either studying, wishing to study, working in AppSec, or interested in working in AppSec.
* Has financial need.
* Is a paid OWASP member, and/or employer/school is an OWASP sponsor.
* Has an interest in exploring application security

We encourage you to create your own set of criteria that will fit the Women In AppSec that you are planning within your region. The criteria above is meant to be a guideline of what has been used in the past.

=PLANNING A WIA EVENT=
==Planning a WIA Event==

The majority of the planning involved in running the Women in AppSec Program occurs before the conference or regional event. Below, you will find a brief outline of the tasks your team will have to take on.

====Planning & Selection Team====

The first step you will need to take care of is the selection of your planning and selection team. These are the individuals that will be helping you manage the pre-event planning process and the selection of the sessions during the event. You will typically need a team of 5-6 people. The selection committee will then be broken down into several sub-teams of one to two people who will then work on sponsorship, marketing, the grading process, and the call for entries.

==== Sub-Team Roles ====

'''Sponsorship'''

Two people should be responsible for developing the materials and seeking out sponsorships for the program. They will be in charge of creating the sponsorship packages, flyers, and seeking out sponsorship from other chapters and organizations.

'''Marketing'''

At least two people should be responsible for marketing the event. Their job will consist of putting together press releases, keeping the event planners updated on progress, and
communicating progress to the overall community. They will also be responsible for getting the message out when the team is ready to start accepting applicants.

====Budget====
As mentioned above, it is up to your team to decide what it is you wish to do during the event - that will determine the budget.

====Sponsorship====
It is very important to start reaching out to the overall OWASP community and their corporate contacts as potential sponsorship leads. Develop a Sponsorship Strategy and put together a sponsorship flyer outlining the program, what you are seeking, and the benefits of sponsorship. Give incentive for sponsorship and details about the program to get potential sponsors interested. Make sure to include the successes of past Women in AppSec conference events. Once you have your materials and sponsorship packages sorted, you can get started with sponsorship seeking activities.

==During the conference==
Be sure the engage the women attending the conference in the sessions you have organized: encourage them to not only attend but to be active participants. It's not all about the women try and encourage some men to get involved and attend also, for this initiative to be successful it must be inclusive.

==Post-Conference==

After the conference, it is very important to gather feedback from the participants to make sure they enjoyed the experience. Ask them for a brief description about their experience, with a picture attached for the website. Then write up a review and lessons learned page to document the experience with the program. Make sure to include what can be improved upon in the future.

==Global AppSec Conferences==

[[Image:Appsec_APAC.jpg|right|x375px]]
OWASP AppSec conferences bring together industry, government, security researchers, and practitioners to discuss the state of the art in software security. This series was launched in the United States in 2004 and Europe in 2005. Global AppSec conferences are held annually in North America, Latin America, Europe, and Asia Pacific. Additionally, regional events are held in locations such as Brazil, China, India, Ireland, Israel, and Washington D.C just to name a few. The aim of the foundation is to bring the Women in AppSec Program to all of our regional and global events.

'''AppSec APAC'''

The AppSec APAC global conference takes place in the Asian-Pacific region. This conference is a reunion of local software security leaders, and aims to present cutting-edge ideas to attendees. OWASP events attract a worldwide audience interested in “what’s next”, and this global conference is no different. The conference is expected to draw 200-250 technologists each year from Government, Financial Services, Media, Pharmaceuticals, Healthcare, Technology, and many more. Women from the Asia-Pacific region are encouraged to apply to the program taking place during AppSec APAC.

'''AppSec EU'''

The AppSec EU global conference take place in the European region. Executives from Fortune 500 firms along with technical thought leaders such as security architects and lead developers, travel to hear the cutting-edge ideas presented by the software security industry's top talent. This conference is expected to draw 400-500 attendees each year from various regions within the Europe and beyond. Women from the European region are encouraged to apply to the program taking place during AppSec EU Research

'''AppSec Latam'''

The AppSec LATAM global conference takes place in the Latin American region. AppSec LATAM is a reunion of Latin American, software security leaders, providing a platform to discuss, participate in, and innovate within the software security industry. The conference is expected to draw 200-250 attendees from the Latin American region and beyond. Women in the Latin American region are encouraged to apply to the program taking place during AppSec LATAM.

'''AppSec USA'''

The AppSec USA global conference takes place in the North American region. AppSec USA is a world-class software security conference for technologists, auditors, risk managers, and entrepreneurs, gathering the world's top practitioner, to share the latest research and practices. This conference is expected to draw over 300 attendees within the North American region. AppSec USA is typically OWASP's biggest conference of the year so women are encouraged to apply to the program taking place during AppSec USA if they live or will be traveling from within North America.

=APPSEC USA 2015=
Planning is currently underway for AppSec USA 2015 WIA activities. We are exploring a networking room as well as other activities. Interested in getting involved? [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support].

Keep an eye on this space for more information!

==Bring the InfoSec Girls to AppSec USA 2015==
We are especially excited to invite the founders of the InfoSec Girls initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world. 
'''Donate now:''' 

<paypal>Women In AppSec</paypal> 

'''About InfoSec Girls''' 
Based in India, [https://infosecgirls.in/ InfoSec Girls] educates women about information security both at the community level and as a career option. Their kickoff event at C0c0n 2014 in Kochi, Kerala attracted 130 women and was the first event of it’s kind in the region.

Founders Apoorva Giri and Shruthi Kamath have spoken extensively on cybersecurity and women’s issues in India. Their efforts to bring awareness of cybersecurity to a wider audience has empowered women and girls to consider security careers as well as protect themselves online. They are also members of OWASP WIA.

At AppSec USA in September, they will inspire and inform your organization’s diversity and education programs, as well as give individual OWASP members ideas on how they can contribute to the application security education effort. 

'''Sponsorship opportunities''' 
Sponsorship opportunities for commercial organizations and OWASP chapters are also available. Please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information about sponsorship packages.

=PAST WINNERS=
==Previous Women in AppSec Winners==
Following their experience at AppSec, winners are encouraged to write a short piece about their experience at the conference and their participation in the Women in AppSec program. Here, they outline their experience with the Women in AppSec Program in their own words.

'''Carrie Schaper, 2013 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Carrie Schaper Small.jpg|100px]]
| align="justify" |"OWASP Appsec proved to be a great experience for me, uniting and interacting with friends, professionals, and colleagues from the Information Security space from across the US and Internationally whom were in attendance. The huge space and well organized functions such as the: trainings, expert talks, panels, bug-bounty, lock-picking village and social events all enhanced the conference experience. Participating on the Women in IT panel was a wonderful experience, as many women were in attendance and participated in collaborative discussions. OWASP Appsec held in NY this year, was a premier NY conference not to be missed. Thank you to OWASP, its attendees and organizers."
|}
 

'''Nancy Lornston, 2013 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Nancy Lorntson Small.jpg|100px]]
| align="justify" |"AppSec 2013 was an awesome experience! Nowhere in the world can you find the top security experts all in one place at one time (and participate in a marriage proposal!). The conference presentations were well organized and the speakers were prepared to share pros, cons, successes and failures of their work in order to advance the application security domain. The variety of vendors was terrific as well.

The Women in AppSec panel was an opportunity to advance women's position in the community. Each speaker shared some very candid remarks about their personal experiences and by the end, it was clear that while more work needs to be done, there is a sincere interest by companies, universities and the industry in general to work on doing the things needed to attract more women to the profession.

The training course I attended (Open source tools) lived up to it's billing and I came away with several invaluable tips and strategies to improve our program.

A huge thank you to the Women in App Sec Panel and OWASP in general for this opportunity to attend the premier Application Security Conference in the world."
|}
 

'''Tara Wilson, 2011 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Tara wilson.jpg|100px]]
| align="justify" |“Being fortunate enough to receive the Women in AppSec sponsorhsip is a unique and valuable experience. It is a great opportunity for women to have a chance to bolster their skills and dive deep into the world of application security. I found that attending the conference was not only a great way to experience what the OWASP community has to offer, but it also gives students a chance to network with a great group of people who are passionate about their field and willing to share a wealth of information.”
|}
 

'''Chandni Bhowmik, 2011 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Chandni_bhowmik.jpg|100px]]
| align="justify" |Chandni Bhowmik is currently completing an M.S. in Computer Security and Information Assurance at the Rochester Institute of Technology (RIT). Her first introduction to OWASP was through the project WebScarab during an application security lab last spring at RIT and her interest in OWASP grew ever since. Over the summer, she started programming open source web applications using built-in security features of Django and Python. She is interested in becoming an information security researcher, and hopes to leverage learning at OWASP AppSec USA 2011 in ad-hoc architecture, mobile platforms and over-all concepts of web application security. Besides secure programming, Chandni enjoys her current research involving digital image forensics and machine learning. In addition to attending school, she has interned in IT security and compliance at Paychex, a Rochester based payroll processing company, and gained industrial experience working an assistant systems engineer for Tata Consultancy Services, a global IT firm.
|}
 

=WIA SPONSORS=
==Our Sponsors==
We'd like to offer a warm thanks to the individuals and organizations that have sponsored the OWASP Women in Technology project. 
'''Diamond Sponsors''' 
'''Platinum Sponsors''' 
'''Gold Sponsors''' 
'''Silver Sponsors''' 
Netherlands OWASP Chapter

=SPONSOR WIA=
==Sponsor WIA==
We'd like to offer a warm thanks to the individuals and organizations that have sponsored the OWASP Women in Technology project. If your organization would like to discuss sponsorship, please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information. 

'''Sponsorship Packages for AppSec USA 2015:''' 
'''Silver:''' Donate $500 or more, get your company name and logo on the WIA Wiki Sponsorship Tab from now until June 2016. (10 sponsorships available) 
'''Gold:''' Donate $1500 or more, get your company name and logo on the WIA Wiki Sponsorship Tab from now until June 2016 and put your literature on the table in the WIA meeting room at AppSec USA (8 sponsorships available). 
'''Platinum:''' Donate $2500 or more, all of the above place a banner stand in the WIA meeting room at AppSec USA and have your company logo/social handle on the screen at the WIA session. (5 Sponsorships available). 
'''Diamond:''' Donate $3500 or more, all of the above plus introduce the WIA speakers at the AppSec USA WIA session. (1 Sponsorship available).

=CONTACT US=

==Contact Us==

If you are interested in another piece of OWASP design for your event or project, please let us know by using the [http://owasp4.owasp.org/contactus.html OWASP Contact Us form].

<headertabs />

Women In AppSec

2015-08-03T17:51:08Z

Kerryjorichards: /* APPSEC USA 2015 */

=WELCOME=

==Women in Application Security Program==

The purpose of the Women in AppSec Program is to increase the participation of women in the field of application security. The program was successfully launched in 2011 at AppSec USA, and the aim is to run the program at every OWASP Global AppSec going forward. Most recently, at AppSec EU in Amsterndam in May 2015, a program with the theme "Women in AppSec - Making it Happen" was launched and both a panel and a workshop were included at the event.

The Women in AppSec program is for any OWASP member who believes that diversity is important to the success of the organization, as well as for women looking to learn more about AppSec or who want to make career connections with like-minded colleagues. This includes female undergraduate and graduate students, instructors, and professionals who are dedicated to information security or application development.

'''AppSec USA 2015''' 
Currently, there is an effort to plan activities for AppSec USA 2015. Volunteers are eagerly sought to support the program at AppSec USA! We are especially excited to invite the founders of the '''InfoSec Girls''' initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world. '''Donate now:''' 

<paypal>Women In AppSec</paypal>

'''Want to find out more?''' Join the weekly meeting - reach out via the [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support].

Regional conferences are also encouraged to host the Women in AppSec program. Contact us via the [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support] to discuss how to successfully run a program at your event.

{|
|-
! width="400" align="left" |
! width="400" align="left" |
|-
| align="left" | [[Image:WiAAPAC3.jpg| left|330px]] 
| align="left" | [[Image:IMG_5579.JPG|left|325px]]
| align="left" | [[Image:WiAAPAC2.jpg|left|330px]]

|}

==Contact Us==

If you are interested in another piece of OWASP design for your event or project, please let us know by using the [http://owasp4.owasp.org/contactus.html OWASP Contact Us form].

==Links==
*[https://www.isc2.org/PressReleaseDetails.aspx?id=11240 (ISC)²® Report Reveals Women's Perspective and Skills are Transforming the Information Security Industry October 29, 2013].

*[https://www.youtube.com/watch?v=62i4o15NbgA&list=PLpr-xdpM8wG8ODR2zWs06JkMmlRiLyBXU&index=42 Women in AppSec Panel at AppSec USA 2013: Women in Information Security: Who Are We? Where Are We Going? Why? -- Joan Goodchild (Audio Only)]

=ABOUT THE PROGRAM=

The OWASP Foundation, in recognition of value to both organizations and society, is working to support and enhance programs that increase the participation of women in the field of information and application security. The OWASP Foundation Women in AppSec Program provides merit-based funding for women to attend participating OWASP AppSec conferences. OWASP’s current program objective is to encourage female students at both the undergraduate and graduate levels, instructors, and professional working women who are dedicated to a career in information security and/or application development, to expand their skills and pursue application security. Interested applicants are encouraged to apply to the program running within their region of residence. 

'''AppSec USA 2015''' 
Join the AppSecUSA 2015 Women in AppSec Program Organizing Committee on the OWASP Women in AppSec Community Group: https://myowasp.force.com. We are planning several activities for the AppSec USA event.

We are especially excited to invite the founders of the InfoSec Girls initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world. 
'''Donate now:''' 
<paypal>Women In AppSec</paypal>

Sponsorship opportunities for commercial organizations and OWASP chapters are also available. Please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information about sponsorship packages.

=PREVIOUS WIA ACTIVITIES=

== AppSec EU 2015 ==
During AppSec EU there was a panel discussion and workshop supported by the Women in AppSec initiative. Through these sessions we hoped to encourage women to pursue a career in AppSec and help them realize it is an option for them. These sessions was be open to all so we can help build support for the women around us. Learn more here: [http://2015.appsec.eu/women-in-application-security/ http://2015.appsec.eu/women-in-application-security] 

'''Panel: "Women in AppSec - Making it Happen"''' 
During this panel session we discussed what can be done to Make it Happen for Women in AppSec going forward. What have those currently working in the field done to Make it Happen for themselves and other women; what tips and advice do they have to help you do to make a career for yourself or encourage those around you (sister, friend, daughter, etc…) to pursue a career in AppSec? What can we as professionals can do to help encourage girls to go for a career in AppSec?

'''Workshop''' 
During the workshop we introduced female attendees of the conference to what a career in App Sec can involve. We discussed application security and the many career paths available. We hope to build relationships that may lead to a mentoring program for these women.

== AppSec USA 2013 ==
Learn more about the program here: [http://2013.appsecusa.org/2013/activities/owasp-women-in-application-security-appsec-program/index.html http://2013.appsecusa.org/2013/activities/owasp-women-in-application-security-appsec-program/index.html]

==WIA Attendee Sponsorship==

In the past, when we have offered sponsorships, we have typically had two winners selected for the sponsorship award; however, the number of winners depends on how much you can afford to sponsor. We recommend that you raise $3000 USD for each winner, at least. In the past, we have given each winner a free conference pass, one free training, and free travel and accommodation to attend the event.
[[Image:IMG_5746.JPG|right|500x260px]]
Below is the list of eligibility criteria used to select WIA sponsorship winners at AppSec USA 2013.

* Has provided 2 responsive contacts as reference, and both references are familiar with the candidate, application security, and OWASP.
* Both references have provided letters of recommendation.
* Has relevant/appropriate achievement goals for attending the conference.
* Is the applicant from the region that the conference is taking place in.
* Has background in volunteering for OWASP or similar organizations.
* Has participated in one of OWASP's programs or activities?
* Is either studying, wishing to study, working in AppSec, or interested in working in AppSec.
* Has financial need.
* Is a paid OWASP member, and/or employer/school is an OWASP sponsor.
* Has an interest in exploring application security

We encourage you to create your own set of criteria that will fit the Women In AppSec that you are planning within your region. The criteria above is meant to be a guideline of what has been used in the past.

=PLANNING A WIA EVENT=
==Planning a WIA Event==

The majority of the planning involved in running the Women in AppSec Program occurs before the conference or regional event. Below, you will find a brief outline of the tasks your team will have to take on.

====Planning & Selection Team====

The first step you will need to take care of is the selection of your planning and selection team. These are the individuals that will be helping you manage the pre-event planning process and the selection of the sessions during the event. You will typically need a team of 5-6 people. The selection committee will then be broken down into several sub-teams of one to two people who will then work on sponsorship, marketing, the grading process, and the call for entries.

==== Sub-Team Roles ====

'''Sponsorship'''

Two people should be responsible for developing the materials and seeking out sponsorships for the program. They will be in charge of creating the sponsorship packages, flyers, and seeking out sponsorship from other chapters and organizations.

'''Marketing'''

At least two people should be responsible for marketing the event. Their job will consist of putting together press releases, keeping the event planners updated on progress, and
communicating progress to the overall community. They will also be responsible for getting the message out when the team is ready to start accepting applicants.

====Budget====
As mentioned above, it is up to your team to decide what it is you wish to do during the event - that will determine the budget.

====Sponsorship====
It is very important to start reaching out to the overall OWASP community and their corporate contacts as potential sponsorship leads. Develop a Sponsorship Strategy and put together a sponsorship flyer outlining the program, what you are seeking, and the benefits of sponsorship. Give incentive for sponsorship and details about the program to get potential sponsors interested. Make sure to include the successes of past Women in AppSec conference events. Once you have your materials and sponsorship packages sorted, you can get started with sponsorship seeking activities.

==During the conference==
Be sure the engage the women attending the conference in the sessions you have organized: encourage them to not only attend but to be active participants. It's not all about the women try and encourage some men to get involved and attend also, for this initiative to be successful it must be inclusive.

==Post-Conference==

After the conference, it is very important to gather feedback from the participants to make sure they enjoyed the experience. Ask them for a brief description about their experience, with a picture attached for the website. Then write up a review and lessons learned page to document the experience with the program. Make sure to include what can be improved upon in the future.

==Global AppSec Conferences==

[[Image:Appsec_APAC.jpg|right|x375px]]
OWASP AppSec conferences bring together industry, government, security researchers, and practitioners to discuss the state of the art in software security. This series was launched in the United States in 2004 and Europe in 2005. Global AppSec conferences are held annually in North America, Latin America, Europe, and Asia Pacific. Additionally, regional events are held in locations such as Brazil, China, India, Ireland, Israel, and Washington D.C just to name a few. The aim of the foundation is to bring the Women in AppSec Program to all of our regional and global events.

'''AppSec APAC'''

The AppSec APAC global conference takes place in the Asian-Pacific region. This conference is a reunion of local software security leaders, and aims to present cutting-edge ideas to attendees. OWASP events attract a worldwide audience interested in “what’s next”, and this global conference is no different. The conference is expected to draw 200-250 technologists each year from Government, Financial Services, Media, Pharmaceuticals, Healthcare, Technology, and many more. Women from the Asia-Pacific region are encouraged to apply to the program taking place during AppSec APAC.

'''AppSec EU'''

The AppSec EU global conference take place in the European region. Executives from Fortune 500 firms along with technical thought leaders such as security architects and lead developers, travel to hear the cutting-edge ideas presented by the software security industry's top talent. This conference is expected to draw 400-500 attendees each year from various regions within the Europe and beyond. Women from the European region are encouraged to apply to the program taking place during AppSec EU Research

'''AppSec Latam'''

The AppSec LATAM global conference takes place in the Latin American region. AppSec LATAM is a reunion of Latin American, software security leaders, providing a platform to discuss, participate in, and innovate within the software security industry. The conference is expected to draw 200-250 attendees from the Latin American region and beyond. Women in the Latin American region are encouraged to apply to the program taking place during AppSec LATAM.

'''AppSec USA'''

The AppSec USA global conference takes place in the North American region. AppSec USA is a world-class software security conference for technologists, auditors, risk managers, and entrepreneurs, gathering the world's top practitioner, to share the latest research and practices. This conference is expected to draw over 300 attendees within the North American region. AppSec USA is typically OWASP's biggest conference of the year so women are encouraged to apply to the program taking place during AppSec USA if they live or will be traveling from within North America.

=APPSEC USA 2015=
Planning is currently underway for AppSec USA 2015 WIA activities. We are exploring a networking room as well as other activities. Interested in getting involved? [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support].

Keep an eye on this space for more information!

==Bring the InfoSec Girls to AppSec USA 2015==
We are especially excited to invite the founders of the InfoSec Girls initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world. 
'''Donate now:''' 

<paypal>Women In AppSec</paypal> 

'''About InfoSec Girls''' 
Based in India, [https://infosecgirls.in/ InfoSec Girls] educates women about information security both at the community level and as a career option. Their kickoff event at C0c0n 2014 in Kochi, Kerala attracted 130 women and was the first event of it’s kind in the region.

Founders Apoorva Giri and Shruthi Kamath have spoken extensively on cybersecurity and women’s issues in India. Their efforts to bring awareness of cybersecurity to a wider audience has empowered women and girls to consider security careers as well as protect themselves online. They are also members of OWASP WIA.

At AppSec USA in September, they will inspire and inform your organization’s diversity and education programs, as well as give individual OWASP members ideas on how they can contribute to the application security education effort. 

'''Sponsorship opportunities''' 
Sponsorship opportunities for commercial organizations and OWASP chapters are also available. Please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information about sponsorship packages.

=PAST WINNERS=
==Previous Women in AppSec Winners==
Following their experience at AppSec, winners are encouraged to write a short piece about their experience at the conference and their participation in the Women in AppSec program. Here, they outline their experience with the Women in AppSec Program in their own words.

'''Carrie Schaper, 2013 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Carrie Schaper Small.jpg|100px]]
| align="justify" |"OWASP Appsec proved to be a great experience for me, uniting and interacting with friends, professionals, and colleagues from the Information Security space from across the US and Internationally whom were in attendance. The huge space and well organized functions such as the: trainings, expert talks, panels, bug-bounty, lock-picking village and social events all enhanced the conference experience. Participating on the Women in IT panel was a wonderful experience, as many women were in attendance and participated in collaborative discussions. OWASP Appsec held in NY this year, was a premier NY conference not to be missed. Thank you to OWASP, its attendees and organizers."
|}
 

'''Nancy Lornston, 2013 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Nancy Lorntson Small.jpg|100px]]
| align="justify" |"AppSec 2013 was an awesome experience! Nowhere in the world can you find the top security experts all in one place at one time (and participate in a marriage proposal!). The conference presentations were well organized and the speakers were prepared to share pros, cons, successes and failures of their work in order to advance the application security domain. The variety of vendors was terrific as well.

The Women in AppSec panel was an opportunity to advance women's position in the community. Each speaker shared some very candid remarks about their personal experiences and by the end, it was clear that while more work needs to be done, there is a sincere interest by companies, universities and the industry in general to work on doing the things needed to attract more women to the profession.

The training course I attended (Open source tools) lived up to it's billing and I came away with several invaluable tips and strategies to improve our program.

A huge thank you to the Women in App Sec Panel and OWASP in general for this opportunity to attend the premier Application Security Conference in the world."
|}
 

'''Tara Wilson, 2011 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Tara wilson.jpg|100px]]
| align="justify" |“Being fortunate enough to receive the Women in AppSec sponsorhsip is a unique and valuable experience. It is a great opportunity for women to have a chance to bolster their skills and dive deep into the world of application security. I found that attending the conference was not only a great way to experience what the OWASP community has to offer, but it also gives students a chance to network with a great group of people who are passionate about their field and willing to share a wealth of information.”
|}
 

'''Chandni Bhowmik, 2011 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Chandni_bhowmik.jpg|100px]]
| align="justify" |Chandni Bhowmik is currently completing an M.S. in Computer Security and Information Assurance at the Rochester Institute of Technology (RIT). Her first introduction to OWASP was through the project WebScarab during an application security lab last spring at RIT and her interest in OWASP grew ever since. Over the summer, she started programming open source web applications using built-in security features of Django and Python. She is interested in becoming an information security researcher, and hopes to leverage learning at OWASP AppSec USA 2011 in ad-hoc architecture, mobile platforms and over-all concepts of web application security. Besides secure programming, Chandni enjoys her current research involving digital image forensics and machine learning. In addition to attending school, she has interned in IT security and compliance at Paychex, a Rochester based payroll processing company, and gained industrial experience working an assistant systems engineer for Tata Consultancy Services, a global IT firm.
|}
 

=WIA SPONSORS=
==Our Sponsors==
We'd like to offer a warm thanks to the individuals and organizations that have sponsored the OWASP Women in Technology project. 
'''Diamond Sponsors''' 
'''Platinum Sponsors''' 
'''Gold Sponsors''' 
'''Silver Sponsors''' 

=SPONSOR WIA=
==Sponsor WIA==
We'd like to offer a warm thanks to the individuals and organizations that have sponsored the OWASP Women in Technology project. If your organization would like to discuss sponsorship, please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information. 

'''Sponsorship Packages for AppSec USA 2015:''' 
'''Silver:''' Donate $500 or more, get your company name and logo on the WIA Wiki Sponsorship Tab from now until June 2016. (10 sponsorships available) 
'''Gold:''' Donate $1500 or more, get your company name and logo on the WIA Wiki Sponsorship Tab from now until June 2016 and put your literature on the table in the WIA meeting room at AppSec USA (8 sponsorships available). 
'''Platinum:''' Donate $2500 or more, all of the above place a banner stand in the WIA meeting room at AppSec USA and have your company logo/social handle on the screen at the WIA session. (5 Sponsorships available). 
'''Diamond:''' Donate $3500 or more, all of the above plus introduce the WIA speakers at the AppSec USA WIA session. (1 Sponsorship available).

=CONTACT US=

==Contact Us==

If you are interested in another piece of OWASP design for your event or project, please let us know by using the [http://owasp4.owasp.org/contactus.html OWASP Contact Us form].

<headertabs />

Women In AppSec

2015-08-03T17:39:31Z

Kerryjorichards: /* APPSEC USA 2015 */

=WELCOME=

==Women in Application Security Program==

The purpose of the Women in AppSec Program is to increase the participation of women in the field of application security. The program was successfully launched in 2011 at AppSec USA, and the aim is to run the program at every OWASP Global AppSec going forward. Most recently, at AppSec EU in Amsterndam in May 2015, a program with the theme "Women in AppSec - Making it Happen" was launched and both a panel and a workshop were included at the event.

The Women in AppSec program is for any OWASP member who believes that diversity is important to the success of the organization, as well as for women looking to learn more about AppSec or who want to make career connections with like-minded colleagues. This includes female undergraduate and graduate students, instructors, and professionals who are dedicated to information security or application development.

'''AppSec USA 2015''' 
Currently, there is an effort to plan activities for AppSec USA 2015. Volunteers are eagerly sought to support the program at AppSec USA! We are especially excited to invite the founders of the '''InfoSec Girls''' initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world. '''Donate now:''' 

<paypal>Women In AppSec</paypal>

'''Want to find out more?''' Join the weekly meeting - reach out via the [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support].

Regional conferences are also encouraged to host the Women in AppSec program. Contact us via the [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support] to discuss how to successfully run a program at your event.

{|
|-
! width="400" align="left" |
! width="400" align="left" |
|-
| align="left" | [[Image:WiAAPAC3.jpg| left|330px]] 
| align="left" | [[Image:IMG_5579.JPG|left|325px]]
| align="left" | [[Image:WiAAPAC2.jpg|left|330px]]

|}

==Contact Us==

If you are interested in another piece of OWASP design for your event or project, please let us know by using the [http://owasp4.owasp.org/contactus.html OWASP Contact Us form].

==Links==
*[https://www.isc2.org/PressReleaseDetails.aspx?id=11240 (ISC)²® Report Reveals Women's Perspective and Skills are Transforming the Information Security Industry October 29, 2013].

*[https://www.youtube.com/watch?v=62i4o15NbgA&list=PLpr-xdpM8wG8ODR2zWs06JkMmlRiLyBXU&index=42 Women in AppSec Panel at AppSec USA 2013: Women in Information Security: Who Are We? Where Are We Going? Why? -- Joan Goodchild (Audio Only)]

=ABOUT THE PROGRAM=

The OWASP Foundation, in recognition of value to both organizations and society, is working to support and enhance programs that increase the participation of women in the field of information and application security. The OWASP Foundation Women in AppSec Program provides merit-based funding for women to attend participating OWASP AppSec conferences. OWASP’s current program objective is to encourage female students at both the undergraduate and graduate levels, instructors, and professional working women who are dedicated to a career in information security and/or application development, to expand their skills and pursue application security. Interested applicants are encouraged to apply to the program running within their region of residence. 

'''AppSec USA 2015''' 
Join the AppSecUSA 2015 Women in AppSec Program Organizing Committee on the OWASP Women in AppSec Community Group: https://myowasp.force.com. We are planning several activities for the AppSec USA event.

We are especially excited to invite the founders of the InfoSec Girls initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world. 
'''Donate now:''' 
<paypal>Women In AppSec</paypal>

Sponsorship opportunities for commercial organizations and OWASP chapters are also available. Please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information about sponsorship packages.

=PREVIOUS WIA ACTIVITIES=

== AppSec EU 2015 ==
During AppSec EU there was a panel discussion and workshop supported by the Women in AppSec initiative. Through these sessions we hoped to encourage women to pursue a career in AppSec and help them realize it is an option for them. These sessions was be open to all so we can help build support for the women around us. Learn more here: [http://2015.appsec.eu/women-in-application-security/ http://2015.appsec.eu/women-in-application-security] 

'''Panel: "Women in AppSec - Making it Happen"''' 
During this panel session we discussed what can be done to Make it Happen for Women in AppSec going forward. What have those currently working in the field done to Make it Happen for themselves and other women; what tips and advice do they have to help you do to make a career for yourself or encourage those around you (sister, friend, daughter, etc…) to pursue a career in AppSec? What can we as professionals can do to help encourage girls to go for a career in AppSec?

'''Workshop''' 
During the workshop we introduced female attendees of the conference to what a career in App Sec can involve. We discussed application security and the many career paths available. We hope to build relationships that may lead to a mentoring program for these women.

== AppSec USA 2013 ==
Learn more about the program here: [http://2013.appsecusa.org/2013/activities/owasp-women-in-application-security-appsec-program/index.html http://2013.appsecusa.org/2013/activities/owasp-women-in-application-security-appsec-program/index.html]

==WIA Attendee Sponsorship==

In the past, when we have offered sponsorships, we have typically had two winners selected for the sponsorship award; however, the number of winners depends on how much you can afford to sponsor. We recommend that you raise $3000 USD for each winner, at least. In the past, we have given each winner a free conference pass, one free training, and free travel and accommodation to attend the event.
[[Image:IMG_5746.JPG|right|500x260px]]
Below is the list of eligibility criteria used to select WIA sponsorship winners at AppSec USA 2013.

* Has provided 2 responsive contacts as reference, and both references are familiar with the candidate, application security, and OWASP.
* Both references have provided letters of recommendation.
* Has relevant/appropriate achievement goals for attending the conference.
* Is the applicant from the region that the conference is taking place in.
* Has background in volunteering for OWASP or similar organizations.
* Has participated in one of OWASP's programs or activities?
* Is either studying, wishing to study, working in AppSec, or interested in working in AppSec.
* Has financial need.
* Is a paid OWASP member, and/or employer/school is an OWASP sponsor.
* Has an interest in exploring application security

We encourage you to create your own set of criteria that will fit the Women In AppSec that you are planning within your region. The criteria above is meant to be a guideline of what has been used in the past.

=PLANNING A WIA EVENT=
==Planning a WIA Event==

The majority of the planning involved in running the Women in AppSec Program occurs before the conference or regional event. Below, you will find a brief outline of the tasks your team will have to take on.

====Planning & Selection Team====

The first step you will need to take care of is the selection of your planning and selection team. These are the individuals that will be helping you manage the pre-event planning process and the selection of the sessions during the event. You will typically need a team of 5-6 people. The selection committee will then be broken down into several sub-teams of one to two people who will then work on sponsorship, marketing, the grading process, and the call for entries.

==== Sub-Team Roles ====

'''Sponsorship'''

Two people should be responsible for developing the materials and seeking out sponsorships for the program. They will be in charge of creating the sponsorship packages, flyers, and seeking out sponsorship from other chapters and organizations.

'''Marketing'''

At least two people should be responsible for marketing the event. Their job will consist of putting together press releases, keeping the event planners updated on progress, and
communicating progress to the overall community. They will also be responsible for getting the message out when the team is ready to start accepting applicants.

====Budget====
As mentioned above, it is up to your team to decide what it is you wish to do during the event - that will determine the budget.

====Sponsorship====
It is very important to start reaching out to the overall OWASP community and their corporate contacts as potential sponsorship leads. Develop a Sponsorship Strategy and put together a sponsorship flyer outlining the program, what you are seeking, and the benefits of sponsorship. Give incentive for sponsorship and details about the program to get potential sponsors interested. Make sure to include the successes of past Women in AppSec conference events. Once you have your materials and sponsorship packages sorted, you can get started with sponsorship seeking activities.

==During the conference==
Be sure the engage the women attending the conference in the sessions you have organized: encourage them to not only attend but to be active participants. It's not all about the women try and encourage some men to get involved and attend also, for this initiative to be successful it must be inclusive.

==Post-Conference==

After the conference, it is very important to gather feedback from the participants to make sure they enjoyed the experience. Ask them for a brief description about their experience, with a picture attached for the website. Then write up a review and lessons learned page to document the experience with the program. Make sure to include what can be improved upon in the future.

