https://wiki.owasp.org/api.php?action=feedcontributions&feedformat=atom&user=Neill+GernonOWASP - User contributions [en]2026-05-28T12:57:10ZUser contributionsMediaWiki 1.27.2https://wiki.owasp.org/index.php?title=Global_Initiatives/Cyber_Security_Startup_Initiative&diff=185002Global Initiatives/Cyber Security Startup Initiative2014-11-09T14:31:31Z<p>Neill Gernon: /* News and updates */</p>
<hr />
<div>=Main=<br />
<br />
<div style="width:100%;height:160px;border:0,margin:0;overflow: hidden;">[[File:Initiatives_banner_large.jpg|link=]]</div><br />
<br />
{| style="padding: 0;margin:0;margin-top:10px;text-align:left;" |-<br />
| valign="top" style="border-right: 1px dotted gray;padding-right:25px;" |<br />
<br />
==OWASP Cyber Security Startup Initiative==<br />
<br />
The aim of the OWASP Cyber Security Startup Initiative (CSSI) is to catalyse opportunities for innovation in application security by promoting the creation of prototypes of open source tools produced by entrepreneur-lead teams seeking to form cyber-security start-ups. OWASP will be piloting this initiative by running the cyber security incubator with sponsors. The ideal sponsors of this initiative are academic institutions, government entities and corporate sponsors/private investors. OWASP will manage the initiative end to end: from the initial planning and documentation of the cyber-security start-up process to the running and the piloting the initiative to the final documentation of the process and incorporation of the lessons learned. OWASP will be managing the logistical aspects of the program and OWASP leaders will mentor prospective cyber-security start-ups teams in the creation of the prototypes using free open source tools and APIs. OWASP will work together with the sponsors of this initiative by preparing the prospective cyber-security start-up(s) to seek funding by investor(s) at a later acceleration stage of the creation of the start-up.<br />
<br />
==Initiative Goals==<br />
<br />
The main goal of the pre-accelerator is to create opportunities for prospective entrepreneur-lead teams to transform ideas into open source community-validated concepts. The pursuit of innovative ideas can lead to the development of prototypes and (PoCs) Proof of Concept(s). Prospective start-ups can leverage no-cost OWASP resources that includes open source tools, documents/guides and training modules. The OWASP security incubator will offer to the selected entrepreneur-lead teams a structured place to work to experiment with the creation of working prototypes. The program, the workplace and the funding for the creation of the prototypes will be funded by OWASP corporate sponsorship(s). The initiative manuals and the prototypes developed by the start-ups will be released as open source to the application security community. The validation of the ideas with proof of concepts will help the start-up to participate to the next phase that is the cyber-security start-up acceleration program. The experience gained will help prospective start-ups to develop a Minimum Viable Product (MVP) and seek funding from prospective investors for further development.<br />
<br />
==Initiative Focus ==<br />
<br />
This initiative will focus on the pre-incubator/pre-acceleration phase that is the preliminary phase that leads to the incubation of a possible start-up. This is the phase where talent is nurtured and ideas are developed, concepts are validated and prototypes are tested. The goal of the pre-acceleration phase is to create Proof of Concepts (PoCs) of prototypes of application security products. This phase leads to the next phase that is the acceleration phase. Entrepreneur-lead teams participating to the OWASP pre-acceleration program can possibly use these POCs/prototypes to develop Minimum Viable Product (MVPs) in the acceleration stage. These MVPs might be used to present to Angel investors/VCs to seek funding for the creation of their start-ups using these products.<br />
<br />
==Beneficiaries of this Initiative==<br />
<br />
The OWASP pre-incubator security start-up initiative helps the collaborative effort of academic institutions, government entities as well as corporate sponsors in the creation their cyber-security innovation campus/acceleration programs for cyber-security start-ups. The role of OWASP in this initiative is to provide the tools, the training modules, the documentation guides that help start-ups teams selected to participate into the pre-acceleation program to design, implement and test secure software. The ideal candidates for the participation to this initiative are teams of young graduates from universities with curriculum in cyber-security that are interested in experimenting with application security tools and create innovative ways to test and to develop secure software. By spearheading the creation of cyber-security pre-acceleator programs OWASP will also create the opportunity for these teams of young college graduates to experiment with software security concepts, develop working prototypes of secure software. The experience gained by participating to the program will help young graduates to seek a career in software security as well as to become self-employed in a new cyber-security start-up that can leverage OWASP tools and prototypes developed (e.g. by using them in the start-up software security consulting services). The experience gained will help start-ups to develop their business plans and MVPs. These business plans and MVPs could be presented to prospective investors for funding. By participating to this initiative, prospective start-ups will be better positioned to move up to the next phase and seek funds such as seed capital investment from prospective investors/VCs/Angels. <br />
<br />
==Initiative Participation Requirements==<br />
<br />
Participants to the OWASP pre-acceleration security start-up program are required to respect the open source licenses for the use of OWASP tools and for the prototypes/PoCs being developed. OWASP prototypes/PoCs should be released as open source and subjected to the Creative Commons 3.0 License (see [https://www.owasp.org/index.php/OWASP_Licenses OWASP licenses] for details). <br />
<br />
==The role of OWASP in this Initiative==<br />
<br />
OWASP will provide funding for running of the initiative using OWASP corporate sponsorship. The funding will be used to run the initiative and to manage the logistical aspects of the program that includes providing office space for prospective start-up teams, conduct the "hackatons" to experiment with OWASP tools and resources and organize training sessions with application security mentors. The artefacts produced by the start-ups will also funded by the initiative: these will be released as open source at the end of the program. Part of the funding will be also allocated for documenting the process such as creation of guidelines for managing the pre-accelerator for security start-ups. The lessons learned by running the pre-accelerator program will be documented and distributed to the various sponsors of the initiative (e.g. academic institutions, corporate sponsors, government institutions) as well as released as free resource to be used by the application security community as a whole.<br />
<br />
Since OWASP is a non for profit organisation is not involved in any commercialisation aspects of the tools and products/MVPs that will be developed in the future by the start-ups that participated to the pre-acceleration program. OWASP will be only involved in running the start-up incubator program and in the funding of OWASP open source projects created by the start-ups that participate to this initiative. OWASP will not invest into the start-ups and will not take any commercial interests in the development of products that the start-up will develop outside this program. This includes also products/MVPs that are used to seek funds such as seed capital for the start-up.<br />
<br />
The OWASP organization, through the global foundation and his local chapters and the leaders of this initiative will ONLY run and manage the security start-up pre-accelerator program and fund the development of prototypes/PoCs that will be released as open source. OWASP will provide in-person mentoring in application security to the start-up teams participating to the program and mentoring to help teams to take their ideas into working prototypes/tools. OWASP will also collect data while running this program that will be useful for the documentation of the program manuals as lesson learnt. A the end of the pre-incubation phase, OWASP mentors will also teach the start-ups on how to create business plans and will advise in the technical aspects related to the proposal of new products and services. <br />
<br />
==Initiative Collaboration Effort==<br />
<br />
OWASP will be managing and run this initiative in collaboration with the sponsors. The likely sponsor(s) of this initiative are academic institutions that already have cyber-security curriculum and graduate programs in cyber-security as well as government organisations, corporate sponsors that would like to partner with academic institutions for the creation of cyber-security incubators for start-ups. Examples of these academic-government-private partnerships are the [http://cyber.bgu.ac.il/research Cyber Labs incubator in Israel], the [https://www.mach37.com Cyber-security start-up accelerators in VA USA] the [http://www.bwtechumbc.com/cyber/ Cyber Incubator@bwtech in MD USA] and the [http://cyberhivesandiego.org/about/about-cyberhive/ CyberHive in CA-USA San Diego]<br />
<br />
==Participation and Sponsorship Appeal==<br />
<br />
Corporate sponsors, academic institutions and government organisations interested in participating in the OWASP cyber-security pre-acceleration initiative can contact the initiative leaders (ref to the leaders info of this page) as well as [https://www.owasp.org/index.php/About_OWASP OWASP foundation board] directly. OWASP has different corporate sponsorship options available and all provide benefits. More information on OWASP corporate sponsorship can be found [https://www.owasp.org/index.php/Corporate_Membership here]<br />
<br />
If you are interested to directly contribute to the Cyber Security Pre Startup Accelerator Initiative please fill in the following [https://docs.google.com/forms/d/1hg3xqM3fHKDda0WshTEC7UTzK4nwcr1j6H79mHXSBoQ/viewform sponsorship form]<br />
<br />
==References==<br />
<br />
Ron Moritz, CISSP Managing Director, MTC OWASP:, 1 October 2013, [https://www.owasp.org/images/4/4d/OWASP_IL_2013_10_OWASP_Ron_Moritz_Why_Are_Investors_Excited_About_Cyber_Security_Startups.pdf Why Investors are excited about cyber-security start-ups, again?]<br />
<br />
Trusted Software Alliance, May 26, 2014, Security start-ups with Michael Coates [http://trustedsoftwarealliance.com/category/tswa-news-network/security-start-ups/ podcast]<br />
<br />
Financial Times: Investors flock to [http://www.ft.com/intl/cms/s/0/f5c87808-a883-11e3-b50f-00144feab7de.html#axzz32vM8YvW6/ Cyber Security Startups]<br />
<br />
| valign="top" style="padding-left:25px;width:200px;border-right: 1px dotted gray;padding-right:25px;" |<br />
<br />
== Presentation Materials ==<br />
<br />
[https://www.owasp.org/images/4/42/OWASP_Security_Pre-Accelerator_Initiative.pdf OWASP Start-up initiative proposal documentation]<br />
<br />
[https://www.owasp.org/images/9/9b/OWASP_Security_Incubator_Presentation.pdf Atrovate proposal to OWASP presentation deck]<br />
<br />
[https://docs.google.com/presentation/d/1gktnLLffegbiqiMTAFLUM7GXXANg7zGbMDaP5ZiJE-A/edit#slide=id.g18bc0eac1_05 Sponsor Presentation - Updated]<br />
<br />
''Note: this initiative proposal is released to OWASP for the purpose of seeking OWASP corporate funding only and should considered propriety of the authors and OWASP. This material cannot distributed and used for commercial purposes and without consent of the authors''<br />
<br />
== Initiative Events ==<br />
<br />
We host a roundtable event on this initiative at the [https://2014.appsec.eu/ AppSec Europe conference] in Cambridge on the 24th June. Attendees can join in person or online. Please signup on the [http://attending.io/events/appseceu Event Page]<br />
<br />
== Initiative Leader(s) ==<br />
<br />
[https://www.owasp.org/index.php/User:Neill_Gernon Neill Gernon]<br />
[https://www.owasp.org/index.php/Marco_Morana Marco Morana]<br />
<br />
<br />
== Mailing List ==<br />
<br />
* [https://lists.owasp.org/mailman/listinfo/owasp_cyber_security_pre-accelerator_initiative Mailing List]<br />
<br />
|}<br />
<br />
= News and updates =<br />
<br />
'''Starting point/To date'''<br />
Neill Gernon and Marco Morana have worked up to this point on:<br />
-Startup community engagement> Meetings with London startup hubs including Level39 (Europes largest accelerator space), IDEALondon and universitys like Kings University where Marco spoke about the programme with thier security leaders. Also had meetings inside Google Campus London, Tech Hub and Central Working.<br />
-Programme planning> Designing the programme which has taken inspiration from lean prototyping workshops that Neill Gernon runs in London and Dublin startup clusters. Planning stages also included engaging with owasp staff including Samantha Groves, Kelly Santalucia and GK Southwick to conclude that this should be submitted and structured as an initiative.<br />
-Coordinating owasp meetings: Meetings with owasp chapter leaders including Tobias Gondrom, Justin Clarke and Marco Morana.<br />
<br />
'''Thursday, 24th April - Meeting.'''<br />
Meeting (conference call) between Neill Gernon & Marco Morana concluded the following:<br />
-Speakers/Mentors> <br />
(a) Will will be looking to confirm speakers for the first kick off event (mid May). At this kick off event Neill Gernon & Marco Morana will talk on the programme format and the benifits to participants - this is an overview of the programme and a chance for all interested to come together and connect pre- initiative launch. Also to answer any questions attendees have before beginning. <br />
(b) Will be looking to confirm mentors for the pre-accelerator programme. These mentors will commit to specific calander dates to give team advisory, product validation, people mentorship and guidance through out the initiative.<br />
-Calander> Now we have a chosen starting point (kick off event by the 22nd May in London), we will be outlining the calander timeline of events, workshops and hackathon dates/times. *This initiative schedule will be updated to the wiki soon*<br />
-Sponsor details: Waiting to get confirmation from sponsors on how they wish to support initiative and owasp<br />
-How to continuously update the wiki for future updates and initiative news.<br />
<br />
Kick off event date, sponsor details, speakers and mentor confirmation will be following this meeting.<br />
<br />
<br />
'''Friday 9th May - Update on sponsor signup'''<br />
Created a quick "google form" along with a new presentation to get sponsors signed up to the initiative. Confirmation of dates and venue pending and subject to sponsor commitment due to venue expenses. <br />
Potential sponsors have been two options: <br />
1. join owasp membership and a % goes toward the initiative<br />
2. sponsor initiative direct<br />
Google form found [here> https://docs.google.com/forms/d/1hg3xqM3fHKDda0WshTEC7UTzK4nwcr1j6H79mHXSBoQ/viewform .]<br />
<br />
Additional updates> <br />
1. Wednesday meeting with Marco Moran confirmed to discuss initiative progress, venue, dates and sponsor confirmation.<br />
2. Monday - Meeting with IDEALondon to discuss venue and initiative start dates<br />
3. Monday - Meeting with a London university to propose initiative sponsorship<br />
<br />
<br />
''''Friday 23rd May - Update on sponsor/meeting progress''''<br />
Coordinating venue, sponsor and dates has taking longer than expected but continuing to progress with target engagements.<br />
Continued email discussions with Neill Gernon and Marco Morana on the progress of initiative to this date.<br />
<br />
'''Academic Sponsors/meeting.'''<br />
'''Securing dates to meet with UCL'''<br />
Meeting with researchers from the Research Institute in Science of Cybersecurity [http://www.ucl.ac.uk/cybersecurity] for the week of the 2nd of June. Meeting will be Neill Gernon and Marco Morana presenting initiative to Professor M. Angela Sasse [http://sec.cs.ucl.ac.uk/people/m_angela_sasse/] and to Professor David Pym [http://www0.cs.ucl.ac.uk/people/D.Pym.html] as well as other additional professors from the Institute. The goal is to present the initiative as potential r&d research for UCL and as a career route for UCL students to create cyber security startups to drive cyber security innovation. <br />
<br />
<br />
'''Progress with Kings University'''<br />
Marco Morana will also be engaging with contacts at Kings University London to arrange meeting to present the initiative for the university/students.<br />
<br />
<br />
'''Securing dates to meet with Royal Holloway'''<br />
Currently coordinating meetings with Royal Holloway with Lorenzo Cavallaro (through Marco Morana) and also to Justin O'Brian (through Samantha Groves) to help us present the initiative to Royal Holloway as an initiative that their students can participate in. <br />
<br />
<br />
'''Confirming a round table session at AppSec UK.'''<br />
We are currently confirming a roundtable session to be held at AppSec UK [https://2014.appsec.eu/] in Cambridge to present the initiative to owasp members/sponsors - both academic/corporate. Coordinating this roundtable session with Samantha Groves, Adrian Winckles and Tobias Gondrom which will be held at the AppSec Project Summitt [https://www.owasp.org/index.php/OWASP_Project_Summit_2014/Home] and presented by Neill Gernon on June 23rd/24th at Angelia Ruskin University Cambridge.<br />
<br />
<br />
'''Update: Tuesday 27th May'''<br />
<br />
Meeting with Justin O'Brian (MBA Director & entrepreneurship at Royal Holloway) went well and he is recommending our initiative to professors leading the computer science, info security and IT institutes.<br />
<br />
<br />
'''Update: Monday 2nd June'''<br />
<br />
Meeting confirmed for 20th June to present initiative with UCL professors Angela Sasse, David Pym and team at the Research institute in the Science of Cyber Security at UCL.<br />
<br />
Roundtable event confirmed. Neill Gernon will be presenting (joined by Marco Morana via Call) a roundtable talk at AppSecEU in Cambridge on the 24th June 2pm-6pm. Attendees will be able to join in person or attend online and all will be asked to [http://attending.io/events/appseceu register on our event page] We aim to inform the appsec community of our initiative and gain advocates, help and initiative sponsors.<br />
<br />
<br />
'''Update: Tuesday 10th June'''<br />
<br />
Conference call meeting led by Samantha Groves on the project summit at Cambridge, this is where we host our roundtable event presenting the cyber startup initiative. Logistics and setup discussed including live web call for those unable to attend. All preparation ahead of the live event on the 24th June.<br />
<br />
<br />
'''Update: Meeting at UCL Cyber Institute'''<br />
Meeting at UCL with their Cyber Security research institute which included> Angela Sasse, David Pym (Dialed in), George Danezis, Simon Parkin. Presented the initiative to UCL as a potential sponsor, they like it and would like to commit resources (mentors, facilitates and students/researchers) to the programme to create cyber startups and will inspect a separate department to see if it can be financially sponsored as they dont think there budget can be . Follow up meeting to conclude exactly how they will participate is to be confirmed. 2nd meeting is awaiting confirmation. <br />
<br />
<br />
'''Update: AppSec EU in Cambridge. Initiative presentation'''<br />
Neill Gernon presented the initiative to a small gathering at the project summit in AppSec Cambridge. It was an engaging session that seemed to benefit both the initiative leaders (Neill & Marco) and also the attending crowd. We discussed the overall programme and where it leads to, where it can be adopted in various university/startup hubs like cambridge, London etc. We we please to hear that both '''Anglia Ruskin University''' and '''Royal Holloway University London''' who had both attended the session were interested in the programme. We will be continuing discussions with them on how it could be adopted inside a university to leverage students to build cyber startups. Follow on meetings will be confirmed and updated. <br />
<br />
<br />
'''Additional AppSec news'''<br />
The response from attendees, facilitators, sponsors regarding the initiative was very positive and I myself (neill) was very surprised how many people wanted to get involved - whether at idea/prototype or early product stage. <br />
<br />
<br />
'''New presentation'''<br />
We have updated the presentation with clear opening slides which should clearly articulate and present the initiatives focus and purpose to both and community and potential sponsors.<br />
<br />
<br />
'''Follow up meetings'''<br />
Neill and Marco will be discussing the initiative and its next steps with partnering university's like, UCL,Kings University, Royal Holloway and Anglia Ruskin University. Meetings/conference calls will take place over the coming couple of weeks with the same target outcome - we are looking for sponsor support for this first stage of the initiative.<br />
<br />
<br />
<br />
'''RE-Framing this Inititaive'''<br />
To make this more engaging, appealing and to initially create more buzz, we have re-framed this initiative as "cyber security startup week" - A week long series of events and workshops with an end of week hackathon. This will still bring together the startup, academic and corporate communitys focused on innovation within cyber security.<br />
Note: *The key elements essential for a pre-accelerator are still there, our goal is still to create teams that will develope POC/MVP open source prototypes*.<br />
<br />
<br />
<br />
'''CONFIRMED: Date/Venue/Sponsor'''<br />
Sponsor - Pleased to announce that Sonatype have been confirmed as a sponsor for this program.<br />
Date - The week of the 26th of December has been confirmed to run this program. Dates: 26th/27th/28th/29th/30th of Dec 2015.ave <br />
Venues - Both IDEALondon and Google Campus have been confirmed to host this program. Workshops and events will take place at IDEALondon and the end of week hackathon takes place at Google Campus. <br />
<br />
<br />
'''Next News'''<br />
09/11/14 - Next news is due to be the launch of the website, confirmation of panel speakers and workshop hosts and promotion of the program to the academic, startup and corporate community's.<br />