==Global AppSec Conferences==

[[Image:Appsec_APAC.jpg|right|x375px]]
OWASP AppSec conferences bring together industry, government, security researchers, and practitioners to discuss the state of the art in software security. This series was launched in the United States in 2004 and Europe in 2005. Global AppSec conferences are held annually in North America, Latin America, Europe, and Asia Pacific. Additionally, regional events are held in locations such as Brazil, China, India, Ireland, Israel, and Washington D.C just to name a few. The aim of the foundation is to bring the Women in AppSec Program to all of our regional and global events.

'''AppSec APAC'''

The AppSec APAC global conference takes place in the Asian-Pacific region. This conference is a reunion of local software security leaders, and aims to present cutting-edge ideas to attendees. OWASP events attract a worldwide audience interested in “what’s next”, and this global conference is no different. The conference is expected to draw 200-250 technologists each year from Government, Financial Services, Media, Pharmaceuticals, Healthcare, Technology, and many more. Women from the Asia-Pacific region are encouraged to apply to the program taking place during AppSec APAC.

'''AppSec EU'''

The AppSec EU global conference take place in the European region. Executives from Fortune 500 firms along with technical thought leaders such as security architects and lead developers, travel to hear the cutting-edge ideas presented by the software security industry's top talent. This conference is expected to draw 400-500 attendees each year from various regions within the Europe and beyond. Women from the European region are encouraged to apply to the program taking place during AppSec EU Research

'''AppSec Latam'''

The AppSec LATAM global conference takes place in the Latin American region. AppSec LATAM is a reunion of Latin American, software security leaders, providing a platform to discuss, participate in, and innovate within the software security industry. The conference is expected to draw 200-250 attendees from the Latin American region and beyond. Women in the Latin American region are encouraged to apply to the program taking place during AppSec LATAM.

'''AppSec USA'''

The AppSec USA global conference takes place in the North American region. AppSec USA is a world-class software security conference for technologists, auditors, risk managers, and entrepreneurs, gathering the world's top practitioner, to share the latest research and practices. This conference is expected to draw over 300 attendees within the North American region. AppSec USA is typically OWASP's biggest conference of the year so women are encouraged to apply to the program taking place during AppSec USA if they live or will be traveling from within North America.

=APPSEC USA 2015=
Planning is currently underway for AppSec USA 2015 WIA activities. We are exploring a networking room as well as other activities. Interested in getting involved? [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support].

Keep an eye on this space for more information!

==Bring the InfoSec Girls to AppSec USA 2015==
We are especially excited to invite the founders of the InfoSec Girls initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world. 
'''Donate now:''' 

<paypal>Women In AppSec</paypal> 

'''About InfoSec Girls''' 
Based in India, [https://infosecgirls.in/ InfoSec Girls] educates women about information security both at the community level and as a career option. Their kickoff event at C0c0n 2014 in Kochi, Kerala attracted 130 women and was the first event of it’s kind in the region.

Founders Apoorva Giri and Shruthi Kamath have spoken extensively on cybersecurity and women’s issues in India. Their efforts to bring awareness of cybersecurity to a wider audience has empowered women and girls to consider security careers as well as protect themselves online. They are also members of OWASP WIA.

At AppSec USA in September, they will inspire and inform your organization’s diversity and education programs, as well as give individual OWASP members ideas on how they can contribute to the application security education effort.

Sponsorship opportunities for commercial organizations and OWASP chapters are also available. Please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information about sponsorship packages.

=PAST WINNERS=
==Previous Women in AppSec Winners==
Following their experience at AppSec, winners are encouraged to write a short piece about their experience at the conference and their participation in the Women in AppSec program. Here, they outline their experience with the Women in AppSec Program in their own words.

'''Carrie Schaper, 2013 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Carrie Schaper Small.jpg|100px]]
| align="justify" |"OWASP Appsec proved to be a great experience for me, uniting and interacting with friends, professionals, and colleagues from the Information Security space from across the US and Internationally whom were in attendance. The huge space and well organized functions such as the: trainings, expert talks, panels, bug-bounty, lock-picking village and social events all enhanced the conference experience. Participating on the Women in IT panel was a wonderful experience, as many women were in attendance and participated in collaborative discussions. OWASP Appsec held in NY this year, was a premier NY conference not to be missed. Thank you to OWASP, its attendees and organizers."
|}
 

'''Nancy Lornston, 2013 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Nancy Lorntson Small.jpg|100px]]
| align="justify" |"AppSec 2013 was an awesome experience! Nowhere in the world can you find the top security experts all in one place at one time (and participate in a marriage proposal!). The conference presentations were well organized and the speakers were prepared to share pros, cons, successes and failures of their work in order to advance the application security domain. The variety of vendors was terrific as well.

The Women in AppSec panel was an opportunity to advance women's position in the community. Each speaker shared some very candid remarks about their personal experiences and by the end, it was clear that while more work needs to be done, there is a sincere interest by companies, universities and the industry in general to work on doing the things needed to attract more women to the profession.

The training course I attended (Open source tools) lived up to it's billing and I came away with several invaluable tips and strategies to improve our program.

A huge thank you to the Women in App Sec Panel and OWASP in general for this opportunity to attend the premier Application Security Conference in the world."
|}
 

'''Tara Wilson, 2011 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Tara wilson.jpg|100px]]
| align="justify" |“Being fortunate enough to receive the Women in AppSec sponsorhsip is a unique and valuable experience. It is a great opportunity for women to have a chance to bolster their skills and dive deep into the world of application security. I found that attending the conference was not only a great way to experience what the OWASP community has to offer, but it also gives students a chance to network with a great group of people who are passionate about their field and willing to share a wealth of information.”
|}
 

'''Chandni Bhowmik, 2011 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Chandni_bhowmik.jpg|100px]]
| align="justify" |Chandni Bhowmik is currently completing an M.S. in Computer Security and Information Assurance at the Rochester Institute of Technology (RIT). Her first introduction to OWASP was through the project WebScarab during an application security lab last spring at RIT and her interest in OWASP grew ever since. Over the summer, she started programming open source web applications using built-in security features of Django and Python. She is interested in becoming an information security researcher, and hopes to leverage learning at OWASP AppSec USA 2011 in ad-hoc architecture, mobile platforms and over-all concepts of web application security. Besides secure programming, Chandni enjoys her current research involving digital image forensics and machine learning. In addition to attending school, she has interned in IT security and compliance at Paychex, a Rochester based payroll processing company, and gained industrial experience working an assistant systems engineer for Tata Consultancy Services, a global IT firm.
|}
 

=WIA SPONSORS=
==Our Sponsors==
We'd like to offer a warm thanks to the individuals and organizations that have sponsored the OWASP Women in Technology project. 
'''Diamond Sponsors''' 
'''Platinum Sponsors''' 
'''Gold Sponsors''' 
'''Silver Sponsors''' 

=SPONSOR WIA=
==Sponsor WIA==
We'd like to offer a warm thanks to the individuals and organizations that have sponsored the OWASP Women in Technology project. If your organization would like to discuss sponsorship, please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information. 

'''Sponsorship Packages for AppSec USA 2015:''' 
'''Silver:''' Donate $500 or more, get your company name and logo on the WIA Wiki Sponsorship Tab from now until June 2016. (10 sponsorships available) 
'''Gold:''' Donate $1500 or more, get your company name and logo on the WIA Wiki Sponsorship Tab from now until June 2016 and put your literature on the table in the WIA meeting room at AppSec USA (8 sponsorships available). 
'''Platinum:''' Donate $2500 or more, all of the above place a banner stand in the WIA meeting room at AppSec USA and have your company logo/social handle on the screen at the WIA session. (5 Sponsorships available). 
'''Diamond:''' Donate $3500 or more, all of the above plus introduce the WIA speakers at the AppSec USA WIA session. (1 Sponsorship available).

=CONTACT US=

==Contact Us==

If you are interested in another piece of OWASP design for your event or project, please let us know by using the [http://owasp4.owasp.org/contactus.html OWASP Contact Us form].

<headertabs />

Women In AppSec

2015-08-03T17:39:12Z

Kerryjorichards: /* APPSEC USA 2015 */

=WELCOME=

==Women in Application Security Program==

The purpose of the Women in AppSec Program is to increase the participation of women in the field of application security. The program was successfully launched in 2011 at AppSec USA, and the aim is to run the program at every OWASP Global AppSec going forward. Most recently, at AppSec EU in Amsterndam in May 2015, a program with the theme "Women in AppSec - Making it Happen" was launched and both a panel and a workshop were included at the event.

The Women in AppSec program is for any OWASP member who believes that diversity is important to the success of the organization, as well as for women looking to learn more about AppSec or who want to make career connections with like-minded colleagues. This includes female undergraduate and graduate students, instructors, and professionals who are dedicated to information security or application development.

'''AppSec USA 2015''' 
Currently, there is an effort to plan activities for AppSec USA 2015. Volunteers are eagerly sought to support the program at AppSec USA! We are especially excited to invite the founders of the '''InfoSec Girls''' initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world. '''Donate now:''' 

<paypal>Women In AppSec</paypal>

'''Want to find out more?''' Join the weekly meeting - reach out via the [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support].

Regional conferences are also encouraged to host the Women in AppSec program. Contact us via the [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support] to discuss how to successfully run a program at your event.

{|
|-
! width="400" align="left" |
! width="400" align="left" |
|-
| align="left" | [[Image:WiAAPAC3.jpg| left|330px]] 
| align="left" | [[Image:IMG_5579.JPG|left|325px]]
| align="left" | [[Image:WiAAPAC2.jpg|left|330px]]

|}

==Contact Us==

If you are interested in another piece of OWASP design for your event or project, please let us know by using the [http://owasp4.owasp.org/contactus.html OWASP Contact Us form].

==Links==
*[https://www.isc2.org/PressReleaseDetails.aspx?id=11240 (ISC)²® Report Reveals Women's Perspective and Skills are Transforming the Information Security Industry October 29, 2013].

*[https://www.youtube.com/watch?v=62i4o15NbgA&list=PLpr-xdpM8wG8ODR2zWs06JkMmlRiLyBXU&index=42 Women in AppSec Panel at AppSec USA 2013: Women in Information Security: Who Are We? Where Are We Going? Why? -- Joan Goodchild (Audio Only)]

=ABOUT THE PROGRAM=

The OWASP Foundation, in recognition of value to both organizations and society, is working to support and enhance programs that increase the participation of women in the field of information and application security. The OWASP Foundation Women in AppSec Program provides merit-based funding for women to attend participating OWASP AppSec conferences. OWASP’s current program objective is to encourage female students at both the undergraduate and graduate levels, instructors, and professional working women who are dedicated to a career in information security and/or application development, to expand their skills and pursue application security. Interested applicants are encouraged to apply to the program running within their region of residence. 

'''AppSec USA 2015''' 
Join the AppSecUSA 2015 Women in AppSec Program Organizing Committee on the OWASP Women in AppSec Community Group: https://myowasp.force.com. We are planning several activities for the AppSec USA event.

We are especially excited to invite the founders of the InfoSec Girls initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world. 
'''Donate now:''' 
<paypal>Women In AppSec</paypal>

Sponsorship opportunities for commercial organizations and OWASP chapters are also available. Please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information about sponsorship packages.

=PREVIOUS WIA ACTIVITIES=

== AppSec EU 2015 ==
During AppSec EU there was a panel discussion and workshop supported by the Women in AppSec initiative. Through these sessions we hoped to encourage women to pursue a career in AppSec and help them realize it is an option for them. These sessions was be open to all so we can help build support for the women around us. Learn more here: [http://2015.appsec.eu/women-in-application-security/ http://2015.appsec.eu/women-in-application-security] 

'''Panel: "Women in AppSec - Making it Happen"''' 
During this panel session we discussed what can be done to Make it Happen for Women in AppSec going forward. What have those currently working in the field done to Make it Happen for themselves and other women; what tips and advice do they have to help you do to make a career for yourself or encourage those around you (sister, friend, daughter, etc…) to pursue a career in AppSec? What can we as professionals can do to help encourage girls to go for a career in AppSec?

'''Workshop''' 
During the workshop we introduced female attendees of the conference to what a career in App Sec can involve. We discussed application security and the many career paths available. We hope to build relationships that may lead to a mentoring program for these women.

== AppSec USA 2013 ==
Learn more about the program here: [http://2013.appsecusa.org/2013/activities/owasp-women-in-application-security-appsec-program/index.html http://2013.appsecusa.org/2013/activities/owasp-women-in-application-security-appsec-program/index.html]

==WIA Attendee Sponsorship==

In the past, when we have offered sponsorships, we have typically had two winners selected for the sponsorship award; however, the number of winners depends on how much you can afford to sponsor. We recommend that you raise $3000 USD for each winner, at least. In the past, we have given each winner a free conference pass, one free training, and free travel and accommodation to attend the event.
[[Image:IMG_5746.JPG|right|500x260px]]
Below is the list of eligibility criteria used to select WIA sponsorship winners at AppSec USA 2013.

* Has provided 2 responsive contacts as reference, and both references are familiar with the candidate, application security, and OWASP.
* Both references have provided letters of recommendation.
* Has relevant/appropriate achievement goals for attending the conference.
* Is the applicant from the region that the conference is taking place in.
* Has background in volunteering for OWASP or similar organizations.
* Has participated in one of OWASP's programs or activities?
* Is either studying, wishing to study, working in AppSec, or interested in working in AppSec.
* Has financial need.
* Is a paid OWASP member, and/or employer/school is an OWASP sponsor.
* Has an interest in exploring application security

We encourage you to create your own set of criteria that will fit the Women In AppSec that you are planning within your region. The criteria above is meant to be a guideline of what has been used in the past.

=PLANNING A WIA EVENT=
==Planning a WIA Event==

The majority of the planning involved in running the Women in AppSec Program occurs before the conference or regional event. Below, you will find a brief outline of the tasks your team will have to take on.

====Planning & Selection Team====

The first step you will need to take care of is the selection of your planning and selection team. These are the individuals that will be helping you manage the pre-event planning process and the selection of the sessions during the event. You will typically need a team of 5-6 people. The selection committee will then be broken down into several sub-teams of one to two people who will then work on sponsorship, marketing, the grading process, and the call for entries.

==== Sub-Team Roles ====

'''Sponsorship'''

Two people should be responsible for developing the materials and seeking out sponsorships for the program. They will be in charge of creating the sponsorship packages, flyers, and seeking out sponsorship from other chapters and organizations.

'''Marketing'''

At least two people should be responsible for marketing the event. Their job will consist of putting together press releases, keeping the event planners updated on progress, and
communicating progress to the overall community. They will also be responsible for getting the message out when the team is ready to start accepting applicants.

====Budget====
As mentioned above, it is up to your team to decide what it is you wish to do during the event - that will determine the budget.

====Sponsorship====
It is very important to start reaching out to the overall OWASP community and their corporate contacts as potential sponsorship leads. Develop a Sponsorship Strategy and put together a sponsorship flyer outlining the program, what you are seeking, and the benefits of sponsorship. Give incentive for sponsorship and details about the program to get potential sponsors interested. Make sure to include the successes of past Women in AppSec conference events. Once you have your materials and sponsorship packages sorted, you can get started with sponsorship seeking activities.

==During the conference==
Be sure the engage the women attending the conference in the sessions you have organized: encourage them to not only attend but to be active participants. It's not all about the women try and encourage some men to get involved and attend also, for this initiative to be successful it must be inclusive.

==Post-Conference==

After the conference, it is very important to gather feedback from the participants to make sure they enjoyed the experience. Ask them for a brief description about their experience, with a picture attached for the website. Then write up a review and lessons learned page to document the experience with the program. Make sure to include what can be improved upon in the future.

==Global AppSec Conferences==

[[Image:Appsec_APAC.jpg|right|x375px]]
OWASP AppSec conferences bring together industry, government, security researchers, and practitioners to discuss the state of the art in software security. This series was launched in the United States in 2004 and Europe in 2005. Global AppSec conferences are held annually in North America, Latin America, Europe, and Asia Pacific. Additionally, regional events are held in locations such as Brazil, China, India, Ireland, Israel, and Washington D.C just to name a few. The aim of the foundation is to bring the Women in AppSec Program to all of our regional and global events.

'''AppSec APAC'''

The AppSec APAC global conference takes place in the Asian-Pacific region. This conference is a reunion of local software security leaders, and aims to present cutting-edge ideas to attendees. OWASP events attract a worldwide audience interested in “what’s next”, and this global conference is no different. The conference is expected to draw 200-250 technologists each year from Government, Financial Services, Media, Pharmaceuticals, Healthcare, Technology, and many more. Women from the Asia-Pacific region are encouraged to apply to the program taking place during AppSec APAC.

'''AppSec EU'''

The AppSec EU global conference take place in the European region. Executives from Fortune 500 firms along with technical thought leaders such as security architects and lead developers, travel to hear the cutting-edge ideas presented by the software security industry's top talent. This conference is expected to draw 400-500 attendees each year from various regions within the Europe and beyond. Women from the European region are encouraged to apply to the program taking place during AppSec EU Research

'''AppSec Latam'''

The AppSec LATAM global conference takes place in the Latin American region. AppSec LATAM is a reunion of Latin American, software security leaders, providing a platform to discuss, participate in, and innovate within the software security industry. The conference is expected to draw 200-250 attendees from the Latin American region and beyond. Women in the Latin American region are encouraged to apply to the program taking place during AppSec LATAM.

'''AppSec USA'''

The AppSec USA global conference takes place in the North American region. AppSec USA is a world-class software security conference for technologists, auditors, risk managers, and entrepreneurs, gathering the world's top practitioner, to share the latest research and practices. This conference is expected to draw over 300 attendees within the North American region. AppSec USA is typically OWASP's biggest conference of the year so women are encouraged to apply to the program taking place during AppSec USA if they live or will be traveling from within North America.

=APPSEC USA 2015=
Planning is currently underway for AppSec USA 2015 WIA activities. We are exploring a networking room as well as other activities. Interested in getting involved? [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support].

Keep an eye on this space for more information!

==Bring the InfoSec Girls to AppSec USA 2015==
We are especially excited to invite the founders of the InfoSec Girls initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world. 
'''Donate now:''' 

<paypal>Women In AppSec</paypal> 

'''About InfoSec Girls''' 
Based in India, [https://infosecgirls.in/ InfoSec Girls] educates women about information security both at the community level and as a career option. Their kickoff event at C0c0n 2014 in Kochi, Kerala attracted 130 women and was the first event of it’s kind in the region.

Founders Apoorva Giri and Shruthi Kamath have spoken extensively on cybersecurity and women’s issues in India. Their efforts to bring awareness of cybersecurity to a wider audience has empowered women and girls to consider security careers as well as protect themselves online. They are also members of OWASP WIA.

At AppSec USA in September, they will inspire and inform your organization’s diversity and education programs, as well as give individual OWASP members ideas on how they can contribute to the application security education effort.

Sponsorship opportunities for commercial organizations and OWASP chapters are also available. Please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information about sponsorship packages.

=PAST WINNERS=
==Previous Women in AppSec Winners==
Following their experience at AppSec, winners are encouraged to write a short piece about their experience at the conference and their participation in the Women in AppSec program. Here, they outline their experience with the Women in AppSec Program in their own words.

'''Carrie Schaper, 2013 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Carrie Schaper Small.jpg|100px]]
| align="justify" |"OWASP Appsec proved to be a great experience for me, uniting and interacting with friends, professionals, and colleagues from the Information Security space from across the US and Internationally whom were in attendance. The huge space and well organized functions such as the: trainings, expert talks, panels, bug-bounty, lock-picking village and social events all enhanced the conference experience. Participating on the Women in IT panel was a wonderful experience, as many women were in attendance and participated in collaborative discussions. OWASP Appsec held in NY this year, was a premier NY conference not to be missed. Thank you to OWASP, its attendees and organizers."
|}
 

'''Nancy Lornston, 2013 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Nancy Lorntson Small.jpg|100px]]
| align="justify" |"AppSec 2013 was an awesome experience! Nowhere in the world can you find the top security experts all in one place at one time (and participate in a marriage proposal!). The conference presentations were well organized and the speakers were prepared to share pros, cons, successes and failures of their work in order to advance the application security domain. The variety of vendors was terrific as well.

The Women in AppSec panel was an opportunity to advance women's position in the community. Each speaker shared some very candid remarks about their personal experiences and by the end, it was clear that while more work needs to be done, there is a sincere interest by companies, universities and the industry in general to work on doing the things needed to attract more women to the profession.

The training course I attended (Open source tools) lived up to it's billing and I came away with several invaluable tips and strategies to improve our program.

A huge thank you to the Women in App Sec Panel and OWASP in general for this opportunity to attend the premier Application Security Conference in the world."
|}
 

'''Tara Wilson, 2011 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Tara wilson.jpg|100px]]
| align="justify" |“Being fortunate enough to receive the Women in AppSec sponsorhsip is a unique and valuable experience. It is a great opportunity for women to have a chance to bolster their skills and dive deep into the world of application security. I found that attending the conference was not only a great way to experience what the OWASP community has to offer, but it also gives students a chance to network with a great group of people who are passionate about their field and willing to share a wealth of information.”
|}
 

'''Chandni Bhowmik, 2011 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Chandni_bhowmik.jpg|100px]]
| align="justify" |Chandni Bhowmik is currently completing an M.S. in Computer Security and Information Assurance at the Rochester Institute of Technology (RIT). Her first introduction to OWASP was through the project WebScarab during an application security lab last spring at RIT and her interest in OWASP grew ever since. Over the summer, she started programming open source web applications using built-in security features of Django and Python. She is interested in becoming an information security researcher, and hopes to leverage learning at OWASP AppSec USA 2011 in ad-hoc architecture, mobile platforms and over-all concepts of web application security. Besides secure programming, Chandni enjoys her current research involving digital image forensics and machine learning. In addition to attending school, she has interned in IT security and compliance at Paychex, a Rochester based payroll processing company, and gained industrial experience working an assistant systems engineer for Tata Consultancy Services, a global IT firm.
|}
 

=WIA SPONSORS=
==Our Sponsors==
We'd like to offer a warm thanks to the individuals and organizations that have sponsored the OWASP Women in Technology project. 
'''Diamond Sponsors''' 
'''Platinum Sponsors''' 
'''Gold Sponsors''' 
'''Silver Sponsors''' 

=SPONSOR WIA=
==Sponsor WIA==
We'd like to offer a warm thanks to the individuals and organizations that have sponsored the OWASP Women in Technology project. If your organization would like to discuss sponsorship, please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information. 

'''Sponsorship Packages for AppSec USA 2015:''' 
'''Silver:''' Donate $500 or more, get your company name and logo on the WIA Wiki Sponsorship Tab from now until June 2016. (10 sponsorships available) 
'''Gold:''' Donate $1500 or more, get your company name and logo on the WIA Wiki Sponsorship Tab from now until June 2016 and put your literature on the table in the WIA meeting room at AppSec USA (8 sponsorships available). 
'''Platinum:''' Donate $2500 or more, all of the above place a banner stand in the WIA meeting room at AppSec USA and have your company logo/social handle on the screen at the WIA session. (5 Sponsorships available). 
'''Diamond:''' Donate $3500 or more, all of the above plus introduce the WIA speakers at the AppSec USA WIA session. (1 Sponsorship available).

=CONTACT US=

==Contact Us==

If you are interested in another piece of OWASP design for your event or project, please let us know by using the [http://owasp4.owasp.org/contactus.html OWASP Contact Us form].

<headertabs />

Women In AppSec

2015-08-03T17:38:48Z

Kerryjorichards: /* APPSEC USA 2015 */

=WELCOME=

==Women in Application Security Program==

The purpose of the Women in AppSec Program is to increase the participation of women in the field of application security. The program was successfully launched in 2011 at AppSec USA, and the aim is to run the program at every OWASP Global AppSec going forward. Most recently, at AppSec EU in Amsterndam in May 2015, a program with the theme "Women in AppSec - Making it Happen" was launched and both a panel and a workshop were included at the event.

The Women in AppSec program is for any OWASP member who believes that diversity is important to the success of the organization, as well as for women looking to learn more about AppSec or who want to make career connections with like-minded colleagues. This includes female undergraduate and graduate students, instructors, and professionals who are dedicated to information security or application development.

'''AppSec USA 2015''' 
Currently, there is an effort to plan activities for AppSec USA 2015. Volunteers are eagerly sought to support the program at AppSec USA! We are especially excited to invite the founders of the '''InfoSec Girls''' initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world. '''Donate now:''' 

<paypal>Women In AppSec</paypal>

'''Want to find out more?''' Join the weekly meeting - reach out via the [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support].

Regional conferences are also encouraged to host the Women in AppSec program. Contact us via the [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support] to discuss how to successfully run a program at your event.

{|
|-
! width="400" align="left" |
! width="400" align="left" |
|-
| align="left" | [[Image:WiAAPAC3.jpg| left|330px]] 
| align="left" | [[Image:IMG_5579.JPG|left|325px]]
| align="left" | [[Image:WiAAPAC2.jpg|left|330px]]

|}

==Contact Us==

If you are interested in another piece of OWASP design for your event or project, please let us know by using the [http://owasp4.owasp.org/contactus.html OWASP Contact Us form].

==Links==
*[https://www.isc2.org/PressReleaseDetails.aspx?id=11240 (ISC)²® Report Reveals Women's Perspective and Skills are Transforming the Information Security Industry October 29, 2013].

*[https://www.youtube.com/watch?v=62i4o15NbgA&list=PLpr-xdpM8wG8ODR2zWs06JkMmlRiLyBXU&index=42 Women in AppSec Panel at AppSec USA 2013: Women in Information Security: Who Are We? Where Are We Going? Why? -- Joan Goodchild (Audio Only)]

=ABOUT THE PROGRAM=

The OWASP Foundation, in recognition of value to both organizations and society, is working to support and enhance programs that increase the participation of women in the field of information and application security. The OWASP Foundation Women in AppSec Program provides merit-based funding for women to attend participating OWASP AppSec conferences. OWASP’s current program objective is to encourage female students at both the undergraduate and graduate levels, instructors, and professional working women who are dedicated to a career in information security and/or application development, to expand their skills and pursue application security. Interested applicants are encouraged to apply to the program running within their region of residence. 

'''AppSec USA 2015''' 
Join the AppSecUSA 2015 Women in AppSec Program Organizing Committee on the OWASP Women in AppSec Community Group: https://myowasp.force.com. We are planning several activities for the AppSec USA event.

We are especially excited to invite the founders of the InfoSec Girls initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world. 
'''Donate now:''' 
<paypal>Women In AppSec</paypal>

Sponsorship opportunities for commercial organizations and OWASP chapters are also available. Please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information about sponsorship packages.

=PREVIOUS WIA ACTIVITIES=

== AppSec EU 2015 ==
During AppSec EU there was a panel discussion and workshop supported by the Women in AppSec initiative. Through these sessions we hoped to encourage women to pursue a career in AppSec and help them realize it is an option for them. These sessions was be open to all so we can help build support for the women around us. Learn more here: [http://2015.appsec.eu/women-in-application-security/ http://2015.appsec.eu/women-in-application-security] 

'''Panel: "Women in AppSec - Making it Happen"''' 
During this panel session we discussed what can be done to Make it Happen for Women in AppSec going forward. What have those currently working in the field done to Make it Happen for themselves and other women; what tips and advice do they have to help you do to make a career for yourself or encourage those around you (sister, friend, daughter, etc…) to pursue a career in AppSec? What can we as professionals can do to help encourage girls to go for a career in AppSec?

'''Workshop''' 
During the workshop we introduced female attendees of the conference to what a career in App Sec can involve. We discussed application security and the many career paths available. We hope to build relationships that may lead to a mentoring program for these women.

== AppSec USA 2013 ==
Learn more about the program here: [http://2013.appsecusa.org/2013/activities/owasp-women-in-application-security-appsec-program/index.html http://2013.appsecusa.org/2013/activities/owasp-women-in-application-security-appsec-program/index.html]

==WIA Attendee Sponsorship==

In the past, when we have offered sponsorships, we have typically had two winners selected for the sponsorship award; however, the number of winners depends on how much you can afford to sponsor. We recommend that you raise $3000 USD for each winner, at least. In the past, we have given each winner a free conference pass, one free training, and free travel and accommodation to attend the event.
[[Image:IMG_5746.JPG|right|500x260px]]
Below is the list of eligibility criteria used to select WIA sponsorship winners at AppSec USA 2013.

* Has provided 2 responsive contacts as reference, and both references are familiar with the candidate, application security, and OWASP.
* Both references have provided letters of recommendation.
* Has relevant/appropriate achievement goals for attending the conference.
* Is the applicant from the region that the conference is taking place in.
* Has background in volunteering for OWASP or similar organizations.
* Has participated in one of OWASP's programs or activities?
* Is either studying, wishing to study, working in AppSec, or interested in working in AppSec.
* Has financial need.
* Is a paid OWASP member, and/or employer/school is an OWASP sponsor.
* Has an interest in exploring application security

We encourage you to create your own set of criteria that will fit the Women In AppSec that you are planning within your region. The criteria above is meant to be a guideline of what has been used in the past.

=PLANNING A WIA EVENT=
==Planning a WIA Event==

The majority of the planning involved in running the Women in AppSec Program occurs before the conference or regional event. Below, you will find a brief outline of the tasks your team will have to take on.

====Planning & Selection Team====

The first step you will need to take care of is the selection of your planning and selection team. These are the individuals that will be helping you manage the pre-event planning process and the selection of the sessions during the event. You will typically need a team of 5-6 people. The selection committee will then be broken down into several sub-teams of one to two people who will then work on sponsorship, marketing, the grading process, and the call for entries.

==== Sub-Team Roles ====

'''Sponsorship'''

Two people should be responsible for developing the materials and seeking out sponsorships for the program. They will be in charge of creating the sponsorship packages, flyers, and seeking out sponsorship from other chapters and organizations.

'''Marketing'''

At least two people should be responsible for marketing the event. Their job will consist of putting together press releases, keeping the event planners updated on progress, and
communicating progress to the overall community. They will also be responsible for getting the message out when the team is ready to start accepting applicants.

====Budget====
As mentioned above, it is up to your team to decide what it is you wish to do during the event - that will determine the budget.

====Sponsorship====
It is very important to start reaching out to the overall OWASP community and their corporate contacts as potential sponsorship leads. Develop a Sponsorship Strategy and put together a sponsorship flyer outlining the program, what you are seeking, and the benefits of sponsorship. Give incentive for sponsorship and details about the program to get potential sponsors interested. Make sure to include the successes of past Women in AppSec conference events. Once you have your materials and sponsorship packages sorted, you can get started with sponsorship seeking activities.

==During the conference==
Be sure the engage the women attending the conference in the sessions you have organized: encourage them to not only attend but to be active participants. It's not all about the women try and encourage some men to get involved and attend also, for this initiative to be successful it must be inclusive.

==Post-Conference==

After the conference, it is very important to gather feedback from the participants to make sure they enjoyed the experience. Ask them for a brief description about their experience, with a picture attached for the website. Then write up a review and lessons learned page to document the experience with the program. Make sure to include what can be improved upon in the future.

==Global AppSec Conferences==

[[Image:Appsec_APAC.jpg|right|x375px]]
OWASP AppSec conferences bring together industry, government, security researchers, and practitioners to discuss the state of the art in software security. This series was launched in the United States in 2004 and Europe in 2005. Global AppSec conferences are held annually in North America, Latin America, Europe, and Asia Pacific. Additionally, regional events are held in locations such as Brazil, China, India, Ireland, Israel, and Washington D.C just to name a few. The aim of the foundation is to bring the Women in AppSec Program to all of our regional and global events.

'''AppSec APAC'''

The AppSec APAC global conference takes place in the Asian-Pacific region. This conference is a reunion of local software security leaders, and aims to present cutting-edge ideas to attendees. OWASP events attract a worldwide audience interested in “what’s next”, and this global conference is no different. The conference is expected to draw 200-250 technologists each year from Government, Financial Services, Media, Pharmaceuticals, Healthcare, Technology, and many more. Women from the Asia-Pacific region are encouraged to apply to the program taking place during AppSec APAC.

'''AppSec EU'''

The AppSec EU global conference take place in the European region. Executives from Fortune 500 firms along with technical thought leaders such as security architects and lead developers, travel to hear the cutting-edge ideas presented by the software security industry's top talent. This conference is expected to draw 400-500 attendees each year from various regions within the Europe and beyond. Women from the European region are encouraged to apply to the program taking place during AppSec EU Research

'''AppSec Latam'''

The AppSec LATAM global conference takes place in the Latin American region. AppSec LATAM is a reunion of Latin American, software security leaders, providing a platform to discuss, participate in, and innovate within the software security industry. The conference is expected to draw 200-250 attendees from the Latin American region and beyond. Women in the Latin American region are encouraged to apply to the program taking place during AppSec LATAM.

'''AppSec USA'''

The AppSec USA global conference takes place in the North American region. AppSec USA is a world-class software security conference for technologists, auditors, risk managers, and entrepreneurs, gathering the world's top practitioner, to share the latest research and practices. This conference is expected to draw over 300 attendees within the North American region. AppSec USA is typically OWASP's biggest conference of the year so women are encouraged to apply to the program taking place during AppSec USA if they live or will be traveling from within North America.

=APPSEC USA 2015=
Planning is currently underway for AppSec USA 2015 WIA activities. We are exploring a networking room as well as other activities. Interested in getting involved? [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support].