<br />
= Milestones =<br />
<br />
'''Milestones and Goals'''<br />
<br />
The OWASP pre-incubator security start-up project includes the following milestones;<br />
<br />
1) OWASP Security start-up pre-incubator process guide that document the process the WHAT that is a guide that can be followed by a non-profit entity such as OWASP, University, and Government Agency to run a security start-up pre-incubator program. We will document all steps of the process that can be followed to create pre seed funding security start-ups which can be replicated by following this program including<br />
the different stages that lead from opportunity to idea concept to creation of the open source prototype to the start-ups itself. The guide provide guidance on the goals of the various activities such as events, prototyping workshops and hackathons (e.g. goal is to experiment with OWASP open source tools, templates for the development of working prototypes) create and sign legal contract agreements, creation and validation of PoCs Proof of Concepts.<br />
<br />
2) OWASP Security start-up pre-incubator process manual that teaches the HOW that is how to engage with the start-up community locally (start), organize events, workshops, hackathons, mentoring and prepare business plans for participation to security incubators start-ups (end);<br />
<br />
3) OWASP Security start-up pre-incubator wiki site to manage the steps of the startup security pre accelerator process and document the proof of concept prototypes that can go on to be fully incubated start-ups; This wiki site will be created as OWASP pre-accelerator web site and will help it to be taken forward and used by OWASP chapters in different areas/countries.<br />
<br />
4) Documented results of piloting with a start-up pre-incubator real case that includes using the process guide the manual the wiki site to run a real case of pre-incubator program by running it at one of the established start up campuses in London pending on availability and agreements.<br />
<br />
5) OWASP open source working software prototype/PoCof an open source application security software/technology. This prototype/PoC is produced by following theseveral steps of the pre-accelerator security incubator program and is produced by the initiative participants as residents in the pre-accelerator working space and validated by the open source community. The scope of the prototype is to validate a proof of concept of a new idea that makes either web or mobile applications more secure. This prototype is released as open source to the community.<br />
<br />
=How to Get involved=<br />
<br />
Signup to our mailing list, updates coming soon!<br />
Mail list> https://lists.owasp.org/mailman/listinfo/owasp_cyber_security_pre-accelerator_initiative <br />
<br />
__NOTOC__ <headertabs /> <br />
<br />
[[Category:OWASP Global_Initiatives]] <br />
<br />
<br />
<br />
<br />
<br />
<br />
<headertabs/> <br />
__NOTOC__</div>Neill Gernonhttps://wiki.owasp.org/index.php?title=Global_Initiatives/Cyber_Security_Startup_Initiative&diff=185001Global Initiatives/Cyber Security Startup Initiative2014-11-09T14:30:31Z<p>Neill Gernon: /* News and updates */</p>
<hr />
<div>=Main=<br />
<br />
<div style="width:100%;height:160px;border:0,margin:0;overflow: hidden;">[[File:Initiatives_banner_large.jpg|link=]]</div><br />
<br />
{| style="padding: 0;margin:0;margin-top:10px;text-align:left;" |-<br />
| valign="top" style="border-right: 1px dotted gray;padding-right:25px;" |<br />
<br />
==OWASP Cyber Security Startup Initiative==<br />
<br />
The aim of the OWASP Cyber Security Startup Initiative (CSSI) is to catalyse opportunities for innovation in application security by promoting the creation of prototypes of open source tools produced by entrepreneur-lead teams seeking to form cyber-security start-ups. OWASP will be piloting this initiative by running the cyber security incubator with sponsors. The ideal sponsors of this initiative are academic institutions, government entities and corporate sponsors/private investors. OWASP will manage the initiative end to end: from the initial planning and documentation of the cyber-security start-up process to the running and the piloting the initiative to the final documentation of the process and incorporation of the lessons learned. OWASP will be managing the logistical aspects of the program and OWASP leaders will mentor prospective cyber-security start-ups teams in the creation of the prototypes using free open source tools and APIs. OWASP will work together with the sponsors of this initiative by preparing the prospective cyber-security start-up(s) to seek funding by investor(s) at a later acceleration stage of the creation of the start-up.<br />
<br />
==Initiative Goals==<br />
<br />
The main goal of the pre-accelerator is to create opportunities for prospective entrepreneur-lead teams to transform ideas into open source community-validated concepts. The pursuit of innovative ideas can lead to the development of prototypes and (PoCs) Proof of Concept(s). Prospective start-ups can leverage no-cost OWASP resources that includes open source tools, documents/guides and training modules. The OWASP security incubator will offer to the selected entrepreneur-lead teams a structured place to work to experiment with the creation of working prototypes. The program, the workplace and the funding for the creation of the prototypes will be funded by OWASP corporate sponsorship(s). The initiative manuals and the prototypes developed by the start-ups will be released as open source to the application security community. The validation of the ideas with proof of concepts will help the start-up to participate to the next phase that is the cyber-security start-up acceleration program. The experience gained will help prospective start-ups to develop a Minimum Viable Product (MVP) and seek funding from prospective investors for further development.<br />
<br />
==Initiative Focus ==<br />
<br />
This initiative will focus on the pre-incubator/pre-acceleration phase that is the preliminary phase that leads to the incubation of a possible start-up. This is the phase where talent is nurtured and ideas are developed, concepts are validated and prototypes are tested. The goal of the pre-acceleration phase is to create Proof of Concepts (PoCs) of prototypes of application security products. This phase leads to the next phase that is the acceleration phase. Entrepreneur-lead teams participating to the OWASP pre-acceleration program can possibly use these POCs/prototypes to develop Minimum Viable Product (MVPs) in the acceleration stage. These MVPs might be used to present to Angel investors/VCs to seek funding for the creation of their start-ups using these products.<br />
<br />
==Beneficiaries of this Initiative==<br />
<br />
The OWASP pre-incubator security start-up initiative helps the collaborative effort of academic institutions, government entities as well as corporate sponsors in the creation their cyber-security innovation campus/acceleration programs for cyber-security start-ups. The role of OWASP in this initiative is to provide the tools, the training modules, the documentation guides that help start-ups teams selected to participate into the pre-acceleation program to design, implement and test secure software. The ideal candidates for the participation to this initiative are teams of young graduates from universities with curriculum in cyber-security that are interested in experimenting with application security tools and create innovative ways to test and to develop secure software. By spearheading the creation of cyber-security pre-acceleator programs OWASP will also create the opportunity for these teams of young college graduates to experiment with software security concepts, develop working prototypes of secure software. The experience gained by participating to the program will help young graduates to seek a career in software security as well as to become self-employed in a new cyber-security start-up that can leverage OWASP tools and prototypes developed (e.g. by using them in the start-up software security consulting services). The experience gained will help start-ups to develop their business plans and MVPs. These business plans and MVPs could be presented to prospective investors for funding. By participating to this initiative, prospective start-ups will be better positioned to move up to the next phase and seek funds such as seed capital investment from prospective investors/VCs/Angels. <br />
<br />
==Initiative Participation Requirements==<br />
<br />
Participants to the OWASP pre-acceleration security start-up program are required to respect the open source licenses for the use of OWASP tools and for the prototypes/PoCs being developed. OWASP prototypes/PoCs should be released as open source and subjected to the Creative Commons 3.0 License (see [https://www.owasp.org/index.php/OWASP_Licenses OWASP licenses] for details). <br />
<br />
==The role of OWASP in this Initiative==<br />
<br />
OWASP will provide funding for running of the initiative using OWASP corporate sponsorship. The funding will be used to run the initiative and to manage the logistical aspects of the program that includes providing office space for prospective start-up teams, conduct the "hackatons" to experiment with OWASP tools and resources and organize training sessions with application security mentors. The artefacts produced by the start-ups will also funded by the initiative: these will be released as open source at the end of the program. Part of the funding will be also allocated for documenting the process such as creation of guidelines for managing the pre-accelerator for security start-ups. The lessons learned by running the pre-accelerator program will be documented and distributed to the various sponsors of the initiative (e.g. academic institutions, corporate sponsors, government institutions) as well as released as free resource to be used by the application security community as a whole.<br />
<br />
Since OWASP is a non for profit organisation is not involved in any commercialisation aspects of the tools and products/MVPs that will be developed in the future by the start-ups that participated to the pre-acceleration program. OWASP will be only involved in running the start-up incubator program and in the funding of OWASP open source projects created by the start-ups that participate to this initiative. OWASP will not invest into the start-ups and will not take any commercial interests in the development of products that the start-up will develop outside this program. This includes also products/MVPs that are used to seek funds such as seed capital for the start-up.<br />
<br />
The OWASP organization, through the global foundation and his local chapters and the leaders of this initiative will ONLY run and manage the security start-up pre-accelerator program and fund the development of prototypes/PoCs that will be released as open source. OWASP will provide in-person mentoring in application security to the start-up teams participating to the program and mentoring to help teams to take their ideas into working prototypes/tools. OWASP will also collect data while running this program that will be useful for the documentation of the program manuals as lesson learnt. A the end of the pre-incubation phase, OWASP mentors will also teach the start-ups on how to create business plans and will advise in the technical aspects related to the proposal of new products and services. <br />
<br />
==Initiative Collaboration Effort==<br />
<br />
OWASP will be managing and run this initiative in collaboration with the sponsors. The likely sponsor(s) of this initiative are academic institutions that already have cyber-security curriculum and graduate programs in cyber-security as well as government organisations, corporate sponsors that would like to partner with academic institutions for the creation of cyber-security incubators for start-ups. Examples of these academic-government-private partnerships are the [http://cyber.bgu.ac.il/research Cyber Labs incubator in Israel], the [https://www.mach37.com Cyber-security start-up accelerators in VA USA] the [http://www.bwtechumbc.com/cyber/ Cyber Incubator@bwtech in MD USA] and the [http://cyberhivesandiego.org/about/about-cyberhive/ CyberHive in CA-USA San Diego]<br />
<br />
==Participation and Sponsorship Appeal==<br />
<br />
Corporate sponsors, academic institutions and government organisations interested in participating in the OWASP cyber-security pre-acceleration initiative can contact the initiative leaders (ref to the leaders info of this page) as well as [https://www.owasp.org/index.php/About_OWASP OWASP foundation board] directly. OWASP has different corporate sponsorship options available and all provide benefits. More information on OWASP corporate sponsorship can be found [https://www.owasp.org/index.php/Corporate_Membership here]<br />
<br />
If you are interested to directly contribute to the Cyber Security Pre Startup Accelerator Initiative please fill in the following [https://docs.google.com/forms/d/1hg3xqM3fHKDda0WshTEC7UTzK4nwcr1j6H79mHXSBoQ/viewform sponsorship form]<br />
<br />
==References==<br />
<br />
Ron Moritz, CISSP Managing Director, MTC OWASP:, 1 October 2013, [https://www.owasp.org/images/4/4d/OWASP_IL_2013_10_OWASP_Ron_Moritz_Why_Are_Investors_Excited_About_Cyber_Security_Startups.pdf Why Investors are excited about cyber-security start-ups, again?]<br />
<br />
Trusted Software Alliance, May 26, 2014, Security start-ups with Michael Coates [http://trustedsoftwarealliance.com/category/tswa-news-network/security-start-ups/ podcast]<br />
<br />
Financial Times: Investors flock to [http://www.ft.com/intl/cms/s/0/f5c87808-a883-11e3-b50f-00144feab7de.html#axzz32vM8YvW6/ Cyber Security Startups]<br />
<br />
| valign="top" style="padding-left:25px;width:200px;border-right: 1px dotted gray;padding-right:25px;" |<br />
<br />
== Presentation Materials ==<br />
<br />
[https://www.owasp.org/images/4/42/OWASP_Security_Pre-Accelerator_Initiative.pdf OWASP Start-up initiative proposal documentation]<br />
<br />
[https://www.owasp.org/images/9/9b/OWASP_Security_Incubator_Presentation.pdf Atrovate proposal to OWASP presentation deck]<br />
<br />
[https://docs.google.com/presentation/d/1gktnLLffegbiqiMTAFLUM7GXXANg7zGbMDaP5ZiJE-A/edit#slide=id.g18bc0eac1_05 Sponsor Presentation - Updated]<br />
<br />
''Note: this initiative proposal is released to OWASP for the purpose of seeking OWASP corporate funding only and should considered propriety of the authors and OWASP. This material cannot distributed and used for commercial purposes and without consent of the authors''<br />
<br />
== Initiative Events ==<br />
<br />
We host a roundtable event on this initiative at the [https://2014.appsec.eu/ AppSec Europe conference] in Cambridge on the 24th June. Attendees can join in person or online. Please signup on the [http://attending.io/events/appseceu Event Page]<br />
<br />
== Initiative Leader(s) ==<br />
<br />
[https://www.owasp.org/index.php/User:Neill_Gernon Neill Gernon]<br />
[https://www.owasp.org/index.php/Marco_Morana Marco Morana]<br />
<br />
<br />
== Mailing List ==<br />
<br />
* [https://lists.owasp.org/mailman/listinfo/owasp_cyber_security_pre-accelerator_initiative Mailing List]<br />
<br />
|}<br />
<br />
= News and updates =<br />
<br />
'''Starting point/To date'''<br />
Neill Gernon and Marco Morana have worked up to this point on:<br />
-Startup community engagement> Meetings with London startup hubs including Level39 (Europes largest accelerator space), IDEALondon and universitys like Kings University where Marco spoke about the programme with thier security leaders. Also had meetings inside Google Campus London, Tech Hub and Central Working.<br />
-Programme planning> Designing the programme which has taken inspiration from lean prototyping workshops that Neill Gernon runs in London and Dublin startup clusters. Planning stages also included engaging with owasp staff including Samantha Groves, Kelly Santalucia and GK Southwick to conclude that this should be submitted and structured as an initiative.<br />
-Coordinating owasp meetings: Meetings with owasp chapter leaders including Tobias Gondrom, Justin Clarke and Marco Morana.<br />
<br />
'''Thursday, 24th April - Meeting.'''<br />
Meeting (conference call) between Neill Gernon & Marco Morana concluded the following:<br />
-Speakers/Mentors> <br />
(a) Will will be looking to confirm speakers for the first kick off event (mid May). At this kick off event Neill Gernon & Marco Morana will talk on the programme format and the benifits to participants - this is an overview of the programme and a chance for all interested to come together and connect pre- initiative launch. Also to answer any questions attendees have before beginning. <br />
(b) Will be looking to confirm mentors for the pre-accelerator programme. These mentors will commit to specific calander dates to give team advisory, product validation, people mentorship and guidance through out the initiative.<br />
-Calander> Now we have a chosen starting point (kick off event by the 22nd May in London), we will be outlining the calander timeline of events, workshops and hackathon dates/times. *This initiative schedule will be updated to the wiki soon*<br />
-Sponsor details: Waiting to get confirmation from sponsors on how they wish to support initiative and owasp<br />
-How to continuously update the wiki for future updates and initiative news.<br />
<br />
Kick off event date, sponsor details, speakers and mentor confirmation will be following this meeting.<br />
<br />
<br />
'''Friday 9th May - Update on sponsor signup'''<br />
Created a quick "google form" along with a new presentation to get sponsors signed up to the initiative. Confirmation of dates and venue pending and subject to sponsor commitment due to venue expenses. <br />
Potential sponsors have been two options: <br />
1. join owasp membership and a % goes toward the initiative<br />
2. sponsor initiative direct<br />
Google form found [here> https://docs.google.com/forms/d/1hg3xqM3fHKDda0WshTEC7UTzK4nwcr1j6H79mHXSBoQ/viewform .]<br />
<br />
Additional updates> <br />
1. Wednesday meeting with Marco Moran confirmed to discuss initiative progress, venue, dates and sponsor confirmation.<br />
2. Monday - Meeting with IDEALondon to discuss venue and initiative start dates<br />
3. Monday - Meeting with a London university to propose initiative sponsorship<br />
<br />
<br />
''''Friday 23rd May - Update on sponsor/meeting progress''''<br />
Coordinating venue, sponsor and dates has taking longer than expected but continuing to progress with target engagements.<br />
Continued email discussions with Neill Gernon and Marco Morana on the progress of initiative to this date.<br />
<br />
'''Academic Sponsors/meeting.'''<br />
'''Securing dates to meet with UCL'''<br />
Meeting with researchers from the Research Institute in Science of Cybersecurity [http://www.ucl.ac.uk/cybersecurity] for the week of the 2nd of June. Meeting will be Neill Gernon and Marco Morana presenting initiative to Professor M. Angela Sasse [http://sec.cs.ucl.ac.uk/people/m_angela_sasse/] and to Professor David Pym [http://www0.cs.ucl.ac.uk/people/D.Pym.html] as well as other additional professors from the Institute. The goal is to present the initiative as potential r&d research for UCL and as a career route for UCL students to create cyber security startups to drive cyber security innovation. <br />
<br />
'''Progress with Kings University'''<br />
Marco Morana will also be engaging with contacts at Kings University London to arrange meeting to present the initiative for the university/students. <br />
<br />
'''Securing dates to meet with Royal Holloway'''<br />
Currently coordinating meetings with Royal Holloway with Lorenzo Cavallaro (through Marco Morana) and also to Justin O'Brian (through Samantha Groves) to help us present the initiative to Royal Holloway as an initiative that their students can participate in. <br />
<br />
'''Confirming a round table session at AppSec UK.'''<br />
We are currently confirming a roundtable session to be held at AppSec UK [https://2014.appsec.eu/] in Cambridge to present the initiative to owasp members/sponsors - both academic/corporate. Coordinating this roundtable session with Samantha Groves, Adrian Winckles and Tobias Gondrom which will be held at the AppSec Project Summitt [https://www.owasp.org/index.php/OWASP_Project_Summit_2014/Home] and presented by Neill Gernon on June 23rd/24th at Angelia Ruskin University Cambridge.<br />
<br />
<br />
'''Update: Tuesday 27th May'''<br />
<br />
Meeting with Justin O'Brian (MBA Director & entrepreneurship at Royal Holloway) went well and he is recommending our initiative to professors leading the computer science, info security and IT institutes.<br />
<br />
<br />
'''Update: Monday 2nd June'''<br />
<br />
Meeting confirmed for 20th June to present initiative with UCL professors Angela Sasse, David Pym and team at the Research institute in the Science of Cyber Security at UCL.<br />
<br />
Roundtable event confirmed. Neill Gernon will be presenting (joined by Marco Morana via Call) a roundtable talk at AppSecEU in Cambridge on the 24th June 2pm-6pm. Attendees will be able to join in person or attend online and all will be asked to [http://attending.io/events/appseceu register on our event page] We aim to inform the appsec community of our initiative and gain advocates, help and initiative sponsors.<br />
<br />
<br />
'''Update: Tuesday 10th June'''<br />
<br />
Conference call meeting led by Samantha Groves on the project summit at Cambridge, this is where we host our roundtable event presenting the cyber startup initiative. Logistics and setup discussed including live web call for those unable to attend. All preparation ahead of the live event on the 24th June.<br />
<br />
<br />
'''Update: Meeting at UCL Cyber Institute'''<br />
Meeting at UCL with their Cyber Security research institute which included> Angela Sasse, David Pym (Dialed in), George Danezis, Simon Parkin. Presented the initiative to UCL as a potential sponsor, they like it and would like to commit resources (mentors, facilitates and students/researchers) to the programme to create cyber startups and will inspect a separate department to see if it can be financially sponsored as they dont think there budget can be . Follow up meeting to conclude exactly how they will participate is to be confirmed. 2nd meeting is awaiting confirmation. <br />
<br />
<br />
'''Update: AppSec EU in Cambridge. Initiative presentation'''<br />
Neill Gernon presented the initiative to a small gathering at the project summit in AppSec Cambridge. It was an engaging session that seemed to benefit both the initiative leaders (Neill & Marco) and also the attending crowd. We discussed the overall programme and where it leads to, where it can be adopted in various university/startup hubs like cambridge, London etc. We we please to hear that both '''Anglia Ruskin University''' and '''Royal Holloway University London''' who had both attended the session were interested in the programme. We will be continuing discussions with them on how it could be adopted inside a university to leverage students to build cyber startups. Follow on meetings will be confirmed and updated. <br />
<br />
<br />
'''Additional AppSec news'''<br />
The response from attendees, facilitators, sponsors regarding the initiative was very positive and I myself (neill) was very surprised how many people wanted to get involved - whether at idea/prototype or early product stage. <br />
<br />
<br />
'''New presentation'''<br />
We have updated the presentation with clear opening slides which should clearly articulate and present the initiatives focus and purpose to both and community and potential sponsors.<br />
<br />
'''Follow up meetings'''<br />
Neill and Marco will be discussing the initiative and its next steps with partnering university's like, UCL,Kings University, Royal Holloway and Anglia Ruskin University. Meetings/conference calls will take place over the coming couple of weeks with the same target outcome - we are looking for sponsor support for this first stage of the initiative.<br />
<br />
'''RE-Framing this Inititaive'''<br />
To make this more engaging, appealing and to initially create more buzz, we have re-framed this initiative as "cyber security startup week" - A week long series of events and workshops with an end of week hackathon. This will still bring together the startup, academic and corporate communitys focused on innovation within cyber security.<br />
Note: *The key elements essential for a pre-accelerator are still there, our goal is still to create teams that will develope POC/MVP open source prototypes*.<br />
<br />
<br />
'''CONFIRMED: Date/Venue/Sponsor'''<br />
Sponsor - Pleased to announce that Sonatype have been confirmed as a sponsor for this program.<br />
Date - The week of the 26th of December has been confirmed to run this program. Dates: 26th/27th/28th/29th/30th of Dec 2015.ave <br />
Venues - Both IDEALondon and Google Campus have been confirmed to host this program. Workshops and events will take place at IDEALondon and the end of week hackathon takes place at Google Campus. <br />
<br />
'''Next News'''<br />
09/11/14 - Next news is due to be the launch of the website, confirmation of panel speakers and workshop hosts and promotion of the program to the academic, startup and corporate community's.<br />
<br />
= Milestones =<br />
<br />
'''Milestones and Goals'''<br />
<br />
The OWASP pre-incubator security start-up project includes the following milestones;<br />
<br />
1) OWASP Security start-up pre-incubator process guide that document the process the WHAT that is a guide that can be followed by a non-profit entity such as OWASP, University, and Government Agency to run a security start-up pre-incubator program. We will document all steps of the process that can be followed to create pre seed funding security start-ups which can be replicated by following this program including<br />
the different stages that lead from opportunity to idea concept to creation of the open source prototype to the start-ups itself. The guide provide guidance on the goals of the various activities such as events, prototyping workshops and hackathons (e.g. goal is to experiment with OWASP open source tools, templates for the development of working prototypes) create and sign legal contract agreements, creation and validation of PoCs Proof of Concepts.<br />
<br />
2) OWASP Security start-up pre-incubator process manual that teaches the HOW that is how to engage with the start-up community locally (start), organize events, workshops, hackathons, mentoring and prepare business plans for participation to security incubators start-ups (end);<br />
<br />
3) OWASP Security start-up pre-incubator wiki site to manage the steps of the startup security pre accelerator process and document the proof of concept prototypes that can go on to be fully incubated start-ups; This wiki site will be created as OWASP pre-accelerator web site and will help it to be taken forward and used by OWASP chapters in different areas/countries.<br />
<br />
4) Documented results of piloting with a start-up pre-incubator real case that includes using the process guide the manual the wiki site to run a real case of pre-incubator program by running it at one of the established start up campuses in London pending on availability and agreements.<br />
<br />
5) OWASP open source working software prototype/PoCof an open source application security software/technology. This prototype/PoC is produced by following theseveral steps of the pre-accelerator security incubator program and is produced by the initiative participants as residents in the pre-accelerator working space and validated by the open source community. The scope of the prototype is to validate a proof of concept of a new idea that makes either web or mobile applications more secure. This prototype is released as open source to the community.<br />
<br />
=How to Get involved=<br />
<br />
Signup to our mailing list, updates coming soon!<br />
Mail list> https://lists.owasp.org/mailman/listinfo/owasp_cyber_security_pre-accelerator_initiative <br />
<br />
__NOTOC__ <headertabs /> <br />
<br />
[[Category:OWASP Global_Initiatives]] <br />
<br />
<br />
<br />
<br />
<br />
<br />
<headertabs/> <br />
__NOTOC__</div>Neill Gernonhttps://wiki.owasp.org/index.php?title=Global_Initiatives/Cyber_Security_Startup_Initiative&diff=177855Global Initiatives/Cyber Security Startup Initiative2014-06-30T20:27:44Z<p>Neill Gernon: </p>
<hr />
<div>=Main=<br />
<br />
<div style="width:100%;height:160px;border:0,margin:0;overflow: hidden;">[[File:Initiatives_banner_large.jpg|link=]]</div><br />
<br />
{| style="padding: 0;margin:0;margin-top:10px;text-align:left;" |-<br />
| valign="top" style="border-right: 1px dotted gray;padding-right:25px;" |<br />
<br />
==OWASP Cyber Security Startup Initiative==<br />
<br />
The aim of the OWASP Cyber Security Startup Initiative (CSSI) is to catalyse opportunities for innovation in application security by promoting the creation of prototypes of open source tools produced by entrepreneur-lead teams seeking to form cyber-security start-ups. OWASP will be piloting this initiative by running the cyber security incubator with sponsors. The ideal sponsors of this initiative are academic institutions, government entities and corporate sponsors/private investors. OWASP will manage the initiative end to end: from the initial planning and documentation of the cyber-security start-up process to the running and the piloting the initiative to the final documentation of the process and incorporation of the lessons learned. OWASP will be managing the logistical aspects of the program and OWASP leaders will mentor prospective cyber-security start-ups teams in the creation of the prototypes using free open source tools and APIs. OWASP will work together with the sponsors of this initiative by preparing the prospective cyber-security start-up(s) to seek funding by investor(s) at a later acceleration stage of the creation of the start-up.<br />
<br />
==Initiative Goals==<br />
<br />
The main goal of the pre-accelerator is to create opportunities for prospective entrepreneur-lead teams to transform ideas into open source community-validated concepts. The pursuit of innovative ideas can lead to the development of prototypes and (PoCs) Proof of Concept(s). Prospective start-ups can leverage no-cost OWASP resources that includes open source tools, documents/guides and training modules. The OWASP security incubator will offer to the selected entrepreneur-lead teams a structured place to work to experiment with the creation of working prototypes. The program, the workplace and the funding for the creation of the prototypes will be funded by OWASP corporate sponsorship(s). The initiative manuals and the prototypes developed by the start-ups will be released as open source to the application security community. The validation of the ideas with proof of concepts will help the start-up to participate to the next phase that is the cyber-security start-up acceleration program. The experience gained will help prospective start-ups to develop a Minimum Viable Product (MVP) and seek funding from prospective investors for further development.<br />
<br />
==Initiative Focus ==<br />
<br />
This initiative will focus on the pre-incubator/pre-acceleration phase that is the preliminary phase that leads to the incubation of a possible start-up. This is the phase where talent is nurtured and ideas are developed, concepts are validated and prototypes are tested. The goal of the pre-acceleration phase is to create Proof of Concepts (PoCs) of prototypes of application security products. This phase leads to the next phase that is the acceleration phase. Entrepreneur-lead teams participating to the OWASP pre-acceleration program can possibly use these POCs/prototypes to develop Minimum Viable Product (MVPs) in the acceleration stage. These MVPs might be used to present to Angel investors/VCs to seek funding for the creation of their start-ups using these products.<br />
<br />
==Beneficiaries of this Initiative==<br />
<br />
The OWASP pre-incubator security start-up initiative helps the collaborative effort of academic institutions, government entities as well as corporate sponsors in the creation their cyber-security innovation campus/acceleration programs for cyber-security start-ups. The role of OWASP in this initiative is to provide the tools, the training modules, the documentation guides that help start-ups teams selected to participate into the pre-acceleation program to design, implement and test secure software. The ideal candidates for the participation to this initiative are teams of young graduates from universities with curriculum in cyber-security that are interested in experimenting with application security tools and create innovative ways to test and to develop secure software. By spearheading the creation of cyber-security pre-acceleator programs OWASP will also create the opportunity for these teams of young college graduates to experiment with software security concepts, develop working prototypes of secure software. The experience gained by participating to the program will help young graduates to seek a career in software security as well as to become self-employed in a new cyber-security start-up that can leverage OWASP tools and prototypes developed (e.g. by using them in the start-up software security consulting services). The experience gained will help start-ups to develop their business plans and MVPs. These business plans and MVPs could be presented to prospective investors for funding. By participating to this initiative, prospective start-ups will be better positioned to move up to the next phase and seek funds such as seed capital investment from prospective investors/VCs/Angels. <br />
<br />
==Initiative Participation Requirements==<br />
<br />
Participants to the OWASP pre-acceleration security start-up program are required to respect the open source licenses for the use of OWASP tools and for the prototypes/PoCs being developed. OWASP prototypes/PoCs should be released as open source and subjected to the Creative Commons 3.0 License (see [https://www.owasp.org/index.php/OWASP_Licenses OWASP licenses] for details). <br />
<br />
==The role of OWASP in this Initiative==<br />
<br />
OWASP will provide funding for running of the initiative using OWASP corporate sponsorship. The funding will be used to run the initiative and to manage the logistical aspects of the program that includes providing office space for prospective start-up teams, conduct the "hackatons" to experiment with OWASP tools and resources and organize training sessions with application security mentors. The artefacts produced by the start-ups will also funded by the initiative: these will be released as open source at the end of the program. Part of the funding will be also allocated for documenting the process such as creation of guidelines for managing the pre-accelerator for security start-ups. The lessons learned by running the pre-accelerator program will be documented and distributed to the various sponsors of the initiative (e.g. academic institutions, corporate sponsors, government institutions) as well as released as free resource to be used by the application security community as a whole.<br />
<br />
Since OWASP is a non for profit organisation is not involved in any commercialisation aspects of the tools and products/MVPs that will be developed in the future by the start-ups that participated to the pre-acceleration program. OWASP will be only involved in running the start-up incubator program and in the funding of OWASP open source projects created by the start-ups that participate to this initiative. OWASP will not invest into the start-ups and will not take any commercial interests in the development of products that the start-up will develop outside this program. This includes also products/MVPs that are used to seek funds such as seed capital for the start-up.<br />
<br />
The OWASP organization, through the global foundation and his local chapters and the leaders of this initiative will ONLY run and manage the security start-up pre-accelerator program and fund the development of prototypes/PoCs that will be released as open source. OWASP will provide in-person mentoring in application security to the start-up teams participating to the program and mentoring to help teams to take their ideas into working prototypes/tools. OWASP will also collect data while running this program that will be useful for the documentation of the program manuals as lesson learnt. A the end of the pre-incubation phase, OWASP mentors will also teach the start-ups on how to create business plans and will advise in the technical aspects related to the proposal of new products and services. <br />
<br />
==Initiative Collaboration Effort==<br />
<br />
OWASP will be managing and run this initiative in collaboration with the sponsors. The likely sponsor(s) of this initiative are academic institutions that already have cyber-security curriculum and graduate programs in cyber-security as well as government organisations, corporate sponsors that would like to partner with academic institutions for the creation of cyber-security incubators for start-ups. Examples of these academic-government-private partnerships are the [http://cyber.bgu.ac.il/research Cyber Labs incubator in Israel], the [https://www.mach37.com Cyber-security start-up accelerators in VA USA] the [http://www.bwtechumbc.com/cyber/ Cyber Incubator@bwtech in MD USA] and the [http://cyberhivesandiego.org/about/about-cyberhive/ CyberHive in CA-USA San Diego]<br />
<br />
==Participation and Sponsorship Appeal==<br />
<br />
Corporate sponsors, academic institutions and government organisations interested in participating in the OWASP cyber-security pre-acceleration initiative can contact the initiative leaders (ref to the leaders info of this page) as well as [https://www.owasp.org/index.php/About_OWASP OWASP foundation board] directly. OWASP has different corporate sponsorship options available and all provide benefits. More information on OWASP corporate sponsorship can be found [https://www.owasp.org/index.php/Corporate_Membership here]<br />
<br />
If you are interested to directly contribute to the Cyber Security Pre Startup Accelerator Initiative please fill in the following [https://docs.google.com/forms/d/1hg3xqM3fHKDda0WshTEC7UTzK4nwcr1j6H79mHXSBoQ/viewform sponsorship form]<br />
<br />
==References==<br />
<br />
Ron Moritz, CISSP Managing Director, MTC OWASP:, 1 October 2013, [https://www.owasp.org/images/4/4d/OWASP_IL_2013_10_OWASP_Ron_Moritz_Why_Are_Investors_Excited_About_Cyber_Security_Startups.pdf Why Investors are excited about cyber-security start-ups, again?]<br />
<br />
Trusted Software Alliance, May 26, 2014, Security start-ups with Michael Coates [http://trustedsoftwarealliance.com/category/tswa-news-network/security-start-ups/ podcast]<br />
<br />
Financial Times: Investors flock to [http://www.ft.com/intl/cms/s/0/f5c87808-a883-11e3-b50f-00144feab7de.html#axzz32vM8YvW6/ Cyber Security Startups]<br />
<br />
| valign="top" style="padding-left:25px;width:200px;border-right: 1px dotted gray;padding-right:25px;" |<br />
<br />
== Presentation Materials ==<br />
<br />
[https://www.owasp.org/images/4/42/OWASP_Security_Pre-Accelerator_Initiative.pdf OWASP Start-up initiative proposal documentation]<br />
<br />
[https://www.owasp.org/images/9/9b/OWASP_Security_Incubator_Presentation.pdf Atrovate proposal to OWASP presentation deck]<br />
<br />
[https://docs.google.com/presentation/d/1gktnLLffegbiqiMTAFLUM7GXXANg7zGbMDaP5ZiJE-A/edit#slide=id.g18bc0eac1_05 Sponsor Presentation - Updated]<br />
<br />
''Note: this initiative proposal is released to OWASP for the purpose of seeking OWASP corporate funding only and should considered propriety of the authors and OWASP. This material cannot distributed and used for commercial purposes and without consent of the authors''<br />
<br />
== Initiative Events ==<br />
<br />
We host a roundtable event on this initiative at the [https://2014.appsec.eu/ AppSec Europe conference] in Cambridge on the 24th June. Attendees can join in person or online. Please signup on the [http://attending.io/events/appseceu Event Page]<br />
<br />
== Initiative Leader(s) ==<br />
<br />
[https://www.owasp.org/index.php/User:Neill_Gernon Neill Gernon]<br />
[https://www.owasp.org/index.php/Marco_Morana Marco Morana]<br />
<br />
<br />
== Mailing List ==<br />
<br />
* [https://lists.owasp.org/mailman/listinfo/owasp_cyber_security_pre-accelerator_initiative Mailing List]<br />
<br />
|}<br />
<br />
= News and updates =<br />
<br />
'''Starting point/To date'''<br />
Neill Gernon and Marco Morana have worked up to this point on:<br />
-Startup community engagement> Meetings with London startup hubs including Level39 (Europes largest accelerator space), IDEALondon and universitys like Kings University where Marco spoke about the programme with thier security leaders. Also had meetings inside Google Campus London, Tech Hub and Central Working.<br />
-Programme planning> Designing the programme which has taken inspiration from lean prototyping workshops that Neill Gernon runs in London and Dublin startup clusters. Planning stages also included engaging with owasp staff including Samantha Groves, Kelly Santalucia and GK Southwick to conclude that this should be submitted and structured as an initiative.<br />
-Coordinating owasp meetings: Meetings with owasp chapter leaders including Tobias Gondrom, Justin Clarke and Marco Morana.<br />
<br />
'''Thursday, 24th April - Meeting.'''<br />
Meeting (conference call) between Neill Gernon & Marco Morana concluded the following:<br />
-Speakers/Mentors> <br />
(a) Will will be looking to confirm speakers for the first kick off event (mid May). At this kick off event Neill Gernon & Marco Morana will talk on the programme format and the benifits to participants - this is an overview of the programme and a chance for all interested to come together and connect pre- initiative launch. Also to answer any questions attendees have before beginning. <br />
(b) Will be looking to confirm mentors for the pre-accelerator programme. These mentors will commit to specific calander dates to give team advisory, product validation, people mentorship and guidance through out the initiative.<br />
-Calander> Now we have a chosen starting point (kick off event by the 22nd May in London), we will be outlining the calander timeline of events, workshops and hackathon dates/times. *This initiative schedule will be updated to the wiki soon*<br />
-Sponsor details: Waiting to get confirmation from sponsors on how they wish to support initiative and owasp<br />
-How to continuously update the wiki for future updates and initiative news.<br />
<br />
Kick off event date, sponsor details, speakers and mentor confirmation will be following this meeting.<br />
<br />
<br />
'''Friday 9th May - Update on sponsor signup'''<br />
Created a quick "google form" along with a new presentation to get sponsors signed up to the initiative. Confirmation of dates and venue pending and subject to sponsor commitment due to venue expenses. <br />
Potential sponsors have been two options: <br />
1. join owasp membership and a % goes toward the initiative<br />
2. sponsor initiative direct<br />
Google form found [here> https://docs.google.com/forms/d/1hg3xqM3fHKDda0WshTEC7UTzK4nwcr1j6H79mHXSBoQ/viewform .]<br />
<br />
Additional updates> <br />
1. Wednesday meeting with Marco Moran confirmed to discuss initiative progress, venue, dates and sponsor confirmation.<br />
2. Monday - Meeting with IDEALondon to discuss venue and initiative start dates<br />
3. Monday - Meeting with a London university to propose initiative sponsorship<br />
<br />
<br />
''''Friday 23rd May - Update on sponsor/meeting progress''''<br />
Coordinating venue, sponsor and dates has taking longer than expected but continuing to progress with target engagements.<br />
Continued email discussions with Neill Gernon and Marco Morana on the progress of initiative to this date.<br />
<br />
'''Academic Sponsors/meeting.'''<br />
'''Securing dates to meet with UCL'''<br />
Meeting with researchers from the Research Institute in Science of Cybersecurity [http://www.ucl.ac.uk/cybersecurity] for the week of the 2nd of June. Meeting will be Neill Gernon and Marco Morana presenting initiative to Professor M. Angela Sasse [http://sec.cs.ucl.ac.uk/people/m_angela_sasse/] and to Professor David Pym [http://www0.cs.ucl.ac.uk/people/D.Pym.html] as well as other additional professors from the Institute. The goal is to present the initiative as potential r&d research for UCL and as a career route for UCL students to create cyber security startups to drive cyber security innovation. <br />
<br />
'''Progress with Kings University'''<br />
Marco Morana will also be engaging with contacts at Kings University London to arrange meeting to present the initiative for the university/students. <br />
<br />
'''Securing dates to meet with Royal Holloway'''<br />