Keep an eye on this space for more information!

==Bring the InfoSec Girls to AppSec USA 2015==
We are especially excited to invite the founders of the InfoSec Girls initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world. 
'''Donate now:''' 

<paypal>Women In AppSec</paypal>

'''About InfoSec Girls''' 
Based in India, [https://infosecgirls.in/ InfoSec Girls] educates women about information security both at the community level and as a career option. Their kickoff event at C0c0n 2014 in Kochi, Kerala attracted 130 women and was the first event of it’s kind in the region.

Founders Apoorva Giri and Shruthi Kamath have spoken extensively on cybersecurity and women’s issues in India. Their efforts to bring awareness of cybersecurity to a wider audience has empowered women and girls to consider security careers as well as protect themselves online. They are also members of OWASP WIA.

At AppSec USA in September, they will inspire and inform your organization’s diversity and education programs, as well as give individual OWASP members ideas on how they can contribute to the application security education effort.

Sponsorship opportunities for commercial organizations and OWASP chapters are also available. Please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information about sponsorship packages.

=PAST WINNERS=
==Previous Women in AppSec Winners==
Following their experience at AppSec, winners are encouraged to write a short piece about their experience at the conference and their participation in the Women in AppSec program. Here, they outline their experience with the Women in AppSec Program in their own words.

'''Carrie Schaper, 2013 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Carrie Schaper Small.jpg|100px]]
| align="justify" |"OWASP Appsec proved to be a great experience for me, uniting and interacting with friends, professionals, and colleagues from the Information Security space from across the US and Internationally whom were in attendance. The huge space and well organized functions such as the: trainings, expert talks, panels, bug-bounty, lock-picking village and social events all enhanced the conference experience. Participating on the Women in IT panel was a wonderful experience, as many women were in attendance and participated in collaborative discussions. OWASP Appsec held in NY this year, was a premier NY conference not to be missed. Thank you to OWASP, its attendees and organizers."
|}
 

'''Nancy Lornston, 2013 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Nancy Lorntson Small.jpg|100px]]
| align="justify" |"AppSec 2013 was an awesome experience! Nowhere in the world can you find the top security experts all in one place at one time (and participate in a marriage proposal!). The conference presentations were well organized and the speakers were prepared to share pros, cons, successes and failures of their work in order to advance the application security domain. The variety of vendors was terrific as well.

The Women in AppSec panel was an opportunity to advance women's position in the community. Each speaker shared some very candid remarks about their personal experiences and by the end, it was clear that while more work needs to be done, there is a sincere interest by companies, universities and the industry in general to work on doing the things needed to attract more women to the profession.

The training course I attended (Open source tools) lived up to it's billing and I came away with several invaluable tips and strategies to improve our program.

A huge thank you to the Women in App Sec Panel and OWASP in general for this opportunity to attend the premier Application Security Conference in the world."
|}
 

'''Tara Wilson, 2011 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Tara wilson.jpg|100px]]
| align="justify" |“Being fortunate enough to receive the Women in AppSec sponsorhsip is a unique and valuable experience. It is a great opportunity for women to have a chance to bolster their skills and dive deep into the world of application security. I found that attending the conference was not only a great way to experience what the OWASP community has to offer, but it also gives students a chance to network with a great group of people who are passionate about their field and willing to share a wealth of information.”
|}
 

'''Chandni Bhowmik, 2011 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Chandni_bhowmik.jpg|100px]]
| align="justify" |Chandni Bhowmik is currently completing an M.S. in Computer Security and Information Assurance at the Rochester Institute of Technology (RIT). Her first introduction to OWASP was through the project WebScarab during an application security lab last spring at RIT and her interest in OWASP grew ever since. Over the summer, she started programming open source web applications using built-in security features of Django and Python. She is interested in becoming an information security researcher, and hopes to leverage learning at OWASP AppSec USA 2011 in ad-hoc architecture, mobile platforms and over-all concepts of web application security. Besides secure programming, Chandni enjoys her current research involving digital image forensics and machine learning. In addition to attending school, she has interned in IT security and compliance at Paychex, a Rochester based payroll processing company, and gained industrial experience working an assistant systems engineer for Tata Consultancy Services, a global IT firm.
|}
 

=WIA SPONSORS=
==Our Sponsors==
We'd like to offer a warm thanks to the individuals and organizations that have sponsored the OWASP Women in Technology project. 
'''Diamond Sponsors''' 
'''Platinum Sponsors''' 
'''Gold Sponsors''' 
'''Silver Sponsors''' 

=SPONSOR WIA=
==Sponsor WIA==
We'd like to offer a warm thanks to the individuals and organizations that have sponsored the OWASP Women in Technology project. If your organization would like to discuss sponsorship, please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information. 

'''Sponsorship Packages for AppSec USA 2015:''' 
'''Silver:''' Donate $500 or more, get your company name and logo on the WIA Wiki Sponsorship Tab from now until June 2016. (10 sponsorships available) 
'''Gold:''' Donate $1500 or more, get your company name and logo on the WIA Wiki Sponsorship Tab from now until June 2016 and put your literature on the table in the WIA meeting room at AppSec USA (8 sponsorships available). 
'''Platinum:''' Donate $2500 or more, all of the above place a banner stand in the WIA meeting room at AppSec USA and have your company logo/social handle on the screen at the WIA session. (5 Sponsorships available). 
'''Diamond:''' Donate $3500 or more, all of the above plus introduce the WIA speakers at the AppSec USA WIA session. (1 Sponsorship available).

=CONTACT US=

==Contact Us==

If you are interested in another piece of OWASP design for your event or project, please let us know by using the [http://owasp4.owasp.org/contactus.html OWASP Contact Us form].

<headertabs />

Women In AppSec

2015-08-03T17:15:59Z

Kerryjorichards: /* PLANNING A WIA EVENT */

=WELCOME=

==Women in Application Security Program==

The purpose of the Women in AppSec Program is to increase the participation of women in the field of application security. The program was successfully launched in 2011 at AppSec USA, and the aim is to run the program at every OWASP Global AppSec going forward. Most recently, at AppSec EU in Amsterndam in May 2015, a program with the theme "Women in AppSec - Making it Happen" was launched and both a panel and a workshop were included at the event.

The Women in AppSec program is for any OWASP member who believes that diversity is important to the success of the organization, as well as for women looking to learn more about AppSec or who want to make career connections with like-minded colleagues. This includes female undergraduate and graduate students, instructors, and professionals who are dedicated to information security or application development.

'''AppSec USA 2015''' 
Currently, there is an effort to plan activities for AppSec USA 2015. Volunteers are eagerly sought to support the program at AppSec USA! We are especially excited to invite the founders of the '''InfoSec Girls''' initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world. '''Donate now:''' 

<paypal>Women In AppSec</paypal>

'''Want to find out more?''' Join the weekly meeting - reach out via the [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support].

Regional conferences are also encouraged to host the Women in AppSec program. Contact us via the [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support] to discuss how to successfully run a program at your event.

{|
|-
! width="400" align="left" |
! width="400" align="left" |
|-
| align="left" | [[Image:WiAAPAC3.jpg| left|330px]] 
| align="left" | [[Image:IMG_5579.JPG|left|325px]]
| align="left" | [[Image:WiAAPAC2.jpg|left|330px]]

|}

==Contact Us==

If you are interested in another piece of OWASP design for your event or project, please let us know by using the [http://owasp4.owasp.org/contactus.html OWASP Contact Us form].

==Links==
*[https://www.isc2.org/PressReleaseDetails.aspx?id=11240 (ISC)²® Report Reveals Women's Perspective and Skills are Transforming the Information Security Industry October 29, 2013].

*[https://www.youtube.com/watch?v=62i4o15NbgA&list=PLpr-xdpM8wG8ODR2zWs06JkMmlRiLyBXU&index=42 Women in AppSec Panel at AppSec USA 2013: Women in Information Security: Who Are We? Where Are We Going? Why? -- Joan Goodchild (Audio Only)]

=ABOUT THE PROGRAM=

The OWASP Foundation, in recognition of value to both organizations and society, is working to support and enhance programs that increase the participation of women in the field of information and application security. The OWASP Foundation Women in AppSec Program provides merit-based funding for women to attend participating OWASP AppSec conferences. OWASP’s current program objective is to encourage female students at both the undergraduate and graduate levels, instructors, and professional working women who are dedicated to a career in information security and/or application development, to expand their skills and pursue application security. Interested applicants are encouraged to apply to the program running within their region of residence. 

'''AppSec USA 2015''' 
Join the AppSecUSA 2015 Women in AppSec Program Organizing Committee on the OWASP Women in AppSec Community Group: https://myowasp.force.com. We are planning several activities for the AppSec USA event.

We are especially excited to invite the founders of the InfoSec Girls initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world. 
'''Donate now:''' 
<paypal>Women In AppSec</paypal>

Sponsorship opportunities for commercial organizations and OWASP chapters are also available. Please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information about sponsorship packages.

=PREVIOUS WIA ACTIVITIES=

== AppSec EU 2015 ==
During AppSec EU there was a panel discussion and workshop supported by the Women in AppSec initiative. Through these sessions we hoped to encourage women to pursue a career in AppSec and help them realize it is an option for them. These sessions was be open to all so we can help build support for the women around us. Learn more here: [http://2015.appsec.eu/women-in-application-security/ http://2015.appsec.eu/women-in-application-security] 

'''Panel: "Women in AppSec - Making it Happen"''' 
During this panel session we discussed what can be done to Make it Happen for Women in AppSec going forward. What have those currently working in the field done to Make it Happen for themselves and other women; what tips and advice do they have to help you do to make a career for yourself or encourage those around you (sister, friend, daughter, etc…) to pursue a career in AppSec? What can we as professionals can do to help encourage girls to go for a career in AppSec?

'''Workshop''' 
During the workshop we introduced female attendees of the conference to what a career in App Sec can involve. We discussed application security and the many career paths available. We hope to build relationships that may lead to a mentoring program for these women.

== AppSec USA 2013 ==
Learn more about the program here: [http://2013.appsecusa.org/2013/activities/owasp-women-in-application-security-appsec-program/index.html http://2013.appsecusa.org/2013/activities/owasp-women-in-application-security-appsec-program/index.html]

==WIA Attendee Sponsorship==

In the past, when we have offered sponsorships, we have typically had two winners selected for the sponsorship award; however, the number of winners depends on how much you can afford to sponsor. We recommend that you raise $3000 USD for each winner, at least. In the past, we have given each winner a free conference pass, one free training, and free travel and accommodation to attend the event.
[[Image:IMG_5746.JPG|right|500x260px]]
Below is the list of eligibility criteria used to select WIA sponsorship winners at AppSec USA 2013.

* Has provided 2 responsive contacts as reference, and both references are familiar with the candidate, application security, and OWASP.
* Both references have provided letters of recommendation.
* Has relevant/appropriate achievement goals for attending the conference.
* Is the applicant from the region that the conference is taking place in.
* Has background in volunteering for OWASP or similar organizations.
* Has participated in one of OWASP's programs or activities?
* Is either studying, wishing to study, working in AppSec, or interested in working in AppSec.
* Has financial need.
* Is a paid OWASP member, and/or employer/school is an OWASP sponsor.
* Has an interest in exploring application security

We encourage you to create your own set of criteria that will fit the Women In AppSec that you are planning within your region. The criteria above is meant to be a guideline of what has been used in the past.

=PLANNING A WIA EVENT=
==Planning a WIA Event==

The majority of the planning involved in running the Women in AppSec Program occurs before the conference or regional event. Below, you will find a brief outline of the tasks your team will have to take on.

====Planning & Selection Team====

The first step you will need to take care of is the selection of your planning and selection team. These are the individuals that will be helping you manage the pre-event planning process and the selection of the sessions during the event. You will typically need a team of 5-6 people. The selection committee will then be broken down into several sub-teams of one to two people who will then work on sponsorship, marketing, the grading process, and the call for entries.

==== Sub-Team Roles ====

'''Sponsorship'''

Two people should be responsible for developing the materials and seeking out sponsorships for the program. They will be in charge of creating the sponsorship packages, flyers, and seeking out sponsorship from other chapters and organizations.

'''Marketing'''

At least two people should be responsible for marketing the event. Their job will consist of putting together press releases, keeping the event planners updated on progress, and
communicating progress to the overall community. They will also be responsible for getting the message out when the team is ready to start accepting applicants.

====Budget====
As mentioned above, it is up to your team to decide what it is you wish to do during the event - that will determine the budget.

====Sponsorship====
It is very important to start reaching out to the overall OWASP community and their corporate contacts as potential sponsorship leads. Develop a Sponsorship Strategy and put together a sponsorship flyer outlining the program, what you are seeking, and the benefits of sponsorship. Give incentive for sponsorship and details about the program to get potential sponsors interested. Make sure to include the successes of past Women in AppSec conference events. Once you have your materials and sponsorship packages sorted, you can get started with sponsorship seeking activities.

==During the conference==
Be sure the engage the women attending the conference in the sessions you have organized: encourage them to not only attend but to be active participants. It's not all about the women try and encourage some men to get involved and attend also, for this initiative to be successful it must be inclusive.

==Post-Conference==

After the conference, it is very important to gather feedback from the participants to make sure they enjoyed the experience. Ask them for a brief description about their experience, with a picture attached for the website. Then write up a review and lessons learned page to document the experience with the program. Make sure to include what can be improved upon in the future.

==Global AppSec Conferences==

[[Image:Appsec_APAC.jpg|right|x375px]]
OWASP AppSec conferences bring together industry, government, security researchers, and practitioners to discuss the state of the art in software security. This series was launched in the United States in 2004 and Europe in 2005. Global AppSec conferences are held annually in North America, Latin America, Europe, and Asia Pacific. Additionally, regional events are held in locations such as Brazil, China, India, Ireland, Israel, and Washington D.C just to name a few. The aim of the foundation is to bring the Women in AppSec Program to all of our regional and global events.

'''AppSec APAC'''

The AppSec APAC global conference takes place in the Asian-Pacific region. This conference is a reunion of local software security leaders, and aims to present cutting-edge ideas to attendees. OWASP events attract a worldwide audience interested in “what’s next”, and this global conference is no different. The conference is expected to draw 200-250 technologists each year from Government, Financial Services, Media, Pharmaceuticals, Healthcare, Technology, and many more. Women from the Asia-Pacific region are encouraged to apply to the program taking place during AppSec APAC.

'''AppSec EU'''

The AppSec EU global conference take place in the European region. Executives from Fortune 500 firms along with technical thought leaders such as security architects and lead developers, travel to hear the cutting-edge ideas presented by the software security industry's top talent. This conference is expected to draw 400-500 attendees each year from various regions within the Europe and beyond. Women from the European region are encouraged to apply to the program taking place during AppSec EU Research

'''AppSec Latam'''

The AppSec LATAM global conference takes place in the Latin American region. AppSec LATAM is a reunion of Latin American, software security leaders, providing a platform to discuss, participate in, and innovate within the software security industry. The conference is expected to draw 200-250 attendees from the Latin American region and beyond. Women in the Latin American region are encouraged to apply to the program taking place during AppSec LATAM.

'''AppSec USA'''

The AppSec USA global conference takes place in the North American region. AppSec USA is a world-class software security conference for technologists, auditors, risk managers, and entrepreneurs, gathering the world's top practitioner, to share the latest research and practices. This conference is expected to draw over 300 attendees within the North American region. AppSec USA is typically OWASP's biggest conference of the year so women are encouraged to apply to the program taking place during AppSec USA if they live or will be traveling from within North America.

=APPSEC USA 2015=
Planning is currently underway for AppSec USA 2015 WIA activities. We are exploring a networking room as well as other activities. Interested in getting involved? [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support].

Keep an eye on this space for more information!

==Bring the InfoSec Girls to AppSec USA 2015==
Join the AppSecUSA 2015 Women in AppSec Program Organizing Committee on the OWASP Women in AppSec Community Group: https://myowasp.force.com. We are planning several activities for the AppSec USA event.

We are especially excited to invite the founders of the InfoSec Girls initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world. 
'''Donate now:''' 

<paypal>Women In AppSec</paypal>

'''About InfoSec Girls''' 
Based in India, [https://infosecgirls.in/ InfoSec Girls] educates women about information security both at the community level and as a career option. Their kickoff event at C0c0n 2014 in Kochi, Kerala attracted 130 women and was the first event of it’s kind in the region.

Founders Apoorva Giri and Shruthi Kamath have spoken extensively on cybersecurity and women’s issues in India. Their efforts to bring awareness of cybersecurity to a wider audience has empowered women and girls to consider security careers as well as protect themselves online. They are also members of OWASP WIA.

At AppSec USA in September, they will inspire and inform your organization’s diversity and education programs, as well as give individual OWASP members ideas on how they can contribute to the application security education effort.

Sponsorship opportunities for commercial organizations and OWASP chapters are also available. Please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information about sponsorship packages.

=PAST WINNERS=
==Previous Women in AppSec Winners==
Following their experience at AppSec, winners are encouraged to write a short piece about their experience at the conference and their participation in the Women in AppSec program. Here, they outline their experience with the Women in AppSec Program in their own words.

'''Carrie Schaper, 2013 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Carrie Schaper Small.jpg|100px]]
| align="justify" |"OWASP Appsec proved to be a great experience for me, uniting and interacting with friends, professionals, and colleagues from the Information Security space from across the US and Internationally whom were in attendance. The huge space and well organized functions such as the: trainings, expert talks, panels, bug-bounty, lock-picking village and social events all enhanced the conference experience. Participating on the Women in IT panel was a wonderful experience, as many women were in attendance and participated in collaborative discussions. OWASP Appsec held in NY this year, was a premier NY conference not to be missed. Thank you to OWASP, its attendees and organizers."
|}
 

'''Nancy Lornston, 2013 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Nancy Lorntson Small.jpg|100px]]
| align="justify" |"AppSec 2013 was an awesome experience! Nowhere in the world can you find the top security experts all in one place at one time (and participate in a marriage proposal!). The conference presentations were well organized and the speakers were prepared to share pros, cons, successes and failures of their work in order to advance the application security domain. The variety of vendors was terrific as well.

The Women in AppSec panel was an opportunity to advance women's position in the community. Each speaker shared some very candid remarks about their personal experiences and by the end, it was clear that while more work needs to be done, there is a sincere interest by companies, universities and the industry in general to work on doing the things needed to attract more women to the profession.

The training course I attended (Open source tools) lived up to it's billing and I came away with several invaluable tips and strategies to improve our program.

A huge thank you to the Women in App Sec Panel and OWASP in general for this opportunity to attend the premier Application Security Conference in the world."
|}
 

'''Tara Wilson, 2011 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Tara wilson.jpg|100px]]
| align="justify" |“Being fortunate enough to receive the Women in AppSec sponsorhsip is a unique and valuable experience. It is a great opportunity for women to have a chance to bolster their skills and dive deep into the world of application security. I found that attending the conference was not only a great way to experience what the OWASP community has to offer, but it also gives students a chance to network with a great group of people who are passionate about their field and willing to share a wealth of information.”
|}
 

'''Chandni Bhowmik, 2011 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Chandni_bhowmik.jpg|100px]]
| align="justify" |Chandni Bhowmik is currently completing an M.S. in Computer Security and Information Assurance at the Rochester Institute of Technology (RIT). Her first introduction to OWASP was through the project WebScarab during an application security lab last spring at RIT and her interest in OWASP grew ever since. Over the summer, she started programming open source web applications using built-in security features of Django and Python. She is interested in becoming an information security researcher, and hopes to leverage learning at OWASP AppSec USA 2011 in ad-hoc architecture, mobile platforms and over-all concepts of web application security. Besides secure programming, Chandni enjoys her current research involving digital image forensics and machine learning. In addition to attending school, she has interned in IT security and compliance at Paychex, a Rochester based payroll processing company, and gained industrial experience working an assistant systems engineer for Tata Consultancy Services, a global IT firm.
|}
 

=WIA SPONSORS=
==Our Sponsors==
We'd like to offer a warm thanks to the individuals and organizations that have sponsored the OWASP Women in Technology project. 
'''Diamond Sponsors''' 
'''Platinum Sponsors''' 
'''Gold Sponsors''' 
'''Silver Sponsors''' 

=SPONSOR WIA=
==Sponsor WIA==
We'd like to offer a warm thanks to the individuals and organizations that have sponsored the OWASP Women in Technology project. If your organization would like to discuss sponsorship, please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information. 

'''Sponsorship Packages for AppSec USA 2015:''' 
'''Silver:''' Donate $500 or more, get your company name and logo on the WIA Wiki Sponsorship Tab from now until June 2016. (10 sponsorships available) 
'''Gold:''' Donate $1500 or more, get your company name and logo on the WIA Wiki Sponsorship Tab from now until June 2016 and put your literature on the table in the WIA meeting room at AppSec USA (8 sponsorships available). 
'''Platinum:''' Donate $2500 or more, all of the above place a banner stand in the WIA meeting room at AppSec USA and have your company logo/social handle on the screen at the WIA session. (5 Sponsorships available). 
'''Diamond:''' Donate $3500 or more, all of the above plus introduce the WIA speakers at the AppSec USA WIA session. (1 Sponsorship available).

=CONTACT US=

==Contact Us==

If you are interested in another piece of OWASP design for your event or project, please let us know by using the [http://owasp4.owasp.org/contactus.html OWASP Contact Us form].

<headertabs />

Women In AppSec

2015-08-03T17:11:52Z

Kerryjorichards: /* PREVIOUS WIA ACTIVITIES */

=WELCOME=

==Women in Application Security Program==

The purpose of the Women in AppSec Program is to increase the participation of women in the field of application security. The program was successfully launched in 2011 at AppSec USA, and the aim is to run the program at every OWASP Global AppSec going forward. Most recently, at AppSec EU in Amsterndam in May 2015, a program with the theme "Women in AppSec - Making it Happen" was launched and both a panel and a workshop were included at the event.

The Women in AppSec program is for any OWASP member who believes that diversity is important to the success of the organization, as well as for women looking to learn more about AppSec or who want to make career connections with like-minded colleagues. This includes female undergraduate and graduate students, instructors, and professionals who are dedicated to information security or application development.

'''AppSec USA 2015''' 
Currently, there is an effort to plan activities for AppSec USA 2015. Volunteers are eagerly sought to support the program at AppSec USA! We are especially excited to invite the founders of the '''InfoSec Girls''' initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world. '''Donate now:''' 

<paypal>Women In AppSec</paypal>

'''Want to find out more?''' Join the weekly meeting - reach out via the [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support].

Regional conferences are also encouraged to host the Women in AppSec program. Contact us via the [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support] to discuss how to successfully run a program at your event.

{|
|-
! width="400" align="left" |
! width="400" align="left" |
|-
| align="left" | [[Image:WiAAPAC3.jpg| left|330px]] 
| align="left" | [[Image:IMG_5579.JPG|left|325px]]
| align="left" | [[Image:WiAAPAC2.jpg|left|330px]]

|}

==Contact Us==

If you are interested in another piece of OWASP design for your event or project, please let us know by using the [http://owasp4.owasp.org/contactus.html OWASP Contact Us form].

==Links==
*[https://www.isc2.org/PressReleaseDetails.aspx?id=11240 (ISC)²® Report Reveals Women's Perspective and Skills are Transforming the Information Security Industry October 29, 2013].

*[https://www.youtube.com/watch?v=62i4o15NbgA&list=PLpr-xdpM8wG8ODR2zWs06JkMmlRiLyBXU&index=42 Women in AppSec Panel at AppSec USA 2013: Women in Information Security: Who Are We? Where Are We Going? Why? -- Joan Goodchild (Audio Only)]

=ABOUT THE PROGRAM=

The OWASP Foundation, in recognition of value to both organizations and society, is working to support and enhance programs that increase the participation of women in the field of information and application security. The OWASP Foundation Women in AppSec Program provides merit-based funding for women to attend participating OWASP AppSec conferences. OWASP’s current program objective is to encourage female students at both the undergraduate and graduate levels, instructors, and professional working women who are dedicated to a career in information security and/or application development, to expand their skills and pursue application security. Interested applicants are encouraged to apply to the program running within their region of residence. 

'''AppSec USA 2015''' 
Join the AppSecUSA 2015 Women in AppSec Program Organizing Committee on the OWASP Women in AppSec Community Group: https://myowasp.force.com. We are planning several activities for the AppSec USA event.

We are especially excited to invite the founders of the InfoSec Girls initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world. 
'''Donate now:''' 
<paypal>Women In AppSec</paypal>

Sponsorship opportunities for commercial organizations and OWASP chapters are also available. Please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information about sponsorship packages.

=PREVIOUS WIA ACTIVITIES=

== AppSec EU 2015 ==
During AppSec EU there was a panel discussion and workshop supported by the Women in AppSec initiative. Through these sessions we hoped to encourage women to pursue a career in AppSec and help them realize it is an option for them. These sessions was be open to all so we can help build support for the women around us. Learn more here: [http://2015.appsec.eu/women-in-application-security/ http://2015.appsec.eu/women-in-application-security] 

'''Panel: "Women in AppSec - Making it Happen"''' 
During this panel session we discussed what can be done to Make it Happen for Women in AppSec going forward. What have those currently working in the field done to Make it Happen for themselves and other women; what tips and advice do they have to help you do to make a career for yourself or encourage those around you (sister, friend, daughter, etc…) to pursue a career in AppSec? What can we as professionals can do to help encourage girls to go for a career in AppSec?

'''Workshop''' 
During the workshop we introduced female attendees of the conference to what a career in App Sec can involve. We discussed application security and the many career paths available. We hope to build relationships that may lead to a mentoring program for these women.

== AppSec USA 2013 ==
Learn more about the program here: [http://2013.appsecusa.org/2013/activities/owasp-women-in-application-security-appsec-program/index.html http://2013.appsecusa.org/2013/activities/owasp-women-in-application-security-appsec-program/index.html]

==WIA Attendee Sponsorship==

In the past, when we have offered sponsorships, we have typically had two winners selected for the sponsorship award; however, the number of winners depends on how much you can afford to sponsor. We recommend that you raise $3000 USD for each winner, at least. In the past, we have given each winner a free conference pass, one free training, and free travel and accommodation to attend the event.
[[Image:IMG_5746.JPG|right|500x260px]]
Below is the list of eligibility criteria used to select WIA sponsorship winners at AppSec USA 2013.

* Has provided 2 responsive contacts as reference, and both references are familiar with the candidate, application security, and OWASP.
* Both references have provided letters of recommendation.
* Has relevant/appropriate achievement goals for attending the conference.
* Is the applicant from the region that the conference is taking place in.
* Has background in volunteering for OWASP or similar organizations.
* Has participated in one of OWASP's programs or activities?
* Is either studying, wishing to study, working in AppSec, or interested in working in AppSec.
* Has financial need.
* Is a paid OWASP member, and/or employer/school is an OWASP sponsor.
* Has an interest in exploring application security

We encourage you to create your own set of criteria that will fit the Women In AppSec that you are planning within your region. The criteria above is meant to be a guideline of what has been used in the past.

=PLANNING A WIA EVENT=
==Planning a WIA Event==

The majority of the planning involved in running the Women in AppSec Program occurs before the conference or regional event. Below, you will find a brief outline of the tasks your team will have to take on.

====Planning & Selection Team====

The first step you will need to take care of is the selection of your planning and selection team. These are the individuals that will be helping you manage the pre-event planning process and the selection of the sessions during the event. You will typically need a team of 5-6 people. The selection committee will then be broken down into several sub-teams of one to two people who will then work on sponsorship, marketing, the grading process, and the call for entries.

==== Sub-Team Roles ====

'''Sponsorship'''

Two people should be responsible for developing the materials and seeking out sponsorships for the program. They will be in charge of creating the sponsorship packages, flyers, and seeking out sponsorship from other chapters and organizations.

'''Marketing'''

At least two people should be responsible for marketing the event. Their job will consist of putting together press releases, keeping the event planners updated on progress, and
communicating progress to the overall community. They will also be responsible for getting the message out when the team is ready to start accepting applicants.

====Budget====
As mentioned above, it is up to your team to decide what it is you wish to do during the event - that will determine the budget.

====Sponsorship====
It is very important to start reaching out to the overall OWASP community and their corporate contacts as potential sponsorship leads. Develop a Sponsorship Strategy and put together a sponsorship flyer outlining the program, what you are seeking, and the benefits of sponsorship. Give incentive for sponsorship and details about the program to get potential sponsors interested. Make sure to include the successes of past Women in AppSec conference events. Once you have your materials and sponsorship packages sorted, you can get started with sponsorship seeking activities. Below you will find an example of the Women in AppSec 2013 sponsorship flyer we sent out to potential sponsors.

[http://appsecusa.org/2013/wp-content/uploads/2013/06/women-in-appsec-sponsorship.pdf Sample of 2013 Sponsorship Flyer]

==During the conference==
Be sure the engage the women attending the conference in the sessions you have organized: encourage them to not only attend but to be active participants. It's not all about the women try and encourage some men to get involved and attend also, for this initiative to be successful it must be inclusive.

==Post-Conference==

After the conference, it is very important to gather feedback from the participants to make sure they enjoyed the experience. Ask them for a brief description about their experience, with a picture attached for the website. Then write up a review and lessons learned page to document the experience with the program. Make sure to include what can be improved upon in the future.

=APPSEC USA 2015=
Planning is currently underway for AppSec USA 2015 WIA activities. We are exploring a networking room as well as other activities. Interested in getting involved? [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support].

Keep an eye on this space for more information!

==Bring the InfoSec Girls to AppSec USA 2015==
Join the AppSecUSA 2015 Women in AppSec Program Organizing Committee on the OWASP Women in AppSec Community Group: https://myowasp.force.com. We are planning several activities for the AppSec USA event.

We are especially excited to invite the founders of the InfoSec Girls initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world. 
'''Donate now:''' 

<paypal>Women In AppSec</paypal>

'''About InfoSec Girls''' 
Based in India, [https://infosecgirls.in/ InfoSec Girls] educates women about information security both at the community level and as a career option. Their kickoff event at C0c0n 2014 in Kochi, Kerala attracted 130 women and was the first event of it’s kind in the region.

Founders Apoorva Giri and Shruthi Kamath have spoken extensively on cybersecurity and women’s issues in India. Their efforts to bring awareness of cybersecurity to a wider audience has empowered women and girls to consider security careers as well as protect themselves online. They are also members of OWASP WIA.

At AppSec USA in September, they will inspire and inform your organization’s diversity and education programs, as well as give individual OWASP members ideas on how they can contribute to the application security education effort.

Sponsorship opportunities for commercial organizations and OWASP chapters are also available. Please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information about sponsorship packages.

=PAST WINNERS=
==Previous Women in AppSec Winners==
Following their experience at AppSec, winners are encouraged to write a short piece about their experience at the conference and their participation in the Women in AppSec program. Here, they outline their experience with the Women in AppSec Program in their own words.

'''Carrie Schaper, 2013 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Carrie Schaper Small.jpg|100px]]
| align="justify" |"OWASP Appsec proved to be a great experience for me, uniting and interacting with friends, professionals, and colleagues from the Information Security space from across the US and Internationally whom were in attendance. The huge space and well organized functions such as the: trainings, expert talks, panels, bug-bounty, lock-picking village and social events all enhanced the conference experience. Participating on the Women in IT panel was a wonderful experience, as many women were in attendance and participated in collaborative discussions. OWASP Appsec held in NY this year, was a premier NY conference not to be missed. Thank you to OWASP, its attendees and organizers."
|}
 

'''Nancy Lornston, 2013 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Nancy Lorntson Small.jpg|100px]]
| align="justify" |"AppSec 2013 was an awesome experience! Nowhere in the world can you find the top security experts all in one place at one time (and participate in a marriage proposal!). The conference presentations were well organized and the speakers were prepared to share pros, cons, successes and failures of their work in order to advance the application security domain. The variety of vendors was terrific as well.

The Women in AppSec panel was an opportunity to advance women's position in the community. Each speaker shared some very candid remarks about their personal experiences and by the end, it was clear that while more work needs to be done, there is a sincere interest by companies, universities and the industry in general to work on doing the things needed to attract more women to the profession.

The training course I attended (Open source tools) lived up to it's billing and I came away with several invaluable tips and strategies to improve our program.

A huge thank you to the Women in App Sec Panel and OWASP in general for this opportunity to attend the premier Application Security Conference in the world."
|}
 

'''Tara Wilson, 2011 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Tara wilson.jpg|100px]]
| align="justify" |“Being fortunate enough to receive the Women in AppSec sponsorhsip is a unique and valuable experience. It is a great opportunity for women to have a chance to bolster their skills and dive deep into the world of application security. I found that attending the conference was not only a great way to experience what the OWASP community has to offer, but it also gives students a chance to network with a great group of people who are passionate about their field and willing to share a wealth of information.”
|}
 

'''Chandni Bhowmik, 2011 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Chandni_bhowmik.jpg|100px]]
| align="justify" |Chandni Bhowmik is currently completing an M.S. in Computer Security and Information Assurance at the Rochester Institute of Technology (RIT). Her first introduction to OWASP was through the project WebScarab during an application security lab last spring at RIT and her interest in OWASP grew ever since. Over the summer, she started programming open source web applications using built-in security features of Django and Python. She is interested in becoming an information security researcher, and hopes to leverage learning at OWASP AppSec USA 2011 in ad-hoc architecture, mobile platforms and over-all concepts of web application security. Besides secure programming, Chandni enjoys her current research involving digital image forensics and machine learning. In addition to attending school, she has interned in IT security and compliance at Paychex, a Rochester based payroll processing company, and gained industrial experience working an assistant systems engineer for Tata Consultancy Services, a global IT firm.
|}
 

=WIA SPONSORS=
==Our Sponsors==
We'd like to offer a warm thanks to the individuals and organizations that have sponsored the OWASP Women in Technology project. 
'''Diamond Sponsors''' 
'''Platinum Sponsors''' 
'''Gold Sponsors''' 
'''Silver Sponsors''' 

=SPONSOR WIA=
==Sponsor WIA==
We'd like to offer a warm thanks to the individuals and organizations that have sponsored the OWASP Women in Technology project. If your organization would like to discuss sponsorship, please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information. 