Currently coordinating meetings with Royal Holloway with Lorenzo Cavallaro (through Marco Morana) and also to Justin O'Brian (through Samantha Groves) to help us present the initiative to Royal Holloway as an initiative that their students can participate in. <br />
<br />
'''Confirming a round table session at AppSec UK.'''<br />
We are currently confirming a roundtable session to be held at AppSec UK [https://2014.appsec.eu/] in Cambridge to present the initiative to owasp members/sponsors - both academic/corporate. Coordinating this roundtable session with Samantha Groves, Adrian Winckles and Tobias Gondrom which will be held at the AppSec Project Summitt [https://www.owasp.org/index.php/OWASP_Project_Summit_2014/Home] and presented by Neill Gernon on June 23rd/24th at Angelia Ruskin University Cambridge.<br />
<br />
<br />
'''Update: Tuesday 27th May'''<br />
<br />
Meeting with Justin O'Brian (MBA Director & entrepreneurship at Royal Holloway) went well and he is recommending our initiative to professors leading the computer science, info security and IT institutes.<br />
<br />
<br />
'''Update: Monday 2nd June'''<br />
<br />
Meeting confirmed for 20th June to present initiative with UCL professors Angela Sasse, David Pym and team at the Research institute in the Science of Cyber Security at UCL.<br />
<br />
Roundtable event confirmed. Neill Gernon will be presenting (joined by Marco Morana via Call) a roundtable talk at AppSecEU in Cambridge on the 24th June 2pm-6pm. Attendees will be able to join in person or attend online and all will be asked to [http://attending.io/events/appseceu register on our event page] We aim to inform the appsec community of our initiative and gain advocates, help and initiative sponsors.<br />
<br />
<br />
'''Update: Tuesday 10th June'''<br />
<br />
Conference call meeting led by Samantha Groves on the project summit at Cambridge, this is where we host our roundtable event presenting the cyber startup initiative. Logistics and setup discussed including live web call for those unable to attend. All preparation ahead of the live event on the 24th June.<br />
<br />
<br />
'''Update: Meeting at UCL Cyber Institute'''<br />
Meeting at UCL with their Cyber Security research institute which included> Angela Sasse, David Pym (Dialed in), George Danezis, Simon Parkin. Presented the initiative to UCL as a potential sponsor, they like it and would like to commit resources (mentors, facilitates and students/researchers) to the programme to create cyber startups and will inspect a separate department to see if it can be financially sponsored as they dont think there budget can be . Follow up meeting to conclude exactly how they will participate is to be confirmed. 2nd meeting is awaiting confirmation. <br />
<br />
<br />
'''Update: AppSec EU in Cambridge. Initiative presentation'''<br />
Neill Gernon presented the initiative to a small gathering at the project summit in AppSec Cambridge. It was an engaging session that seemed to benefit both the initiative leaders (Neill & Marco) and also the attending crowd. We discussed the overall programme and where it leads to, where it can be adopted in various university/startup hubs like cambridge, London etc. We we please to hear that both '''Anglia Ruskin University''' and '''Royal Holloway University London''' who had both attended the session were interested in the programme. We will be continuing discussions with them on how it could be adopted inside a university to leverage students to build cyber startups. Follow on meetings will be confirmed and updated. <br />
<br />
<br />
'''Additional AppSec news'''<br />
The response from attendees, facilitators, sponsors regarding the initiative was very positive and I myself (neill) was very surprised how many people wanted to get involved - whether at idea/prototype or early product stage. <br />
<br />
<br />
'''New presentation'''<br />
We have updated the presentation with clear opening slides which should clearly articulate and present the initiatives focus and purpose to both and community and potential sponsors.<br />
<br />
'''Follow up meetings'''<br />
Neill and Marco will be discussing the initiative and its next steps with partnering university's like, UCL,Kings University, Royal Holloway and Anglia Ruskin University. Meetings/conference calls will take place over the coming couple of weeks with the same target outcome - we are looking for sponsor support for this first stage of the initiative. <br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
= Milestones =<br />
<br />
'''Milestones and Goals'''<br />
<br />
The OWASP pre-incubator security start-up project includes the following milestones;<br />
<br />
1) OWASP Security start-up pre-incubator process guide that document the process the WHAT that is a guide that can be followed by a non-profit entity such as OWASP, University, and Government Agency to run a security start-up pre-incubator program. We will document all steps of the process that can be followed to create pre seed funding security start-ups which can be replicated by following this program including<br />
the different stages that lead from opportunity to idea concept to creation of the open source prototype to the start-ups itself. The guide provide guidance on the goals of the various activities such as events, prototyping workshops and hackathons (e.g. goal is to experiment with OWASP open source tools, templates for the development of working prototypes) create and sign legal contract agreements, creation and validation of PoCs Proof of Concepts.<br />
<br />
2) OWASP Security start-up pre-incubator process manual that teaches the HOW that is how to engage with the start-up community locally (start), organize events, workshops, hackathons, mentoring and prepare business plans for participation to security incubators start-ups (end);<br />
<br />
3) OWASP Security start-up pre-incubator wiki site to manage the steps of the startup security pre accelerator process and document the proof of concept prototypes that can go on to be fully incubated start-ups; This wiki site will be created as OWASP pre-accelerator web site and will help it to be taken forward and used by OWASP chapters in different areas/countries.<br />
<br />
4) Documented results of piloting with a start-up pre-incubator real case that includes using the process guide the manual the wiki site to run a real case of pre-incubator program by running it at one of the established start up campuses in London pending on availability and agreements.<br />
<br />
5) OWASP open source working software prototype/PoCof an open source application security software/technology. This prototype/PoC is produced by following theseveral steps of the pre-accelerator security incubator program and is produced by the initiative participants as residents in the pre-accelerator working space and validated by the open source community. The scope of the prototype is to validate a proof of concept of a new idea that makes either web or mobile applications more secure. This prototype is released as open source to the community.<br />
<br />
=How to Get involved=<br />
<br />
Signup to our mailing list, updates coming soon!<br />
Mail list> https://lists.owasp.org/mailman/listinfo/owasp_cyber_security_pre-accelerator_initiative <br />
<br />
__NOTOC__ <headertabs /> <br />
<br />
[[Category:OWASP Global_Initiatives]] <br />
<br />
<br />
<br />
<br />
<br />
<br />
<headertabs/> <br />
__NOTOC__</div>Neill Gernonhttps://wiki.owasp.org/index.php?title=Global_Initiatives/Cyber_Security_Startup_Initiative&diff=177854Global Initiatives/Cyber Security Startup Initiative2014-06-30T20:25:06Z<p>Neill Gernon: </p>
<hr />
<div>=Main=<br />
<br />
<div style="width:100%;height:160px;border:0,margin:0;overflow: hidden;">[[File:Initiatives_banner_large.jpg|link=]]</div><br />
<br />
{| style="padding: 0;margin:0;margin-top:10px;text-align:left;" |-<br />
| valign="top" style="border-right: 1px dotted gray;padding-right:25px;" |<br />
<br />
==OWASP Cyber Security Startup Initiative==<br />
<br />
The aim of the OWASP Cyber Security Startup Initiative (CSSI) is to catalyse opportunities for innovation in application security by promoting the creation of prototypes of open source tools produced by entrepreneur-lead teams seeking to form cyber-security start-ups. OWASP will be piloting this initiative by running the cyber security incubator with sponsors. The ideal sponsors of this initiative are academic institutions, government entities and corporate sponsors/private investors. OWASP will manage the initiative end to end: from the initial planning and documentation of the cyber-security start-up process to the running and the piloting the initiative to the final documentation of the process and incorporation of the lessons learned. OWASP will be managing the logistical aspects of the program and OWASP leaders will mentor prospective cyber-security start-ups teams in the creation of the prototypes using free open source tools and APIs. OWASP will work together with the sponsors of this initiative by preparing the prospective cyber-security start-up(s) to seek funding by investor(s) at a later acceleration stage of the creation of the start-up.<br />
<br />
==Initiative Goals==<br />
<br />
The main goal of the pre-accelerator is to create opportunities for prospective entrepreneur-lead teams to transform ideas into open source community-validated concepts. The pursuit of innovative ideas can lead to the development of prototypes and (PoCs) Proof of Concept(s). Prospective start-ups can leverage no-cost OWASP resources that includes open source tools, documents/guides and training modules. The OWASP security incubator will offer to the selected entrepreneur-lead teams a structured place to work to experiment with the creation of working prototypes. The program, the workplace and the funding for the creation of the prototypes will be funded by OWASP corporate sponsorship(s). The initiative manuals and the prototypes developed by the start-ups will be released as open source to the application security community. The validation of the ideas with proof of concepts will help the start-up to participate to the next phase that is the cyber-security start-up acceleration program. The experience gained will help prospective start-ups to develop a Minimum Viable Product (MVP) and seek funding from prospective investors for further development.<br />
<br />
==Initiative Focus ==<br />
<br />
This initiative will focus on the pre-incubator/pre-acceleration phase that is the preliminary phase that leads to the incubation of a possible start-up. This is the phase where talent is nurtured and ideas are developed, concepts are validated and prototypes are tested. The goal of the pre-acceleration phase is to create Proof of Concepts (PoCs) of prototypes of application security products. This phase leads to the next phase that is the acceleration phase. Entrepreneur-lead teams participating to the OWASP pre-acceleration program can possibly use these POCs/prototypes to develop Minimum Viable Product (MVPs) in the acceleration stage. These MVPs might be used to present to Angel investors/VCs to seek funding for the creation of their start-ups using these products.<br />
<br />
==Beneficiaries of this Initiative==<br />
<br />
The OWASP pre-incubator security start-up initiative helps the collaborative effort of academic institutions, government entities as well as corporate sponsors in the creation their cyber-security innovation campus/acceleration programs for cyber-security start-ups. The role of OWASP in this initiative is to provide the tools, the training modules, the documentation guides that help start-ups teams selected to participate into the pre-acceleation program to design, implement and test secure software. The ideal candidates for the participation to this initiative are teams of young graduates from universities with curriculum in cyber-security that are interested in experimenting with application security tools and create innovative ways to test and to develop secure software. By spearheading the creation of cyber-security pre-acceleator programs OWASP will also create the opportunity for these teams of young college graduates to experiment with software security concepts, develop working prototypes of secure software. The experience gained by participating to the program will help young graduates to seek a career in software security as well as to become self-employed in a new cyber-security start-up that can leverage OWASP tools and prototypes developed (e.g. by using them in the start-up software security consulting services). The experience gained will help start-ups to develop their business plans and MVPs. These business plans and MVPs could be presented to prospective investors for funding. By participating to this initiative, prospective start-ups will be better positioned to move up to the next phase and seek funds such as seed capital investment from prospective investors/VCs/Angels. <br />
<br />
==Initiative Participation Requirements==<br />
<br />
Participants to the OWASP pre-acceleration security start-up program are required to respect the open source licenses for the use of OWASP tools and for the prototypes/PoCs being developed. OWASP prototypes/PoCs should be released as open source and subjected to the Creative Commons 3.0 License (see [https://www.owasp.org/index.php/OWASP_Licenses OWASP licenses] for details). <br />
<br />
==The role of OWASP in this Initiative==<br />
<br />
OWASP will provide funding for running of the initiative using OWASP corporate sponsorship. The funding will be used to run the initiative and to manage the logistical aspects of the program that includes providing office space for prospective start-up teams, conduct the "hackatons" to experiment with OWASP tools and resources and organize training sessions with application security mentors. The artefacts produced by the start-ups will also funded by the initiative: these will be released as open source at the end of the program. Part of the funding will be also allocated for documenting the process such as creation of guidelines for managing the pre-accelerator for security start-ups. The lessons learned by running the pre-accelerator program will be documented and distributed to the various sponsors of the initiative (e.g. academic institutions, corporate sponsors, government institutions) as well as released as free resource to be used by the application security community as a whole.<br />
<br />
Since OWASP is a non for profit organisation is not involved in any commercialisation aspects of the tools and products/MVPs that will be developed in the future by the start-ups that participated to the pre-acceleration program. OWASP will be only involved in running the start-up incubator program and in the funding of OWASP open source projects created by the start-ups that participate to this initiative. OWASP will not invest into the start-ups and will not take any commercial interests in the development of products that the start-up will develop outside this program. This includes also products/MVPs that are used to seek funds such as seed capital for the start-up.<br />
<br />
The OWASP organization, through the global foundation and his local chapters and the leaders of this initiative will ONLY run and manage the security start-up pre-accelerator program and fund the development of prototypes/PoCs that will be released as open source. OWASP will provide in-person mentoring in application security to the start-up teams participating to the program and mentoring to help teams to take their ideas into working prototypes/tools. OWASP will also collect data while running this program that will be useful for the documentation of the program manuals as lesson learnt. A the end of the pre-incubation phase, OWASP mentors will also teach the start-ups on how to create business plans and will advise in the technical aspects related to the proposal of new products and services. <br />
<br />
==Initiative Collaboration Effort==<br />
<br />
OWASP will be managing and run this initiative in collaboration with the sponsors. The likely sponsor(s) of this initiative are academic institutions that already have cyber-security curriculum and graduate programs in cyber-security as well as government organisations, corporate sponsors that would like to partner with academic institutions for the creation of cyber-security incubators for start-ups. Examples of these academic-government-private partnerships are the [http://cyber.bgu.ac.il/research Cyber Labs incubator in Israel], the [https://www.mach37.com Cyber-security start-up accelerators in VA USA] the [http://www.bwtechumbc.com/cyber/ Cyber Incubator@bwtech in MD USA] and the [http://cyberhivesandiego.org/about/about-cyberhive/ CyberHive in CA-USA San Diego]<br />
<br />
==Participation and Sponsorship Appeal==<br />
<br />
Corporate sponsors, academic institutions and government organisations interested in participating in the OWASP cyber-security pre-acceleration initiative can contact the initiative leaders (ref to the leaders info of this page) as well as [https://www.owasp.org/index.php/About_OWASP OWASP foundation board] directly. OWASP has different corporate sponsorship options available and all provide benefits. More information on OWASP corporate sponsorship can be found [https://www.owasp.org/index.php/Corporate_Membership here]<br />
<br />
If you are interested to directly contribute to the Cyber Security Pre Startup Accelerator Initiative please fill in the following [https://docs.google.com/forms/d/1hg3xqM3fHKDda0WshTEC7UTzK4nwcr1j6H79mHXSBoQ/viewform sponsorship form]<br />
<br />
==References==<br />
<br />
Ron Moritz, CISSP Managing Director, MTC OWASP:, 1 October 2013, [https://www.owasp.org/images/4/4d/OWASP_IL_2013_10_OWASP_Ron_Moritz_Why_Are_Investors_Excited_About_Cyber_Security_Startups.pdf Why Investors are excited about cyber-security start-ups, again?]<br />
<br />
Trusted Software Alliance, May 26, 2014, Security start-ups with Michael Coates [http://trustedsoftwarealliance.com/category/tswa-news-network/security-start-ups/ podcast]<br />
<br />
Financial Times: Investors flock to [http://www.ft.com/intl/cms/s/0/f5c87808-a883-11e3-b50f-00144feab7de.html#axzz32vM8YvW6/ Cyber Security Startups]<br />
<br />
| valign="top" style="padding-left:25px;width:200px;border-right: 1px dotted gray;padding-right:25px;" |<br />
<br />
== Presentation Materials ==<br />
<br />
[https://www.owasp.org/images/4/42/OWASP_Security_Pre-Accelerator_Initiative.pdf OWASP Start-up initiative proposal documentation]<br />
<br />
[https://www.owasp.org/images/9/9b/OWASP_Security_Incubator_Presentation.pdf Atrovate proposal to OWASP presentation deck]<br />
<br />
[https://docs.google.com/presentation/d/1gktnLLffegbiqiMTAFLUM7GXXANg7zGbMDaP5ZiJE-A/edit#slide=id.g18bc0eac1_05 Sponsor Presentation - Updated]<br />
<br />
''Note: this initiative proposal is released to OWASP for the purpose of seeking OWASP corporate funding only and should considered propriety of the authors and OWASP. This material cannot distributed and used for commercial purposes and without consent of the authors''<br />
<br />
== Initiative Events ==<br />
<br />
We host a roundtable event on this initiative at the [https://2014.appsec.eu/ AppSec Europe conference] in Cambridge on the 24th June. Attendees can join in person or online. Please signup on the [http://attending.io/events/appseceu Event Page]<br />
<br />
== Initiative Leader(s) ==<br />
<br />
[https://www.owasp.org/index.php/User:Neill_Gernon Neill Gernon]<br />
[https://www.owasp.org/index.php/Marco_Morana Marco Morana]<br />
<br />
<br />
== Mailing List ==<br />
<br />
* [https://lists.owasp.org/mailman/listinfo/owasp_cyber_security_pre-accelerator_initiative Mailing List]<br />
<br />
|}<br />
<br />
= News and updates =<br />
<br />
'''Starting point/To date'''<br />
Neill Gernon and Marco Morana have worked up to this point on:<br />
-Startup community engagement> Meetings with London startup hubs including Level39 (Europes largest accelerator space), IDEALondon and universitys like Kings University where Marco spoke about the programme with thier security leaders. Also had meetings inside Google Campus London, Tech Hub and Central Working.<br />
-Programme planning> Designing the programme which has taken inspiration from lean prototyping workshops that Neill Gernon runs in London and Dublin startup clusters. Planning stages also included engaging with owasp staff including Samantha Groves, Kelly Santalucia and GK Southwick to conclude that this should be submitted and structured as an initiative.<br />
-Coordinating owasp meetings: Meetings with owasp chapter leaders including Tobias Gondrom, Justin Clarke and Marco Morana.<br />
<br />
'''Thursday, 24th April - Meeting.'''<br />
Meeting (conference call) between Neill Gernon & Marco Morana concluded the following:<br />
-Speakers/Mentors> <br />
(a) Will will be looking to confirm speakers for the first kick off event (mid May). At this kick off event Neill Gernon & Marco Morana will talk on the programme format and the benifits to participants - this is an overview of the programme and a chance for all interested to come together and connect pre- initiative launch. Also to answer any questions attendees have before beginning. <br />
(b) Will be looking to confirm mentors for the pre-accelerator programme. These mentors will commit to specific calander dates to give team advisory, product validation, people mentorship and guidance through out the initiative.<br />
-Calander> Now we have a chosen starting point (kick off event by the 22nd May in London), we will be outlining the calander timeline of events, workshops and hackathon dates/times. *This initiative schedule will be updated to the wiki soon*<br />
-Sponsor details: Waiting to get confirmation from sponsors on how they wish to support initiative and owasp<br />
-How to continuously update the wiki for future updates and initiative news.<br />
<br />
Kick off event date, sponsor details, speakers and mentor confirmation will be following this meeting.<br />
<br />
<br />
'''Friday 9th May - Update on sponsor signup'''<br />
Created a quick "google form" along with a new presentation to get sponsors signed up to the initiative. Confirmation of dates and venue pending and subject to sponsor commitment due to venue expenses. <br />
Potential sponsors have been two options: <br />
1. join owasp membership and a % goes toward the initiative<br />
2. sponsor initiative direct<br />
Google form found [here> https://docs.google.com/forms/d/1hg3xqM3fHKDda0WshTEC7UTzK4nwcr1j6H79mHXSBoQ/viewform .]<br />
<br />
Additional updates> <br />