'''Sponsorship Packages for AppSec USA 2015:''' 
'''Silver:''' Donate $500 or more, get your company name and logo on the WIA Wiki Sponsorship Tab from now until June 2016. (10 sponsorships available) 
'''Gold:''' Donate $1500 or more, get your company name and logo on the WIA Wiki Sponsorship Tab from now until June 2016 and put your literature on the table in the WIA meeting room at AppSec USA (8 sponsorships available). 
'''Platinum:''' Donate $2500 or more, all of the above place a banner stand in the WIA meeting room at AppSec USA and have your company logo/social handle on the screen at the WIA session. (5 Sponsorships available). 
'''Diamond:''' Donate $3500 or more, all of the above plus introduce the WIA speakers at the AppSec USA WIA session. (1 Sponsorship available).

=CONTACT US=

==Contact Us==

If you are interested in another piece of OWASP design for your event or project, please let us know by using the [http://owasp4.owasp.org/contactus.html OWASP Contact Us form].

<headertabs />

Women In AppSec

2015-08-03T16:49:34Z

Kerryjorichards: /* PLANNING */

=WELCOME=

==Women in Application Security Program==

The purpose of the Women in AppSec Program is to increase the participation of women in the field of application security. The program was successfully launched in 2011 at AppSec USA, and the aim is to run the program at every OWASP Global AppSec going forward. Most recently, at AppSec EU in Amsterndam in May 2015, a program with the theme "Women in AppSec - Making it Happen" was launched and both a panel and a workshop were included at the event.

The Women in AppSec program is for any OWASP member who believes that diversity is important to the success of the organization, as well as for women looking to learn more about AppSec or who want to make career connections with like-minded colleagues. This includes female undergraduate and graduate students, instructors, and professionals who are dedicated to information security or application development.

'''AppSec USA 2015''' 
Currently, there is an effort to plan activities for AppSec USA 2015. Volunteers are eagerly sought to support the program at AppSec USA! We are especially excited to invite the founders of the '''InfoSec Girls''' initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world. '''Donate now:''' 

<paypal>Women In AppSec</paypal>

'''Want to find out more?''' Join the weekly meeting - reach out via the [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support].

Regional conferences are also encouraged to host the Women in AppSec program. Contact us via the [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support] to discuss how to successfully run a program at your event.

{|
|-
! width="400" align="left" |
! width="400" align="left" |
|-
| align="left" | [[Image:WiAAPAC3.jpg| left|330px]] 
| align="left" | [[Image:IMG_5579.JPG|left|325px]]
| align="left" | [[Image:WiAAPAC2.jpg|left|330px]]

|}

==Contact Us==

If you are interested in another piece of OWASP design for your event or project, please let us know by using the [http://owasp4.owasp.org/contactus.html OWASP Contact Us form].

==Links==
*[https://www.isc2.org/PressReleaseDetails.aspx?id=11240 (ISC)²® Report Reveals Women's Perspective and Skills are Transforming the Information Security Industry October 29, 2013].

*[https://www.youtube.com/watch?v=62i4o15NbgA&list=PLpr-xdpM8wG8ODR2zWs06JkMmlRiLyBXU&index=42 Women in AppSec Panel at AppSec USA 2013: Women in Information Security: Who Are We? Where Are We Going? Why? -- Joan Goodchild (Audio Only)]

=ABOUT THE PROGRAM=

The OWASP Foundation, in recognition of value to both organizations and society, is working to support and enhance programs that increase the participation of women in the field of information and application security. The OWASP Foundation Women in AppSec Program provides merit-based funding for women to attend participating OWASP AppSec conferences. OWASP’s current program objective is to encourage female students at both the undergraduate and graduate levels, instructors, and professional working women who are dedicated to a career in information security and/or application development, to expand their skills and pursue application security. Interested applicants are encouraged to apply to the program running within their region of residence. 

'''AppSec USA 2015''' 
Join the AppSecUSA 2015 Women in AppSec Program Organizing Committee on the OWASP Women in AppSec Community Group: https://myowasp.force.com. We are planning several activities for the AppSec USA event.

We are especially excited to invite the founders of the InfoSec Girls initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world. 
'''Donate now:''' 
<paypal>Women In AppSec</paypal>

Sponsorship opportunities for commercial organizations and OWASP chapters are also available. Please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information about sponsorship packages.

=PREVIOUS WIA ACTIVITIES=

== AppSec EU 2015 ==
During AppSec EU there was a panel discussion and workshop supported by the Women in AppSec initiative. Through these sessions we hoped to encourage women to pursue a career in AppSec and help them realize it is an option for them. These sessions was be open to all so we can help build support for the women around us. 

'''Panel: "Women in AppSec - Making it Happen"''' 
During this panel session we discussed what can be done to Make it Happen for Women in AppSec going forward. What have those currently working in the field done to Make it Happen for themselves and other women; what tips and advice do they have to help you do to make a career for yourself or encourage those around you (sister, friend, daughter, etc…) to pursue a career in AppSec? What can we as professionals can do to help encourage girls to go for a career in AppSec?

'''Workshop''' 
During the workshop we introduced female attendees of the conference to what a career in App Sec can involve. We discussed application security and the many career paths available. We hope to build relationships that may lead to a mentoring program for these women.

==WIA Attendee Sponsorship==

In the past, when we have offered sponsorships, we have typically had two winners selected for the sponsorship award; however, the number of winners depends on how much you can afford to sponsor. We recommend that you raise $3000 USD for each winner, at least. In the past, we have given each winner a free conference pass, one free training, and free travel and accommodation to attend the event.
[[Image:IMG_5746.JPG|right|500x260px]]
Below is the list of eligibility criteria used to select WIA sponsorship winners at AppSec USA 2013.

* Has provided 2 responsive contacts as reference, and both references are familiar with the candidate, application security, and OWASP.
* Both references have provided letters of recommendation.
* Has relevant/appropriate achievement goals for attending the conference.
* Is the applicant from the region that the conference is taking place in.
* Has background in volunteering for OWASP or similar organizations.
* Has participated in one of OWASP's programs or activities?
* Is either studying, wishing to study, working in AppSec, or interested in working in AppSec.
* Has financial need.
* Is a paid OWASP member, and/or employer/school is an OWASP sponsor.
* Has an interest in exploring application security

We encourage you to create your own set of criteria that will fit the Women In AppSec that you are planning within your region. The criteria above is meant to be a guideline of what has been used in the past.



=PLANNING A WIA EVENT=
==Planning a WIA Event==

The majority of the planning involved in running the Women in AppSec Program occurs before the conference or regional event. Below, you will find a brief outline of the tasks your team will have to take on.

====Planning & Selection Team====

The first step you will need to take care of is the selection of your planning and selection team. These are the individuals that will be helping you manage the pre-event planning process and the selection of the sessions during the event. You will typically need a team of 5-6 people. The selection committee will then be broken down into several sub-teams of one to two people who will then work on sponsorship, marketing, the grading process, and the call for entries.

==== Sub-Team Roles ====

'''Sponsorship'''

Two people should be responsible for developing the materials and seeking out sponsorships for the program. They will be in charge of creating the sponsorship packages, flyers, and seeking out sponsorship from other chapters and organizations.

'''Marketing'''

At least two people should be responsible for marketing the event. Their job will consist of putting together press releases, keeping the event planners updated on progress, and
communicating progress to the overall community. They will also be responsible for getting the message out when the team is ready to start accepting applicants.

====Budget====
As mentioned above, it is up to your team to decide what it is you wish to do during the event - that will determine the budget.

====Sponsorship====
It is very important to start reaching out to the overall OWASP community and their corporate contacts as potential sponsorship leads. Develop a Sponsorship Strategy and put together a sponsorship flyer outlining the program, what you are seeking, and the benefits of sponsorship. Give incentive for sponsorship and details about the program to get potential sponsors interested. Make sure to include the successes of past Women in AppSec conference events. Once you have your materials and sponsorship packages sorted, you can get started with sponsorship seeking activities. Below you will find an example of the Women in AppSec 2013 sponsorship flyer we sent out to potential sponsors.

[http://appsecusa.org/2013/wp-content/uploads/2013/06/women-in-appsec-sponsorship.pdf Sample of 2013 Sponsorship Flyer]

==During the conference==
Be sure the engage the women attending the conference in the sessions you have organized: encourage them to not only attend but to be active participants. It's not all about the women try and encourage some men to get involved and attend also, for this initiative to be successful it must be inclusive.

==Post-Conference==

After the conference, it is very important to gather feedback from the participants to make sure they enjoyed the experience. Ask them for a brief description about their experience, with a picture attached for the website. Then write up a review and lessons learned page to document the experience with the program. Make sure to include what can be improved upon in the future.

=APPSEC USA 2015=
Planning is currently underway for AppSec USA 2015 WIA activities. We are exploring a networking room as well as other activities. Interested in getting involved? [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support].

Keep an eye on this space for more information!

==Bring the InfoSec Girls to AppSec USA 2015==
Join the AppSecUSA 2015 Women in AppSec Program Organizing Committee on the OWASP Women in AppSec Community Group: https://myowasp.force.com. We are planning several activities for the AppSec USA event.

We are especially excited to invite the founders of the InfoSec Girls initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world. 
'''Donate now:''' 

<paypal>Women In AppSec</paypal>

'''About InfoSec Girls''' 
Based in India, [https://infosecgirls.in/ InfoSec Girls] educates women about information security both at the community level and as a career option. Their kickoff event at C0c0n 2014 in Kochi, Kerala attracted 130 women and was the first event of it’s kind in the region.

Founders Apoorva Giri and Shruthi Kamath have spoken extensively on cybersecurity and women’s issues in India. Their efforts to bring awareness of cybersecurity to a wider audience has empowered women and girls to consider security careers as well as protect themselves online. They are also members of OWASP WIA.

At AppSec USA in September, they will inspire and inform your organization’s diversity and education programs, as well as give individual OWASP members ideas on how they can contribute to the application security education effort.

Sponsorship opportunities for commercial organizations and OWASP chapters are also available. Please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information about sponsorship packages.

=PAST WINNERS=
==Previous Women in AppSec Winners==
Following their experience at AppSec, winners are encouraged to write a short piece about their experience at the conference and their participation in the Women in AppSec program. Here, they outline their experience with the Women in AppSec Program in their own words.

'''Carrie Schaper, 2013 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Carrie Schaper Small.jpg|100px]]
| align="justify" |"OWASP Appsec proved to be a great experience for me, uniting and interacting with friends, professionals, and colleagues from the Information Security space from across the US and Internationally whom were in attendance. The huge space and well organized functions such as the: trainings, expert talks, panels, bug-bounty, lock-picking village and social events all enhanced the conference experience. Participating on the Women in IT panel was a wonderful experience, as many women were in attendance and participated in collaborative discussions. OWASP Appsec held in NY this year, was a premier NY conference not to be missed. Thank you to OWASP, its attendees and organizers."
|}
 

'''Nancy Lornston, 2013 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Nancy Lorntson Small.jpg|100px]]
| align="justify" |"AppSec 2013 was an awesome experience! Nowhere in the world can you find the top security experts all in one place at one time (and participate in a marriage proposal!). The conference presentations were well organized and the speakers were prepared to share pros, cons, successes and failures of their work in order to advance the application security domain. The variety of vendors was terrific as well.

The Women in AppSec panel was an opportunity to advance women's position in the community. Each speaker shared some very candid remarks about their personal experiences and by the end, it was clear that while more work needs to be done, there is a sincere interest by companies, universities and the industry in general to work on doing the things needed to attract more women to the profession.

The training course I attended (Open source tools) lived up to it's billing and I came away with several invaluable tips and strategies to improve our program.

A huge thank you to the Women in App Sec Panel and OWASP in general for this opportunity to attend the premier Application Security Conference in the world."
|}
 

'''Tara Wilson, 2011 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Tara wilson.jpg|100px]]
| align="justify" |“Being fortunate enough to receive the Women in AppSec sponsorhsip is a unique and valuable experience. It is a great opportunity for women to have a chance to bolster their skills and dive deep into the world of application security. I found that attending the conference was not only a great way to experience what the OWASP community has to offer, but it also gives students a chance to network with a great group of people who are passionate about their field and willing to share a wealth of information.”
|}
 

'''Chandni Bhowmik, 2011 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Chandni_bhowmik.jpg|100px]]
| align="justify" |Chandni Bhowmik is currently completing an M.S. in Computer Security and Information Assurance at the Rochester Institute of Technology (RIT). Her first introduction to OWASP was through the project WebScarab during an application security lab last spring at RIT and her interest in OWASP grew ever since. Over the summer, she started programming open source web applications using built-in security features of Django and Python. She is interested in becoming an information security researcher, and hopes to leverage learning at OWASP AppSec USA 2011 in ad-hoc architecture, mobile platforms and over-all concepts of web application security. Besides secure programming, Chandni enjoys her current research involving digital image forensics and machine learning. In addition to attending school, she has interned in IT security and compliance at Paychex, a Rochester based payroll processing company, and gained industrial experience working an assistant systems engineer for Tata Consultancy Services, a global IT firm.
|}
 

=WIA SPONSORS=
==Our Sponsors==
We'd like to offer a warm thanks to the individuals and organizations that have sponsored the OWASP Women in Technology project. 
'''Diamond Sponsors''' 
'''Platinum Sponsors''' 
'''Gold Sponsors''' 
'''Silver Sponsors''' 

=SPONSOR WIA=
==Sponsor WIA==
We'd like to offer a warm thanks to the individuals and organizations that have sponsored the OWASP Women in Technology project. If your organization would like to discuss sponsorship, please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information. 

'''Sponsorship Packages for AppSec USA 2015:''' 
'''Silver:''' Donate $500 or more, get your company name and logo on the WIA Wiki Sponsorship Tab from now until June 2016. (10 sponsorships available) 
'''Gold:''' Donate $1500 or more, get your company name and logo on the WIA Wiki Sponsorship Tab from now until June 2016 and put your literature on the table in the WIA meeting room at AppSec USA (8 sponsorships available). 
'''Platinum:''' Donate $2500 or more, all of the above place a banner stand in the WIA meeting room at AppSec USA and have your company logo/social handle on the screen at the WIA session. (5 Sponsorships available). 
'''Diamond:''' Donate $3500 or more, all of the above plus introduce the WIA speakers at the AppSec USA WIA session. (1 Sponsorship available).

=CONTACT US=

==Contact Us==

If you are interested in another piece of OWASP design for your event or project, please let us know by using the [http://owasp4.owasp.org/contactus.html OWASP Contact Us form].

<headertabs />

Women In AppSec

2015-08-03T16:48:12Z

Kerryjorichards:

=WELCOME=

==Women in Application Security Program==

The purpose of the Women in AppSec Program is to increase the participation of women in the field of application security. The program was successfully launched in 2011 at AppSec USA, and the aim is to run the program at every OWASP Global AppSec going forward. Most recently, at AppSec EU in Amsterndam in May 2015, a program with the theme "Women in AppSec - Making it Happen" was launched and both a panel and a workshop were included at the event.

The Women in AppSec program is for any OWASP member who believes that diversity is important to the success of the organization, as well as for women looking to learn more about AppSec or who want to make career connections with like-minded colleagues. This includes female undergraduate and graduate students, instructors, and professionals who are dedicated to information security or application development.

'''AppSec USA 2015''' 
Currently, there is an effort to plan activities for AppSec USA 2015. Volunteers are eagerly sought to support the program at AppSec USA! We are especially excited to invite the founders of the '''InfoSec Girls''' initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world. '''Donate now:''' 

<paypal>Women In AppSec</paypal>

'''Want to find out more?''' Join the weekly meeting - reach out via the [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support].

Regional conferences are also encouraged to host the Women in AppSec program. Contact us via the [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support] to discuss how to successfully run a program at your event.

{|
|-
! width="400" align="left" |
! width="400" align="left" |
|-
| align="left" | [[Image:WiAAPAC3.jpg| left|330px]] 
| align="left" | [[Image:IMG_5579.JPG|left|325px]]
| align="left" | [[Image:WiAAPAC2.jpg|left|330px]]

|}

==Contact Us==

If you are interested in another piece of OWASP design for your event or project, please let us know by using the [http://owasp4.owasp.org/contactus.html OWASP Contact Us form].

==Links==
*[https://www.isc2.org/PressReleaseDetails.aspx?id=11240 (ISC)²® Report Reveals Women's Perspective and Skills are Transforming the Information Security Industry October 29, 2013].

*[https://www.youtube.com/watch?v=62i4o15NbgA&list=PLpr-xdpM8wG8ODR2zWs06JkMmlRiLyBXU&index=42 Women in AppSec Panel at AppSec USA 2013: Women in Information Security: Who Are We? Where Are We Going? Why? -- Joan Goodchild (Audio Only)]

=ABOUT THE PROGRAM=

The OWASP Foundation, in recognition of value to both organizations and society, is working to support and enhance programs that increase the participation of women in the field of information and application security. The OWASP Foundation Women in AppSec Program provides merit-based funding for women to attend participating OWASP AppSec conferences. OWASP’s current program objective is to encourage female students at both the undergraduate and graduate levels, instructors, and professional working women who are dedicated to a career in information security and/or application development, to expand their skills and pursue application security. Interested applicants are encouraged to apply to the program running within their region of residence. 

'''AppSec USA 2015''' 
Join the AppSecUSA 2015 Women in AppSec Program Organizing Committee on the OWASP Women in AppSec Community Group: https://myowasp.force.com. We are planning several activities for the AppSec USA event.

We are especially excited to invite the founders of the InfoSec Girls initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world. 
'''Donate now:''' 
<paypal>Women In AppSec</paypal>

Sponsorship opportunities for commercial organizations and OWASP chapters are also available. Please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information about sponsorship packages.

=PREVIOUS WIA ACTIVITIES=

== AppSec EU 2015 ==
During AppSec EU there was a panel discussion and workshop supported by the Women in AppSec initiative. Through these sessions we hoped to encourage women to pursue a career in AppSec and help them realize it is an option for them. These sessions was be open to all so we can help build support for the women around us. 

'''Panel: "Women in AppSec - Making it Happen"''' 
During this panel session we discussed what can be done to Make it Happen for Women in AppSec going forward. What have those currently working in the field done to Make it Happen for themselves and other women; what tips and advice do they have to help you do to make a career for yourself or encourage those around you (sister, friend, daughter, etc…) to pursue a career in AppSec? What can we as professionals can do to help encourage girls to go for a career in AppSec?

'''Workshop''' 
During the workshop we introduced female attendees of the conference to what a career in App Sec can involve. We discussed application security and the many career paths available. We hope to build relationships that may lead to a mentoring program for these women.

==WIA Attendee Sponsorship==

In the past, when we have offered sponsorships, we have typically had two winners selected for the sponsorship award; however, the number of winners depends on how much you can afford to sponsor. We recommend that you raise $3000 USD for each winner, at least. In the past, we have given each winner a free conference pass, one free training, and free travel and accommodation to attend the event.
[[Image:IMG_5746.JPG|right|500x260px]]
Below is the list of eligibility criteria used to select WIA sponsorship winners at AppSec USA 2013.

* Has provided 2 responsive contacts as reference, and both references are familiar with the candidate, application security, and OWASP.
* Both references have provided letters of recommendation.
* Has relevant/appropriate achievement goals for attending the conference.
* Is the applicant from the region that the conference is taking place in.
* Has background in volunteering for OWASP or similar organizations.
* Has participated in one of OWASP's programs or activities?
* Is either studying, wishing to study, working in AppSec, or interested in working in AppSec.
* Has financial need.
* Is a paid OWASP member, and/or employer/school is an OWASP sponsor.
* Has an interest in exploring application security

We encourage you to create your own set of criteria that will fit the Women In AppSec that you are planning within your region. The criteria above is meant to be a guideline of what has been used in the past.



=PLANNING=
==Planning a WIA Event==

The majority of the planning involved in running the Women in AppSec Program occurs before the conference or regional event. Below, you will find a brief outline of the tasks your team will have to take on.

====Planning & Selection Team====

The first step you will need to take care of is the selection of your planning and selection team. These are the individuals that will be helping you manage the pre-event planning process and the selection of the sessions during the event. You will typically need a team of 5-6 people. The selection committee will then be broken down into several sub-teams of one to two people who will then work on sponsorship, marketing, the grading process, and the call for entries.

==== Sub-Team Roles ====

'''Sponsorship'''

Two people should be responsible for developing the materials and seeking out sponsorships for the program. They will be in charge of creating the sponsorship packages, flyers, and seeking out sponsorship from other chapters and organizations.

'''Marketing'''

At least two people should be responsible for marketing the event. Their job will consist of putting together press releases, keeping the event planners updated on progress, and
communicating progress to the overall community. They will also be responsible for getting the message out when the team is ready to start accepting applicants.

====Budget====
As mentioned above, it is up to your team to decide what it is you wish to do during the event - that will determine the budget.

====Sponsorship====
It is very important to start reaching out to the overall OWASP community and their corporate contacts as potential sponsorship leads. Develop a Sponsorship Strategy and put together a sponsorship flyer outlining the program, what you are seeking, and the benefits of sponsorship. Give incentive for sponsorship and details about the program to get potential sponsors interested. Make sure to include the successes of past Women in AppSec conference events. Once you have your materials and sponsorship packages sorted, you can get started with sponsorship seeking activities. Below you will find an example of the Women in AppSec 2013 sponsorship flyer we sent out to potential sponsors.

[http://appsecusa.org/2013/wp-content/uploads/2013/06/women-in-appsec-sponsorship.pdf Sample of 2013 Sponsorship Flyer]

==During the conference==
Be sure the engage the women attending the conference in the sessions you have organized: encourage them to not only attend but to be active participants. It's not all about the women try and encourage some men to get involved and attend also, for this initiative to be successful it must be inclusive.

==Post-Conference==

After the conference, it is very important to gather feedback from the participants to make sure they enjoyed the experience. Ask them for a brief description about their experience, with a picture attached for the website. Then write up a review and lessons learned page to document the experience with the program. Make sure to include what can be improved upon in the future.

=APPSEC USA 2015=
Planning is currently underway for AppSec USA 2015 WIA activities. We are exploring a networking room as well as other activities. Interested in getting involved? [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support].

Keep an eye on this space for more information!

==Bring the InfoSec Girls to AppSec USA 2015==
Join the AppSecUSA 2015 Women in AppSec Program Organizing Committee on the OWASP Women in AppSec Community Group: https://myowasp.force.com. We are planning several activities for the AppSec USA event.

We are especially excited to invite the founders of the InfoSec Girls initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world. 
'''Donate now:''' 

<paypal>Women In AppSec</paypal>

'''About InfoSec Girls''' 
Based in India, [https://infosecgirls.in/ InfoSec Girls] educates women about information security both at the community level and as a career option. Their kickoff event at C0c0n 2014 in Kochi, Kerala attracted 130 women and was the first event of it’s kind in the region.

Founders Apoorva Giri and Shruthi Kamath have spoken extensively on cybersecurity and women’s issues in India. Their efforts to bring awareness of cybersecurity to a wider audience has empowered women and girls to consider security careers as well as protect themselves online. They are also members of OWASP WIA.

At AppSec USA in September, they will inspire and inform your organization’s diversity and education programs, as well as give individual OWASP members ideas on how they can contribute to the application security education effort.

Sponsorship opportunities for commercial organizations and OWASP chapters are also available. Please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information about sponsorship packages.

=PAST WINNERS=
==Previous Women in AppSec Winners==
Following their experience at AppSec, winners are encouraged to write a short piece about their experience at the conference and their participation in the Women in AppSec program. Here, they outline their experience with the Women in AppSec Program in their own words.

'''Carrie Schaper, 2013 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Carrie Schaper Small.jpg|100px]]
| align="justify" |"OWASP Appsec proved to be a great experience for me, uniting and interacting with friends, professionals, and colleagues from the Information Security space from across the US and Internationally whom were in attendance. The huge space and well organized functions such as the: trainings, expert talks, panels, bug-bounty, lock-picking village and social events all enhanced the conference experience. Participating on the Women in IT panel was a wonderful experience, as many women were in attendance and participated in collaborative discussions. OWASP Appsec held in NY this year, was a premier NY conference not to be missed. Thank you to OWASP, its attendees and organizers."
|}
 

'''Nancy Lornston, 2013 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Nancy Lorntson Small.jpg|100px]]
| align="justify" |"AppSec 2013 was an awesome experience! Nowhere in the world can you find the top security experts all in one place at one time (and participate in a marriage proposal!). The conference presentations were well organized and the speakers were prepared to share pros, cons, successes and failures of their work in order to advance the application security domain. The variety of vendors was terrific as well.

The Women in AppSec panel was an opportunity to advance women's position in the community. Each speaker shared some very candid remarks about their personal experiences and by the end, it was clear that while more work needs to be done, there is a sincere interest by companies, universities and the industry in general to work on doing the things needed to attract more women to the profession.

The training course I attended (Open source tools) lived up to it's billing and I came away with several invaluable tips and strategies to improve our program.

A huge thank you to the Women in App Sec Panel and OWASP in general for this opportunity to attend the premier Application Security Conference in the world."
|}
 

'''Tara Wilson, 2011 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Tara wilson.jpg|100px]]
| align="justify" |“Being fortunate enough to receive the Women in AppSec sponsorhsip is a unique and valuable experience. It is a great opportunity for women to have a chance to bolster their skills and dive deep into the world of application security. I found that attending the conference was not only a great way to experience what the OWASP community has to offer, but it also gives students a chance to network with a great group of people who are passionate about their field and willing to share a wealth of information.”
|}
 

'''Chandni Bhowmik, 2011 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Chandni_bhowmik.jpg|100px]]
| align="justify" |Chandni Bhowmik is currently completing an M.S. in Computer Security and Information Assurance at the Rochester Institute of Technology (RIT). Her first introduction to OWASP was through the project WebScarab during an application security lab last spring at RIT and her interest in OWASP grew ever since. Over the summer, she started programming open source web applications using built-in security features of Django and Python. She is interested in becoming an information security researcher, and hopes to leverage learning at OWASP AppSec USA 2011 in ad-hoc architecture, mobile platforms and over-all concepts of web application security. Besides secure programming, Chandni enjoys her current research involving digital image forensics and machine learning. In addition to attending school, she has interned in IT security and compliance at Paychex, a Rochester based payroll processing company, and gained industrial experience working an assistant systems engineer for Tata Consultancy Services, a global IT firm.
|}
 

=WIA SPONSORS=
==Our Sponsors==
We'd like to offer a warm thanks to the individuals and organizations that have sponsored the OWASP Women in Technology project. 
'''Diamond Sponsors''' 
'''Platinum Sponsors''' 
'''Gold Sponsors''' 
'''Silver Sponsors''' 

=SPONSOR WIA=
==Sponsor WIA==
We'd like to offer a warm thanks to the individuals and organizations that have sponsored the OWASP Women in Technology project. If your organization would like to discuss sponsorship, please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information. 

'''Sponsorship Packages for AppSec USA 2015:''' 
'''Silver:''' Donate $500 or more, get your company name and logo on the WIA Wiki Sponsorship Tab from now until June 2016. (10 sponsorships available) 
'''Gold:''' Donate $1500 or more, get your company name and logo on the WIA Wiki Sponsorship Tab from now until June 2016 and put your literature on the table in the WIA meeting room at AppSec USA (8 sponsorships available). 
'''Platinum:''' Donate $2500 or more, all of the above place a banner stand in the WIA meeting room at AppSec USA and have your company logo/social handle on the screen at the WIA session. (5 Sponsorships available). 
'''Diamond:''' Donate $3500 or more, all of the above plus introduce the WIA speakers at the AppSec USA WIA session. (1 Sponsorship available).

=CONTACT US=

==Contact Us==

If you are interested in another piece of OWASP design for your event or project, please let us know by using the [http://owasp4.owasp.org/contactus.html OWASP Contact Us form].

<headertabs />

Women In AppSec

2015-08-03T16:46:18Z

Kerryjorichards:

=WELCOME=

<paypal>Women In AppSec</paypal>
==Women in Application Security Program==

The purpose of the Women in AppSec Program is to increase the participation of women in the field of application security. The program was successfully launched in 2011 at AppSec USA, and the aim is to run the program at every OWASP Global AppSec going forward. Most recently, at AppSec EU in Amsterndam in May 2015, a program with the theme "Women in AppSec - Making it Happen" was launched and both a panel and a workshop were included at the event.

The Women in AppSec program is for any OWASP member who believes that diversity is important to the success of the organization, as well as for women looking to learn more about AppSec or who want to make career connections with like-minded colleagues. This includes female undergraduate and graduate students, instructors, and professionals who are dedicated to information security or application development.

'''AppSec USA 2015''' 
Currently, there is an effort to plan activities for AppSec USA 2015. Volunteers are eagerly sought to support the program at AppSec USA! We are especially excited to invite the founders of the '''InfoSec Girls''' initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world. '''Donate now:''' 

<paypal>Women In AppSec</paypal>

'''Want to find out more?''' Join the weekly meeting - reach out via the [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support].

Regional conferences are also encouraged to host the Women in AppSec program. Contact us via the [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support] to discuss how to successfully run a program at your event.

{|
|-
! width="400" align="left" |
! width="400" align="left" |
|-
| align="left" | [[Image:WiAAPAC3.jpg| left|330px]] 
| align="left" | [[Image:IMG_5579.JPG|left|325px]]
| align="left" | [[Image:WiAAPAC2.jpg|left|330px]]

|}

==Contact Us==

If you are interested in another piece of OWASP design for your event or project, please let us know by using the [http://owasp4.owasp.org/contactus.html OWASP Contact Us form].

==Links==
*[https://www.isc2.org/PressReleaseDetails.aspx?id=11240 (ISC)²® Report Reveals Women's Perspective and Skills are Transforming the Information Security Industry October 29, 2013].

*[https://www.youtube.com/watch?v=62i4o15NbgA&list=PLpr-xdpM8wG8ODR2zWs06JkMmlRiLyBXU&index=42 Women in AppSec Panel at AppSec USA 2013: Women in Information Security: Who Are We? Where Are We Going? Why? -- Joan Goodchild (Audio Only)]

=ABOUT THE PROGRAM=

The OWASP Foundation, in recognition of value to both organizations and society, is working to support and enhance programs that increase the participation of women in the field of information and application security. The OWASP Foundation Women in AppSec Program provides merit-based funding for women to attend participating OWASP AppSec conferences. OWASP’s current program objective is to encourage female students at both the undergraduate and graduate levels, instructors, and professional working women who are dedicated to a career in information security and/or application development, to expand their skills and pursue application security. Interested applicants are encouraged to apply to the program running within their region of residence. 

'''AppSec USA 2015''' 
Join the AppSecUSA 2015 Women in AppSec Program Organizing Committee on the OWASP Women in AppSec Community Group: https://myowasp.force.com. We are planning several activities for the AppSec USA event.

We are especially excited to invite the founders of the InfoSec Girls initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world. 
'''Donate now:''' 
<paypal>Women In AppSec</paypal>

Sponsorship opportunities for commercial organizations and OWASP chapters are also available. Please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information about sponsorship packages.

=PREVIOUS WIA ACTIVITIES=

== AppSec EU 2015 ==
During AppSec EU there was a panel discussion and workshop supported by the Women in AppSec initiative. Through these sessions we hoped to encourage women to pursue a career in AppSec and help them realize it is an option for them. These sessions was be open to all so we can help build support for the women around us. 

'''Panel: "Women in AppSec - Making it Happen"''' 
During this panel session we discussed what can be done to Make it Happen for Women in AppSec going forward. What have those currently working in the field done to Make it Happen for themselves and other women; what tips and advice do they have to help you do to make a career for yourself or encourage those around you (sister, friend, daughter, etc…) to pursue a career in AppSec? What can we as professionals can do to help encourage girls to go for a career in AppSec?

'''Workshop''' 
During the workshop we introduced female attendees of the conference to what a career in App Sec can involve. We discussed application security and the many career paths available. We hope to build relationships that may lead to a mentoring program for these women.

==WIA Attendee Sponsorship==

In the past, when we have offered sponsorships, we have typically had two winners selected for the sponsorship award; however, the number of winners depends on how much you can afford to sponsor. We recommend that you raise $3000 USD for each winner, at least. In the past, we have given each winner a free conference pass, one free training, and free travel and accommodation to attend the event.
[[Image:IMG_5746.JPG|right|500x260px]]
Below is the list of eligibility criteria used to select WIA sponsorship winners at AppSec USA 2013.