1. Wednesday meeting with Marco Moran confirmed to discuss initiative progress, venue, dates and sponsor confirmation.<br />
2. Monday - Meeting with IDEALondon to discuss venue and initiative start dates<br />
3. Monday - Meeting with a London university to propose initiative sponsorship<br />
<br />
<br />
''''Friday 23rd May - Update on sponsor/meeting progress''''<br />
Coordinating venue, sponsor and dates has taking longer than expected but continuing to progress with target engagements.<br />
Continued email discussions with Neill Gernon and Marco Morana on the progress of initiative to this date.<br />
<br />
'''Academic Sponsors/meeting.'''<br />
'''Securing dates to meet with UCL'''<br />
Meeting with researchers from the Research Institute in Science of Cybersecurity [http://www.ucl.ac.uk/cybersecurity] for the week of the 2nd of June. Meeting will be Neill Gernon and Marco Morana presenting initiative to Professor M. Angela Sasse [http://sec.cs.ucl.ac.uk/people/m_angela_sasse/] and to Professor David Pym [http://www0.cs.ucl.ac.uk/people/D.Pym.html] as well as other additional professors from the Institute. The goal is to present the initiative as potential r&d research for UCL and as a career route for UCL students to create cyber security startups to drive cyber security innovation. <br />
<br />
'''Progress with Kings University'''<br />
Marco Morana will also be engaging with contacts at Kings University London to arrange meeting to present the initiative for the university/students. <br />
<br />
'''Securing dates to meet with Royal Holloway'''<br />
Currently coordinating meetings with Royal Holloway with Lorenzo Cavallaro (through Marco Morana) and also to Justin O'Brian (through Samantha Groves) to help us present the initiative to Royal Holloway as an initiative that their students can participate in. <br />
<br />
'''Confirming a round table session at AppSec UK.'''<br />
We are currently confirming a roundtable session to be held at AppSec UK [https://2014.appsec.eu/] in Cambridge to present the initiative to owasp members/sponsors - both academic/corporate. Coordinating this roundtable session with Samantha Groves, Adrian Winckles and Tobias Gondrom which will be held at the AppSec Project Summitt [https://www.owasp.org/index.php/OWASP_Project_Summit_2014/Home] and presented by Neill Gernon on June 23rd/24th at Angelia Ruskin University Cambridge.<br />
<br />
<br />
'''Update: Tuesday 27th May'''<br />
<br />
Meeting with Justin O'Brian (MBA Director & entrepreneurship at Royal Holloway) went well and he is recommending our initiative to professors leading the computer science, info security and IT institutes.<br />
<br />
<br />
'''Update: Monday 2nd June'''<br />
<br />
Meeting confirmed for 20th June to present initiative with UCL professors Angela Sasse, David Pym and team at the Research institute in the Science of Cyber Security at UCL.<br />
<br />
Roundtable event confirmed. Neill Gernon will be presenting (joined by Marco Morana via Call) a roundtable talk at AppSecEU in Cambridge on the 24th June 2pm-6pm. Attendees will be able to join in person or attend online and all will be asked to [http://attending.io/events/appseceu register on our event page] We aim to inform the appsec community of our initiative and gain advocates, help and initiative sponsors.<br />
<br />
'''Update: Tuesday 10th June'''<br />
<br />
Conference call meeting led by Samantha Groves on the project summit at Cambridge, this is where we host our roundtable event presenting the cyber startup initiative. Logistics and setup discussed including live web call for those unable to attend. All preparation ahead of the live event on the 24th June.<br />
<br />
'''Update: Meeting at UCL Cyber Institute'''<br />
Meeting at UCL with their Cyber Security research institute which included> Angela Sasse, David Pym (Dialed in), George Danezis, Simon Parkin. Presented the initiative to UCL as a potential sponsor, they like it and would like to commit resources (mentors, facilitates and students/researchers) to the programme to create cyber startups and will inspect a separate department to see if it can be financially sponsored as they dont think there budget can be . Follow up meeting to conclude exactly how they will participate is to be confirmed. 2nd meeting is awaiting confirmation. <br />
<br />
'''Update: AppSec EU in Cambridge. Initiative presentation'''<br />
Neill Gernon presented the initiative to a small gathering at the project summit in AppSec Cambridge. It was an engaging session that seemed to benefit both the initiative leaders (Neill & Marco) and also the attending crowd. We discussed the overall programme and where it leads to, where it can be adopted in various university/startup hubs like cambridge, London etc. We we please to hear that both '''Anglia Ruskin University''' and '''Royal Holloway University London' who had both attended the session were interested in the programme. We will be continuing discussions with them on how it could be adopted inside a university to leverage students to build cyber startups. Follow on meetings will be confirmed and updated. <br />
<br />
'''Additional AppSec news'''<br />
The response from attendees, facilitators, sponsors regarding the initiative was very positive and I myself (neill) was very surprised how many people wanted to get involved - weather at idea/prototype or early product stage. <br />
<br />
'''New presentation'''<br />
We have updated the presentation with clear opening slides which should clearly articulate and present the initiatives focus and purpose. <br />
<br />
'''Follow up meetings'''<br />
Neill and Marco will be discussing the initiative and its next steps with partnering university's like, UCL,Kings University, Royal Holloway and Anglia Ruskin University. Meetings/conference calls will take place over the coming couple of weeks with the same target outcome - we are looking for sponsor support for this first stage of the initiative. <br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
= Milestones =<br />
<br />
'''Milestones and Goals'''<br />
<br />
The OWASP pre-incubator security start-up project includes the following milestones;<br />
<br />
1) OWASP Security start-up pre-incubator process guide that document the process the WHAT that is a guide that can be followed by a non-profit entity such as OWASP, University, and Government Agency to run a security start-up pre-incubator program. We will document all steps of the process that can be followed to create pre seed funding security start-ups which can be replicated by following this program including<br />
the different stages that lead from opportunity to idea concept to creation of the open source prototype to the start-ups itself. The guide provide guidance on the goals of the various activities such as events, prototyping workshops and hackathons (e.g. goal is to experiment with OWASP open source tools, templates for the development of working prototypes) create and sign legal contract agreements, creation and validation of PoCs Proof of Concepts.<br />
<br />
2) OWASP Security start-up pre-incubator process manual that teaches the HOW that is how to engage with the start-up community locally (start), organize events, workshops, hackathons, mentoring and prepare business plans for participation to security incubators start-ups (end);<br />
<br />
3) OWASP Security start-up pre-incubator wiki site to manage the steps of the startup security pre accelerator process and document the proof of concept prototypes that can go on to be fully incubated start-ups; This wiki site will be created as OWASP pre-accelerator web site and will help it to be taken forward and used by OWASP chapters in different areas/countries.<br />
<br />
4) Documented results of piloting with a start-up pre-incubator real case that includes using the process guide the manual the wiki site to run a real case of pre-incubator program by running it at one of the established start up campuses in London pending on availability and agreements.<br />
<br />
5) OWASP open source working software prototype/PoCof an open source application security software/technology. This prototype/PoC is produced by following theseveral steps of the pre-accelerator security incubator program and is produced by the initiative participants as residents in the pre-accelerator working space and validated by the open source community. The scope of the prototype is to validate a proof of concept of a new idea that makes either web or mobile applications more secure. This prototype is released as open source to the community.<br />
<br />
=How to Get involved=<br />
<br />
Signup to our mailing list, updates coming soon!<br />
Mail list> https://lists.owasp.org/mailman/listinfo/owasp_cyber_security_pre-accelerator_initiative <br />
<br />
__NOTOC__ <headertabs /> <br />
<br />
[[Category:OWASP Global_Initiatives]] <br />
<br />
<br />
<br />
<br />
<br />
<br />
<headertabs/> <br />
__NOTOC__</div>Neill Gernonhttps://wiki.owasp.org/index.php?title=Global_Initiatives/Cyber_Security_Startup_Initiative&diff=177853Global Initiatives/Cyber Security Startup Initiative2014-06-30T20:24:10Z<p>Neill Gernon: </p>
<hr />
<div>=Main=<br />
<br />
<div style="width:100%;height:160px;border:0,margin:0;overflow: hidden;">[[File:Initiatives_banner_large.jpg|link=]]</div><br />
<br />
{| style="padding: 0;margin:0;margin-top:10px;text-align:left;" |-<br />
| valign="top" style="border-right: 1px dotted gray;padding-right:25px;" |<br />
<br />
==OWASP Cyber Security Startup Initiative==<br />
<br />
The aim of the OWASP Cyber Security Startup Initiative (CSSI) is to catalyse opportunities for innovation in application security by promoting the creation of prototypes of open source tools produced by entrepreneur-lead teams seeking to form cyber-security start-ups. OWASP will be piloting this initiative by running the cyber security incubator with sponsors. The ideal sponsors of this initiative are academic institutions, government entities and corporate sponsors/private investors. OWASP will manage the initiative end to end: from the initial planning and documentation of the cyber-security start-up process to the running and the piloting the initiative to the final documentation of the process and incorporation of the lessons learned. OWASP will be managing the logistical aspects of the program and OWASP leaders will mentor prospective cyber-security start-ups teams in the creation of the prototypes using free open source tools and APIs. OWASP will work together with the sponsors of this initiative by preparing the prospective cyber-security start-up(s) to seek funding by investor(s) at a later acceleration stage of the creation of the start-up.<br />
<br />
==Initiative Goals==<br />
<br />
The main goal of the pre-accelerator is to create opportunities for prospective entrepreneur-lead teams to transform ideas into open source community-validated concepts. The pursuit of innovative ideas can lead to the development of prototypes and (PoCs) Proof of Concept(s). Prospective start-ups can leverage no-cost OWASP resources that includes open source tools, documents/guides and training modules. The OWASP security incubator will offer to the selected entrepreneur-lead teams a structured place to work to experiment with the creation of working prototypes. The program, the workplace and the funding for the creation of the prototypes will be funded by OWASP corporate sponsorship(s). The initiative manuals and the prototypes developed by the start-ups will be released as open source to the application security community. The validation of the ideas with proof of concepts will help the start-up to participate to the next phase that is the cyber-security start-up acceleration program. The experience gained will help prospective start-ups to develop a Minimum Viable Product (MVP) and seek funding from prospective investors for further development.<br />
<br />
==Initiative Focus ==<br />
<br />
This initiative will focus on the pre-incubator/pre-acceleration phase that is the preliminary phase that leads to the incubation of a possible start-up. This is the phase where talent is nurtured and ideas are developed, concepts are validated and prototypes are tested. The goal of the pre-acceleration phase is to create Proof of Concepts (PoCs) of prototypes of application security products. This phase leads to the next phase that is the acceleration phase. Entrepreneur-lead teams participating to the OWASP pre-acceleration program can possibly use these POCs/prototypes to develop Minimum Viable Product (MVPs) in the acceleration stage. These MVPs might be used to present to Angel investors/VCs to seek funding for the creation of their start-ups using these products.<br />
<br />
==Beneficiaries of this Initiative==<br />
<br />
The OWASP pre-incubator security start-up initiative helps the collaborative effort of academic institutions, government entities as well as corporate sponsors in the creation their cyber-security innovation campus/acceleration programs for cyber-security start-ups. The role of OWASP in this initiative is to provide the tools, the training modules, the documentation guides that help start-ups teams selected to participate into the pre-acceleation program to design, implement and test secure software. The ideal candidates for the participation to this initiative are teams of young graduates from universities with curriculum in cyber-security that are interested in experimenting with application security tools and create innovative ways to test and to develop secure software. By spearheading the creation of cyber-security pre-acceleator programs OWASP will also create the opportunity for these teams of young college graduates to experiment with software security concepts, develop working prototypes of secure software. The experience gained by participating to the program will help young graduates to seek a career in software security as well as to become self-employed in a new cyber-security start-up that can leverage OWASP tools and prototypes developed (e.g. by using them in the start-up software security consulting services). The experience gained will help start-ups to develop their business plans and MVPs. These business plans and MVPs could be presented to prospective investors for funding. By participating to this initiative, prospective start-ups will be better positioned to move up to the next phase and seek funds such as seed capital investment from prospective investors/VCs/Angels. <br />
<br />
==Initiative Participation Requirements==<br />
<br />
Participants to the OWASP pre-acceleration security start-up program are required to respect the open source licenses for the use of OWASP tools and for the prototypes/PoCs being developed. OWASP prototypes/PoCs should be released as open source and subjected to the Creative Commons 3.0 License (see [https://www.owasp.org/index.php/OWASP_Licenses OWASP licenses] for details). <br />
<br />
==The role of OWASP in this Initiative==<br />
<br />
OWASP will provide funding for running of the initiative using OWASP corporate sponsorship. The funding will be used to run the initiative and to manage the logistical aspects of the program that includes providing office space for prospective start-up teams, conduct the "hackatons" to experiment with OWASP tools and resources and organize training sessions with application security mentors. The artefacts produced by the start-ups will also funded by the initiative: these will be released as open source at the end of the program. Part of the funding will be also allocated for documenting the process such as creation of guidelines for managing the pre-accelerator for security start-ups. The lessons learned by running the pre-accelerator program will be documented and distributed to the various sponsors of the initiative (e.g. academic institutions, corporate sponsors, government institutions) as well as released as free resource to be used by the application security community as a whole.<br />
<br />
Since OWASP is a non for profit organisation is not involved in any commercialisation aspects of the tools and products/MVPs that will be developed in the future by the start-ups that participated to the pre-acceleration program. OWASP will be only involved in running the start-up incubator program and in the funding of OWASP open source projects created by the start-ups that participate to this initiative. OWASP will not invest into the start-ups and will not take any commercial interests in the development of products that the start-up will develop outside this program. This includes also products/MVPs that are used to seek funds such as seed capital for the start-up.<br />
<br />
The OWASP organization, through the global foundation and his local chapters and the leaders of this initiative will ONLY run and manage the security start-up pre-accelerator program and fund the development of prototypes/PoCs that will be released as open source. OWASP will provide in-person mentoring in application security to the start-up teams participating to the program and mentoring to help teams to take their ideas into working prototypes/tools. OWASP will also collect data while running this program that will be useful for the documentation of the program manuals as lesson learnt. A the end of the pre-incubation phase, OWASP mentors will also teach the start-ups on how to create business plans and will advise in the technical aspects related to the proposal of new products and services. <br />
<br />
==Initiative Collaboration Effort==<br />
<br />
OWASP will be managing and run this initiative in collaboration with the sponsors. The likely sponsor(s) of this initiative are academic institutions that already have cyber-security curriculum and graduate programs in cyber-security as well as government organisations, corporate sponsors that would like to partner with academic institutions for the creation of cyber-security incubators for start-ups. Examples of these academic-government-private partnerships are the [http://cyber.bgu.ac.il/research Cyber Labs incubator in Israel], the [https://www.mach37.com Cyber-security start-up accelerators in VA USA] the [http://www.bwtechumbc.com/cyber/ Cyber Incubator@bwtech in MD USA] and the [http://cyberhivesandiego.org/about/about-cyberhive/ CyberHive in CA-USA San Diego]<br />
<br />
==Participation and Sponsorship Appeal==<br />
<br />
Corporate sponsors, academic institutions and government organisations interested in participating in the OWASP cyber-security pre-acceleration initiative can contact the initiative leaders (ref to the leaders info of this page) as well as [https://www.owasp.org/index.php/About_OWASP OWASP foundation board] directly. OWASP has different corporate sponsorship options available and all provide benefits. More information on OWASP corporate sponsorship can be found [https://www.owasp.org/index.php/Corporate_Membership here]<br />
<br />
If you are interested to directly contribute to the Cyber Security Pre Startup Accelerator Initiative please fill in the following [https://docs.google.com/forms/d/1hg3xqM3fHKDda0WshTEC7UTzK4nwcr1j6H79mHXSBoQ/viewform sponsorship form]<br />
<br />
==References==<br />
<br />
Ron Moritz, CISSP Managing Director, MTC OWASP:, 1 October 2013, [https://www.owasp.org/images/4/4d/OWASP_IL_2013_10_OWASP_Ron_Moritz_Why_Are_Investors_Excited_About_Cyber_Security_Startups.pdf Why Investors are excited about cyber-security start-ups, again?]<br />
<br />
Trusted Software Alliance, May 26, 2014, Security start-ups with Michael Coates [http://trustedsoftwarealliance.com/category/tswa-news-network/security-start-ups/ podcast]<br />
<br />
Financial Times: Investors flock to [http://www.ft.com/intl/cms/s/0/f5c87808-a883-11e3-b50f-00144feab7de.html#axzz32vM8YvW6/ Cyber Security Startups]<br />
<br />
| valign="top" style="padding-left:25px;width:200px;border-right: 1px dotted gray;padding-right:25px;" |<br />
<br />
== Presentation Materials ==<br />
<br />
[https://www.owasp.org/images/4/42/OWASP_Security_Pre-Accelerator_Initiative.pdf OWASP Start-up initiative proposal documentation]<br />
<br />
[https://www.owasp.org/images/9/9b/OWASP_Security_Incubator_Presentation.pdf Atrovate proposal to OWASP presentation deck]<br />
<br />
[https://docs.google.com/presentation/d/1gktnLLffegbiqiMTAFLUM7GXXANg7zGbMDaP5ZiJE-A/edit Presentation for Sponsors]<br />
[https://docs.google.com/presentation/d/1gktnLLffegbiqiMTAFLUM7GXXANg7zGbMDaP5ZiJE-A/edit#slide=id.g18bc0eac1_05 Updated Sponsor Presentation]<br />
<br />
''Note: this initiative proposal is released to OWASP for the purpose of seeking OWASP corporate funding only and should considered propriety of the authors and OWASP. This material cannot distributed and used for commercial purposes and without consent of the authors''<br />
<br />
== Initiative Events ==<br />
<br />
We host a roundtable event on this initiative at the [https://2014.appsec.eu/ AppSec Europe conference] in Cambridge on the 24th June. Attendees can join in person or online. Please signup on the [http://attending.io/events/appseceu Event Page]<br />
<br />
== Initiative Leader(s) ==<br />
<br />
[https://www.owasp.org/index.php/User:Neill_Gernon Neill Gernon]<br />
[https://www.owasp.org/index.php/Marco_Morana Marco Morana]<br />
<br />
<br />
== Mailing List ==<br />
<br />
* [https://lists.owasp.org/mailman/listinfo/owasp_cyber_security_pre-accelerator_initiative Mailing List]<br />
<br />
|}<br />
<br />
= News and updates =<br />
<br />
'''Starting point/To date'''<br />
Neill Gernon and Marco Morana have worked up to this point on:<br />
-Startup community engagement> Meetings with London startup hubs including Level39 (Europes largest accelerator space), IDEALondon and universitys like Kings University where Marco spoke about the programme with thier security leaders. Also had meetings inside Google Campus London, Tech Hub and Central Working.<br />
-Programme planning> Designing the programme which has taken inspiration from lean prototyping workshops that Neill Gernon runs in London and Dublin startup clusters. Planning stages also included engaging with owasp staff including Samantha Groves, Kelly Santalucia and GK Southwick to conclude that this should be submitted and structured as an initiative.<br />
-Coordinating owasp meetings: Meetings with owasp chapter leaders including Tobias Gondrom, Justin Clarke and Marco Morana.<br />
<br />
'''Thursday, 24th April - Meeting.'''<br />
Meeting (conference call) between Neill Gernon & Marco Morana concluded the following:<br />
-Speakers/Mentors> <br />