* Has provided 2 responsive contacts as reference, and both references are familiar with the candidate, application security, and OWASP.
* Both references have provided letters of recommendation.
* Has relevant/appropriate achievement goals for attending the conference.
* Is the applicant from the region that the conference is taking place in.
* Has background in volunteering for OWASP or similar organizations.
* Has participated in one of OWASP's programs or activities?
* Is either studying, wishing to study, working in AppSec, or interested in working in AppSec.
* Has financial need.
* Is a paid OWASP member, and/or employer/school is an OWASP sponsor.
* Has an interest in exploring application security

We encourage you to create your own set of criteria that will fit the Women In AppSec that you are planning within your region. The criteria above is meant to be a guideline of what has been used in the past.



=PLANNING=
==Planning a WIA Event==

The majority of the planning involved in running the Women in AppSec Program occurs before the conference or regional event. Below, you will find a brief outline of the tasks your team will have to take on.

====Planning & Selection Team====

The first step you will need to take care of is the selection of your planning and selection team. These are the individuals that will be helping you manage the pre-event planning process and the selection of the sessions during the event. You will typically need a team of 5-6 people. The selection committee will then be broken down into several sub-teams of one to two people who will then work on sponsorship, marketing, the grading process, and the call for entries.

==== Sub-Team Roles ====

'''Sponsorship'''

Two people should be responsible for developing the materials and seeking out sponsorships for the program. They will be in charge of creating the sponsorship packages, flyers, and seeking out sponsorship from other chapters and organizations.

'''Marketing'''

At least two people should be responsible for marketing the event. Their job will consist of putting together press releases, keeping the event planners updated on progress, and
communicating progress to the overall community. They will also be responsible for getting the message out when the team is ready to start accepting applicants.

====Budget====
As mentioned above, it is up to your team to decide what it is you wish to do during the event - that will determine the budget.

====Sponsorship====
It is very important to start reaching out to the overall OWASP community and their corporate contacts as potential sponsorship leads. Develop a Sponsorship Strategy and put together a sponsorship flyer outlining the program, what you are seeking, and the benefits of sponsorship. Give incentive for sponsorship and details about the program to get potential sponsors interested. Make sure to include the successes of past Women in AppSec conference events. Once you have your materials and sponsorship packages sorted, you can get started with sponsorship seeking activities. Below you will find an example of the Women in AppSec 2013 sponsorship flyer we sent out to potential sponsors.

[http://appsecusa.org/2013/wp-content/uploads/2013/06/women-in-appsec-sponsorship.pdf Sample of 2013 Sponsorship Flyer]

==During the conference==
Be sure the engage the women attending the conference in the sessions you have organized: encourage them to not only attend but to be active participants. It's not all about the women try and encourage some men to get involved and attend also, for this initiative to be successful it must be inclusive.

==Post-Conference==

After the conference, it is very important to gather feedback from the participants to make sure they enjoyed the experience. Ask them for a brief description about their experience, with a picture attached for the website. Then write up a review and lessons learned page to document the experience with the program. Make sure to include what can be improved upon in the future.

=APPSEC USA 2015=
Planning is currently underway for AppSec USA 2015 WIA activities. We are exploring a networking room as well as other activities. Interested in getting involved? [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support].

Keep an eye on this space for more information!

==Bring the InfoSec Girls to AppSec USA 2015==
Join the AppSecUSA 2015 Women in AppSec Program Organizing Committee on the OWASP Women in AppSec Community Group: https://myowasp.force.com. We are planning several activities for the AppSec USA event.

We are especially excited to invite the founders of the InfoSec Girls initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world. 
'''Donate now:''' 

<paypal>Women In AppSec</paypal>

'''About InfoSec Girls''' 
Based in India, [https://infosecgirls.in/ InfoSec Girls] educates women about information security both at the community level and as a career option. Their kickoff event at C0c0n 2014 in Kochi, Kerala attracted 130 women and was the first event of it’s kind in the region.

Founders Apoorva Giri and Shruthi Kamath have spoken extensively on cybersecurity and women’s issues in India. Their efforts to bring awareness of cybersecurity to a wider audience has empowered women and girls to consider security careers as well as protect themselves online. They are also members of OWASP WIA.

At AppSec USA in September, they will inspire and inform your organization’s diversity and education programs, as well as give individual OWASP members ideas on how they can contribute to the application security education effort.

Sponsorship opportunities for commercial organizations and OWASP chapters are also available. Please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information about sponsorship packages.

=PAST WINNERS=
==Previous Women in AppSec Winners==
Following their experience at AppSec, winners are encouraged to write a short piece about their experience at the conference and their participation in the Women in AppSec program. Here, they outline their experience with the Women in AppSec Program in their own words.

'''Carrie Schaper, 2013 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Carrie Schaper Small.jpg|100px]]
| align="justify" |"OWASP Appsec proved to be a great experience for me, uniting and interacting with friends, professionals, and colleagues from the Information Security space from across the US and Internationally whom were in attendance. The huge space and well organized functions such as the: trainings, expert talks, panels, bug-bounty, lock-picking village and social events all enhanced the conference experience. Participating on the Women in IT panel was a wonderful experience, as many women were in attendance and participated in collaborative discussions. OWASP Appsec held in NY this year, was a premier NY conference not to be missed. Thank you to OWASP, its attendees and organizers."
|}
 

'''Nancy Lornston, 2013 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Nancy Lorntson Small.jpg|100px]]
| align="justify" |"AppSec 2013 was an awesome experience! Nowhere in the world can you find the top security experts all in one place at one time (and participate in a marriage proposal!). The conference presentations were well organized and the speakers were prepared to share pros, cons, successes and failures of their work in order to advance the application security domain. The variety of vendors was terrific as well.

The Women in AppSec panel was an opportunity to advance women's position in the community. Each speaker shared some very candid remarks about their personal experiences and by the end, it was clear that while more work needs to be done, there is a sincere interest by companies, universities and the industry in general to work on doing the things needed to attract more women to the profession.

The training course I attended (Open source tools) lived up to it's billing and I came away with several invaluable tips and strategies to improve our program.

A huge thank you to the Women in App Sec Panel and OWASP in general for this opportunity to attend the premier Application Security Conference in the world."
|}
 

'''Tara Wilson, 2011 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Tara wilson.jpg|100px]]
| align="justify" |“Being fortunate enough to receive the Women in AppSec sponsorhsip is a unique and valuable experience. It is a great opportunity for women to have a chance to bolster their skills and dive deep into the world of application security. I found that attending the conference was not only a great way to experience what the OWASP community has to offer, but it also gives students a chance to network with a great group of people who are passionate about their field and willing to share a wealth of information.”
|}
 

'''Chandni Bhowmik, 2011 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Chandni_bhowmik.jpg|100px]]
| align="justify" |Chandni Bhowmik is currently completing an M.S. in Computer Security and Information Assurance at the Rochester Institute of Technology (RIT). Her first introduction to OWASP was through the project WebScarab during an application security lab last spring at RIT and her interest in OWASP grew ever since. Over the summer, she started programming open source web applications using built-in security features of Django and Python. She is interested in becoming an information security researcher, and hopes to leverage learning at OWASP AppSec USA 2011 in ad-hoc architecture, mobile platforms and over-all concepts of web application security. Besides secure programming, Chandni enjoys her current research involving digital image forensics and machine learning. In addition to attending school, she has interned in IT security and compliance at Paychex, a Rochester based payroll processing company, and gained industrial experience working an assistant systems engineer for Tata Consultancy Services, a global IT firm.
|}
 

=CONTACT=

==Contact Us==

If you are interested in another piece of OWASP design for your event or project, please let us know by using the [http://owasp4.owasp.org/contactus.html OWASP Contact Us form].

=SPONSOR WIA=
==Sponsor WIA==
We'd like to offer a warm thanks to the individuals and organizations that have sponsored the OWASP Women in Technology project. If your organization would like to discuss sponsorship, please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information. 

'''Sponsorship Packages for AppSec USA 2015:''' 
'''Silver:''' Donate $500 or more, get your company name and logo on the WIA Wiki Sponsorship Tab from now until June 2016. (10 sponsorships available) 
'''Gold:''' Donate $1500 or more, get your company name and logo on the WIA Wiki Sponsorship Tab from now until June 2016 and put your literature on the table in the WIA meeting room at AppSec USA (8 sponsorships available). 
'''Platinum:''' Donate $2500 or more, all of the above place a banner stand in the WIA meeting room at AppSec USA and have your company logo/social handle on the screen at the WIA session. (5 Sponsorships available). 
'''Diamond:''' Donate $3500 or more, all of the above plus introduce the WIA speakers at the AppSec USA WIA session. (1 Sponsorship available).

=WIA SPONSORS=
==Our Sponsors==
We'd like to offer a warm thanks to the individuals and organizations that have sponsored the OWASP Women in Technology project. 
'''Diamond Sponsors''' 
'''Platinum Sponsors''' 
'''Gold Sponsors''' 
'''Silver Sponsors''' 
<headertabs />

Women In AppSec

2015-08-03T16:43:13Z

Kerryjorichards:

=WELCOME=

<paypal>Women In AppSec</paypal>
==Women in Application Security Program==

The purpose of the Women in AppSec Program is to increase the participation of women in the field of application security. The program was successfully launched in 2011 at AppSec USA, and the aim is to run the program at every OWASP Global AppSec going forward. Most recently, at AppSec EU in Amsterndam in May 2015, a program with the theme "Women in AppSec - Making it Happen" was launched and both a panel and a workshop were included at the event.

The Women in AppSec program is for any OWASP member who believes that diversity is important to the success of the organization, as well as for women looking to learn more about AppSec or who want to make career connections with like-minded colleagues. This includes female undergraduate and graduate students, instructors, and professionals who are dedicated to information security or application development.

'''AppSec USA 2015''' 
Currently, there is an effort to plan activities for AppSec USA 2015. Volunteers are eagerly sought to support the program at AppSec USA! We are especially excited to invite the founders of the '''InfoSec Girls''' initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world. '''Donate now:''' 

<paypal>Women In AppSec</paypal>

'''Want to find out more?''' Join the weekly meeting - reach out via the [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support].

Regional conferences are also encouraged to host the Women in AppSec program. Contact us via the [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support] to discuss how to successfully run a program at your event.

{|
|-
! width="400" align="left" |
! width="400" align="left" |
|-
| align="left" | [[Image:WiAAPAC3.jpg| left|330px]] 
| align="left" | [[Image:IMG_5579.JPG|left|325px]]
| align="left" | [[Image:WiAAPAC2.jpg|left|330px]]

|}

==Contact Us==

If you are interested in another piece of OWASP design for your event or project, please let us know by using the [http://owasp4.owasp.org/contactus.html OWASP Contact Us form].

==Links==
*[https://www.isc2.org/PressReleaseDetails.aspx?id=11240 (ISC)²® Report Reveals Women's Perspective and Skills are Transforming the Information Security Industry October 29, 2013].

*[https://www.youtube.com/watch?v=62i4o15NbgA&list=PLpr-xdpM8wG8ODR2zWs06JkMmlRiLyBXU&index=42 Women in AppSec Panel at AppSec USA 2013: Women in Information Security: Who Are We? Where Are We Going? Why? -- Joan Goodchild (Audio Only)]

=ABOUT THE PROGRAM=

The OWASP Foundation, in recognition of value to both organizations and society, is working to support and enhance programs that increase the participation of women in the field of information and application security. The OWASP Foundation Women in AppSec Program provides merit-based funding for women to attend participating OWASP AppSec conferences. OWASP’s current program objective is to encourage female students at both the undergraduate and graduate levels, instructors, and professional working women who are dedicated to a career in information security and/or application development, to expand their skills and pursue application security. Interested applicants are encouraged to apply to the program running within their region of residence. 

'''AppSec USA 2015''' 
Join the AppSecUSA 2015 Women in AppSec Program Organizing Committee on the OWASP Women in AppSec Community Group: https://myowasp.force.com. We are planning several activities for the AppSec USA event.

We are especially excited to invite the founders of the InfoSec Girls initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world. 
'''Donate now:''' 
<paypal>Women In AppSec</paypal>

Sponsorship opportunities for commercial organizations and OWASP chapters are also available. Please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information about sponsorship packages.

=Previous WiA Activities=

== AppSec EU 2015 ==
During AppSec EU there was a panel discussion and workshop supported by the Women in AppSec initiative. Through these sessions we hoped to encourage women to pursue a career in AppSec and help them realize it is an option for them. These sessions was be open to all so we can help build support for the women around us. 

'''Panel: "Women in AppSec - Making it Happen"''' 
During this panel session we discussed what can be done to Make it Happen for Women in AppSec going forward. What have those currently working in the field done to Make it Happen for themselves and other women; what tips and advice do they have to help you do to make a career for yourself or encourage those around you (sister, friend, daughter, etc…) to pursue a career in AppSec? What can we as professionals can do to help encourage girls to go for a career in AppSec?

'''Workshop''' 
During the workshop we introduced female attendees of the conference to what a career in App Sec can involve. We discussed application security and the many career paths available. We hope to build relationships that may lead to a mentoring program for these women.

==WIA Attendee Sponsorship==

In the past, when we have offered sponsorships, we have typically had two winners selected for the sponsorship award; however, the number of winners depends on how much you can afford to sponsor. We recommend that you raise $3000 USD for each winner, at least. In the past, we have given each winner a free conference pass, one free training, and free travel and accommodation to attend the event.
[[Image:IMG_5746.JPG|right|500x260px]]
Below is the list of eligibility criteria used to select WIA sponsorship winners at AppSec USA 2013.

* Has provided 2 responsive contacts as reference, and both references are familiar with the candidate, application security, and OWASP.
* Both references have provided letters of recommendation.
* Has relevant/appropriate achievement goals for attending the conference.
* Is the applicant from the region that the conference is taking place in.
* Has background in volunteering for OWASP or similar organizations.
* Has participated in one of OWASP's programs or activities?
* Is either studying, wishing to study, working in AppSec, or interested in working in AppSec.
* Has financial need.
* Is a paid OWASP member, and/or employer/school is an OWASP sponsor.
* Has an interest in exploring application security

We encourage you to create your own set of criteria that will fit the Women In AppSec that you are planning within your region. The criteria above is meant to be a guideline of what has been used in the past.



=PLANNING=
==Planning a WIA Event==

The majority of the planning involved in running the Women in AppSec Program occurs before the conference or regional event. Below, you will find a brief outline of the tasks your team will have to take on.

====Planning & Selection Team====

The first step you will need to take care of is the selection of your planning and selection team. These are the individuals that will be helping you manage the pre-event planning process and the selection of the sessions during the event. You will typically need a team of 5-6 people. The selection committee will then be broken down into several sub-teams of one to two people who will then work on sponsorship, marketing, the grading process, and the call for entries.

==== Sub-Team Roles ====

'''Sponsorship'''

Two people should be responsible for developing the materials and seeking out sponsorships for the program. They will be in charge of creating the sponsorship packages, flyers, and seeking out sponsorship from other chapters and organizations.

'''Marketing'''

At least two people should be responsible for marketing the event. Their job will consist of putting together press releases, keeping the event planners updated on progress, and
communicating progress to the overall community. They will also be responsible for getting the message out when the team is ready to start accepting applicants.

====Budget====
As mentioned above, it is up to your team to decide what it is you wish to do during the event - that will determine the budget.

====Sponsorship====
It is very important to start reaching out to the overall OWASP community and their corporate contacts as potential sponsorship leads. Develop a Sponsorship Strategy and put together a sponsorship flyer outlining the program, what you are seeking, and the benefits of sponsorship. Give incentive for sponsorship and details about the program to get potential sponsors interested. Make sure to include the successes of past Women in AppSec conference events. Once you have your materials and sponsorship packages sorted, you can get started with sponsorship seeking activities. Below you will find an example of the Women in AppSec 2013 sponsorship flyer we sent out to potential sponsors.

[http://appsecusa.org/2013/wp-content/uploads/2013/06/women-in-appsec-sponsorship.pdf Sample of 2013 Sponsorship Flyer]

==During the conference==
Be sure the engage the women attending the conference in the sessions you have organized: encourage them to not only attend but to be active participants. It's not all about the women try and encourage some men to get involved and attend also, for this initiative to be successful it must be inclusive.

==Post-Conference==

After the conference, it is very important to gather feedback from the participants to make sure they enjoyed the experience. Ask them for a brief description about their experience, with a picture attached for the website. Then write up a review and lessons learned page to document the experience with the program. Make sure to include what can be improved upon in the future.

=AppSec USA 2015=
Planning is currently underway for AppSec USA 2015 WIA activities. We are exploring a networking room as well as other activities. Interested in getting involved? [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support].

Keep an eye on this space for more information!

==Bring the InfoSec Girls to AppSec USA 2015==
Join the AppSecUSA 2015 Women in AppSec Program Organizing Committee on the OWASP Women in AppSec Community Group: https://myowasp.force.com. We are planning several activities for the AppSec USA event.

We are especially excited to invite the founders of the InfoSec Girls initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world. 
'''Donate now:''' 

<paypal>Women In AppSec</paypal>

'''About InfoSec Girls''' 
Based in India, [https://infosecgirls.in/ InfoSec Girls] educates women about information security both at the community level and as a career option. Their kickoff event at C0c0n 2014 in Kochi, Kerala attracted 130 women and was the first event of it’s kind in the region.

Founders Apoorva Giri and Shruthi Kamath have spoken extensively on cybersecurity and women’s issues in India. Their efforts to bring awareness of cybersecurity to a wider audience has empowered women and girls to consider security careers as well as protect themselves online. They are also members of OWASP WIA.

At AppSec USA in September, they will inspire and inform your organization’s diversity and education programs, as well as give individual OWASP members ideas on how they can contribute to the application security education effort.

Sponsorship opportunities for commercial organizations and OWASP chapters are also available. Please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information about sponsorship packages.

=PAST WINNERS=
==Previous Women in AppSec Winners==
Following their experience at AppSec, winners are encouraged to write a short piece about their experience at the conference and their participation in the Women in AppSec program. Here, they outline their experience with the Women in AppSec Program in their own words.

'''Carrie Schaper, 2013 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Carrie Schaper Small.jpg|100px]]
| align="justify" |"OWASP Appsec proved to be a great experience for me, uniting and interacting with friends, professionals, and colleagues from the Information Security space from across the US and Internationally whom were in attendance. The huge space and well organized functions such as the: trainings, expert talks, panels, bug-bounty, lock-picking village and social events all enhanced the conference experience. Participating on the Women in IT panel was a wonderful experience, as many women were in attendance and participated in collaborative discussions. OWASP Appsec held in NY this year, was a premier NY conference not to be missed. Thank you to OWASP, its attendees and organizers."
|}
 

'''Nancy Lornston, 2013 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Nancy Lorntson Small.jpg|100px]]
| align="justify" |"AppSec 2013 was an awesome experience! Nowhere in the world can you find the top security experts all in one place at one time (and participate in a marriage proposal!). The conference presentations were well organized and the speakers were prepared to share pros, cons, successes and failures of their work in order to advance the application security domain. The variety of vendors was terrific as well.

The Women in AppSec panel was an opportunity to advance women's position in the community. Each speaker shared some very candid remarks about their personal experiences and by the end, it was clear that while more work needs to be done, there is a sincere interest by companies, universities and the industry in general to work on doing the things needed to attract more women to the profession.

The training course I attended (Open source tools) lived up to it's billing and I came away with several invaluable tips and strategies to improve our program.

A huge thank you to the Women in App Sec Panel and OWASP in general for this opportunity to attend the premier Application Security Conference in the world."
|}
 

'''Tara Wilson, 2011 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Tara wilson.jpg|100px]]
| align="justify" |“Being fortunate enough to receive the Women in AppSec sponsorhsip is a unique and valuable experience. It is a great opportunity for women to have a chance to bolster their skills and dive deep into the world of application security. I found that attending the conference was not only a great way to experience what the OWASP community has to offer, but it also gives students a chance to network with a great group of people who are passionate about their field and willing to share a wealth of information.”
|}
 

'''Chandni Bhowmik, 2011 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Chandni_bhowmik.jpg|100px]]
| align="justify" |Chandni Bhowmik is currently completing an M.S. in Computer Security and Information Assurance at the Rochester Institute of Technology (RIT). Her first introduction to OWASP was through the project WebScarab during an application security lab last spring at RIT and her interest in OWASP grew ever since. Over the summer, she started programming open source web applications using built-in security features of Django and Python. She is interested in becoming an information security researcher, and hopes to leverage learning at OWASP AppSec USA 2011 in ad-hoc architecture, mobile platforms and over-all concepts of web application security. Besides secure programming, Chandni enjoys her current research involving digital image forensics and machine learning. In addition to attending school, she has interned in IT security and compliance at Paychex, a Rochester based payroll processing company, and gained industrial experience working an assistant systems engineer for Tata Consultancy Services, a global IT firm.
|}
 

=CONTACT=

==Contact Us==

If you are interested in another piece of OWASP design for your event or project, please let us know by using the [http://owasp4.owasp.org/contactus.html OWASP Contact Us form].

=SPONSOR WIA=
==Sponsor WIA==
We'd like to offer a warm thanks to the individuals and organizations that have sponsored the OWASP Women in Technology project. If your organization would like to discuss sponsorship, please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information. 

'''Sponsorship Packages for AppSec USA 2015:''' 
'''Silver:''' Donate $500 or more, get your company name and logo on the WIA Wiki Sponsorship Tab from now until June 2016. (10 sponsorships available) 
'''Gold:''' Donate $1500 or more, get your company name and logo on the WIA Wiki Sponsorship Tab from now until June 2016 and put your literature on the table in the WIA meeting room at AppSec USA (8 sponsorships available). 
'''Platinum:''' Donate $2500 or more, all of the above place a banner stand in the WIA meeting room at AppSec USA and have your company logo/social handle on the screen at the WIA session. (5 Sponsorships available). 
'''Diamond:''' Donate $3500 or more, all of the above plus introduce the WIA speakers at the AppSec USA WIA session. (1 Sponsorship available).

=WIA SPONSORS=
==Our Sponsors==
We'd like to offer a warm thanks to the individuals and organizations that have sponsored the OWASP Women in Technology project. 
'''Diamond Sponsors''' 
'''Platinum Sponsors''' 
'''Gold Sponsors''' 
'''Silver Sponsors''' 
<headertabs />

Women In AppSec

2015-08-03T16:42:40Z

Kerryjorichards:

=WELCOME=

<paypal>Women In AppSec</paypal>
==Women in Application Security Program==

The purpose of the Women in AppSec Program is to increase the participation of women in the field of application security. The program was successfully launched in 2011 at AppSec USA, and the aim is to run the program at every OWASP Global AppSec going forward. Most recently, at AppSec EU in Amsterndam in May 2015, a program with the theme "Women in AppSec - Making it Happen" was launched and both a panel and a workshop were included at the event.

The Women in AppSec program is for any OWASP member who believes that diversity is important to the success of the organization, as well as for women looking to learn more about AppSec or who want to make career connections with like-minded colleagues. This includes female undergraduate and graduate students, instructors, and professionals who are dedicated to information security or application development.

'''AppSec USA 2015''' 
Currently, there is an effort to plan activities for AppSec USA 2015. Volunteers are eagerly sought to support the program at AppSec USA! We are especially excited to invite the founders of the '''InfoSec Girls''' initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world. '''Donate now:''' 

<paypal>Women In AppSec</paypal>

'''Want to find out more?''' Join the weekly meeting - reach out via the [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support].

Regional conferences are also encouraged to host the Women in AppSec program. Contact us via the [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support] to discuss how to successfully run a program at your event.

{|
|-
! width="400" align="left" |
! width="400" align="left" |
|-
| align="left" | [[Image:WiAAPAC3.jpg| left|330px]] 
| align="left" | [[Image:IMG_5579.JPG|left|325px]]
| align="left" | [[Image:WiAAPAC2.jpg|left|330px]]

|}

==Contact Us==

If you are interested in another piece of OWASP design for your event or project, please let us know by using the [http://owasp4.owasp.org/contactus.html OWASP Contact Us form].

==Links==
*[https://www.isc2.org/PressReleaseDetails.aspx?id=11240 (ISC)²® Report Reveals Women's Perspective and Skills are Transforming the Information Security Industry October 29, 2013].

*[https://www.youtube.com/watch?v=62i4o15NbgA&list=PLpr-xdpM8wG8ODR2zWs06JkMmlRiLyBXU&index=42 Women in AppSec Panel at AppSec USA 2013: Women in Information Security: Who Are We? Where Are We Going? Why? -- Joan Goodchild (Audio Only)]

=ABOUT THE PROGRAM=

The OWASP Foundation, in recognition of value to both organizations and society, is working to support and enhance programs that increase the participation of women in the field of information and application security. The OWASP Foundation Women in AppSec Program provides merit-based funding for women to attend participating OWASP AppSec conferences. OWASP’s current program objective is to encourage female students at both the undergraduate and graduate levels, instructors, and professional working women who are dedicated to a career in information security and/or application development, to expand their skills and pursue application security. Interested applicants are encouraged to apply to the program running within their region of residence. 

'''AppSec USA 2015''' 
Join the AppSecUSA 2015 Women in AppSec Program Organizing Committee on the OWASP Women in AppSec Community Group: https://myowasp.force.com. We are planning several activities for the AppSec USA event.

We are especially excited to invite the founders of the InfoSec Girls initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world. 
'''Donate now:''' 
<paypal>Women In AppSec</paypal>

Sponsorship opportunities for commercial organizations and OWASP chapters are also available. Please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information about sponsorship packages.

=Previous WiA Activities=

== AppSec EU 2015 ==
During AppSec EU there was a panel discussion and workshop supported by the Women in AppSec initiative. Through these sessions we hoped to encourage women to pursue a career in AppSec and help them realize it is an option for them. These sessions was be open to all so we can help build support for the women around us. 

'''Panel: "Women in AppSec - Making it Happen"''' 
During this panel session we discussed what can be done to Make it Happen for Women in AppSec going forward. What have those currently working in the field done to Make it Happen for themselves and other women; what tips and advice do they have to help you do to make a career for yourself or encourage those around you (sister, friend, daughter, etc…) to pursue a career in AppSec? What can we as professionals can do to help encourage girls to go for a career in AppSec?

'''Workshop''' 
During the workshop we introduced female attendees of the conference to what a career in App Sec can involve. We discussed application security and the many career paths available. We hope to build relationships that may lead to a mentoring program for these women.

==WIA Attendee Sponsorship==

In the past, when we have offered sponsorships, we have typically had two winners selected for the sponsorship award; however, the number of winners depends on how much you can afford to sponsor. We recommend that you raise $3000 USD for each winner, at least. In the past, we have given each winner a free conference pass, one free training, and free travel and accommodation to attend the event.
[[Image:IMG_5746.JPG|right|500x260px]]
Below is the list of eligibility criteria used to select WIA sponsorship winners at AppSec USA 2013.

* Has provided 2 responsive contacts as reference, and both references are familiar with the candidate, application security, and OWASP.
* Both references have provided letters of recommendation.
* Has relevant/appropriate achievement goals for attending the conference.
* Is the applicant from the region that the conference is taking place in.
* Has background in volunteering for OWASP or similar organizations.
* Has participated in one of OWASP's programs or activities?
* Is either studying, wishing to study, working in AppSec, or interested in working in AppSec.
* Has financial need.
* Is a paid OWASP member, and/or employer/school is an OWASP sponsor.
* Has an interest in exploring application security

We encourage you to create your own set of criteria that will fit the Women In AppSec that you are planning within your region. The criteria above is meant to be a guideline of what has been used in the past.



=PLANNING=
==Planning a WIA Event==

The majority of the planning involved in running the Women in AppSec Program occurs before the conference or regional event. Below, you will find a brief outline of the tasks your team will have to take on.

====Planning & Selection Team====

The first step you will need to take care of is the selection of your planning and selection team. These are the individuals that will be helping you manage the pre-event planning process and the selection of the sessions during the event. You will typically need a team of 5-6 people. The selection committee will then be broken down into several sub-teams of one to two people who will then work on sponsorship, marketing, the grading process, and the call for entries.

==== Sub-Team Roles ====

'''Sponsorship'''

Two people should be responsible for developing the materials and seeking out sponsorships for the program. They will be in charge of creating the sponsorship packages, flyers, and seeking out sponsorship from other chapters and organizations.

'''Marketing'''

At least two people should be responsible for marketing the event. Their job will consist of putting together press releases, keeping the event planners updated on progress, and
communicating progress to the overall community. They will also be responsible for getting the message out when the team is ready to start accepting applicants.

====Budget====
As mentioned above, it is up to your team to decide what it is you wish to do during the event - that will determine the budget.

====Sponsorship====
It is very important to start reaching out to the overall OWASP community and their corporate contacts as potential sponsorship leads. Develop a Sponsorship Strategy and put together a sponsorship flyer outlining the program, what you are seeking, and the benefits of sponsorship. Give incentive for sponsorship and details about the program to get potential sponsors interested. Make sure to include the successes of past Women in AppSec conference events. Once you have your materials and sponsorship packages sorted, you can get started with sponsorship seeking activities. Below you will find an example of the Women in AppSec 2013 sponsorship flyer we sent out to potential sponsors.

[http://appsecusa.org/2013/wp-content/uploads/2013/06/women-in-appsec-sponsorship.pdf Sample of 2013 Sponsorship Flyer]

==During the conference==
Be sure the engage the women attending the conference in the sessions you have organized: encourage them to not only attend but to be active participants. It's not all about the women try and encourage some men to get involved and attend also, for this initiative to be successful it must be inclusive.

==Post-Conference==

After the conference, it is very important to gather feedback from the participants to make sure they enjoyed the experience. Ask them for a brief description about their experience, with a picture attached for the website. Then write up a review and lessons learned page to document the experience with the program. Make sure to include what can be improved upon in the future.

=AppSec USA 2015=
Planning is currently underway for AppSec USA 2015 WIA activities. We are exploring a networking room as well as other activities. Interested in getting involved? [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support].

Keep an eye on this space for more information!

==Bring the InfoSec Girls to AppSec USA 2015==
Join the AppSecUSA 2015 Women in AppSec Program Organizing Committee on the OWASP Women in AppSec Community Group: https://myowasp.force.com. We are planning several activities for the AppSec USA event.

We are especially excited to invite the founders of the InfoSec Girls initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world. 
'''Donate now:''' 

<paypal>Women In AppSec</paypal>

'''About InfoSec Girls''' 
Based in India, [https://infosecgirls.in/ InfoSec Girls] educates women about information security both at the community level and as a career option. Their kickoff event at C0c0n 2014 in Kochi, Kerala attracted 130 women and was the first event of it’s kind in the region.

Founders Apoorva Giri and Shruthi Kamath have spoken extensively on cybersecurity and women’s issues in India. Their efforts to bring awareness of cybersecurity to a wider audience has empowered women and girls to consider security careers as well as protect themselves online. They are also members of OWASP WIA.

At AppSec USA in September, they will inspire and inform your organization’s diversity and education programs, as well as give individual OWASP members ideas on how they can contribute to the application security education effort.

Sponsorship opportunities for commercial organizations and OWASP chapters are also available. Please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information about sponsorship packages.

=PAST WINNERS=
==Previous Women in AppSec Winners==
Following their experience at AppSec, winners are encouraged to write a short piece about their experience at the conference and their participation in the Women in AppSec program. Here, they outline their experience with the Women in AppSec Program in their own words.

'''Carrie Schaper, 2013 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Carrie Schaper Small.jpg|100px]]
| align="justify" |"OWASP Appsec proved to be a great experience for me, uniting and interacting with friends, professionals, and colleagues from the Information Security space from across the US and Internationally whom were in attendance. The huge space and well organized functions such as the: trainings, expert talks, panels, bug-bounty, lock-picking village and social events all enhanced the conference experience. Participating on the Women in IT panel was a wonderful experience, as many women were in attendance and participated in collaborative discussions. OWASP Appsec held in NY this year, was a premier NY conference not to be missed. Thank you to OWASP, its attendees and organizers."
|}
 

'''Nancy Lornston, 2013 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Nancy Lorntson Small.jpg|100px]]
| align="justify" |"AppSec 2013 was an awesome experience! Nowhere in the world can you find the top security experts all in one place at one time (and participate in a marriage proposal!). The conference presentations were well organized and the speakers were prepared to share pros, cons, successes and failures of their work in order to advance the application security domain. The variety of vendors was terrific as well.

The Women in AppSec panel was an opportunity to advance women's position in the community. Each speaker shared some very candid remarks about their personal experiences and by the end, it was clear that while more work needs to be done, there is a sincere interest by companies, universities and the industry in general to work on doing the things needed to attract more women to the profession.

The training course I attended (Open source tools) lived up to it's billing and I came away with several invaluable tips and strategies to improve our program.

A huge thank you to the Women in App Sec Panel and OWASP in general for this opportunity to attend the premier Application Security Conference in the world."
|}
 

'''Tara Wilson, 2011 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Tara wilson.jpg|100px]]
| align="justify" |“Being fortunate enough to receive the Women in AppSec sponsorhsip is a unique and valuable experience. It is a great opportunity for women to have a chance to bolster their skills and dive deep into the world of application security. I found that attending the conference was not only a great way to experience what the OWASP community has to offer, but it also gives students a chance to network with a great group of people who are passionate about their field and willing to share a wealth of information.”
|}
 

'''Chandni Bhowmik, 2011 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Chandni_bhowmik.jpg|100px]]
| align="justify" |Chandni Bhowmik is currently completing an M.S. in Computer Security and Information Assurance at the Rochester Institute of Technology (RIT). Her first introduction to OWASP was through the project WebScarab during an application security lab last spring at RIT and her interest in OWASP grew ever since. Over the summer, she started programming open source web applications using built-in security features of Django and Python. She is interested in becoming an information security researcher, and hopes to leverage learning at OWASP AppSec USA 2011 in ad-hoc architecture, mobile platforms and over-all concepts of web application security. Besides secure programming, Chandni enjoys her current research involving digital image forensics and machine learning. In addition to attending school, she has interned in IT security and compliance at Paychex, a Rochester based payroll processing company, and gained industrial experience working an assistant systems engineer for Tata Consultancy Services, a global IT firm.
|}
 

=CONTACT=

==Contact Us==

If you are interested in another piece of OWASP design for your event or project, please let us know by using the [http://owasp4.owasp.org/contactus.html OWASP Contact Us form].