(a) Will will be looking to confirm speakers for the first kick off event (mid May). At this kick off event Neill Gernon & Marco Morana will talk on the programme format and the benifits to participants - this is an overview of the programme and a chance for all interested to come together and connect pre- initiative launch. Also to answer any questions attendees have before beginning. <br />
(b) Will be looking to confirm mentors for the pre-accelerator programme. These mentors will commit to specific calander dates to give team advisory, product validation, people mentorship and guidance through out the initiative.<br />
-Calander> Now we have a chosen starting point (kick off event by the 22nd May in London), we will be outlining the calander timeline of events, workshops and hackathon dates/times. *This initiative schedule will be updated to the wiki soon*<br />
-Sponsor details: Waiting to get confirmation from sponsors on how they wish to support initiative and owasp<br />
-How to continuously update the wiki for future updates and initiative news.<br />
<br />
Kick off event date, sponsor details, speakers and mentor confirmation will be following this meeting.<br />
<br />
<br />
'''Friday 9th May - Update on sponsor signup'''<br />
Created a quick "google form" along with a new presentation to get sponsors signed up to the initiative. Confirmation of dates and venue pending and subject to sponsor commitment due to venue expenses. <br />
Potential sponsors have been two options: <br />
1. join owasp membership and a % goes toward the initiative<br />
2. sponsor initiative direct<br />
Google form found [here> https://docs.google.com/forms/d/1hg3xqM3fHKDda0WshTEC7UTzK4nwcr1j6H79mHXSBoQ/viewform .]<br />
<br />
Additional updates> <br />
1. Wednesday meeting with Marco Moran confirmed to discuss initiative progress, venue, dates and sponsor confirmation.<br />
2. Monday - Meeting with IDEALondon to discuss venue and initiative start dates<br />
3. Monday - Meeting with a London university to propose initiative sponsorship<br />
<br />
<br />
''''Friday 23rd May - Update on sponsor/meeting progress''''<br />
Coordinating venue, sponsor and dates has taking longer than expected but continuing to progress with target engagements.<br />
Continued email discussions with Neill Gernon and Marco Morana on the progress of initiative to this date.<br />
<br />
'''Academic Sponsors/meeting.'''<br />
'''Securing dates to meet with UCL'''<br />
Meeting with researchers from the Research Institute in Science of Cybersecurity [http://www.ucl.ac.uk/cybersecurity] for the week of the 2nd of June. Meeting will be Neill Gernon and Marco Morana presenting initiative to Professor M. Angela Sasse [http://sec.cs.ucl.ac.uk/people/m_angela_sasse/] and to Professor David Pym [http://www0.cs.ucl.ac.uk/people/D.Pym.html] as well as other additional professors from the Institute. The goal is to present the initiative as potential r&d research for UCL and as a career route for UCL students to create cyber security startups to drive cyber security innovation. <br />
<br />
'''Progress with Kings University'''<br />
Marco Morana will also be engaging with contacts at Kings University London to arrange meeting to present the initiative for the university/students. <br />
<br />
'''Securing dates to meet with Royal Holloway'''<br />
Currently coordinating meetings with Royal Holloway with Lorenzo Cavallaro (through Marco Morana) and also to Justin O'Brian (through Samantha Groves) to help us present the initiative to Royal Holloway as an initiative that their students can participate in. <br />
<br />
'''Confirming a round table session at AppSec UK.'''<br />
We are currently confirming a roundtable session to be held at AppSec UK [https://2014.appsec.eu/] in Cambridge to present the initiative to owasp members/sponsors - both academic/corporate. Coordinating this roundtable session with Samantha Groves, Adrian Winckles and Tobias Gondrom which will be held at the AppSec Project Summitt [https://www.owasp.org/index.php/OWASP_Project_Summit_2014/Home] and presented by Neill Gernon on June 23rd/24th at Angelia Ruskin University Cambridge.<br />
<br />
<br />
'''Update: Tuesday 27th May'''<br />
<br />
Meeting with Justin O'Brian (MBA Director & entrepreneurship at Royal Holloway) went well and he is recommending our initiative to professors leading the computer science, info security and IT institutes.<br />
<br />
<br />
'''Update: Monday 2nd June'''<br />
<br />
Meeting confirmed for 20th June to present initiative with UCL professors Angela Sasse, David Pym and team at the Research institute in the Science of Cyber Security at UCL.<br />
<br />
Roundtable event confirmed. Neill Gernon will be presenting (joined by Marco Morana via Call) a roundtable talk at AppSecEU in Cambridge on the 24th June 2pm-6pm. Attendees will be able to join in person or attend online and all will be asked to [http://attending.io/events/appseceu register on our event page] We aim to inform the appsec community of our initiative and gain advocates, help and initiative sponsors.<br />
<br />
'''Update: Tuesday 10th June'''<br />
<br />
Conference call meeting led by Samantha Groves on the project summit at Cambridge, this is where we host our roundtable event presenting the cyber startup initiative. Logistics and setup discussed including live web call for those unable to attend. All preparation ahead of the live event on the 24th June.<br />
<br />
'''Update: Meeting at UCL Cyber Institute'''<br />
Meeting at UCL with their Cyber Security research institute which included> Angela Sasse, David Pym (Dialed in), George Danezis, Simon Parkin. Presented the initiative to UCL as a potential sponsor, they like it and would like to commit resources (mentors, facilitates and students/researchers) to the programme to create cyber startups and will inspect a separate department to see if it can be financially sponsored as they dont think there budget can be . Follow up meeting to conclude exactly how they will participate is to be confirmed. 2nd meeting is awaiting confirmation. <br />
<br />
'''Update: AppSec EU in Cambridge. Initiative presentation'''<br />
Neill Gernon presented the initiative to a small gathering at the project summit in AppSec Cambridge. It was an engaging session that seemed to benefit both the initiative leaders (Neill & Marco) and also the attending crowd. We discussed the overall programme and where it leads to, where it can be adopted in various university/startup hubs like cambridge, London etc. We we please to hear that both '''Anglia Ruskin University''' and '''Royal Holloway University London' who had both attended the session were interested in the programme. We will be continuing discussions with them on how it could be adopted inside a university to leverage students to build cyber startups. Follow on meetings will be confirmed and updated. <br />
<br />
'''Additional AppSec news'''<br />
The response from attendees, facilitators, sponsors regarding the initiative was very positive and I myself (neill) was very surprised how many people wanted to get involved - weather at idea/prototype or early product stage. <br />
<br />
'''New presentation'''<br />
We have updated the presentation with clear opening slides which should clearly articulate and present the initiatives focus and purpose. <br />
<br />
'''Follow up meetings'''<br />
Neill and Marco will be discussing the initiative and its next steps with partnering university's like, UCL,Kings University, Royal Holloway and Anglia Ruskin University. Meetings/conference calls will take place over the coming couple of weeks with the same target outcome - we are looking for sponsor support for this first stage of the initiative. <br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
= Milestones =<br />
<br />
'''Milestones and Goals'''<br />
<br />
The OWASP pre-incubator security start-up project includes the following milestones;<br />
<br />
1) OWASP Security start-up pre-incubator process guide that document the process the WHAT that is a guide that can be followed by a non-profit entity such as OWASP, University, and Government Agency to run a security start-up pre-incubator program. We will document all steps of the process that can be followed to create pre seed funding security start-ups which can be replicated by following this program including<br />
the different stages that lead from opportunity to idea concept to creation of the open source prototype to the start-ups itself. The guide provide guidance on the goals of the various activities such as events, prototyping workshops and hackathons (e.g. goal is to experiment with OWASP open source tools, templates for the development of working prototypes) create and sign legal contract agreements, creation and validation of PoCs Proof of Concepts.<br />
<br />
2) OWASP Security start-up pre-incubator process manual that teaches the HOW that is how to engage with the start-up community locally (start), organize events, workshops, hackathons, mentoring and prepare business plans for participation to security incubators start-ups (end);<br />
<br />
3) OWASP Security start-up pre-incubator wiki site to manage the steps of the startup security pre accelerator process and document the proof of concept prototypes that can go on to be fully incubated start-ups; This wiki site will be created as OWASP pre-accelerator web site and will help it to be taken forward and used by OWASP chapters in different areas/countries.<br />
<br />
4) Documented results of piloting with a start-up pre-incubator real case that includes using the process guide the manual the wiki site to run a real case of pre-incubator program by running it at one of the established start up campuses in London pending on availability and agreements.<br />
<br />
5) OWASP open source working software prototype/PoCof an open source application security software/technology. This prototype/PoC is produced by following theseveral steps of the pre-accelerator security incubator program and is produced by the initiative participants as residents in the pre-accelerator working space and validated by the open source community. The scope of the prototype is to validate a proof of concept of a new idea that makes either web or mobile applications more secure. This prototype is released as open source to the community.<br />
<br />
=How to Get involved=<br />
<br />
Signup to our mailing list, updates coming soon!<br />
Mail list> https://lists.owasp.org/mailman/listinfo/owasp_cyber_security_pre-accelerator_initiative <br />
<br />
__NOTOC__ <headertabs /> <br />
<br />
[[Category:OWASP Global_Initiatives]] <br />
<br />
<br />
<br />
<br />
<br />
<br />
<headertabs/> <br />
__NOTOC__</div>Neill Gernonhttps://wiki.owasp.org/index.php?title=Global_Initiatives/Cyber_Security_Startup_Initiative&diff=177852Global Initiatives/Cyber Security Startup Initiative2014-06-30T19:47:09Z<p>Neill Gernon: </p>
<hr />
<div>=Main=<br />
<br />
<div style="width:100%;height:160px;border:0,margin:0;overflow: hidden;">[[File:Initiatives_banner_large.jpg|link=]]</div><br />
<br />
{| style="padding: 0;margin:0;margin-top:10px;text-align:left;" |-<br />
| valign="top" style="border-right: 1px dotted gray;padding-right:25px;" |<br />
<br />
==OWASP Cyber Security Startup Initiative==<br />
<br />
The aim of the OWASP Cyber Security Startup Initiative (CSSI) is to catalyse opportunities for innovation in application security by promoting the creation of prototypes of open source tools produced by entrepreneur-lead teams seeking to form cyber-security start-ups. OWASP will be piloting this initiative by running the cyber security incubator with sponsors. The ideal sponsors of this initiative are academic institutions, government entities and corporate sponsors/private investors. OWASP will manage the initiative end to end: from the initial planning and documentation of the cyber-security start-up process to the running and the piloting the initiative to the final documentation of the process and incorporation of the lessons learned. OWASP will be managing the logistical aspects of the program and OWASP leaders will mentor prospective cyber-security start-ups teams in the creation of the prototypes using free open source tools and APIs. OWASP will work together with the sponsors of this initiative by preparing the prospective cyber-security start-up(s) to seek funding by investor(s) at a later acceleration stage of the creation of the start-up.<br />
<br />
==Initiative Goals==<br />
<br />
The main goal of the pre-accelerator is to create opportunities for prospective entrepreneur-lead teams to transform ideas into open source community-validated concepts. The pursuit of innovative ideas can lead to the development of prototypes and (PoCs) Proof of Concept(s). Prospective start-ups can leverage no-cost OWASP resources that includes open source tools, documents/guides and training modules. The OWASP security incubator will offer to the selected entrepreneur-lead teams a structured place to work to experiment with the creation of working prototypes. The program, the workplace and the funding for the creation of the prototypes will be funded by OWASP corporate sponsorship(s). The initiative manuals and the prototypes developed by the start-ups will be released as open source to the application security community. The validation of the ideas with proof of concepts will help the start-up to participate to the next phase that is the cyber-security start-up acceleration program. The experience gained will help prospective start-ups to develop a Minimum Viable Product (MVP) and seek funding from prospective investors for further development.<br />
<br />
==Initiative Focus ==<br />
<br />
This initiative will focus on the pre-incubator/pre-acceleration phase that is the preliminary phase that leads to the incubation of a possible start-up. This is the phase where talent is nurtured and ideas are developed, concepts are validated and prototypes are tested. The goal of the pre-acceleration phase is to create Proof of Concepts (PoCs) of prototypes of application security products. This phase leads to the next phase that is the acceleration phase. Entrepreneur-lead teams participating to the OWASP pre-acceleration program can possibly use these POCs/prototypes to develop Minimum Viable Product (MVPs) in the acceleration stage. These MVPs might be used to present to Angel investors/VCs to seek funding for the creation of their start-ups using these products.<br />
<br />
==Beneficiaries of this Initiative==<br />
<br />
The OWASP pre-incubator security start-up initiative helps the collaborative effort of academic institutions, government entities as well as corporate sponsors in the creation their cyber-security innovation campus/acceleration programs for cyber-security start-ups. The role of OWASP in this initiative is to provide the tools, the training modules, the documentation guides that help start-ups teams selected to participate into the pre-acceleation program to design, implement and test secure software. The ideal candidates for the participation to this initiative are teams of young graduates from universities with curriculum in cyber-security that are interested in experimenting with application security tools and create innovative ways to test and to develop secure software. By spearheading the creation of cyber-security pre-acceleator programs OWASP will also create the opportunity for these teams of young college graduates to experiment with software security concepts, develop working prototypes of secure software. The experience gained by participating to the program will help young graduates to seek a career in software security as well as to become self-employed in a new cyber-security start-up that can leverage OWASP tools and prototypes developed (e.g. by using them in the start-up software security consulting services). The experience gained will help start-ups to develop their business plans and MVPs. These business plans and MVPs could be presented to prospective investors for funding. By participating to this initiative, prospective start-ups will be better positioned to move up to the next phase and seek funds such as seed capital investment from prospective investors/VCs/Angels. <br />
<br />
==Initiative Participation Requirements==<br />
<br />
Participants to the OWASP pre-acceleration security start-up program are required to respect the open source licenses for the use of OWASP tools and for the prototypes/PoCs being developed. OWASP prototypes/PoCs should be released as open source and subjected to the Creative Commons 3.0 License (see [https://www.owasp.org/index.php/OWASP_Licenses OWASP licenses] for details). <br />
<br />
==The role of OWASP in this Initiative==<br />
<br />
OWASP will provide funding for running of the initiative using OWASP corporate sponsorship. The funding will be used to run the initiative and to manage the logistical aspects of the program that includes providing office space for prospective start-up teams, conduct the "hackatons" to experiment with OWASP tools and resources and organize training sessions with application security mentors. The artefacts produced by the start-ups will also funded by the initiative: these will be released as open source at the end of the program. Part of the funding will be also allocated for documenting the process such as creation of guidelines for managing the pre-accelerator for security start-ups. The lessons learned by running the pre-accelerator program will be documented and distributed to the various sponsors of the initiative (e.g. academic institutions, corporate sponsors, government institutions) as well as released as free resource to be used by the application security community as a whole.<br />
<br />
Since OWASP is a non for profit organisation is not involved in any commercialisation aspects of the tools and products/MVPs that will be developed in the future by the start-ups that participated to the pre-acceleration program. OWASP will be only involved in running the start-up incubator program and in the funding of OWASP open source projects created by the start-ups that participate to this initiative. OWASP will not invest into the start-ups and will not take any commercial interests in the development of products that the start-up will develop outside this program. This includes also products/MVPs that are used to seek funds such as seed capital for the start-up.<br />
<br />
The OWASP organization, through the global foundation and his local chapters and the leaders of this initiative will ONLY run and manage the security start-up pre-accelerator program and fund the development of prototypes/PoCs that will be released as open source. OWASP will provide in-person mentoring in application security to the start-up teams participating to the program and mentoring to help teams to take their ideas into working prototypes/tools. OWASP will also collect data while running this program that will be useful for the documentation of the program manuals as lesson learnt. A the end of the pre-incubation phase, OWASP mentors will also teach the start-ups on how to create business plans and will advise in the technical aspects related to the proposal of new products and services. <br />
<br />
==Initiative Collaboration Effort==<br />
<br />
OWASP will be managing and run this initiative in collaboration with the sponsors. The likely sponsor(s) of this initiative are academic institutions that already have cyber-security curriculum and graduate programs in cyber-security as well as government organisations, corporate sponsors that would like to partner with academic institutions for the creation of cyber-security incubators for start-ups. Examples of these academic-government-private partnerships are the [http://cyber.bgu.ac.il/research Cyber Labs incubator in Israel], the [https://www.mach37.com Cyber-security start-up accelerators in VA USA] the [http://www.bwtechumbc.com/cyber/ Cyber Incubator@bwtech in MD USA] and the [http://cyberhivesandiego.org/about/about-cyberhive/ CyberHive in CA-USA San Diego]<br />
<br />
==Participation and Sponsorship Appeal==<br />
<br />
Corporate sponsors, academic institutions and government organisations interested in participating in the OWASP cyber-security pre-acceleration initiative can contact the initiative leaders (ref to the leaders info of this page) as well as [https://www.owasp.org/index.php/About_OWASP OWASP foundation board] directly. OWASP has different corporate sponsorship options available and all provide benefits. More information on OWASP corporate sponsorship can be found [https://www.owasp.org/index.php/Corporate_Membership here]<br />
<br />
If you are interested to directly contribute to the Cyber Security Pre Startup Accelerator Initiative please fill in the following [https://docs.google.com/forms/d/1hg3xqM3fHKDda0WshTEC7UTzK4nwcr1j6H79mHXSBoQ/viewform sponsorship form]<br />
<br />
==References==<br />
<br />
Ron Moritz, CISSP Managing Director, MTC OWASP:, 1 October 2013, [https://www.owasp.org/images/4/4d/OWASP_IL_2013_10_OWASP_Ron_Moritz_Why_Are_Investors_Excited_About_Cyber_Security_Startups.pdf Why Investors are excited about cyber-security start-ups, again?]<br />
<br />
Trusted Software Alliance, May 26, 2014, Security start-ups with Michael Coates [http://trustedsoftwarealliance.com/category/tswa-news-network/security-start-ups/ podcast]<br />
<br />
Financial Times: Investors flock to [http://www.ft.com/intl/cms/s/0/f5c87808-a883-11e3-b50f-00144feab7de.html#axzz32vM8YvW6/ Cyber Security Startups]<br />
<br />
| valign="top" style="padding-left:25px;width:200px;border-right: 1px dotted gray;padding-right:25px;" |<br />
<br />
== Presentation Materials ==<br />
<br />
[https://www.owasp.org/images/4/42/OWASP_Security_Pre-Accelerator_Initiative.pdf OWASP Start-up initiative proposal documentation]<br />
<br />
[https://www.owasp.org/images/9/9b/OWASP_Security_Incubator_Presentation.pdf Atrovate proposal to OWASP presentation deck]<br />
<br />
[https://docs.google.com/presentation/d/1gktnLLffegbiqiMTAFLUM7GXXANg7zGbMDaP5ZiJE-A/edit Presentation for Sponsors]<br />
<br />
''Note: this initiative proposal is released to OWASP for the purpose of seeking OWASP corporate funding only and should considered propriety of the authors and OWASP. This material cannot distributed and used for commercial purposes and without consent of the authors''<br />
<br />
== Initiative Events ==<br />
<br />
We host a roundtable event on this initiative at the [https://2014.appsec.eu/ AppSec Europe conference] in Cambridge on the 24th June. Attendees can join in person or online. Please signup on the [http://attending.io/events/appseceu Event Page]<br />
<br />
== Initiative Leader(s) ==<br />
<br />
[https://www.owasp.org/index.php/User:Neill_Gernon Neill Gernon]<br />
[https://www.owasp.org/index.php/Marco_Morana Marco Morana]<br />
<br />