=SPONSOR WIA=
==Sponsor WIA==
We'd like to offer a warm thanks to the individuals and organizations that have sponsored the OWASP Women in Technology project. If your organization would like to discuss sponsorship, please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information. 

'''Sponsorship Packages for AppSec USA 2015:'''
'''Silver:''' Donate $500 or more, get your company name and logo on the WIA Wiki Sponsorship Tab from now until June 2016. (10 sponsorships available) 
'''Gold:''' Donate $1500 or more, get your company name and logo on the WIA Wiki Sponsorship Tab from now until June 2016 and put your literature on the table in the WIA meeting room at AppSec USA (8 sponsorships available). 
'''Platinum:''' Donate $2500 or more, all of the above place a banner stand in the WIA meeting room at AppSec USA and have your company logo/social handle on the screen at the WIA session. (5 Sponsorships available). 
'''Diamond:''' Donate $3500 or more, all of the above plus introduce the WIA speakers at the AppSec USA WIA session. (1 Sponsorship available).

=WIA SPONSORS=
==Our Sponsors==
We'd like to offer a warm thanks to the individuals and organizations that have sponsored the OWASP Women in Technology project. 
'''Diamond Sponsors''' 
'''Platinum Sponsors''' 
'''Gold Sponsors''' 
'''Silver Sponsors''' 
<headertabs />

Women In AppSec

2015-08-03T16:40:15Z

Kerryjorichards:

=WELCOME=

<paypal>Women In AppSec</paypal>
==Women in Application Security Program==

The purpose of the Women in AppSec Program is to increase the participation of women in the field of application security. The program was successfully launched in 2011 at AppSec USA, and the aim is to run the program at every OWASP Global AppSec going forward. Most recently, at AppSec EU in Amsterndam in May 2015, a program with the theme "Women in AppSec - Making it Happen" was launched and both a panel and a workshop were included at the event.

The Women in AppSec program is for any OWASP member who believes that diversity is important to the success of the organization, as well as for women looking to learn more about AppSec or who want to make career connections with like-minded colleagues. This includes female undergraduate and graduate students, instructors, and professionals who are dedicated to information security or application development.

'''AppSec USA 2015''' 
Currently, there is an effort to plan activities for AppSec USA 2015. Volunteers are eagerly sought to support the program at AppSec USA! We are especially excited to invite the founders of the '''InfoSec Girls''' initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world. '''Donate now:''' 

<paypal>Women In AppSec</paypal>

'''Want to find out more?''' Join the weekly meeting - reach out via the [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support].

Regional conferences are also encouraged to host the Women in AppSec program. Contact us via the [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support] to discuss how to successfully run a program at your event.

{|
|-
! width="400" align="left" |
! width="400" align="left" |
|-
| align="left" | [[Image:WiAAPAC3.jpg| left|330px]] 
| align="left" | [[Image:IMG_5579.JPG|left|325px]]
| align="left" | [[Image:WiAAPAC2.jpg|left|330px]]

|}

==Contact Us==

If you are interested in another piece of OWASP design for your event or project, please let us know by using the [http://owasp4.owasp.org/contactus.html OWASP Contact Us form].

==Links==
*[https://www.isc2.org/PressReleaseDetails.aspx?id=11240 (ISC)²® Report Reveals Women's Perspective and Skills are Transforming the Information Security Industry October 29, 2013].

*[https://www.youtube.com/watch?v=62i4o15NbgA&list=PLpr-xdpM8wG8ODR2zWs06JkMmlRiLyBXU&index=42 Women in AppSec Panel at AppSec USA 2013: Women in Information Security: Who Are We? Where Are We Going? Why? -- Joan Goodchild (Audio Only)]

=ABOUT THE PROGRAM=

The OWASP Foundation, in recognition of value to both organizations and society, is working to support and enhance programs that increase the participation of women in the field of information and application security. The OWASP Foundation Women in AppSec Program provides merit-based funding for women to attend participating OWASP AppSec conferences. OWASP’s current program objective is to encourage female students at both the undergraduate and graduate levels, instructors, and professional working women who are dedicated to a career in information security and/or application development, to expand their skills and pursue application security. Interested applicants are encouraged to apply to the program running within their region of residence. 

'''AppSec USA 2015''' 
Join the AppSecUSA 2015 Women in AppSec Program Organizing Committee on the OWASP Women in AppSec Community Group: https://myowasp.force.com. We are planning several activities for the AppSec USA event.

We are especially excited to invite the founders of the InfoSec Girls initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world. 
'''Donate now:''' 
<paypal>Women In AppSec</paypal>

Sponsorship opportunities for commercial organizations and OWASP chapters are also available. Please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information about sponsorship packages.

=Previous WiA Activities=

== AppSec EU 2015 ==
During AppSec EU there was a panel discussion and workshop supported by the Women in AppSec initiative. Through these sessions we hoped to encourage women to pursue a career in AppSec and help them realize it is an option for them. These sessions was be open to all so we can help build support for the women around us. 

'''Panel: "Women in AppSec - Making it Happen"''' 
During this panel session we discussed what can be done to Make it Happen for Women in AppSec going forward. What have those currently working in the field done to Make it Happen for themselves and other women; what tips and advice do they have to help you do to make a career for yourself or encourage those around you (sister, friend, daughter, etc…) to pursue a career in AppSec? What can we as professionals can do to help encourage girls to go for a career in AppSec?

'''Workshop''' 
During the workshop we introduced female attendees of the conference to what a career in App Sec can involve. We discussed application security and the many career paths available. We hope to build relationships that may lead to a mentoring program for these women.

==WIA Attendee Sponsorship==

In the past, when we have offered sponsorships, we have typically had two winners selected for the sponsorship award; however, the number of winners depends on how much you can afford to sponsor. We recommend that you raise $3000 USD for each winner, at least. In the past, we have given each winner a free conference pass, one free training, and free travel and accommodation to attend the event.
[[Image:IMG_5746.JPG|right|500x260px]]
Below is the list of eligibility criteria used to select WIA sponsorship winners at AppSec USA 2013.

* Has provided 2 responsive contacts as reference, and both references are familiar with the candidate, application security, and OWASP.
* Both references have provided letters of recommendation.
* Has relevant/appropriate achievement goals for attending the conference.
* Is the applicant from the region that the conference is taking place in.
* Has background in volunteering for OWASP or similar organizations.
* Has participated in one of OWASP's programs or activities?
* Is either studying, wishing to study, working in AppSec, or interested in working in AppSec.
* Has financial need.
* Is a paid OWASP member, and/or employer/school is an OWASP sponsor.
* Has an interest in exploring application security

We encourage you to create your own set of criteria that will fit the Women In AppSec that you are planning within your region. The criteria above is meant to be a guideline of what has been used in the past.



=PLANNING=
==Planning a WIA Event==

The majority of the planning involved in running the Women in AppSec Program occurs before the conference or regional event. Below, you will find a brief outline of the tasks your team will have to take on.

====Planning & Selection Team====

The first step you will need to take care of is the selection of your planning and selection team. These are the individuals that will be helping you manage the pre-event planning process and the selection of the sessions during the event. You will typically need a team of 5-6 people. The selection committee will then be broken down into several sub-teams of one to two people who will then work on sponsorship, marketing, the grading process, and the call for entries.

==== Sub-Team Roles ====

'''Sponsorship'''

Two people should be responsible for developing the materials and seeking out sponsorships for the program. They will be in charge of creating the sponsorship packages, flyers, and seeking out sponsorship from other chapters and organizations.

'''Marketing'''

At least two people should be responsible for marketing the event. Their job will consist of putting together press releases, keeping the event planners updated on progress, and
communicating progress to the overall community. They will also be responsible for getting the message out when the team is ready to start accepting applicants.

====Budget====
As mentioned above, it is up to your team to decide what it is you wish to do during the event - that will determine the budget.

====Sponsorship====
It is very important to start reaching out to the overall OWASP community and their corporate contacts as potential sponsorship leads. Develop a Sponsorship Strategy and put together a sponsorship flyer outlining the program, what you are seeking, and the benefits of sponsorship. Give incentive for sponsorship and details about the program to get potential sponsors interested. Make sure to include the successes of past Women in AppSec conference events. Once you have your materials and sponsorship packages sorted, you can get started with sponsorship seeking activities. Below you will find an example of the Women in AppSec 2013 sponsorship flyer we sent out to potential sponsors.

[http://appsecusa.org/2013/wp-content/uploads/2013/06/women-in-appsec-sponsorship.pdf Sample of 2013 Sponsorship Flyer]

==During the conference==
Be sure the engage the women attending the conference in the sessions you have organized: encourage them to not only attend but to be active participants. It's not all about the women try and encourage some men to get involved and attend also, for this initiative to be successful it must be inclusive.

==Post-Conference==

After the conference, it is very important to gather feedback from the participants to make sure they enjoyed the experience. Ask them for a brief description about their experience, with a picture attached for the website. Then write up a review and lessons learned page to document the experience with the program. Make sure to include what can be improved upon in the future.

=AppSec USA 2015=
Planning is currently underway for AppSec USA 2015 WIA activities. We are exploring a networking room as well as other activities. Interested in getting involved? [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support].

Keep an eye on this space for more information!

==Bring the InfoSec Girls to AppSec USA 2015==
Join the AppSecUSA 2015 Women in AppSec Program Organizing Committee on the OWASP Women in AppSec Community Group: https://myowasp.force.com. We are planning several activities for the AppSec USA event.

We are especially excited to invite the founders of the InfoSec Girls initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world. 
'''Donate now:''' 

<paypal>Women In AppSec</paypal>

'''About InfoSec Girls''' 
Based in India, [https://infosecgirls.in/ InfoSec Girls] educates women about information security both at the community level and as a career option. Their kickoff event at C0c0n 2014 in Kochi, Kerala attracted 130 women and was the first event of it’s kind in the region.

Founders Apoorva Giri and Shruthi Kamath have spoken extensively on cybersecurity and women’s issues in India. Their efforts to bring awareness of cybersecurity to a wider audience has empowered women and girls to consider security careers as well as protect themselves online. They are also members of OWASP WIA.

At AppSec USA in September, they will inspire and inform your organization’s diversity and education programs, as well as give individual OWASP members ideas on how they can contribute to the application security education effort.

Sponsorship opportunities for commercial organizations and OWASP chapters are also available. Please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information about sponsorship packages.

=PAST WINNERS=
==Previous Women in AppSec Winners==
Following their experience at AppSec, winners are encouraged to write a short piece about their experience at the conference and their participation in the Women in AppSec program. Here, they outline their experience with the Women in AppSec Program in their own words.

'''Carrie Schaper, 2013 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Carrie Schaper Small.jpg|100px]]
| align="justify" |"OWASP Appsec proved to be a great experience for me, uniting and interacting with friends, professionals, and colleagues from the Information Security space from across the US and Internationally whom were in attendance. The huge space and well organized functions such as the: trainings, expert talks, panels, bug-bounty, lock-picking village and social events all enhanced the conference experience. Participating on the Women in IT panel was a wonderful experience, as many women were in attendance and participated in collaborative discussions. OWASP Appsec held in NY this year, was a premier NY conference not to be missed. Thank you to OWASP, its attendees and organizers."
|}
 

'''Nancy Lornston, 2013 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Nancy Lorntson Small.jpg|100px]]
| align="justify" |"AppSec 2013 was an awesome experience! Nowhere in the world can you find the top security experts all in one place at one time (and participate in a marriage proposal!). The conference presentations were well organized and the speakers were prepared to share pros, cons, successes and failures of their work in order to advance the application security domain. The variety of vendors was terrific as well.

The Women in AppSec panel was an opportunity to advance women's position in the community. Each speaker shared some very candid remarks about their personal experiences and by the end, it was clear that while more work needs to be done, there is a sincere interest by companies, universities and the industry in general to work on doing the things needed to attract more women to the profession.

The training course I attended (Open source tools) lived up to it's billing and I came away with several invaluable tips and strategies to improve our program.

A huge thank you to the Women in App Sec Panel and OWASP in general for this opportunity to attend the premier Application Security Conference in the world."
|}
 

'''Tara Wilson, 2011 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Tara wilson.jpg|100px]]
| align="justify" |“Being fortunate enough to receive the Women in AppSec sponsorhsip is a unique and valuable experience. It is a great opportunity for women to have a chance to bolster their skills and dive deep into the world of application security. I found that attending the conference was not only a great way to experience what the OWASP community has to offer, but it also gives students a chance to network with a great group of people who are passionate about their field and willing to share a wealth of information.”
|}
 

'''Chandni Bhowmik, 2011 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Chandni_bhowmik.jpg|100px]]
| align="justify" |Chandni Bhowmik is currently completing an M.S. in Computer Security and Information Assurance at the Rochester Institute of Technology (RIT). Her first introduction to OWASP was through the project WebScarab during an application security lab last spring at RIT and her interest in OWASP grew ever since. Over the summer, she started programming open source web applications using built-in security features of Django and Python. She is interested in becoming an information security researcher, and hopes to leverage learning at OWASP AppSec USA 2011 in ad-hoc architecture, mobile platforms and over-all concepts of web application security. Besides secure programming, Chandni enjoys her current research involving digital image forensics and machine learning. In addition to attending school, she has interned in IT security and compliance at Paychex, a Rochester based payroll processing company, and gained industrial experience working an assistant systems engineer for Tata Consultancy Services, a global IT firm.
|}
 

=CONTACT=

==Contact Us==

If you are interested in another piece of OWASP design for your event or project, please let us know by using the [http://owasp4.owasp.org/contactus.html OWASP Contact Us form].

=SPONSOR WIA=
==Sponsor WIA==
We'd like to offer a warm thanks to the individuals and organizations that have sponsored the OWASP Women in Technology project. If your organization would like to discuss sponsorship, please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information. 

'''Sponsorship Packages for AppSec USA 2015:'''
'''Silver:''' Donate $500 or more, get your company name and logo on the WIA Wiki Sponsorship Tab from now until June 2016. (10 sponsorships available) 
'''Gold:''' Donate $1500 or more, get your company name and logo on the WIA Wiki Sponsorship Tab from now until June 2016 and put your literature on the table in the WIA meeting room at AppSec USA (8 sponsorships available). 
'''Platinum:''' Donate $2500 or more, all of the above place a banner stand in the WIA meeting room at AppSec USA and have your company logo/social handle on the screen at the WIA session. (5 Sponsorships available). 
'''Diamond:''' Donate $3500 or more, all of the above plus introduce the WIA speakers at the AppSec USA WIA session. (1 Sponsorship available).

<headertabs />

Women In AppSec

2015-07-30T21:30:49Z

Kerryjorichards: /* PAST WINNERS */

=WELCOME=

<paypal>Women In AppSec</paypal>
==Women in Application Security Program==

The purpose of the Women in AppSec Program is to increase the participation of women in the field of application security. The program was successfully launched in 2011 at AppSec USA, and the aim is to run the program at every OWASP Global AppSec going forward. Most recently, at AppSec EU in Amsterndam in May 2015, a program with the theme "Women in AppSec - Making it Happen" was launched and both a panel and a workshop were included at the event.

The Women in AppSec program is for any OWASP member who believes that diversity is important to the success of the organization, as well as for women looking to learn more about AppSec or who want to make career connections with like-minded colleagues. This includes female undergraduate and graduate students, instructors, and professionals who are dedicated to information security or application development.

'''AppSec USA 2015''' 
Currently, there is an effort to plan activities for AppSec USA 2015. Volunteers are eagerly sought to support the program at AppSec USA! We are especially excited to invite the founders of the '''InfoSec Girls''' initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world. '''Donate now:''' 

<paypal>Women In AppSec</paypal>

'''Want to find out more?''' Join the weekly meeting - reach out via the [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support].

Regional conferences are also encouraged to host the Women in AppSec program. Contact us via the [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support] to discuss how to successfully run a program at your event.

{|
|-
! width="400" align="left" |
! width="400" align="left" |
|-
| align="left" | [[Image:WiAAPAC3.jpg| left|330px]] 
| align="left" | [[Image:IMG_5579.JPG|left|325px]]
| align="left" | [[Image:WiAAPAC2.jpg|left|330px]]

|}

==Contact Us==

If you are interested in another piece of OWASP design for your event or project, please let us know by using the [http://owasp4.owasp.org/contactus.html OWASP Contact Us form].

==Links==
*[https://www.isc2.org/PressReleaseDetails.aspx?id=11240 (ISC)²® Report Reveals Women's Perspective and Skills are Transforming the Information Security Industry October 29, 2013].

*[https://www.youtube.com/watch?v=62i4o15NbgA&list=PLpr-xdpM8wG8ODR2zWs06JkMmlRiLyBXU&index=42 Women in AppSec Panel at AppSec USA 2013: Women in Information Security: Who Are We? Where Are We Going? Why? -- Joan Goodchild (Audio Only)]

=ABOUT THE PROGRAM=

The OWASP Foundation, in recognition of value to both organizations and society, is working to support and enhance programs that increase the participation of women in the field of information and application security. The OWASP Foundation Women in AppSec Program provides merit-based funding for women to attend participating OWASP AppSec conferences. OWASP’s current program objective is to encourage female students at both the undergraduate and graduate levels, instructors, and professional working women who are dedicated to a career in information security and/or application development, to expand their skills and pursue application security. Interested applicants are encouraged to apply to the program running within their region of residence. 

'''AppSec USA 2015''' 
Join the AppSecUSA 2015 Women in AppSec Program Organizing Committee on the OWASP Women in AppSec Community Group: https://myowasp.force.com. We are planning several activities for the AppSec USA event.

We are especially excited to invite the founders of the InfoSec Girls initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world. 
'''Donate now:''' 
<paypal>Women In AppSec</paypal>

Sponsorship opportunities for commercial organizations and OWASP chapters are also available. Please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information about sponsorship packages.

=Previous WiA Activities=

== AppSec EU 2015 ==
During AppSec EU there was a panel discussion and workshop supported by the Women in AppSec initiative. Through these sessions we hoped to encourage women to pursue a career in AppSec and help them realize it is an option for them. These sessions was be open to all so we can help build support for the women around us. 

'''Panel: "Women in AppSec - Making it Happen"''' 
During this panel session we discussed what can be done to Make it Happen for Women in AppSec going forward. What have those currently working in the field done to Make it Happen for themselves and other women; what tips and advice do they have to help you do to make a career for yourself or encourage those around you (sister, friend, daughter, etc…) to pursue a career in AppSec? What can we as professionals can do to help encourage girls to go for a career in AppSec?

'''Workshop''' 
During the workshop we introduced female attendees of the conference to what a career in App Sec can involve. We discussed application security and the many career paths available. We hope to build relationships that may lead to a mentoring program for these women.

==WIA Attendee Sponsorship==

In the past, when we have offered sponsorships, we have typically had two winners selected for the sponsorship award; however, the number of winners depends on how much you can afford to sponsor. We recommend that you raise $3000 USD for each winner, at least. In the past, we have given each winner a free conference pass, one free training, and free travel and accommodation to attend the event.
[[Image:IMG_5746.JPG|right|500x260px]]
Below is the list of eligibility criteria used to select WIA sponsorship winners at AppSec USA 2013.

* Has provided 2 responsive contacts as reference, and both references are familiar with the candidate, application security, and OWASP.
* Both references have provided letters of recommendation.
* Has relevant/appropriate achievement goals for attending the conference.
* Is the applicant from the region that the conference is taking place in.
* Has background in volunteering for OWASP or similar organizations.
* Has participated in one of OWASP's programs or activities?
* Is either studying, wishing to study, working in AppSec, or interested in working in AppSec.
* Has financial need.
* Is a paid OWASP member, and/or employer/school is an OWASP sponsor.
* Has an interest in exploring application security

We encourage you to create your own set of criteria that will fit the Women In AppSec that you are planning within your region. The criteria above is meant to be a guideline of what has been used in the past.



=PLANNING=
==Planning a WIA Event==

The majority of the planning involved in running the Women in AppSec Program occurs before the conference or regional event. Below, you will find a brief outline of the tasks your team will have to take on.

====Planning & Selection Team====

The first step you will need to take care of is the selection of your planning and selection team. These are the individuals that will be helping you manage the pre-event planning process and the selection of the sessions during the event. You will typically need a team of 5-6 people. The selection committee will then be broken down into several sub-teams of one to two people who will then work on sponsorship, marketing, the grading process, and the call for entries.

==== Sub-Team Roles ====

'''Sponsorship'''

Two people should be responsible for developing the materials and seeking out sponsorships for the program. They will be in charge of creating the sponsorship packages, flyers, and seeking out sponsorship from other chapters and organizations.

'''Marketing'''

At least two people should be responsible for marketing the event. Their job will consist of putting together press releases, keeping the event planners updated on progress, and
communicating progress to the overall community. They will also be responsible for getting the message out when the team is ready to start accepting applicants.

====Budget====
As mentioned above, it is up to your team to decide what it is you wish to do during the event - that will determine the budget.

====Sponsorship====
It is very important to start reaching out to the overall OWASP community and their corporate contacts as potential sponsorship leads. Develop a Sponsorship Strategy and put together a sponsorship flyer outlining the program, what you are seeking, and the benefits of sponsorship. Give incentive for sponsorship and details about the program to get potential sponsors interested. Make sure to include the successes of past Women in AppSec conference events. Once you have your materials and sponsorship packages sorted, you can get started with sponsorship seeking activities. Below you will find an example of the Women in AppSec 2013 sponsorship flyer we sent out to potential sponsors.

[http://appsecusa.org/2013/wp-content/uploads/2013/06/women-in-appsec-sponsorship.pdf Sample of 2013 Sponsorship Flyer]

==During the conference==
Be sure the engage the women attending the conference in the sessions you have organized: encourage them to not only attend but to be active participants. It's not all about the women try and encourage some men to get involved and attend also, for this initiative to be successful it must be inclusive.

==Post-Conference==

After the conference, it is very important to gather feedback from the participants to make sure they enjoyed the experience. Ask them for a brief description about their experience, with a picture attached for the website. Then write up a review and lessons learned page to document the experience with the program. Make sure to include what can be improved upon in the future.

=AppSec USA 2015=
Planning is currently underway for AppSec USA 2015 WIA activities. We are exploring a networking room as well as other activities. Interested in getting involved? [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support].

Keep an eye on this space for more information!

==Bring the InfoSec Girls to AppSec USA 2015==
Join the AppSecUSA 2015 Women in AppSec Program Organizing Committee on the OWASP Women in AppSec Community Group: https://myowasp.force.com. We are planning several activities for the AppSec USA event.

We are especially excited to invite the founders of the InfoSec Girls initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world. 
'''Donate now:''' 

<paypal>Women In AppSec</paypal>

'''About InfoSec Girls''' 
Based in India, [https://infosecgirls.in/ InfoSec Girls] educates women about information security both at the community level and as a career option. Their kickoff event at C0c0n 2014 in Kochi, Kerala attracted 130 women and was the first event of it’s kind in the region.

Founders Apoorva Giri and Shruthi Kamath have spoken extensively on cybersecurity and women’s issues in India. Their efforts to bring awareness of cybersecurity to a wider audience has empowered women and girls to consider security careers as well as protect themselves online. They are also members of OWASP WIA.

At AppSec USA in September, they will inspire and inform your organization’s diversity and education programs, as well as give individual OWASP members ideas on how they can contribute to the application security education effort.

Sponsorship opportunities for commercial organizations and OWASP chapters are also available. Please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information about sponsorship packages.

=PAST WINNERS=
==Previous Women in AppSec Winners==
Following their experience at AppSec, winners are encouraged to write a short piece about their experience at the conference and their participation in the Women in AppSec program. Here, they outline their experience with the Women in AppSec Program in their own words.

'''Carrie Schaper, 2013 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Carrie Schaper Small.jpg|100px]]
| align="justify" |"OWASP Appsec proved to be a great experience for me, uniting and interacting with friends, professionals, and colleagues from the Information Security space from across the US and Internationally whom were in attendance. The huge space and well organized functions such as the: trainings, expert talks, panels, bug-bounty, lock-picking village and social events all enhanced the conference experience. Participating on the Women in IT panel was a wonderful experience, as many women were in attendance and participated in collaborative discussions. OWASP Appsec held in NY this year, was a premier NY conference not to be missed. Thank you to OWASP, its attendees and organizers."
|}
 

'''Nancy Lornston, 2013 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Nancy Lorntson Small.jpg|100px]]
| align="justify" |"AppSec 2013 was an awesome experience! Nowhere in the world can you find the top security experts all in one place at one time (and participate in a marriage proposal!). The conference presentations were well organized and the speakers were prepared to share pros, cons, successes and failures of their work in order to advance the application security domain. The variety of vendors was terrific as well.

The Women in AppSec panel was an opportunity to advance women's position in the community. Each speaker shared some very candid remarks about their personal experiences and by the end, it was clear that while more work needs to be done, there is a sincere interest by companies, universities and the industry in general to work on doing the things needed to attract more women to the profession.

The training course I attended (Open source tools) lived up to it's billing and I came away with several invaluable tips and strategies to improve our program.

A huge thank you to the Women in App Sec Panel and OWASP in general for this opportunity to attend the premier Application Security Conference in the world."
|}
 

'''Tara Wilson, 2011 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Tara wilson.jpg|100px]]
| align="justify" |“Being fortunate enough to receive the Women in AppSec sponsorhsip is a unique and valuable experience. It is a great opportunity for women to have a chance to bolster their skills and dive deep into the world of application security. I found that attending the conference was not only a great way to experience what the OWASP community has to offer, but it also gives students a chance to network with a great group of people who are passionate about their field and willing to share a wealth of information.”
|}
 

'''Chandni Bhowmik, 2011 Winner'''
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Chandni_bhowmik.jpg|100px]]
| align="justify" |Chandni Bhowmik is currently completing an M.S. in Computer Security and Information Assurance at the Rochester Institute of Technology (RIT). Her first introduction to OWASP was through the project WebScarab during an application security lab last spring at RIT and her interest in OWASP grew ever since. Over the summer, she started programming open source web applications using built-in security features of Django and Python. She is interested in becoming an information security researcher, and hopes to leverage learning at OWASP AppSec USA 2011 in ad-hoc architecture, mobile platforms and over-all concepts of web application security. Besides secure programming, Chandni enjoys her current research involving digital image forensics and machine learning. In addition to attending school, she has interned in IT security and compliance at Paychex, a Rochester based payroll processing company, and gained industrial experience working an assistant systems engineer for Tata Consultancy Services, a global IT firm.
|}
 

=CONTACT=

==Contact Us==

If you are interested in another piece of OWASP design for your event or project, please let us know by using the [http://owasp4.owasp.org/contactus.html OWASP Contact Us form].

<headertabs />

Women In AppSec

2015-07-30T21:25:40Z

Kerryjorichards: /* WELCOME */

=WELCOME=

<paypal>Women In AppSec</paypal>
==Women in Application Security Program==

The purpose of the Women in AppSec Program is to increase the participation of women in the field of application security. The program was successfully launched in 2011 at AppSec USA, and the aim is to run the program at every OWASP Global AppSec going forward. Most recently, at AppSec EU in Amsterndam in May 2015, a program with the theme "Women in AppSec - Making it Happen" was launched and both a panel and a workshop were included at the event.

The Women in AppSec program is for any OWASP member who believes that diversity is important to the success of the organization, as well as for women looking to learn more about AppSec or who want to make career connections with like-minded colleagues. This includes female undergraduate and graduate students, instructors, and professionals who are dedicated to information security or application development.

'''AppSec USA 2015''' 
Currently, there is an effort to plan activities for AppSec USA 2015. Volunteers are eagerly sought to support the program at AppSec USA! We are especially excited to invite the founders of the '''InfoSec Girls''' initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world. '''Donate now:''' 

<paypal>Women In AppSec</paypal>

'''Want to find out more?''' Join the weekly meeting - reach out via the [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support].

Regional conferences are also encouraged to host the Women in AppSec program. Contact us via the [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support] to discuss how to successfully run a program at your event.

{|
|-
! width="400" align="left" |
! width="400" align="left" |
|-
| align="left" | [[Image:WiAAPAC3.jpg| left|330px]] 
| align="left" | [[Image:IMG_5579.JPG|left|325px]]
| align="left" | [[Image:WiAAPAC2.jpg|left|330px]]

|}

==Contact Us==

If you are interested in another piece of OWASP design for your event or project, please let us know by using the [http://owasp4.owasp.org/contactus.html OWASP Contact Us form].

==Links==
*[https://www.isc2.org/PressReleaseDetails.aspx?id=11240 (ISC)²® Report Reveals Women's Perspective and Skills are Transforming the Information Security Industry October 29, 2013].

*[https://www.youtube.com/watch?v=62i4o15NbgA&list=PLpr-xdpM8wG8ODR2zWs06JkMmlRiLyBXU&index=42 Women in AppSec Panel at AppSec USA 2013: Women in Information Security: Who Are We? Where Are We Going? Why? -- Joan Goodchild (Audio Only)]

=ABOUT THE PROGRAM=

The OWASP Foundation, in recognition of value to both organizations and society, is working to support and enhance programs that increase the participation of women in the field of information and application security. The OWASP Foundation Women in AppSec Program provides merit-based funding for women to attend participating OWASP AppSec conferences. OWASP’s current program objective is to encourage female students at both the undergraduate and graduate levels, instructors, and professional working women who are dedicated to a career in information security and/or application development, to expand their skills and pursue application security. Interested applicants are encouraged to apply to the program running within their region of residence. 

'''AppSec USA 2015''' 
Join the AppSecUSA 2015 Women in AppSec Program Organizing Committee on the OWASP Women in AppSec Community Group: https://myowasp.force.com. We are planning several activities for the AppSec USA event.

We are especially excited to invite the founders of the InfoSec Girls initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world. 
'''Donate now:''' 
<paypal>Women In AppSec</paypal>

Sponsorship opportunities for commercial organizations and OWASP chapters are also available. Please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information about sponsorship packages.

=Previous WiA Activities=

== AppSec EU 2015 ==
During AppSec EU there was a panel discussion and workshop supported by the Women in AppSec initiative. Through these sessions we hoped to encourage women to pursue a career in AppSec and help them realize it is an option for them. These sessions was be open to all so we can help build support for the women around us. 

'''Panel: "Women in AppSec - Making it Happen"''' 
During this panel session we discussed what can be done to Make it Happen for Women in AppSec going forward. What have those currently working in the field done to Make it Happen for themselves and other women; what tips and advice do they have to help you do to make a career for yourself or encourage those around you (sister, friend, daughter, etc…) to pursue a career in AppSec? What can we as professionals can do to help encourage girls to go for a career in AppSec?

'''Workshop''' 
During the workshop we introduced female attendees of the conference to what a career in App Sec can involve. We discussed application security and the many career paths available. We hope to build relationships that may lead to a mentoring program for these women.

==WIA Attendee Sponsorship==

In the past, when we have offered sponsorships, we have typically had two winners selected for the sponsorship award; however, the number of winners depends on how much you can afford to sponsor. We recommend that you raise $3000 USD for each winner, at least. In the past, we have given each winner a free conference pass, one free training, and free travel and accommodation to attend the event.
[[Image:IMG_5746.JPG|right|500x260px]]
Below is the list of eligibility criteria used to select WIA sponsorship winners at AppSec USA 2013.

* Has provided 2 responsive contacts as reference, and both references are familiar with the candidate, application security, and OWASP.
* Both references have provided letters of recommendation.
* Has relevant/appropriate achievement goals for attending the conference.
* Is the applicant from the region that the conference is taking place in.
* Has background in volunteering for OWASP or similar organizations.
* Has participated in one of OWASP's programs or activities?
* Is either studying, wishing to study, working in AppSec, or interested in working in AppSec.
* Has financial need.
* Is a paid OWASP member, and/or employer/school is an OWASP sponsor.
* Has an interest in exploring application security

We encourage you to create your own set of criteria that will fit the Women In AppSec that you are planning within your region. The criteria above is meant to be a guideline of what has been used in the past.



=PLANNING=
==Planning a WIA Event==

The majority of the planning involved in running the Women in AppSec Program occurs before the conference or regional event. Below, you will find a brief outline of the tasks your team will have to take on.

====Planning & Selection Team====

The first step you will need to take care of is the selection of your planning and selection team. These are the individuals that will be helping you manage the pre-event planning process and the selection of the sessions during the event. You will typically need a team of 5-6 people. The selection committee will then be broken down into several sub-teams of one to two people who will then work on sponsorship, marketing, the grading process, and the call for entries.

==== Sub-Team Roles ====

'''Sponsorship'''

Two people should be responsible for developing the materials and seeking out sponsorships for the program. They will be in charge of creating the sponsorship packages, flyers, and seeking out sponsorship from other chapters and organizations.

'''Marketing'''

At least two people should be responsible for marketing the event. Their job will consist of putting together press releases, keeping the event planners updated on progress, and
communicating progress to the overall community. They will also be responsible for getting the message out when the team is ready to start accepting applicants.