<br />
== Mailing List ==<br />
<br />
* [https://lists.owasp.org/mailman/listinfo/owasp_cyber_security_pre-accelerator_initiative Mailing List]<br />
<br />
|}<br />
<br />
= News and updates =<br />
<br />
'''Starting point/To date'''<br />
Neill Gernon and Marco Morana have worked up to this point on:<br />
-Startup community engagement> Meetings with London startup hubs including Level39 (Europes largest accelerator space), IDEALondon and universitys like Kings University where Marco spoke about the programme with thier security leaders. Also had meetings inside Google Campus London, Tech Hub and Central Working.<br />
-Programme planning> Designing the programme which has taken inspiration from lean prototyping workshops that Neill Gernon runs in London and Dublin startup clusters. Planning stages also included engaging with owasp staff including Samantha Groves, Kelly Santalucia and GK Southwick to conclude that this should be submitted and structured as an initiative.<br />
-Coordinating owasp meetings: Meetings with owasp chapter leaders including Tobias Gondrom, Justin Clarke and Marco Morana.<br />
<br />
'''Thursday, 24th April - Meeting.'''<br />
Meeting (conference call) between Neill Gernon & Marco Morana concluded the following:<br />
-Speakers/Mentors> <br />
(a) Will will be looking to confirm speakers for the first kick off event (mid May). At this kick off event Neill Gernon & Marco Morana will talk on the programme format and the benifits to participants - this is an overview of the programme and a chance for all interested to come together and connect pre- initiative launch. Also to answer any questions attendees have before beginning. <br />
(b) Will be looking to confirm mentors for the pre-accelerator programme. These mentors will commit to specific calander dates to give team advisory, product validation, people mentorship and guidance through out the initiative.<br />
-Calander> Now we have a chosen starting point (kick off event by the 22nd May in London), we will be outlining the calander timeline of events, workshops and hackathon dates/times. *This initiative schedule will be updated to the wiki soon*<br />
-Sponsor details: Waiting to get confirmation from sponsors on how they wish to support initiative and owasp<br />
-How to continuously update the wiki for future updates and initiative news.<br />
<br />
Kick off event date, sponsor details, speakers and mentor confirmation will be following this meeting.<br />
<br />
<br />
'''Friday 9th May - Update on sponsor signup'''<br />
Created a quick "google form" along with a new presentation to get sponsors signed up to the initiative. Confirmation of dates and venue pending and subject to sponsor commitment due to venue expenses. <br />
Potential sponsors have been two options: <br />
1. join owasp membership and a % goes toward the initiative<br />
2. sponsor initiative direct<br />
Google form found [here> https://docs.google.com/forms/d/1hg3xqM3fHKDda0WshTEC7UTzK4nwcr1j6H79mHXSBoQ/viewform .]<br />
<br />
Additional updates> <br />
1. Wednesday meeting with Marco Moran confirmed to discuss initiative progress, venue, dates and sponsor confirmation.<br />
2. Monday - Meeting with IDEALondon to discuss venue and initiative start dates<br />
3. Monday - Meeting with a London university to propose initiative sponsorship<br />
<br />
<br />
''''Friday 23rd May - Update on sponsor/meeting progress''''<br />
Coordinating venue, sponsor and dates has taking longer than expected but continuing to progress with target engagements.<br />
Continued email discussions with Neill Gernon and Marco Morana on the progress of initiative to this date.<br />
<br />
'''Academic Sponsors/meeting.'''<br />
'''Securing dates to meet with UCL'''<br />
Meeting with researchers from the Research Institute in Science of Cybersecurity [http://www.ucl.ac.uk/cybersecurity] for the week of the 2nd of June. Meeting will be Neill Gernon and Marco Morana presenting initiative to Professor M. Angela Sasse [http://sec.cs.ucl.ac.uk/people/m_angela_sasse/] and to Professor David Pym [http://www0.cs.ucl.ac.uk/people/D.Pym.html] as well as other additional professors from the Institute. The goal is to present the initiative as potential r&d research for UCL and as a career route for UCL students to create cyber security startups to drive cyber security innovation. <br />
<br />
'''Progress with Kings University'''<br />
Marco Morana will also be engaging with contacts at Kings University London to arrange meeting to present the initiative for the university/students. <br />
<br />
'''Securing dates to meet with Royal Holloway'''<br />
Currently coordinating meetings with Royal Holloway with Lorenzo Cavallaro (through Marco Morana) and also to Justin O'Brian (through Samantha Groves) to help us present the initiative to Royal Holloway as an initiative that their students can participate in. <br />
<br />
'''Confirming a round table session at AppSec UK.'''<br />
We are currently confirming a roundtable session to be held at AppSec UK [https://2014.appsec.eu/] in Cambridge to present the initiative to owasp members/sponsors - both academic/corporate. Coordinating this roundtable session with Samantha Groves, Adrian Winckles and Tobias Gondrom which will be held at the AppSec Project Summitt [https://www.owasp.org/index.php/OWASP_Project_Summit_2014/Home] and presented by Neill Gernon on June 23rd/24th at Angelia Ruskin University Cambridge.<br />
<br />
<br />
'''Update: Tuesday 27th May'''<br />
<br />
Meeting with Justin O'Brian (MBA Director & entrepreneurship at Royal Holloway) went well and he is recommending our initiative to professors leading the computer science, info security and IT institutes.<br />
<br />
<br />
'''Update: Monday 2nd June'''<br />
<br />
Meeting confirmed for 20th June to present initiative with UCL professors Angela Sasse, David Pym and team at the Research institute in the Science of Cyber Security at UCL.<br />
<br />
Roundtable event confirmed. Neill Gernon will be presenting (joined by Marco Morana via Call) a roundtable talk at AppSecEU in Cambridge on the 24th June 2pm-6pm. Attendees will be able to join in person or attend online and all will be asked to [http://attending.io/events/appseceu register on our event page] We aim to inform the appsec community of our initiative and gain advocates, help and initiative sponsors.<br />
<br />
'''Update: Tuesday 10th June'''<br />
<br />
Conference call meeting led by Samantha Groves on the project summit at Cambridge, this is where we host our roundtable event presenting the cyber startup initiative. Logistics and setup discussed including live web call for those unable to attend. All preparation ahead of the live event on the 24th June.<br />
<br />
'''Update: Meeting at UCL Cyber Institute'''<br />
Meeting at UCL with their Cyber Security research institute which included> Angela Sasse, David Pym (Dialed in), George Danezis, Simon Parkin. Presented the initiative to UCL as a potential sponsor, they like it and would like to commit resources (mentors, facilitates and students/researchers) to the programme to create cyber startups and will inspect a separate department to see if it can be financially sponsored as they dont think there budget can be . Follow up meeting to conclude exactly how they will participate is to be confirmed. 2nd meeting is awaiting confirmation. <br />
<br />
'''Update: AppSec EU in Cambridge. Initiative presentation'''<br />
Neill Gernon presented the initiative to a small gathering at the project summit in AppSec Cambridge. It was an engaging session that seemed to benefit both the initiative leaders (Neill & Marco) and also the attending crowd. We discussed the overall programme and where it leads to, where it can be adopted in various university/startup hubs like cambridge, London etc. We we please to hear that both '''Anglia Ruskin University''' and '''Royal Holloway University London' who had both attended the session were interested in the programme. We will be continuing discussions with them on how it could be adopted inside a university to leverage students to build cyber startups. Follow on meetings will be confirmed and updated. <br />
<br />
'''Additional AppSec news'''<br />
The response from attendees, facilitators, sponsors regarding the initiative was very positive and I myself (neill) was very surprised how many people wanted to get involved - weather at idea/prototype or early product stage. <br />
<br />
'''New presentation'''<br />
We have updated the presentation with clear opening slides which should clearly articulate and present the initiatives focus and purpose. <br />
<br />
'''Follow up meetings'''<br />
Neill and Marco will be discussing the initiative and its next steps with partnering university's like, UCL,Kings University, Royal Holloway and Anglia Ruskin University. Meetings/conference calls will take place over the coming couple of weeks with the same target outcome - we are looking for sponsor support for this first stage of the initiative. <br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
= Milestones =<br />
<br />
'''Milestones and Goals'''<br />
<br />
The OWASP pre-incubator security start-up project includes the following milestones;<br />
<br />
1) OWASP Security start-up pre-incubator process guide that document the process the WHAT that is a guide that can be followed by a non-profit entity such as OWASP, University, and Government Agency to run a security start-up pre-incubator program. We will document all steps of the process that can be followed to create pre seed funding security start-ups which can be replicated by following this program including<br />
the different stages that lead from opportunity to idea concept to creation of the open source prototype to the start-ups itself. The guide provide guidance on the goals of the various activities such as events, prototyping workshops and hackathons (e.g. goal is to experiment with OWASP open source tools, templates for the development of working prototypes) create and sign legal contract agreements, creation and validation of PoCs Proof of Concepts.<br />
<br />
2) OWASP Security start-up pre-incubator process manual that teaches the HOW that is how to engage with the start-up community locally (start), organize events, workshops, hackathons, mentoring and prepare business plans for participation to security incubators start-ups (end);<br />
<br />
3) OWASP Security start-up pre-incubator wiki site to manage the steps of the startup security pre accelerator process and document the proof of concept prototypes that can go on to be fully incubated start-ups; This wiki site will be created as OWASP pre-accelerator web site and will help it to be taken forward and used by OWASP chapters in different areas/countries.<br />
<br />
4) Documented results of piloting with a start-up pre-incubator real case that includes using the process guide the manual the wiki site to run a real case of pre-incubator program by running it at one of the established start up campuses in London pending on availability and agreements.<br />
<br />
5) OWASP open source working software prototype/PoCof an open source application security software/technology. This prototype/PoC is produced by following theseveral steps of the pre-accelerator security incubator program and is produced by the initiative participants as residents in the pre-accelerator working space and validated by the open source community. The scope of the prototype is to validate a proof of concept of a new idea that makes either web or mobile applications more secure. This prototype is released as open source to the community.<br />
<br />
=How to Get involved=<br />
<br />
Signup to our mailing list, updates coming soon!<br />
Mail list> https://lists.owasp.org/mailman/listinfo/owasp_cyber_security_pre-accelerator_initiative <br />
<br />
__NOTOC__ <headertabs /> <br />
<br />
[[Category:OWASP Global_Initiatives]] <br />
<br />
<br />
<br />
<br />
<br />
<br />
<headertabs/> <br />
__NOTOC__</div>Neill Gernonhttps://wiki.owasp.org/index.php?title=OWASP_Project_Summit_2014&diff=176767OWASP Project Summit 20142014-06-11T18:58:53Z<p>Neill Gernon: </p>
<hr />
<div>__NOTOC__<br />
{|<br />
|-<br />
! width="700" align="center" | <br> <br />
! width="500" align="center" | <br><br />
|-<br />
| align="center" | [[Image:SUMMIT_2014_LOGO.jpg|950px| link=https://2014.appsec.eu/]] <br />
| align="center" | <br />
<br />
|}<br />
<br />
<br />
===Introduction===<br />
<br />
The OWASP Project Summit is a smaller version of the much larger OWASP Summits. This event activity gives our project leaders the opportunity to showcase their project progress, and have attendees sit down and work on project tasks during the event. It is an excellent opportunity to engage the event attendees, and it gives project leaders the chance to move forward on their project milestones while meeting new potential volunteers that can assist with future milestones.<br />
<br />
===Working Sessions===<br />
Click on the working session name to see the home page for that particular session. During the Summit those working session home pages will be used to document discussions and outcomes.<br />
<br />
[[image:Wiki education banner.png|700px| center]]<br />
{|<br />
| width="50pt" align="center" style="background: #DCD0FF" | <br />
| width="200pt" align="center" style="background: #DCD0FF" | '''Name of Working Session'''<br />
| width="200pt" align="center" style="background: #DCD0FF" | '''Objective(s)'''<br />
| width="200pt" align="center" style="background: #DCD0FF" | '''Outcome(s)/Deliverable(s)'''<br />
| width="150pt" align="center" style="background: #DCD0FF" | '''Owner/Leader'''<br />
| width="150" align="center" style="background: #DCD0FF" | '''Members/Attendees'''<br />
|-<br />
| style="background: #F5F5F5" align="center" | [[Projects Summit 2014/Working Sessions/001| View]]<br />
| style="background: #F5F5F5" align="center" | [https://www.owasp.org/index.php/Category:OWASP_Education_Project OWASP Education Project]<br />
| style="background: #F5F5F5" | 1. Re-thinking the concept of OWASP University Supporter<br />
2. Expand the concept of the OWASP Student Chapters.<br />
<br />
3. Establish and expand the OWASP University Challenge.<br />
<br />
4. Suggested application security curriculum.<br />
<br />
5. Discuss and establish the concept of OWASP Academic Advocate.<br />
<br />
| style="background: #F5F5F5" |1.<br />
<br />
2. <br />
<br />
3.<br />
<br />
4.<br />
| style="background: #F5F5F5" | Konstantinos Papapanagiotou, Vasileios Vlachos, Martin Knobloch<br />
|style="background: #F5F5F5" |<br />
|}<br />
<br />
[[image:Wiki media banner.png|700px|center]]<br />
{|<br />
| width="50pt" align="center" style="background: #DCD0FF" | <br />
| width="200pt" align="center" style="background: #DCD0FF" | '''Name of Working Session'''<br />
| width="200pt" align="center" style="background: #DCD0FF" | '''Objective(s)'''<br />
| width="200pt" align="center" style="background: #DCD0FF" | '''Outcome(s)/Deliverable(s)'''<br />
| width="150pt" align="center" style="background: #DCD0FF" | '''Owner/Leader'''<br />
| width="150" align="center" style="background: #DCD0FF" | '''Members/Attendees'''<br />
|-<br />
| style="background: #F5F5F5" align="center" | [[Projects Summit 2014/Working Sessions/002| View]]<br />
| style="background: #F5F5F5" align="center" | [https://www.owasp.org/index.php/OWASP_Media_Project OWASP Media Project]<br />
| style="background: #F5F5F5" | 1. Present the official OWASP YouTube channel<br />
2. Involve project leaders to promote their content<br />
<br />
| style="background: #F5F5F5" |1. Create live and recorded video contents for OWASP projects<br />
<br />
| style="background: #F5F5F5" align="center"| Jonathan Marcil<br />
|style="background: #F5F5F5" |<br />
|}<br />
<br />
[[image:Wiki podcast banner.png|700px|center]]<br />
{|<br />
| width="50pt" align="center" style="background: #DCD0FF" | <br />
| width="200pt" align="center" style="background: #DCD0FF" | '''Name of Working Session'''<br />
| width="200pt" align="center" style="background: #DCD0FF" | '''Objective(s)'''<br />
| width="200pt" align="center" style="background: #DCD0FF" | '''Outcome(s)/Deliverable(s)'''<br />
| width="150pt" align="center" style="background: #DCD0FF" | '''Owner/Leader'''<br />
| width="150" align="center" style="background: #DCD0FF" | '''Members/Attendees'''<br />
|-<br />
| style="background: #F5F5F5" align="center" | [[Projects Summit 2014/Working Sessions/003|View]] <br />
| style="background: #F5F5F5" align="center" | [https://www.owasp.org/index.php/OWASP_Podcast OWASP 24/7 Podcast Series]<br />
| style="background: #F5F5F5" | <br />
| style="background: #F5F5F5" | 1. Have four(4) Project Leaders volunteer to be interviewed for the series.<br />
<br />
| style="background: #F5F5F5" align="center"| Mark Miller<br />
|style="background: #F5F5F5" |<br />
|}<br />
<br />
[[image:Wiki developers banner.png|700px|center]]<br />
{|<br />
| width="50pt" align="center" style="background: #DCD0FF" | <br />
| width="200pt" align="center" style="background: #DCD0FF" | '''Name of Working Session'''<br />
| width="200pt" align="center" style="background: #DCD0FF" | '''Objective(s)'''<br />
| width="200pt" align="center" style="background: #DCD0FF" | '''Outcome(s)/Deliverable(s)'''<br />
| width="150pt" align="center" style="background: #DCD0FF" | '''Owner/Leader'''<br />
| width="150" align="center" style="background: #DCD0FF" | '''Members/Attendees'''<br />
|-<br />
| style="background: #F5F5F5" align="center" | [[Projects Summit 2014/Working Sessions/004 | View]]<br />
| style="background: #F5F5F5" align="center" | [https://www.owasp.org/index.php/Category:OWASP_Guide_Project OWASP Developer Guide]<br />
| style="background: #F5F5F5" | <br />
| style="background: #F5F5F5" | 1. More actively engaged volunteers and rebuild the project within OWASP so it can become self-sustaining.<br />
2. More DevGuide text (at the very least, I hope to finish one chapter during my remote hack-a-thon).<br />
<br />
3. More awareness of the Dev Guide's importance and history to OWASP.<br />
<br />
4. To work with volunteers to discuss and refine the roadmap. <br />
<br />
| style="background: #F5F5F5" align="center"| Andrew van der Stock<br />
|style="background: #F5F5F5" |<br />
|}<br />
<br />
[[image:Wiki codereview banner.png| 700px|center]]<br />
{|<br />
| width="50pt" align="center" style="background: #DCD0FF" | <br />
| width="200pt" align="center" style="background: #DCD0FF" | '''Name of Working Session'''<br />
| width="200pt" align="center" style="background: #DCD0FF" | '''Objective(s)'''<br />
| width="200pt" align="center" style="background: #DCD0FF" | '''Outcome(s)/Deliverable(s)'''<br />
| width="150pt" align="center" style="background: #DCD0FF" | '''Owner/Leader'''<br />
| width="150" align="center" style="background: #DCD0FF" | '''Members/Attendees'''<br />
|-<br />
| style="background: #F5F5F5" align="center" | [[Projects Summit 2014/Working Sessions/005 | View]]<br />
| style="background: #F5F5F5" align="center" | [https://www.owasp.org/index.php/Category:OWASP_Code_Review_Project OWASP Code Review Guide]<br />
| style="background: #F5F5F5" | <br />
| style="background: #F5F5F5" | 1. Collect a number of bad coding examples to show readers code they should avoid writing.<br />
2. Collect a number of good coding examples to show readers how security code should be written.<br />
<br />
3. Collect the above for Java, PHP and C# languages, plus possibly C/C++, Ruby, Python, Perl, etc.<br />
<br />
4. Raise awareness of the ongoing Code Review Guide and encourage OWASP members to participate in the project.<br />
<br />
| style="background: #F5F5F5" align="center"| Gary Robinson<br />
|style="background: #F5F5F5" |<br />
|}<br />
<br />
{|<br />
| width="50pt" align="center" style="background: #DCD0FF" | <br />
| width="200pt" align="center" style="background: #DCD0FF" | '''Name of Working Session'''<br />
| width="200pt" align="center" style="background: #DCD0FF" | '''Objective(s)'''<br />
| width="200pt" align="center" style="background: #DCD0FF" | '''Outcome(s)/Deliverable(s)'''<br />
| width="150pt" align="center" style="background: #DCD0FF" | '''Owner/Leader'''<br />
| width="150" align="center" style="background: #DCD0FF" | '''Members/Attendees'''<br />
|-<br />
| style="background: #F5F5F5" align="center" | [[Projects Summit 2014/Working Sessions/006 | View]]<br />
| style="background: #F5F5F5" align="center" | [https://www.owasp.org/index.php/Category:OWASP_PCI_Project PCI Toolkit]<br />
| style="background: #F5F5F5" | 1. let the public understand what are PCI_DSS requirements and how important these are for the Credit Card companies.<br />
2. Show how the PCI-DSS scoping process can be much better understood using this tool.<br />
<br />
3. SHow to the public how important many OWASP guidelines are to the scoping process and to maintaining PCI-DSS compliance.<br />
| style="background: #F5F5F5" | 1. Set on wiki for the project leaders to consider for their next release or improvements for the project.<br />
2. Promote incubator projects with potential.<br />
<br />
3. Get more students to participate as contributors and keep them motivated to participate in the next Gsoc 2015.<br />
<br />
| style="background: #F5F5F5" align="center"| Johanna Curiel<br />
|style="background: #F5F5F5" |<br />
|}<br />
<br />
{|<br />
| width="50pt" align="center" style="background: #DCD0FF" | <br />
| width="200pt" align="center" style="background: #DCD0FF" | '''Name of Working Session'''<br />
| width="200pt" align="center" style="background: #DCD0FF" | '''Objective(s)'''<br />
| width="200pt" align="center" style="background: #DCD0FF" | '''Outcome(s)/Deliverable(s)'''<br />
| width="150pt" align="center" style="background: #DCD0FF" | '''Owner/Leader'''<br />
| width="150" align="center" style="background: #DCD0FF" | '''Members/Attendees'''<br />
|-<br />
| style="background: #F5F5F5" align="center" | [[Projects Summit 2014/Working Sessions/007 | View]]<br />
| style="background: #F5F5F5" align="center" | [https://www.owasp.org/index.php/OWASP_PHP_Security_Project PHP Security Framework]<br />
| style="background: #F5F5F5" | <br />
| style="background: #F5F5F5" | 1. Set on wiki for the project leaders to consider for their next release or improvements for the project.<br />
2. Promote incubator projects with potential.<br />
<br />
3. Get more students to participate as contributors and keep them motivated to participate in the next Gsoc 2015.<br />
<br />
| style="background: #F5F5F5" align="center"| <br />
|style="background: #F5F5F5" |<br />
|}<br />
<br />
{|<br />
| width="50pt" align="center" style="background: #DCD0FF" | <br />