====Budget====
As mentioned above, it is up to your team to decide what it is you wish to do during the event - that will determine the budget.

====Sponsorship====
It is very important to start reaching out to the overall OWASP community and their corporate contacts as potential sponsorship leads. Develop a Sponsorship Strategy and put together a sponsorship flyer outlining the program, what you are seeking, and the benefits of sponsorship. Give incentive for sponsorship and details about the program to get potential sponsors interested. Make sure to include the successes of past Women in AppSec conference events. Once you have your materials and sponsorship packages sorted, you can get started with sponsorship seeking activities. Below you will find an example of the Women in AppSec 2013 sponsorship flyer we sent out to potential sponsors.

[http://appsecusa.org/2013/wp-content/uploads/2013/06/women-in-appsec-sponsorship.pdf Sample of 2013 Sponsorship Flyer]

==During the conference==
Be sure the engage the women attending the conference in the sessions you have organized: encourage them to not only attend but to be active participants. It's not all about the women try and encourage some men to get involved and attend also, for this initiative to be successful it must be inclusive.

==Post-Conference==

After the conference, it is very important to gather feedback from the participants to make sure they enjoyed the experience. Ask them for a brief description about their experience, with a picture attached for the website. Then write up a review and lessons learned page to document the experience with the program. Make sure to include what can be improved upon in the future.

=AppSec USA 2015=
Planning is currently underway for AppSec USA 2015 WIA activities. We are exploring a networking room as well as other activities. Interested in getting involved? [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support].

Keep an eye on this space for more information!

==Bring the InfoSec Girls to AppSec USA 2015==
Join the AppSecUSA 2015 Women in AppSec Program Organizing Committee on the OWASP Women in AppSec Community Group: https://myowasp.force.com. We are planning several activities for the AppSec USA event.

We are especially excited to invite the founders of the InfoSec Girls initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world. 
'''Donate now:''' 

<paypal>Women In AppSec</paypal>

'''About InfoSec Girls''' 
Based in India, [https://infosecgirls.in/ InfoSec Girls] educates women about information security both at the community level and as a career option. Their kickoff event at C0c0n 2014 in Kochi, Kerala attracted 130 women and was the first event of it’s kind in the region.

Founders Apoorva Giri and Shruthi Kamath have spoken extensively on cybersecurity and women’s issues in India. Their efforts to bring awareness of cybersecurity to a wider audience has empowered women and girls to consider security careers as well as protect themselves online. They are also members of OWASP WIA.

At AppSec USA in September, they will inspire and inform your organization’s diversity and education programs, as well as give individual OWASP members ideas on how they can contribute to the application security education effort.

Sponsorship opportunities for commercial organizations and OWASP chapters are also available. Please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information about sponsorship packages.

=PAST WINNERS=
==Previous Women in AppSec Winners==
Following their experience at AppSec, winners are encouraged to write a short piece about their experience at the conference and their participation in the Women in AppSec program. Here, they outline their experience with the Women in AppSec Program in their own words.

==Carrie Schaper, 2013 Winner==
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Carrie Schaper Small.jpg|100px]]
| align="justify" |"OWASP Appsec proved to be a great experience for me, uniting and interacting with friends, professionals, and colleagues from the Information Security space from across the US and Internationally whom were in attendance. The huge space and well organized functions such as the: trainings, expert talks, panels, bug-bounty, lock-picking village and social events all enhanced the conference experience. Participating on the Women in IT panel was a wonderful experience, as many women were in attendance and participated in collaborative discussions. OWASP Appsec held in NY this year, was a premier NY conference not to be missed. Thank you to OWASP, its attendees and organizers."
|}
 

==Nancy Lornston, 2013 Winner==
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Nancy Lorntson Small.jpg|100px]]
| align="justify" |"AppSec 2013 was an awesome experience! Nowhere in the world can you find the top security experts all in one place at one time (and participate in a marriage proposal!). The conference presentations were well organized and the speakers were prepared to share pros, cons, successes and failures of their work in order to advance the application security domain. The variety of vendors was terrific as well.

The Women in AppSec panel was an opportunity to advance women's position in the community. Each speaker shared some very candid remarks about their personal experiences and by the end, it was clear that while more work needs to be done, there is a sincere interest by companies, universities and the industry in general to work on doing the things needed to attract more women to the profession.

The training course I attended (Open source tools) lived up to it's billing and I came away with several invaluable tips and strategies to improve our program.

A huge thank you to the Women in App Sec Panel and OWASP in general for this opportunity to attend the premier Application Security Conference in the world."
|}
 

==Tara Wilson, 2011 Winner==
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Tara wilson.jpg|100px]]
| align="justify" |“Being fortunate enough to receive the Women in AppSec sponsorhsip is a unique and valuable experience. It is a great opportunity for women to have a chance to bolster their skills and dive deep into the world of application security. I found that attending the conference was not only a great way to experience what the OWASP community has to offer, but it also gives students a chance to network with a great group of people who are passionate about their field and willing to share a wealth of information.”
|}
 

==Chandni Bhowmik, 2011 Winner==
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Chandni_bhowmik.jpg|100px]]
| align="justify" |Chandni Bhowmik is currently completing an M.S. in Computer Security and Information Assurance at the Rochester Institute of Technology (RIT). Her first introduction to OWASP was through the project WebScarab during an application security lab last spring at RIT and her interest in OWASP grew ever since. Over the summer, she started programming open source web applications using built-in security features of Django and Python. She is interested in becoming an information security researcher, and hopes to leverage learning at OWASP AppSec USA 2011 in ad-hoc architecture, mobile platforms and over-all concepts of web application security. Besides secure programming, Chandni enjoys her current research involving digital image forensics and machine learning. In addition to attending school, she has interned in IT security and compliance at Paychex, a Rochester based payroll processing company, and gained industrial experience working an assistant systems engineer for Tata Consultancy Services, a global IT firm.
|}
 

=CONTACT=

==Contact Us==

If you are interested in another piece of OWASP design for your event or project, please let us know by using the [http://owasp4.owasp.org/contactus.html OWASP Contact Us form].

<headertabs />

Women In AppSec

2015-07-30T21:24:42Z

Kerryjorichards:

=WELCOME=

<paypal>Women In AppSec</paypal>
==Women in Application Security Program==

The purpose of the Women in AppSec Program is to increase the participation of women in the field of application security. The program was successfully launched in 2011 at AppSec USA, and the aim is to run the program at every OWASP Global AppSec going forward. Most recently, at AppSec EU in Amsterndam in May 2015, a program with the theme "Women in AppSec - Making it Happen" was launched and both a panel and a workshop were included at the event.

The Women in AppSec program is for any OWASP member who believes that diversity is important to the success of the organization, as well as for women looking to learn more about AppSec or who want to make career connections with like-minded colleagues. This includes female undergraduate and graduate students, instructors, and professionals who are dedicated to information security or application development.

'''AppSec USA 2015''' 
Currently, there is an effort to plan activities for AppSec USA 2015. Volunteers are eagerly sought to support the program at AppSec USA! We are especially excited to invite the founders of the InfoSec Girls initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world. '''Donate now:''' 

<paypal>Women In AppSec</paypal>

'''Want to find out more?''' Join the weekly meeting - reach out via the [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support].

Regional conferences are also encouraged to host the Women in AppSec program. Contact us via the [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support] to discuss how to successfully run a program at your event.

{|
|-
! width="400" align="left" |
! width="400" align="left" |
|-
| align="left" | [[Image:WiAAPAC3.jpg| left|330px]] 
| align="left" | [[Image:IMG_5579.JPG|left|325px]]
| align="left" | [[Image:WiAAPAC2.jpg|left|330px]]

|}

==Contact Us==

If you are interested in another piece of OWASP design for your event or project, please let us know by using the [http://owasp4.owasp.org/contactus.html OWASP Contact Us form].

==Links==
*[https://www.isc2.org/PressReleaseDetails.aspx?id=11240 (ISC)²® Report Reveals Women's Perspective and Skills are Transforming the Information Security Industry October 29, 2013].

*[https://www.youtube.com/watch?v=62i4o15NbgA&list=PLpr-xdpM8wG8ODR2zWs06JkMmlRiLyBXU&index=42 Women in AppSec Panel at AppSec USA 2013: Women in Information Security: Who Are We? Where Are We Going? Why? -- Joan Goodchild (Audio Only)]

=ABOUT THE PROGRAM=

The OWASP Foundation, in recognition of value to both organizations and society, is working to support and enhance programs that increase the participation of women in the field of information and application security. The OWASP Foundation Women in AppSec Program provides merit-based funding for women to attend participating OWASP AppSec conferences. OWASP’s current program objective is to encourage female students at both the undergraduate and graduate levels, instructors, and professional working women who are dedicated to a career in information security and/or application development, to expand their skills and pursue application security. Interested applicants are encouraged to apply to the program running within their region of residence. 

'''AppSec USA 2015''' 
Join the AppSecUSA 2015 Women in AppSec Program Organizing Committee on the OWASP Women in AppSec Community Group: https://myowasp.force.com. We are planning several activities for the AppSec USA event.

We are especially excited to invite the founders of the InfoSec Girls initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world. 
'''Donate now:''' 
<paypal>Women In AppSec</paypal>

Sponsorship opportunities for commercial organizations and OWASP chapters are also available. Please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information about sponsorship packages.

=Previous WiA Activities=

== AppSec EU 2015 ==
During AppSec EU there was a panel discussion and workshop supported by the Women in AppSec initiative. Through these sessions we hoped to encourage women to pursue a career in AppSec and help them realize it is an option for them. These sessions was be open to all so we can help build support for the women around us. 

'''Panel: "Women in AppSec - Making it Happen"''' 
During this panel session we discussed what can be done to Make it Happen for Women in AppSec going forward. What have those currently working in the field done to Make it Happen for themselves and other women; what tips and advice do they have to help you do to make a career for yourself or encourage those around you (sister, friend, daughter, etc…) to pursue a career in AppSec? What can we as professionals can do to help encourage girls to go for a career in AppSec?

'''Workshop''' 
During the workshop we introduced female attendees of the conference to what a career in App Sec can involve. We discussed application security and the many career paths available. We hope to build relationships that may lead to a mentoring program for these women.

==WIA Attendee Sponsorship==

In the past, when we have offered sponsorships, we have typically had two winners selected for the sponsorship award; however, the number of winners depends on how much you can afford to sponsor. We recommend that you raise $3000 USD for each winner, at least. In the past, we have given each winner a free conference pass, one free training, and free travel and accommodation to attend the event.
[[Image:IMG_5746.JPG|right|500x260px]]
Below is the list of eligibility criteria used to select WIA sponsorship winners at AppSec USA 2013.

* Has provided 2 responsive contacts as reference, and both references are familiar with the candidate, application security, and OWASP.
* Both references have provided letters of recommendation.
* Has relevant/appropriate achievement goals for attending the conference.
* Is the applicant from the region that the conference is taking place in.
* Has background in volunteering for OWASP or similar organizations.
* Has participated in one of OWASP's programs or activities?
* Is either studying, wishing to study, working in AppSec, or interested in working in AppSec.
* Has financial need.
* Is a paid OWASP member, and/or employer/school is an OWASP sponsor.
* Has an interest in exploring application security

We encourage you to create your own set of criteria that will fit the Women In AppSec that you are planning within your region. The criteria above is meant to be a guideline of what has been used in the past.



=PLANNING=
==Planning a WIA Event==

The majority of the planning involved in running the Women in AppSec Program occurs before the conference or regional event. Below, you will find a brief outline of the tasks your team will have to take on.

====Planning & Selection Team====

The first step you will need to take care of is the selection of your planning and selection team. These are the individuals that will be helping you manage the pre-event planning process and the selection of the sessions during the event. You will typically need a team of 5-6 people. The selection committee will then be broken down into several sub-teams of one to two people who will then work on sponsorship, marketing, the grading process, and the call for entries.

==== Sub-Team Roles ====

'''Sponsorship'''

Two people should be responsible for developing the materials and seeking out sponsorships for the program. They will be in charge of creating the sponsorship packages, flyers, and seeking out sponsorship from other chapters and organizations.

'''Marketing'''

At least two people should be responsible for marketing the event. Their job will consist of putting together press releases, keeping the event planners updated on progress, and
communicating progress to the overall community. They will also be responsible for getting the message out when the team is ready to start accepting applicants.

====Budget====
As mentioned above, it is up to your team to decide what it is you wish to do during the event - that will determine the budget.

====Sponsorship====
It is very important to start reaching out to the overall OWASP community and their corporate contacts as potential sponsorship leads. Develop a Sponsorship Strategy and put together a sponsorship flyer outlining the program, what you are seeking, and the benefits of sponsorship. Give incentive for sponsorship and details about the program to get potential sponsors interested. Make sure to include the successes of past Women in AppSec conference events. Once you have your materials and sponsorship packages sorted, you can get started with sponsorship seeking activities. Below you will find an example of the Women in AppSec 2013 sponsorship flyer we sent out to potential sponsors.

[http://appsecusa.org/2013/wp-content/uploads/2013/06/women-in-appsec-sponsorship.pdf Sample of 2013 Sponsorship Flyer]

==During the conference==
Be sure the engage the women attending the conference in the sessions you have organized: encourage them to not only attend but to be active participants. It's not all about the women try and encourage some men to get involved and attend also, for this initiative to be successful it must be inclusive.

==Post-Conference==

After the conference, it is very important to gather feedback from the participants to make sure they enjoyed the experience. Ask them for a brief description about their experience, with a picture attached for the website. Then write up a review and lessons learned page to document the experience with the program. Make sure to include what can be improved upon in the future.

=AppSec USA 2015=
Planning is currently underway for AppSec USA 2015 WIA activities. We are exploring a networking room as well as other activities. Interested in getting involved? [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support].

Keep an eye on this space for more information!

==Bring the InfoSec Girls to AppSec USA 2015==
Join the AppSecUSA 2015 Women in AppSec Program Organizing Committee on the OWASP Women in AppSec Community Group: https://myowasp.force.com. We are planning several activities for the AppSec USA event.

We are especially excited to invite the founders of the InfoSec Girls initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world. 
'''Donate now:''' 

<paypal>Women In AppSec</paypal>

'''About InfoSec Girls''' 
Based in India, [https://infosecgirls.in/ InfoSec Girls] educates women about information security both at the community level and as a career option. Their kickoff event at C0c0n 2014 in Kochi, Kerala attracted 130 women and was the first event of it’s kind in the region.

Founders Apoorva Giri and Shruthi Kamath have spoken extensively on cybersecurity and women’s issues in India. Their efforts to bring awareness of cybersecurity to a wider audience has empowered women and girls to consider security careers as well as protect themselves online. They are also members of OWASP WIA.

At AppSec USA in September, they will inspire and inform your organization’s diversity and education programs, as well as give individual OWASP members ideas on how they can contribute to the application security education effort.

Sponsorship opportunities for commercial organizations and OWASP chapters are also available. Please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information about sponsorship packages.

=PAST WINNERS=
==Previous Women in AppSec Winners==
Following their experience at AppSec, winners are encouraged to write a short piece about their experience at the conference and their participation in the Women in AppSec program. Here, they outline their experience with the Women in AppSec Program in their own words.

==Carrie Schaper, 2013 Winner==
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Carrie Schaper Small.jpg|100px]]
| align="justify" |"OWASP Appsec proved to be a great experience for me, uniting and interacting with friends, professionals, and colleagues from the Information Security space from across the US and Internationally whom were in attendance. The huge space and well organized functions such as the: trainings, expert talks, panels, bug-bounty, lock-picking village and social events all enhanced the conference experience. Participating on the Women in IT panel was a wonderful experience, as many women were in attendance and participated in collaborative discussions. OWASP Appsec held in NY this year, was a premier NY conference not to be missed. Thank you to OWASP, its attendees and organizers."
|}
 

==Nancy Lornston, 2013 Winner==
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Nancy Lorntson Small.jpg|100px]]
| align="justify" |"AppSec 2013 was an awesome experience! Nowhere in the world can you find the top security experts all in one place at one time (and participate in a marriage proposal!). The conference presentations were well organized and the speakers were prepared to share pros, cons, successes and failures of their work in order to advance the application security domain. The variety of vendors was terrific as well.

The Women in AppSec panel was an opportunity to advance women's position in the community. Each speaker shared some very candid remarks about their personal experiences and by the end, it was clear that while more work needs to be done, there is a sincere interest by companies, universities and the industry in general to work on doing the things needed to attract more women to the profession.

The training course I attended (Open source tools) lived up to it's billing and I came away with several invaluable tips and strategies to improve our program.

A huge thank you to the Women in App Sec Panel and OWASP in general for this opportunity to attend the premier Application Security Conference in the world."
|}
 

==Tara Wilson, 2011 Winner==
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Tara wilson.jpg|100px]]
| align="justify" |“Being fortunate enough to receive the Women in AppSec sponsorhsip is a unique and valuable experience. It is a great opportunity for women to have a chance to bolster their skills and dive deep into the world of application security. I found that attending the conference was not only a great way to experience what the OWASP community has to offer, but it also gives students a chance to network with a great group of people who are passionate about their field and willing to share a wealth of information.”
|}
 

==Chandni Bhowmik, 2011 Winner==
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Chandni_bhowmik.jpg|100px]]
| align="justify" |Chandni Bhowmik is currently completing an M.S. in Computer Security and Information Assurance at the Rochester Institute of Technology (RIT). Her first introduction to OWASP was through the project WebScarab during an application security lab last spring at RIT and her interest in OWASP grew ever since. Over the summer, she started programming open source web applications using built-in security features of Django and Python. She is interested in becoming an information security researcher, and hopes to leverage learning at OWASP AppSec USA 2011 in ad-hoc architecture, mobile platforms and over-all concepts of web application security. Besides secure programming, Chandni enjoys her current research involving digital image forensics and machine learning. In addition to attending school, she has interned in IT security and compliance at Paychex, a Rochester based payroll processing company, and gained industrial experience working an assistant systems engineer for Tata Consultancy Services, a global IT firm.
|}
 

=CONTACT=

==Contact Us==

If you are interested in another piece of OWASP design for your event or project, please let us know by using the [http://owasp4.owasp.org/contactus.html OWASP Contact Us form].

<headertabs />

Women In AppSec

2015-07-30T21:23:54Z

Kerryjorichards: /* WELCOME */

=WELCOME=

<paypal>Women In AppSec</paypal>
==Women in Application Security Program==

The purpose of the Women in AppSec Program is to increase the participation of women in the field of application security. The program was successfully launched in 2011 at AppSec USA, and the aim is to run the program at every OWASP Global AppSec going forward. Most recently, at AppSec EU in Amsterndam in May 2015, a program with the theme "Women in AppSec - Making it Happen" was launched and both a panel and a workshop were included at the event.

The Women in AppSec program is for any OWASP member who believes that diversity is important to the success of the organization, as well as for women looking to learn more about AppSec or who want to make career connections with like-minded colleagues. This includes female undergraduate and graduate students, instructors, and professionals who are dedicated to information security or application development.

'''AppSec USA 2015''' 
Currently, there is an effort to plan activities for AppSec USA 2015. Volunteers are eagerly sought to support the program at AppSec USA! We are especially excited to invite the founders of the InfoSec Girls initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world. '''Donate now:''' 

<paypal>Women In AppSec</paypal>

Want to find out more? Join the weekly meeting - reach out via the [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support].

Regional conferences are also encouraged to host the Women in AppSec program. Contact us via the [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support] to discuss how to successfully run a program at your event.

{|
|-
! width="400" align="left" |
! width="400" align="left" |
|-
| align="left" | [[Image:WiAAPAC3.jpg| left|330px]] 
| align="left" | [[Image:IMG_5579.JPG|left|325px]]
| align="left" | [[Image:WiAAPAC2.jpg|left|330px]]

|}

==Contact Us==

If you are interested in another piece of OWASP design for your event or project, please let us know by using the [http://owasp4.owasp.org/contactus.html OWASP Contact Us form].

==Links==
*[https://www.isc2.org/PressReleaseDetails.aspx?id=11240 (ISC)²® Report Reveals Women's Perspective and Skills are Transforming the Information Security Industry October 29, 2013].

*[https://www.youtube.com/watch?v=62i4o15NbgA&list=PLpr-xdpM8wG8ODR2zWs06JkMmlRiLyBXU&index=42 Women in AppSec Panel at AppSec USA 2013: Women in Information Security: Who Are We? Where Are We Going? Why? -- Joan Goodchild (Audio Only)]

=ABOUT THE PROGRAM=

The OWASP Foundation, in recognition of value to both organizations and society, is working to support and enhance programs that increase the participation of women in the field of information and application security. The OWASP Foundation Women in AppSec Program provides merit-based funding for women to attend participating OWASP AppSec conferences. OWASP’s current program objective is to encourage female students at both the undergraduate and graduate levels, instructors, and professional working women who are dedicated to a career in information security and/or application development, to expand their skills and pursue application security. Interested applicants are encouraged to apply to the program running within their region of residence. 

'''AppSec USA 2015''' 
Join the AppSecUSA 2015 Women in AppSec Program Organizing Committee on the OWASP Women in AppSec Community Group: https://myowasp.force.com. We are planning several activities for the AppSec USA event.

We are especially excited to invite the founders of the InfoSec Girls initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world. 
'''Donate now:''' 
<paypal>Women In AppSec</paypal>

Sponsorship opportunities for commercial organizations and OWASP chapters are also available. Please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information about sponsorship packages.

=Previous WiA Activities=

== AppSec EU 2015 ==
During AppSec EU there was a panel discussion and workshop supported by the Women in AppSec initiative. Through these sessions we hoped to encourage women to pursue a career in AppSec and help them realize it is an option for them. These sessions was be open to all so we can help build support for the women around us. 

'''Panel: "Women in AppSec - Making it Happen"''' 
During this panel session we discussed what can be done to Make it Happen for Women in AppSec going forward. What have those currently working in the field done to Make it Happen for themselves and other women; what tips and advice do they have to help you do to make a career for yourself or encourage those around you (sister, friend, daughter, etc…) to pursue a career in AppSec? What can we as professionals can do to help encourage girls to go for a career in AppSec?

'''Workshop''' 
During the workshop we introduced female attendees of the conference to what a career in App Sec can involve. We discussed application security and the many career paths available. We hope to build relationships that may lead to a mentoring program for these women.

==WIA Attendee Sponsorship==

In the past, when we have offered sponsorships, we have typically had two winners selected for the sponsorship award; however, the number of winners depends on how much you can afford to sponsor. We recommend that you raise $3000 USD for each winner, at least. In the past, we have given each winner a free conference pass, one free training, and free travel and accommodation to attend the event.
[[Image:IMG_5746.JPG|right|500x260px]]
Below is the list of eligibility criteria used to select WIA sponsorship winners at AppSec USA 2013.

* Has provided 2 responsive contacts as reference, and both references are familiar with the candidate, application security, and OWASP.
* Both references have provided letters of recommendation.
* Has relevant/appropriate achievement goals for attending the conference.
* Is the applicant from the region that the conference is taking place in.
* Has background in volunteering for OWASP or similar organizations.
* Has participated in one of OWASP's programs or activities?
* Is either studying, wishing to study, working in AppSec, or interested in working in AppSec.
* Has financial need.
* Is a paid OWASP member, and/or employer/school is an OWASP sponsor.
* Has an interest in exploring application security

We encourage you to create your own set of criteria that will fit the Women In AppSec that you are planning within your region. The criteria above is meant to be a guideline of what has been used in the past.



=PLANNING=
==Planning a WIA Event==

The majority of the planning involved in running the Women in AppSec Program occurs before the conference or regional event. Below, you will find a brief outline of the tasks your team will have to take on.

====Planning & Selection Team====

The first step you will need to take care of is the selection of your planning and selection team. These are the individuals that will be helping you manage the pre-event planning process and the selection of the sessions during the event. You will typically need a team of 5-6 people. The selection committee will then be broken down into several sub-teams of one to two people who will then work on sponsorship, marketing, the grading process, and the call for entries.

==== Sub-Team Roles ====

'''Sponsorship'''

Two people should be responsible for developing the materials and seeking out sponsorships for the program. They will be in charge of creating the sponsorship packages, flyers, and seeking out sponsorship from other chapters and organizations.

'''Marketing'''

At least two people should be responsible for marketing the event. Their job will consist of putting together press releases, keeping the event planners updated on progress, and
communicating progress to the overall community. They will also be responsible for getting the message out when the team is ready to start accepting applicants.

====Budget====
As mentioned above, it is up to your team to decide what it is you wish to do during the event - that will determine the budget.

====Sponsorship====
It is very important to start reaching out to the overall OWASP community and their corporate contacts as potential sponsorship leads. Develop a Sponsorship Strategy and put together a sponsorship flyer outlining the program, what you are seeking, and the benefits of sponsorship. Give incentive for sponsorship and details about the program to get potential sponsors interested. Make sure to include the successes of past Women in AppSec conference events. Once you have your materials and sponsorship packages sorted, you can get started with sponsorship seeking activities. Below you will find an example of the Women in AppSec 2013 sponsorship flyer we sent out to potential sponsors.

[http://appsecusa.org/2013/wp-content/uploads/2013/06/women-in-appsec-sponsorship.pdf Sample of 2013 Sponsorship Flyer]

==During the conference==
Be sure the engage the women attending the conference in the sessions you have organized: encourage them to not only attend but to be active participants. It's not all about the women try and encourage some men to get involved and attend also, for this initiative to be successful it must be inclusive.

==Post-Conference==

After the conference, it is very important to gather feedback from the participants to make sure they enjoyed the experience. Ask them for a brief description about their experience, with a picture attached for the website. Then write up a review and lessons learned page to document the experience with the program. Make sure to include what can be improved upon in the future.

=AppSec USA 2015=
Planning is currently underway for AppSec USA 2015 WIA activities. We are exploring a networking room as well as other activities. Interested in getting involved? [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support].

Keep an eye on this space for more information!

==Bring the InfoSec Girls to AppSec USA 2015==
Join the AppSecUSA 2015 Women in AppSec Program Organizing Committee on the OWASP Women in AppSec Community Group: https://myowasp.force.com. We are planning several activities for the AppSec USA event.

We are especially excited to invite the founders of the InfoSec Girls initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world. 
'''Donate now:''' 

<paypal>Women In AppSec</paypal>

'''About InfoSec Girls''' 
Based in India, [https://infosecgirls.in/ InfoSec Girls] educates women about information security both at the community level and as a career option. Their kickoff event at C0c0n 2014 in Kochi, Kerala attracted 130 women and was the first event of it’s kind in the region.

Founders Apoorva Giri and Shruthi Kamath have spoken extensively on cybersecurity and women’s issues in India. Their efforts to bring awareness of cybersecurity to a wider audience has empowered women and girls to consider security careers as well as protect themselves online. They are also members of OWASP WIA.

At AppSec USA in September, they will inspire and inform your organization’s diversity and education programs, as well as give individual OWASP members ideas on how they can contribute to the application security education effort.

Sponsorship opportunities for commercial organizations and OWASP chapters are also available. Please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information about sponsorship packages.

=PAST WINNERS=
==Previous Women in AppSec Winners==
Following their experience at AppSec, winners are encouraged to write a short piece about their experience at the conference and their participation in the Women in AppSec program. Here, they outline their experience with the Women in AppSec Program in their own words.

==Carrie Schaper, 2013 Winner==
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Carrie Schaper Small.jpg|100px]]
| align="justify" |"OWASP Appsec proved to be a great experience for me, uniting and interacting with friends, professionals, and colleagues from the Information Security space from across the US and Internationally whom were in attendance. The huge space and well organized functions such as the: trainings, expert talks, panels, bug-bounty, lock-picking village and social events all enhanced the conference experience. Participating on the Women in IT panel was a wonderful experience, as many women were in attendance and participated in collaborative discussions. OWASP Appsec held in NY this year, was a premier NY conference not to be missed. Thank you to OWASP, its attendees and organizers."
|}
 

==Nancy Lornston, 2013 Winner==
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Nancy Lorntson Small.jpg|100px]]
| align="justify" |"AppSec 2013 was an awesome experience! Nowhere in the world can you find the top security experts all in one place at one time (and participate in a marriage proposal!). The conference presentations were well organized and the speakers were prepared to share pros, cons, successes and failures of their work in order to advance the application security domain. The variety of vendors was terrific as well.

The Women in AppSec panel was an opportunity to advance women's position in the community. Each speaker shared some very candid remarks about their personal experiences and by the end, it was clear that while more work needs to be done, there is a sincere interest by companies, universities and the industry in general to work on doing the things needed to attract more women to the profession.

The training course I attended (Open source tools) lived up to it's billing and I came away with several invaluable tips and strategies to improve our program.

A huge thank you to the Women in App Sec Panel and OWASP in general for this opportunity to attend the premier Application Security Conference in the world."
|}
 

==Tara Wilson, 2011 Winner==
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Tara wilson.jpg|100px]]
| align="justify" |“Being fortunate enough to receive the Women in AppSec sponsorhsip is a unique and valuable experience. It is a great opportunity for women to have a chance to bolster their skills and dive deep into the world of application security. I found that attending the conference was not only a great way to experience what the OWASP community has to offer, but it also gives students a chance to network with a great group of people who are passionate about their field and willing to share a wealth of information.”
|}
 

==Chandni Bhowmik, 2011 Winner==
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Chandni_bhowmik.jpg|100px]]
| align="justify" |Chandni Bhowmik is currently completing an M.S. in Computer Security and Information Assurance at the Rochester Institute of Technology (RIT). Her first introduction to OWASP was through the project WebScarab during an application security lab last spring at RIT and her interest in OWASP grew ever since. Over the summer, she started programming open source web applications using built-in security features of Django and Python. She is interested in becoming an information security researcher, and hopes to leverage learning at OWASP AppSec USA 2011 in ad-hoc architecture, mobile platforms and over-all concepts of web application security. Besides secure programming, Chandni enjoys her current research involving digital image forensics and machine learning. In addition to attending school, she has interned in IT security and compliance at Paychex, a Rochester based payroll processing company, and gained industrial experience working an assistant systems engineer for Tata Consultancy Services, a global IT firm.
|}
 

=CONTACT=

==Contact Us==

If you are interested in another piece of OWASP design for your event or project, please let us know by using the [http://owasp4.owasp.org/contactus.html OWASP Contact Us form].

<headertabs />

Women In AppSec

2015-07-30T21:22:36Z

Kerryjorichards: /* ABOUT THE PROGRAM */

=WELCOME=

<paypal>Women In AppSec</paypal>
==Women in Application Security Program==

The purpose of the Women in AppSec Program is to increase the participation of women in the field of application security. The program was successfully launched in 2011 at AppSec USA, and the aim is to run the program at every OWASP Global AppSec going forward. Most recently, at AppSec EU in Amsterndam in May 2015, a program with the theme "Women in AppSec - Making it Happen" was launched and both a panel and a workshop were included at the event.

The Women in AppSec program is for any OWASP member who believes that diversity is important to the success of the organization, as well as for women looking to learn more about AppSec or who want to make career connections with like-minded colleagues. This includes female undergraduate and graduate students, instructors, and professionals who are dedicated to information security or application development.

'''AppSec USA 2015''' 
Currently, there is an effort to plan activities for AppSec USA 2015. Volunteers are eagerly sought to support the program at AppSec USA! We are especially excited to invite the founders of the InfoSec Girls initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world. Donate now:

<paypal>Women In AppSec</paypal>

Want to find out more? Join the weekly meeting - reach out via the [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support].

Regional conferences are also encouraged to host the Women in AppSec program. Contact us via the [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support] to discuss how to successfully run a program at your event.

{|
|-
! width="400" align="left" |
! width="400" align="left" |
|-
| align="left" | [[Image:WiAAPAC3.jpg| left|330px]] 
| align="left" | [[Image:IMG_5579.JPG|left|325px]]
| align="left" | [[Image:WiAAPAC2.jpg|left|330px]]

|}

==Contact Us==

If you are interested in another piece of OWASP design for your event or project, please let us know by using the [http://owasp4.owasp.org/contactus.html OWASP Contact Us form].

==Links==
*[https://www.isc2.org/PressReleaseDetails.aspx?id=11240 (ISC)²® Report Reveals Women's Perspective and Skills are Transforming the Information Security Industry October 29, 2013].

*[https://www.youtube.com/watch?v=62i4o15NbgA&list=PLpr-xdpM8wG8ODR2zWs06JkMmlRiLyBXU&index=42 Women in AppSec Panel at AppSec USA 2013: Women in Information Security: Who Are We? Where Are We Going? Why? -- Joan Goodchild (Audio Only)]

=ABOUT THE PROGRAM=

The OWASP Foundation, in recognition of value to both organizations and society, is working to support and enhance programs that increase the participation of women in the field of information and application security. The OWASP Foundation Women in AppSec Program provides merit-based funding for women to attend participating OWASP AppSec conferences. OWASP’s current program objective is to encourage female students at both the undergraduate and graduate levels, instructors, and professional working women who are dedicated to a career in information security and/or application development, to expand their skills and pursue application security. Interested applicants are encouraged to apply to the program running within their region of residence. 

'''AppSec USA 2015''' 
Join the AppSecUSA 2015 Women in AppSec Program Organizing Committee on the OWASP Women in AppSec Community Group: https://myowasp.force.com. We are planning several activities for the AppSec USA event.

We are especially excited to invite the founders of the InfoSec Girls initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world. 
'''Donate now:''' 
<paypal>Women In AppSec</paypal>

Sponsorship opportunities for commercial organizations and OWASP chapters are also available. Please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information about sponsorship packages.

=Previous WiA Activities=

== AppSec EU 2015 ==
During AppSec EU there was a panel discussion and workshop supported by the Women in AppSec initiative. Through these sessions we hoped to encourage women to pursue a career in AppSec and help them realize it is an option for them. These sessions was be open to all so we can help build support for the women around us. 

'''Panel: "Women in AppSec - Making it Happen"''' 
During this panel session we discussed what can be done to Make it Happen for Women in AppSec going forward. What have those currently working in the field done to Make it Happen for themselves and other women; what tips and advice do they have to help you do to make a career for yourself or encourage those around you (sister, friend, daughter, etc…) to pursue a career in AppSec? What can we as professionals can do to help encourage girls to go for a career in AppSec?

'''Workshop''' 
During the workshop we introduced female attendees of the conference to what a career in App Sec can involve. We discussed application security and the many career paths available. We hope to build relationships that may lead to a mentoring program for these women.

==WIA Attendee Sponsorship==

In the past, when we have offered sponsorships, we have typically had two winners selected for the sponsorship award; however, the number of winners depends on how much you can afford to sponsor. We recommend that you raise $3000 USD for each winner, at least. In the past, we have given each winner a free conference pass, one free training, and free travel and accommodation to attend the event.
[[Image:IMG_5746.JPG|right|500x260px]]
Below is the list of eligibility criteria used to select WIA sponsorship winners at AppSec USA 2013.

* Has provided 2 responsive contacts as reference, and both references are familiar with the candidate, application security, and OWASP.
* Both references have provided letters of recommendation.
* Has relevant/appropriate achievement goals for attending the conference.
* Is the applicant from the region that the conference is taking place in.
* Has background in volunteering for OWASP or similar organizations.
* Has participated in one of OWASP's programs or activities?
* Is either studying, wishing to study, working in AppSec, or interested in working in AppSec.
* Has financial need.
* Is a paid OWASP member, and/or employer/school is an OWASP sponsor.
* Has an interest in exploring application security

We encourage you to create your own set of criteria that will fit the Women In AppSec that you are planning within your region. The criteria above is meant to be a guideline of what has been used in the past.



=PLANNING=
==Planning a WIA Event==

The majority of the planning involved in running the Women in AppSec Program occurs before the conference or regional event. Below, you will find a brief outline of the tasks your team will have to take on.

====Planning & Selection Team====

The first step you will need to take care of is the selection of your planning and selection team. These are the individuals that will be helping you manage the pre-event planning process and the selection of the sessions during the event. You will typically need a team of 5-6 people. The selection committee will then be broken down into several sub-teams of one to two people who will then work on sponsorship, marketing, the grading process, and the call for entries.

==== Sub-Team Roles ====

'''Sponsorship'''

Two people should be responsible for developing the materials and seeking out sponsorships for the program. They will be in charge of creating the sponsorship packages, flyers, and seeking out sponsorship from other chapters and organizations.

'''Marketing'''

At least two people should be responsible for marketing the event. Their job will consist of putting together press releases, keeping the event planners updated on progress, and
communicating progress to the overall community. They will also be responsible for getting the message out when the team is ready to start accepting applicants.

====Budget====
As mentioned above, it is up to your team to decide what it is you wish to do during the event - that will determine the budget.

====Sponsorship====
It is very important to start reaching out to the overall OWASP community and their corporate contacts as potential sponsorship leads. Develop a Sponsorship Strategy and put together a sponsorship flyer outlining the program, what you are seeking, and the benefits of sponsorship. Give incentive for sponsorship and details about the program to get potential sponsors interested. Make sure to include the successes of past Women in AppSec conference events. Once you have your materials and sponsorship packages sorted, you can get started with sponsorship seeking activities. Below you will find an example of the Women in AppSec 2013 sponsorship flyer we sent out to potential sponsors.

[http://appsecusa.org/2013/wp-content/uploads/2013/06/women-in-appsec-sponsorship.pdf Sample of 2013 Sponsorship Flyer]

==During the conference==
Be sure the engage the women attending the conference in the sessions you have organized: encourage them to not only attend but to be active participants. It's not all about the women try and encourage some men to get involved and attend also, for this initiative to be successful it must be inclusive.

==Post-Conference==

After the conference, it is very important to gather feedback from the participants to make sure they enjoyed the experience. Ask them for a brief description about their experience, with a picture attached for the website. Then write up a review and lessons learned page to document the experience with the program. Make sure to include what can be improved upon in the future.

=AppSec USA 2015=
Planning is currently underway for AppSec USA 2015 WIA activities. We are exploring a networking room as well as other activities. Interested in getting involved? [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support].

Keep an eye on this space for more information!

==Bring the InfoSec Girls to AppSec USA 2015==
Join the AppSecUSA 2015 Women in AppSec Program Organizing Committee on the OWASP Women in AppSec Community Group: https://myowasp.force.com. We are planning several activities for the AppSec USA event.

We are especially excited to invite the founders of the InfoSec Girls initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world. 
'''Donate now:''' 

<paypal>Women In AppSec</paypal>

'''About InfoSec Girls''' 
Based in India, [https://infosecgirls.in/ InfoSec Girls] educates women about information security both at the community level and as a career option. Their kickoff event at C0c0n 2014 in Kochi, Kerala attracted 130 women and was the first event of it’s kind in the region.

Founders Apoorva Giri and Shruthi Kamath have spoken extensively on cybersecurity and women’s issues in India. Their efforts to bring awareness of cybersecurity to a wider audience has empowered women and girls to consider security careers as well as protect themselves online. They are also members of OWASP WIA.

At AppSec USA in September, they will inspire and inform your organization’s diversity and education programs, as well as give individual OWASP members ideas on how they can contribute to the application security education effort.

Sponsorship opportunities for commercial organizations and OWASP chapters are also available. Please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information about sponsorship packages.

=PAST WINNERS=
==Previous Women in AppSec Winners==
Following their experience at AppSec, winners are encouraged to write a short piece about their experience at the conference and their participation in the Women in AppSec program. Here, they outline their experience with the Women in AppSec Program in their own words.

==Carrie Schaper, 2013 Winner==
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Carrie Schaper Small.jpg|100px]]
| align="justify" |"OWASP Appsec proved to be a great experience for me, uniting and interacting with friends, professionals, and colleagues from the Information Security space from across the US and Internationally whom were in attendance. The huge space and well organized functions such as the: trainings, expert talks, panels, bug-bounty, lock-picking village and social events all enhanced the conference experience. Participating on the Women in IT panel was a wonderful experience, as many women were in attendance and participated in collaborative discussions. OWASP Appsec held in NY this year, was a premier NY conference not to be missed. Thank you to OWASP, its attendees and organizers."
|}
 

==Nancy Lornston, 2013 Winner==
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Nancy Lorntson Small.jpg|100px]]
| align="justify" |"AppSec 2013 was an awesome experience! Nowhere in the world can you find the top security experts all in one place at one time (and participate in a marriage proposal!). The conference presentations were well organized and the speakers were prepared to share pros, cons, successes and failures of their work in order to advance the application security domain. The variety of vendors was terrific as well.

The Women in AppSec panel was an opportunity to advance women's position in the community. Each speaker shared some very candid remarks about their personal experiences and by the end, it was clear that while more work needs to be done, there is a sincere interest by companies, universities and the industry in general to work on doing the things needed to attract more women to the profession.

The training course I attended (Open source tools) lived up to it's billing and I came away with several invaluable tips and strategies to improve our program.

A huge thank you to the Women in App Sec Panel and OWASP in general for this opportunity to attend the premier Application Security Conference in the world."
|}
 

==Tara Wilson, 2011 Winner==
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Tara wilson.jpg|100px]]
| align="justify" |“Being fortunate enough to receive the Women in AppSec sponsorhsip is a unique and valuable experience. It is a great opportunity for women to have a chance to bolster their skills and dive deep into the world of application security. I found that attending the conference was not only a great way to experience what the OWASP community has to offer, but it also gives students a chance to network with a great group of people who are passionate about their field and willing to share a wealth of information.”
|}
 

==Chandni Bhowmik, 2011 Winner==
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Chandni_bhowmik.jpg|100px]]
| align="justify" |Chandni Bhowmik is currently completing an M.S. in Computer Security and Information Assurance at the Rochester Institute of Technology (RIT). Her first introduction to OWASP was through the project WebScarab during an application security lab last spring at RIT and her interest in OWASP grew ever since. Over the summer, she started programming open source web applications using built-in security features of Django and Python. She is interested in becoming an information security researcher, and hopes to leverage learning at OWASP AppSec USA 2011 in ad-hoc architecture, mobile platforms and over-all concepts of web application security. Besides secure programming, Chandni enjoys her current research involving digital image forensics and machine learning. In addition to attending school, she has interned in IT security and compliance at Paychex, a Rochester based payroll processing company, and gained industrial experience working an assistant systems engineer for Tata Consultancy Services, a global IT firm.
|}
 

=CONTACT=

==Contact Us==

If you are interested in another piece of OWASP design for your event or project, please let us know by using the [http://owasp4.owasp.org/contactus.html OWASP Contact Us form].

<headertabs />

Women In AppSec

2015-07-30T21:21:40Z

Kerryjorichards:

=WELCOME=

<paypal>Women In AppSec</paypal>
==Women in Application Security Program==

The purpose of the Women in AppSec Program is to increase the participation of women in the field of application security. The program was successfully launched in 2011 at AppSec USA, and the aim is to run the program at every OWASP Global AppSec going forward. Most recently, at AppSec EU in Amsterndam in May 2015, a program with the theme "Women in AppSec - Making it Happen" was launched and both a panel and a workshop were included at the event.

The Women in AppSec program is for any OWASP member who believes that diversity is important to the success of the organization, as well as for women looking to learn more about AppSec or who want to make career connections with like-minded colleagues. This includes female undergraduate and graduate students, instructors, and professionals who are dedicated to information security or application development.

'''AppSec USA 2015''' 
Currently, there is an effort to plan activities for AppSec USA 2015. Volunteers are eagerly sought to support the program at AppSec USA! We are especially excited to invite the founders of the InfoSec Girls initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world. Donate now:

<paypal>Women In AppSec</paypal>

Want to find out more? Join the weekly meeting - reach out via the [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support].

Regional conferences are also encouraged to host the Women in AppSec program. Contact us via the [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support] to discuss how to successfully run a program at your event.

{|
|-
! width="400" align="left" |
! width="400" align="left" |
|-
| align="left" | [[Image:WiAAPAC3.jpg| left|330px]] 
| align="left" | [[Image:IMG_5579.JPG|left|325px]]
| align="left" | [[Image:WiAAPAC2.jpg|left|330px]]

|}

==Contact Us==

If you are interested in another piece of OWASP design for your event or project, please let us know by using the [http://owasp4.owasp.org/contactus.html OWASP Contact Us form].

==Links==
*[https://www.isc2.org/PressReleaseDetails.aspx?id=11240 (ISC)²® Report Reveals Women's Perspective and Skills are Transforming the Information Security Industry October 29, 2013].

*[https://www.youtube.com/watch?v=62i4o15NbgA&list=PLpr-xdpM8wG8ODR2zWs06JkMmlRiLyBXU&index=42 Women in AppSec Panel at AppSec USA 2013: Women in Information Security: Who Are We? Where Are We Going? Why? -- Joan Goodchild (Audio Only)]

=ABOUT THE PROGRAM=
==Women in AppSec==
The OWASP Foundation, in recognition of value to both organizations and society, is working to support and enhance programs that increase the participation of women in the field of information and application security. The OWASP Foundation Women in AppSec Program provides merit-based funding for women to attend participating OWASP AppSec conferences. OWASP’s current program objective is to encourage female students at both the undergraduate and graduate levels, instructors, and professional working women who are dedicated to a career in information security and/or application development, to expand their skills and pursue application security. Interested applicants are encouraged to apply to the program running within their region of residence. 

'''AppSec USA 2015''' 
Join the AppSecUSA 2015 Women in AppSec Program Organizing Committee on the OWASP Women in AppSec Community Group: https://myowasp.force.com. We are planning several activities for the AppSec USA event.

We are especially excited to invite the founders of the InfoSec Girls initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world. 
'''Donate now:''' 
<paypal>Women In AppSec</paypal>

Sponsorship opportunities for commercial organizations and OWASP chapters are also available. Please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information about sponsorship packages.

=Previous WiA Activities=

== AppSec EU 2015 ==
During AppSec EU there was a panel discussion and workshop supported by the Women in AppSec initiative. Through these sessions we hoped to encourage women to pursue a career in AppSec and help them realize it is an option for them. These sessions was be open to all so we can help build support for the women around us. 

'''Panel: "Women in AppSec - Making it Happen"''' 
During this panel session we discussed what can be done to Make it Happen for Women in AppSec going forward. What have those currently working in the field done to Make it Happen for themselves and other women; what tips and advice do they have to help you do to make a career for yourself or encourage those around you (sister, friend, daughter, etc…) to pursue a career in AppSec? What can we as professionals can do to help encourage girls to go for a career in AppSec?

'''Workshop''' 
During the workshop we introduced female attendees of the conference to what a career in App Sec can involve. We discussed application security and the many career paths available. We hope to build relationships that may lead to a mentoring program for these women.

==WIA Attendee Sponsorship==

In the past, when we have offered sponsorships, we have typically had two winners selected for the sponsorship award; however, the number of winners depends on how much you can afford to sponsor. We recommend that you raise $3000 USD for each winner, at least. In the past, we have given each winner a free conference pass, one free training, and free travel and accommodation to attend the event.
[[Image:IMG_5746.JPG|right|500x260px]]
Below is the list of eligibility criteria used to select WIA sponsorship winners at AppSec USA 2013.

* Has provided 2 responsive contacts as reference, and both references are familiar with the candidate, application security, and OWASP.
* Both references have provided letters of recommendation.
* Has relevant/appropriate achievement goals for attending the conference.
* Is the applicant from the region that the conference is taking place in.
* Has background in volunteering for OWASP or similar organizations.
* Has participated in one of OWASP's programs or activities?
* Is either studying, wishing to study, working in AppSec, or interested in working in AppSec.
* Has financial need.
* Is a paid OWASP member, and/or employer/school is an OWASP sponsor.
* Has an interest in exploring application security

We encourage you to create your own set of criteria that will fit the Women In AppSec that you are planning within your region. The criteria above is meant to be a guideline of what has been used in the past.



=PLANNING=
==Planning a WIA Event==

The majority of the planning involved in running the Women in AppSec Program occurs before the conference or regional event. Below, you will find a brief outline of the tasks your team will have to take on.

====Planning & Selection Team====

The first step you will need to take care of is the selection of your planning and selection team. These are the individuals that will be helping you manage the pre-event planning process and the selection of the sessions during the event. You will typically need a team of 5-6 people. The selection committee will then be broken down into several sub-teams of one to two people who will then work on sponsorship, marketing, the grading process, and the call for entries.

==== Sub-Team Roles ====

'''Sponsorship'''

Two people should be responsible for developing the materials and seeking out sponsorships for the program. They will be in charge of creating the sponsorship packages, flyers, and seeking out sponsorship from other chapters and organizations.

'''Marketing'''

At least two people should be responsible for marketing the event. Their job will consist of putting together press releases, keeping the event planners updated on progress, and
communicating progress to the overall community. They will also be responsible for getting the message out when the team is ready to start accepting applicants.

====Budget====
As mentioned above, it is up to your team to decide what it is you wish to do during the event - that will determine the budget.

====Sponsorship====
It is very important to start reaching out to the overall OWASP community and their corporate contacts as potential sponsorship leads. Develop a Sponsorship Strategy and put together a sponsorship flyer outlining the program, what you are seeking, and the benefits of sponsorship. Give incentive for sponsorship and details about the program to get potential sponsors interested. Make sure to include the successes of past Women in AppSec conference events. Once you have your materials and sponsorship packages sorted, you can get started with sponsorship seeking activities. Below you will find an example of the Women in AppSec 2013 sponsorship flyer we sent out to potential sponsors.

[http://appsecusa.org/2013/wp-content/uploads/2013/06/women-in-appsec-sponsorship.pdf Sample of 2013 Sponsorship Flyer]

==During the conference==
Be sure the engage the women attending the conference in the sessions you have organized: encourage them to not only attend but to be active participants. It's not all about the women try and encourage some men to get involved and attend also, for this initiative to be successful it must be inclusive.

==Post-Conference==

After the conference, it is very important to gather feedback from the participants to make sure they enjoyed the experience. Ask them for a brief description about their experience, with a picture attached for the website. Then write up a review and lessons learned page to document the experience with the program. Make sure to include what can be improved upon in the future.

=AppSec USA 2015=
Planning is currently underway for AppSec USA 2015 WIA activities. We are exploring a networking room as well as other activities. Interested in getting involved? [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support].

Keep an eye on this space for more information!

==Bring the InfoSec Girls to AppSec USA 2015==
Join the AppSecUSA 2015 Women in AppSec Program Organizing Committee on the OWASP Women in AppSec Community Group: https://myowasp.force.com. We are planning several activities for the AppSec USA event.

We are especially excited to invite the founders of the InfoSec Girls initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world. 
'''Donate now:''' 

<paypal>Women In AppSec</paypal>

'''About InfoSec Girls''' 
Based in India, [https://infosecgirls.in/ InfoSec Girls] educates women about information security both at the community level and as a career option. Their kickoff event at C0c0n 2014 in Kochi, Kerala attracted 130 women and was the first event of it’s kind in the region.

Founders Apoorva Giri and Shruthi Kamath have spoken extensively on cybersecurity and women’s issues in India. Their efforts to bring awareness of cybersecurity to a wider audience has empowered women and girls to consider security careers as well as protect themselves online. They are also members of OWASP WIA.

At AppSec USA in September, they will inspire and inform your organization’s diversity and education programs, as well as give individual OWASP members ideas on how they can contribute to the application security education effort.

Sponsorship opportunities for commercial organizations and OWASP chapters are also available. Please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information about sponsorship packages.

=PAST WINNERS=
==Previous Women in AppSec Winners==
Following their experience at AppSec, winners are encouraged to write a short piece about their experience at the conference and their participation in the Women in AppSec program. Here, they outline their experience with the Women in AppSec Program in their own words.

==Carrie Schaper, 2013 Winner==
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Carrie Schaper Small.jpg|100px]]
| align="justify" |"OWASP Appsec proved to be a great experience for me, uniting and interacting with friends, professionals, and colleagues from the Information Security space from across the US and Internationally whom were in attendance. The huge space and well organized functions such as the: trainings, expert talks, panels, bug-bounty, lock-picking village and social events all enhanced the conference experience. Participating on the Women in IT panel was a wonderful experience, as many women were in attendance and participated in collaborative discussions. OWASP Appsec held in NY this year, was a premier NY conference not to be missed. Thank you to OWASP, its attendees and organizers."
|}
 

==Nancy Lornston, 2013 Winner==
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Nancy Lorntson Small.jpg|100px]]
| align="justify" |"AppSec 2013 was an awesome experience! Nowhere in the world can you find the top security experts all in one place at one time (and participate in a marriage proposal!). The conference presentations were well organized and the speakers were prepared to share pros, cons, successes and failures of their work in order to advance the application security domain. The variety of vendors was terrific as well.

The Women in AppSec panel was an opportunity to advance women's position in the community. Each speaker shared some very candid remarks about their personal experiences and by the end, it was clear that while more work needs to be done, there is a sincere interest by companies, universities and the industry in general to work on doing the things needed to attract more women to the profession.

The training course I attended (Open source tools) lived up to it's billing and I came away with several invaluable tips and strategies to improve our program.

A huge thank you to the Women in App Sec Panel and OWASP in general for this opportunity to attend the premier Application Security Conference in the world."
|}
 

==Tara Wilson, 2011 Winner==
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Tara wilson.jpg|100px]]
| align="justify" |“Being fortunate enough to receive the Women in AppSec sponsorhsip is a unique and valuable experience. It is a great opportunity for women to have a chance to bolster their skills and dive deep into the world of application security. I found that attending the conference was not only a great way to experience what the OWASP community has to offer, but it also gives students a chance to network with a great group of people who are passionate about their field and willing to share a wealth of information.”
|}
 

==Chandni Bhowmik, 2011 Winner==
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Chandni_bhowmik.jpg|100px]]
| align="justify" |Chandni Bhowmik is currently completing an M.S. in Computer Security and Information Assurance at the Rochester Institute of Technology (RIT). Her first introduction to OWASP was through the project WebScarab during an application security lab last spring at RIT and her interest in OWASP grew ever since. Over the summer, she started programming open source web applications using built-in security features of Django and Python. She is interested in becoming an information security researcher, and hopes to leverage learning at OWASP AppSec USA 2011 in ad-hoc architecture, mobile platforms and over-all concepts of web application security. Besides secure programming, Chandni enjoys her current research involving digital image forensics and machine learning. In addition to attending school, she has interned in IT security and compliance at Paychex, a Rochester based payroll processing company, and gained industrial experience working an assistant systems engineer for Tata Consultancy Services, a global IT firm.
|}
 

=CONTACT=

==Contact Us==

If you are interested in another piece of OWASP design for your event or project, please let us know by using the [http://owasp4.owasp.org/contactus.html OWASP Contact Us form].

<headertabs />

Women In AppSec

2015-07-30T20:59:13Z

Kerryjorichards: /* Previous WiA Activities */

=WELCOME=

<paypal>Women In AppSec</paypal>
==Women in Application Security Program==

The purpose of the Women in AppSec Program is to increase the participation of women in the field of application security. The program was successfully launched in 2011 at AppSec USA, and the aim is to run the program at every OWASP Global AppSec going forward. Most recently, at AppSec EU in Amsterndam in May 2015, a program with the theme "Women in AppSec - Making it Happen" was launched and both a panel and a workshop were included at the event.

The Women in AppSec program is for any OWASP member who believes that diversity is important to the success of the organization, as well as for women looking to learn more about AppSec or who want to make career connections with like-minded colleagues. This includes female undergraduate and graduate students, instructors, and professionals who are dedicated to information security or application development.

'''AppSec USA 2015''' 
Currently, there is an effort to plan activities for AppSec USA 2015. Volunteers are eagerly sought to support the program at AppSec USA! We are especially excited to invite the founders of the InfoSec Girls initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world.

<paypal>Women In AppSec</paypal>

Want to find out more? Join the weekly meeting - reach out via the [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support].

Regional conferences are also encouraged to host the Women in AppSec program. Contact us via the [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support] to discuss how to successfully run a program at your event.

{|
|-
! width="400" align="left" |
! width="400" align="left" |
|-
| align="left" | [[Image:WiAAPAC3.jpg| left|330px]] 
| align="left" | [[Image:IMG_5579.JPG|left|325px]]
| align="left" | [[Image:WiAAPAC2.jpg|left|330px]]

|}

==Contact Us==

If you are interested in another piece of OWASP design for your event or project, please let us know by using the [http://owasp4.owasp.org/contactus.html OWASP Contact Us form].

==Links==
*[https://www.isc2.org/PressReleaseDetails.aspx?id=11240 (ISC)²® Report Reveals Women's Perspective and Skills are Transforming the Information Security Industry October 29, 2013].

*[https://www.youtube.com/watch?v=62i4o15NbgA&list=PLpr-xdpM8wG8ODR2zWs06JkMmlRiLyBXU&index=42 Women in AppSec Panel at AppSec USA 2013: Women in Information Security: Who Are We? Where Are We Going? Why? -- Joan Goodchild (Audio Only)]

=ABOUT THE PROGRAM=
==Women in AppSec==
The OWASP Foundation, in recognition of value to both organizations and society, is working to support and enhance programs that increase the participation of women in the field of information and application security. The OWASP Foundation Women in AppSec Program provides merit-based funding for women to attend participating OWASP AppSec conferences. OWASP’s current program objective is to encourage female students at both the undergraduate and graduate levels, instructors, and professional working women who are dedicated to a career in information security and/or application development, to expand their skills and pursue application security. Interested applicants are encouraged to apply to the program running within their region of residence. 

'''AppSec USA 2015''' 
Join the AppSecUSA 2015 Women in AppSec Program Organizing Committee on the OWASP Women in AppSec Community Group: https://myowasp.force.com. We are planning several activities for the AppSec USA event.

We are especially excited to invite the founders of the InfoSec Girls initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world. 
'''Donate now:''' 
<paypal>Women In AppSec</paypal>

Sponsorship opportunities for commercial organizations and OWASP chapters are also available. Please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information about sponsorship packages.

=Previous WiA Activities=

== AppSec EU 2015 ==
During AppSec EU there was a panel discussion and workshop supported by the Women in AppSec initiative. Through these sessions we hoped to encourage women to pursue a career in AppSec and help them realize it is an option for them. These sessions was be open to all so we can help build support for the women around us. 

'''Panel: "Women in AppSec - Making it Happen"''' 
During this panel session we discussed what can be done to Make it Happen for Women in AppSec going forward. What have those currently working in the field done to Make it Happen for themselves and other women; what tips and advice do they have to help you do to make a career for yourself or encourage those around you (sister, friend, daughter, etc…) to pursue a career in AppSec? What can we as professionals can do to help encourage girls to go for a career in AppSec?

'''Workshop''' 
During the workshop we introduced female attendees of the conference to what a career in App Sec can involve. We discussed application security and the many career paths available. We hope to build relationships that may lead to a mentoring program for these women.

==WIA Attendee Sponsorship==

In the past, when we have offered sponsorships, we have typically had two winners selected for the sponsorship award; however, the number of winners depends on how much you can afford to sponsor. We recommend that you raise $3000 USD for each winner, at least. In the past, we have given each winner a free conference pass, one free training, and free travel and accommodation to attend the event.
[[Image:IMG_5746.JPG|right|500x260px]]
Below is the list of eligibility criteria used to select WIA sponsorship winners at AppSec USA 2013.

* Has provided 2 responsive contacts as reference, and both references are familiar with the candidate, application security, and OWASP.
* Both references have provided letters of recommendation.
* Has relevant/appropriate achievement goals for attending the conference.
* Is the applicant from the region that the conference is taking place in.
* Has background in volunteering for OWASP or similar organizations.
* Has participated in one of OWASP's programs or activities?
* Is either studying, wishing to study, working in AppSec, or interested in working in AppSec.
* Has financial need.
* Is a paid OWASP member, and/or employer/school is an OWASP sponsor.
* Has an interest in exploring application security

We encourage you to create your own set of criteria that will fit the Women In AppSec that you are planning within your region. The criteria above is meant to be a guideline of what has been used in the past.



=PLANNING=
==Planning a WIA Event==

The majority of the planning involved in running the Women in AppSec Program occurs before the conference or regional event. Below, you will find a brief outline of the tasks your team will have to take on.

====Planning & Selection Team====

The first step you will need to take care of is the selection of your planning and selection team. These are the individuals that will be helping you manage the pre-event planning process and the selection of the sessions during the event. You will typically need a team of 5-6 people. The selection committee will then be broken down into several sub-teams of one to two people who will then work on sponsorship, marketing, the grading process, and the call for entries.

==== Sub-Team Roles ====

'''Sponsorship'''

Two people should be responsible for developing the materials and seeking out sponsorships for the program. They will be in charge of creating the sponsorship packages, flyers, and seeking out sponsorship from other chapters and organizations.

'''Marketing'''

At least two people should be responsible for marketing the event. Their job will consist of putting together press releases, keeping the event planners updated on progress, and
communicating progress to the overall community. They will also be responsible for getting the message out when the team is ready to start accepting applicants.

====Budget====
As mentioned above, it is up to your team to decide what it is you wish to do during the event - that will determine the budget.

====Sponsorship====
It is very important to start reaching out to the overall OWASP community and their corporate contacts as potential sponsorship leads. Develop a Sponsorship Strategy and put together a sponsorship flyer outlining the program, what you are seeking, and the benefits of sponsorship. Give incentive for sponsorship and details about the program to get potential sponsors interested. Make sure to include the successes of past Women in AppSec conference events. Once you have your materials and sponsorship packages sorted, you can get started with sponsorship seeking activities. Below you will find an example of the Women in AppSec 2013 sponsorship flyer we sent out to potential sponsors.

[http://appsecusa.org/2013/wp-content/uploads/2013/06/women-in-appsec-sponsorship.pdf Sample of 2013 Sponsorship Flyer]

==During the conference==
Be sure the engage the women attending the conference in the sessions you have organized: encourage them to not only attend but to be active participants. It's not all about the women try and encourage some men to get involved and attend also, for this initiative to be successful it must be inclusive.

==Post-Conference==

After the conference, it is very important to gather feedback from the participants to make sure they enjoyed the experience. Ask them for a brief description about their experience, with a picture attached for the website. Then write up a review and lessons learned page to document the experience with the program. Make sure to include what can be improved upon in the future.

=AppSec USA 2015=
Planning is currently underway for AppSec USA 2015 WIA activities. We are exploring a networking room as well as other activities. Interested in getting involved? [http://www.tfaforms.com/308703 Contact Form] or [mailto:support@owasp.org OWASP Support].

Keep an eye on this space for more information!

==Bring the InfoSec Girls to AppSec USA 2015==
Join the AppSecUSA 2015 Women in AppSec Program Organizing Committee on the OWASP Women in AppSec Community Group: https://myowasp.force.com. We are planning several activities for the AppSec USA event.

We are especially excited to invite the founders of the InfoSec Girls initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world. 
'''Donate now:''' 

<paypal>Women In AppSec</paypal>

'''About InfoSec Girls''' 
Based in India, [https://infosecgirls.in/ InfoSec Girls] educates women about information security both at the community level and as a career option. Their kickoff event at C0c0n 2014 in Kochi, Kerala attracted 130 women and was the first event of it’s kind in the region.

Founders Apoorva Giri and Shruthi Kamath have spoken extensively on cybersecurity and women’s issues in India. Their efforts to bring awareness of cybersecurity to a wider audience has empowered women and girls to consider security careers as well as protect themselves online. They are also members of OWASP WIA.

At AppSec USA in September, they will inspire and inform your organization’s diversity and education programs, as well as give individual OWASP members ideas on how they can contribute to the application security education effort.

Sponsorship opportunities for commercial organizations and OWASP chapters are also available. Please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information about sponsorship packages.

=PAST WINNERS=
==Previous Women in AppSec Winners==
Following their experience at AppSec, winners are encouraged to write a short piece about their experience at the conference and their participation in the Women in AppSec program. Here, they outline their experience with the Women in AppSec Program in their own words.

==Carrie Schaper, 2013 Winner==
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Carrie Schaper Small.jpg|100px]]
| align="justify" |"OWASP Appsec proved to be a great experience for me, uniting and interacting with friends, professionals, and colleagues from the Information Security space from across the US and Internationally whom were in attendance. The huge space and well organized functions such as the: trainings, expert talks, panels, bug-bounty, lock-picking village and social events all enhanced the conference experience. Participating on the Women in IT panel was a wonderful experience, as many women were in attendance and participated in collaborative discussions. OWASP Appsec held in NY this year, was a premier NY conference not to be missed. Thank you to OWASP, its attendees and organizers."
|}
 

==Nancy Lornston, 2013 Winner==
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Nancy Lorntson Small.jpg|100px]]
| align="justify" |"AppSec 2013 was an awesome experience! Nowhere in the world can you find the top security experts all in one place at one time (and participate in a marriage proposal!). The conference presentations were well organized and the speakers were prepared to share pros, cons, successes and failures of their work in order to advance the application security domain. The variety of vendors was terrific as well.

The Women in AppSec panel was an opportunity to advance women's position in the community. Each speaker shared some very candid remarks about their personal experiences and by the end, it was clear that while more work needs to be done, there is a sincere interest by companies, universities and the industry in general to work on doing the things needed to attract more women to the profession.

The training course I attended (Open source tools) lived up to it's billing and I came away with several invaluable tips and strategies to improve our program.

A huge thank you to the Women in App Sec Panel and OWASP in general for this opportunity to attend the premier Application Security Conference in the world."
|}
 

==Tara Wilson, 2011 Winner==
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Tara wilson.jpg|100px]]
| align="justify" |“Being fortunate enough to receive the Women in AppSec sponsorhsip is a unique and valuable experience. It is a great opportunity for women to have a chance to bolster their skills and dive deep into the world of application security. I found that attending the conference was not only a great way to experience what the OWASP community has to offer, but it also gives students a chance to network with a great group of people who are passionate about their field and willing to share a wealth of information.”
|}
 

==Chandni Bhowmik, 2011 Winner==
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Chandni_bhowmik.jpg|100px]]
| align="justify" |Chandni Bhowmik is currently completing an M.S. in Computer Security and Information Assurance at the Rochester Institute of Technology (RIT). Her first introduction to OWASP was through the project WebScarab during an application security lab last spring at RIT and her interest in OWASP grew ever since. Over the summer, she started programming open source web applications using built-in security features of Django and Python. She is interested in becoming an information security researcher, and hopes to leverage learning at OWASP AppSec USA 2011 in ad-hoc architecture, mobile platforms and over-all concepts of web application security. Besides secure programming, Chandni enjoys her current research involving digital image forensics and machine learning. In addition to attending school, she has interned in IT security and compliance at Paychex, a Rochester based payroll processing company, and gained industrial experience working an assistant systems engineer for Tata Consultancy Services, a global IT firm.
|}
 

=CONTACT=

==Contact Us==

If you are interested in another piece of OWASP design for your event or project, please let us know by using the [http://owasp4.owasp.org/contactus.html OWASP Contact Us form].

<headertabs />