| width="200pt" align="center" style="background: #DCD0FF" | '''Name of Working Session'''<br />
| width="200pt" align="center" style="background: #DCD0FF" | '''Objective(s)'''<br />
| width="200pt" align="center" style="background: #DCD0FF" | '''Outcome(s)/Deliverable(s)'''<br />
| width="150pt" align="center" style="background: #DCD0FF" | '''Owner/Leader'''<br />
| width="150" align="center" style="background: #DCD0FF" | '''Members/Attendees'''<br />
|-<br />
| style="background: #F5F5F5" align="center" | [[Projects Summit 2014/Working Sessions/008 | View]]<br />
| style="background: #F5F5F5" align="center" | [https://www.owasp.org/index.php/OWASP_NINJA_PingU_Project NINJA-PingU]<br />
| style="background: #F5F5F5" | 1. Demo this relative brand new OWASP tool to the public and let the public feedback to us their experience.<br />
| style="background: #F5F5F5" | 1. Set on wiki for the project leaders to consider for their next release or improvements for the project.<br />
2. Promote incubator projects with potential.<br />
<br />
3. Get more students to participate as contributors and keep them motivated to participate in the next Gsoc 2015.<br />
<br />
| style="background: #F5F5F5" align="center"| <br />
|style="background: #F5F5F5" |<br />
|}<br />
<br />
{|<br />
| width="50pt" align="center" style="background: #DCD0FF" | <br />
| width="200pt" align="center" style="background: #DCD0FF" | '''Name of Working Session'''<br />
| width="200pt" align="center" style="background: #DCD0FF" | '''Objective(s)'''<br />
| width="200pt" align="center" style="background: #DCD0FF" | '''Outcome(s)/Deliverable(s)'''<br />
| width="150pt" align="center" style="background: #DCD0FF" | '''Owner/Leader'''<br />
| width="150" align="center" style="background: #DCD0FF" | '''Members/Attendees'''<br />
|-<br />
| style="background: #F5F5F5" align="center" | [[Projects Summit 2014/Working Sessions/009 | View]]<br />
| style="background: #F5F5F5" align="center" | [https://www.owasp.org/index.php/https://www.owasp.org/index.php/Category:Software_Assurance_Maturity_Model#tab=OpenSAMM OWASP OpenSAMM]<br />
| style="background: #F5F5F5" | <br />
| style="background: #F5F5F5" | <br />
<br />
| style="background: #F5F5F5" align="center"| <br />
|style="background: #F5F5F5" |<br />
|}<br />
<br />
{|<br />
| width="50pt" align="center" style="background: #DCD0FF" | <br />
| width="200pt" align="center" style="background: #DCD0FF" | '''Name of Working Session'''<br />
| width="200pt" align="center" style="background: #DCD0FF" | '''Objective(s)'''<br />
| width="200pt" align="center" style="background: #DCD0FF" | '''Outcome(s)/Deliverable(s)'''<br />
| width="150pt" align="center" style="background: #DCD0FF" | '''Owner/Leader'''<br />
| width="150" align="center" style="background: #DCD0FF" | '''Members/Attendees'''<br />
|-<br />
| style="background: #F5F5F5" align="center" | [[Projects Summit 2014/Working Sessions/010 | View]]<br />
| style="background: #F5F5F5" align="center" | [https://www.owasp.org/index.php/Global_Initiatives/Cyber_Security_Startup_Initiative OWASP Cyber Security Startup Initiative]<br />
| style="background: #F5F5F5" | 1. To introduce this new innovative initiative to the OWASP community.<br />
| style="background: #F5F5F5" | 1. Garner support from the corporate, academic and startup communities.<br />
<br />
| style="background: #F5F5F5" align="center"| Neill Gernon<br />
|style="background: #F5F5F5" | [http://attending.io/events/appseceu Sign up to attend]<br />
|}<br />
<br />
{|<br />
| width="50pt" align="center" style="background: #DCD0FF" | <br />
| width="200pt" align="center" style="background: #DCD0FF" | '''Name of Working Session'''<br />
| width="200pt" align="center" style="background: #DCD0FF" | '''Objective(s)'''<br />
| width="200pt" align="center" style="background: #DCD0FF" | '''Outcome(s)/Deliverable(s)'''<br />
| width="150pt" align="center" style="background: #DCD0FF" | '''Owner/Leader'''<br />
| width="150" align="center" style="background: #DCD0FF" | '''Members/Attendees'''<br />
|-<br />
| style="background: #F5F5F5" align="center" | [[Projects Summit 2014/Working Sessions/011 | View]]<br />
| style="background: #F5F5F5" align="center" | Google Summer of Code<br />
| style="background: #F5F5F5" | To discuss this year's Google Summer of Code, along with the participating projects.<br />
| style="background: #F5F5F5" | <br />
<br />
| style="background: #F5F5F5" align="center"| Johanna Curiel<br />
|style="background: #F5F5F5" | <br />
|}</div>Neill Gernonhttps://wiki.owasp.org/index.php?title=Global_Initiatives/Cyber_Security_Pre-accelerator_Initiative&diff=176736Global Initiatives/Cyber Security Pre-accelerator Initiative2014-06-10T17:50:38Z<p>Neill Gernon: </p>
<hr />
<div>=Main=<br />
<br />
<div style="width:100%;height:160px;border:0,margin:0;overflow: hidden;">[[File:Initiatives_banner_large.jpg|link=]]</div><br />
<br />
{| style="padding: 0;margin:0;margin-top:10px;text-align:left;" |-<br />
| valign="top" style="border-right: 1px dotted gray;padding-right:25px;" |<br />
<br />
==OWASP Cyber Security Startup Initiative==<br />
<br />
The aim of the OWASP Cyber Security Startup Initiative (CSSI) is to catalyse opportunities for innovation in application security by promoting the creation of prototypes of open source tools produced by entrepreneur-lead teams seeking to form cyber-security start-ups. OWASP will be piloting this initiative by running the cyber security incubator with sponsors. The ideal sponsors of this initiative are academic institutions, government entities and corporate sponsors/private investors. OWASP will manage the initiative end to end: from the initial planning and documentation of the cyber-security start-up process to the running and the piloting the initiative to the final documentation of the process and incorporation of the lessons learned. OWASP will be managing the logistical aspects of the program and OWASP leaders will mentor prospective cyber-security start-ups teams in the creation of the prototypes using free open source tools and APIs. OWASP will work together with the sponsors of this initiative by preparing the prospective cyber-security start-up(s) to seek funding by investor(s) at a later acceleration stage of the creation of the start-up.<br />
<br />
==Initiative Goals==<br />
<br />
The main goal of the pre-accelerator is to create opportunities for prospective entrepreneur-lead teams to transform ideas into open source community-validated concepts. The pursuit of innovative ideas can lead to the development of prototypes and (PoCs) Proof of Concept(s). Prospective start-ups can leverage no-cost OWASP resources that includes open source tools, documents/guides and training modules. The OWASP security incubator will offer to the selected entrepreneur-lead teams a structured place to work to experiment with the creation of working prototypes. The program, the workplace and the funding for the creation of the prototypes will be funded by OWASP corporate sponsorship(s). The initiative manuals and the prototypes developed by the start-ups will be released as open source to the application security community. The validation of the ideas with proof of concepts will help the start-up to participate to the next phase that is the cyber-security start-up acceleration program. The experience gained will help prospective start-ups to develop a Minimum Viable Product (MVP) and seek funding from prospective investors for further development.<br />
<br />
==Initiative Focus ==<br />
<br />
This initiative will focus on the pre-incubator/pre-acceleration phase that is the preliminary phase that leads to the incubation of a possible start-up. This is the phase where talent is nurtured and ideas are developed, concepts are validated and prototypes are tested. The goal of the pre-acceleration phase is to create Proof of Concepts (PoCs) of prototypes of application security products. This phase leads to the next phase that is the acceleration phase. Entrepreneur-lead teams participating to the OWASP pre-acceleration program can possibly use these POCs/prototypes to develop Minimum Viable Product (MVPs) in the acceleration stage. These MVPs might be used to present to Angel investors/VCs to seek funding for the creation of their start-ups using these products.<br />
<br />
==Beneficiaries of this Initiative==<br />
<br />
The OWASP pre-incubator security start-up initiative helps the collaborative effort of academic institutions, government entities as well as corporate sponsors in the creation their cyber-security innovation campus/acceleration programs for cyber-security start-ups. The role of OWASP in this initiative is to provide the tools, the training modules, the documentation guides that help start-ups teams selected to participate into the pre-acceleation program to design, implement and test secure software. The ideal candidates for the participation to this initiative are teams of young graduates from universities with curriculum in cyber-security that are interested in experimenting with application security tools and create innovative ways to test and to develop secure software. By spearheading the creation of cyber-security pre-acceleator programs OWASP will also create the opportunity for these teams of young college graduates to experiment with software security concepts, develop working prototypes of secure software. The experience gained by participating to the program will help young graduates to seek a career in software security as well as to become self-employed in a new cyber-security start-up that can leverage OWASP tools and prototypes developed (e.g. by using them in the start-up software security consulting services). The experience gained will help start-ups to develop their business plans and MVPs. These business plans and MVPs could be presented to prospective investors for funding. By participating to this initiative, prospective start-ups will be better positioned to move up to the next phase and seek funds such as seed capital investment from prospective investors/VCs/Angels. <br />
<br />
==Initiative Participation Requirements==<br />
<br />
Participants to the OWASP pre-acceleration security start-up program are required to respect the open source licenses for the use of OWASP tools and for the prototypes/PoCs being developed. OWASP prototypes/PoCs should be released as open source and subjected to the Creative Commons 3.0 License (see [https://www.owasp.org/index.php/OWASP_Licenses OWASP licenses] for details). <br />
<br />
==The role of OWASP in this Initiative==<br />
<br />
OWASP will provide funding for running of the initiative using OWASP corporate sponsorship. The funding will be used to run the initiative and to manage the logistical aspects of the program that includes providing office space for prospective start-up teams, conduct the "hackatons" to experiment with OWASP tools and resources and organize training sessions with application security mentors. The artefacts produced by the start-ups will also funded by the initiative: these will be released as open source at the end of the program. Part of the funding will be also allocated for documenting the process such as creation of guidelines for managing the pre-accelerator for security start-ups. The lessons learned by running the pre-accelerator program will be documented and distributed to the various sponsors of the initiative (e.g. academic institutions, corporate sponsors, government institutions) as well as released as free resource to be used by the application security community as a whole.<br />
<br />
Since OWASP is a non for profit organisation is not involved in any commercialisation aspects of the tools and products/MVPs that will be developed in the future by the start-ups that participated to the pre-acceleration program. OWASP will be only involved in running the start-up incubator program and in the funding of OWASP open source projects created by the start-ups that participate to this initiative. OWASP will not invest into the start-ups and will not take any commercial interests in the development of products that the start-up will develop outside this program. This includes also products/MVPs that are used to seek funds such as seed capital for the start-up.<br />
<br />
The OWASP organization, through the global foundation and his local chapters and the leaders of this initiative will ONLY run and manage the security start-up pre-accelerator program and fund the development of prototypes/PoCs that will be released as open source. OWASP will provide in-person mentoring in application security to the start-up teams participating to the program and mentoring to help teams to take their ideas into working prototypes/tools. OWASP will also collect data while running this program that will be useful for the documentation of the program manuals as lesson learnt. A the end of the pre-incubation phase, OWASP mentors will also teach the start-ups on how to create business plans and will advise in the technical aspects related to the proposal of new products and services. <br />
<br />
==Initiative Collaboration Effort==<br />
<br />
OWASP will be managing and run this initiative in collaboration with the sponsors. The likely sponsor(s) of this initiative are academic institutions that already have cyber-security curriculum and graduate programs in cyber-security as well as government organisations, corporate sponsors that would like to partner with academic institutions for the creation of cyber-security incubators for start-ups. Examples of these academic-government-private partnerships are the [http://cyber.bgu.ac.il/research Cyber Labs incubator in Israel], the [https://www.mach37.com Cyber-security start-up accelerators in VA USA] the [http://www.bwtechumbc.com/cyber/ Cyber Incubator@bwtech in MD USA] and the [http://cyberhivesandiego.org/about/about-cyberhive/ CyberHive in CA-USA San Diego]<br />
<br />
==Participation and Sponsorship Appeal==<br />
<br />
Corporate sponsors, academic institutions and government organisations interested in participating in the OWASP cyber-security pre-acceleration initiative can contact the initiative leaders (ref to the leaders info of this page) as well as [https://www.owasp.org/index.php/About_OWASP OWASP foundation board] directly. OWASP has different corporate sponsorship options available and all provide benefits. More information on OWASP corporate sponsorship can be found [https://www.owasp.org/index.php/Corporate_Membership here]<br />
<br />
If you are interested to directly contribute to the Cyber Security Pre Startup Accelerator Initiative please fill in the following [https://docs.google.com/forms/d/1hg3xqM3fHKDda0WshTEC7UTzK4nwcr1j6H79mHXSBoQ/viewform sponsorship form]<br />
<br />
==References==<br />
<br />
Ron Moritz, CISSP Managing Director, MTC OWASP:, 1 October 2013, [https://www.owasp.org/images/4/4d/OWASP_IL_2013_10_OWASP_Ron_Moritz_Why_Are_Investors_Excited_About_Cyber_Security_Startups.pdf Why Investors are excited about cyber-security start-ups, again?]<br />
<br />
Trusted Software Alliance, May 26, 2014, Security start-ups with Michael Coates [http://trustedsoftwarealliance.com/category/tswa-news-network/security-start-ups/ podcast]<br />
<br />
Financial Times: Investors flock to [http://www.ft.com/intl/cms/s/0/f5c87808-a883-11e3-b50f-00144feab7de.html#axzz32vM8YvW6/ Cyber Security Startups]<br />
<br />
| valign="top" style="padding-left:25px;width:200px;border-right: 1px dotted gray;padding-right:25px;" |<br />
<br />
== Presentation Materials ==<br />
<br />
[https://www.owasp.org/images/4/42/OWASP_Security_Pre-Accelerator_Initiative.pdf OWASP Start-up initiative proposal documentation]<br />
<br />
[https://www.owasp.org/images/9/9b/OWASP_Security_Incubator_Presentation.pdf Atrovate proposal to OWASP presentation deck]<br />
<br />
[https://docs.google.com/presentation/d/1gktnLLffegbiqiMTAFLUM7GXXANg7zGbMDaP5ZiJE-A/edit Presentation for Sponsors]<br />
<br />
''Note: this initiative proposal is released to OWASP for the purpose of seeking OWASP corporate funding only and should considered propriety of the authors and OWASP. This material cannot distributed and used for commercial purposes and without consent of the authors''<br />
<br />
== Initiative Events ==<br />
<br />
We host a roundtable event on this initiative at the [https://2014.appsec.eu/ AppSec Europe conference] in Cambridge on the 24th June. Attendees can join in person or online. Please signup on the [http://attending.io/events/appseceu Event Page]<br />
<br />
== Initiative Leader(s) ==<br />
<br />
[https://www.owasp.org/index.php/User:Neill_Gernon Neill Gernon]<br />
[https://www.owasp.org/index.php/Marco_Morana Marco Morana]<br />
<br />
<br />
== Mailing List ==<br />
<br />
* [https://lists.owasp.org/mailman/listinfo/owasp_cyber_security_pre-accelerator_initiative Mailing List]<br />
<br />
|}<br />
<br />
= News and updates =<br />
<br />
'''Starting point/To date'''<br />
Neill Gernon and Marco Morana have worked up to this point on:<br />
-Startup community engagement> Meetings with London startup hubs including Level39 (Europes largest accelerator space), IDEALondon and universitys like Kings University where Marco spoke about the programme with thier security leaders. Also had meetings inside Google Campus London, Tech Hub and Central Working.<br />
-Programme planning> Designing the programme which has taken inspiration from lean prototyping workshops that Neill Gernon runs in London and Dublin startup clusters. Planning stages also included engaging with owasp staff including Samantha Groves, Kelly Santalucia and GK Southwick to conclude that this should be submitted and structured as an initiative.<br />
-Coordinating owasp meetings: Meetings with owasp chapter leaders including Tobias Gondrom, Justin Clarke and Marco Morana.<br />
<br />
'''Thursday, 24th April - Meeting.'''<br />
Meeting (conference call) between Neill Gernon & Marco Morana concluded the following:<br />
-Speakers/Mentors> <br />
(a) Will will be looking to confirm speakers for the first kick off event (mid May). At this kick off event Neill Gernon & Marco Morana will talk on the programme format and the benifits to participants - this is an overview of the programme and a chance for all interested to come together and connect pre- initiative launch. Also to answer any questions attendees have before beginning. <br />
(b) Will be looking to confirm mentors for the pre-accelerator programme. These mentors will commit to specific calander dates to give team advisory, product validation, people mentorship and guidance through out the initiative.<br />
-Calander> Now we have a chosen starting point (kick off event by the 22nd May in London), we will be outlining the calander timeline of events, workshops and hackathon dates/times. *This initiative schedule will be updated to the wiki soon*<br />
-Sponsor details: Waiting to get confirmation from sponsors on how they wish to support initiative and owasp<br />
-How to continuously update the wiki for future updates and initiative news.<br />
<br />
Kick off event date, sponsor details, speakers and mentor confirmation will be following this meeting.<br />
<br />
<br />
'''Friday 9th May - Update on sponsor signup'''<br />
Created a quick "google form" along with a new presentation to get sponsors signed up to the initiative. Confirmation of dates and venue pending and subject to sponsor commitment due to venue expenses. <br />
Potential sponsors have been two options: <br />
1. join owasp membership and a % goes toward the initiative<br />
2. sponsor initiative direct<br />
Google form found [here> https://docs.google.com/forms/d/1hg3xqM3fHKDda0WshTEC7UTzK4nwcr1j6H79mHXSBoQ/viewform .]<br />
<br />
Additional updates> <br />
1. Wednesday meeting with Marco Moran confirmed to discuss initiative progress, venue, dates and sponsor confirmation.<br />
2. Monday - Meeting with IDEALondon to discuss venue and initiative start dates<br />
3. Monday - Meeting with a London university to propose initiative sponsorship<br />
<br />
<br />
''''Friday 23rd May - Update on sponsor/meeting progress''''<br />
Coordinating venue, sponsor and dates has taking longer than expected but continuing to progress with target engagements.<br />
Continued email discussions with Neill Gernon and Marco Morana on the progress of initiative to this date.<br />
<br />
'''Academic Sponsors/meeting.'''<br />
'''Securing dates to meet with UCL'''<br />
Meeting with researchers from the Research Institute in Science of Cybersecurity [http://www.ucl.ac.uk/cybersecurity] for the week of the 2nd of June. Meeting will be Neill Gernon and Marco Morana presenting initiative to Professor M. Angela Sasse [http://sec.cs.ucl.ac.uk/people/m_angela_sasse/] and to Professor David Pym [http://www0.cs.ucl.ac.uk/people/D.Pym.html] as well as other additional professors from the Institute. The goal is to present the initiative as potential r&d research for UCL and as a career route for UCL students to create cyber security startups to drive cyber security innovation. <br />
<br />
'''Progress with Kings University'''<br />
Marco Morana will also be engaging with contacts at Kings University London to arrange meeting to present the initiative for the university/students. <br />
<br />
'''Securing dates to meet with Royal Holloway'''<br />
Currently coordinating meetings with Royal Holloway with Lorenzo Cavallaro (through Marco Morana) and also to Justin O'Brian (through Samantha Groves) to help us present the initiative to Royal Holloway as an initiative that their students can participate in. <br />
<br />
'''Confirming a round table session at AppSec UK.'''<br />
We are currently confirming a roundtable session to be held at AppSec UK [https://2014.appsec.eu/] in Cambridge to present the initiative to owasp members/sponsors - both academic/corporate. Coordinating this roundtable session with Samantha Groves, Adrian Winckles and Tobias Gondrom which will be held at the AppSec Project Summitt [https://www.owasp.org/index.php/OWASP_Project_Summit_2014/Home] and presented by Neill Gernon on June 23rd/24th at Angelia Ruskin University Cambridge.<br />
<br />
<br />
'''Update: Tuesday 27th May'''<br />
<br />
Meeting with Justin O'Brian (MBA Director & entrepreneurship at Royal Holloway) went well and he is recommending our initiative to professors leading the computer science, info security and IT institutes.<br />
<br />
<br />
'''Update: Monday 2nd June'''<br />
<br />
Meeting confirmed for 20th June to present initiative with UCL professors Angela Sasse, David Pym and team at the Research institute in the Science of Cyber Security at UCL.<br />
<br />
Roundtable event confirmed. Neill Gernon will be presenting (joined by Marco Morana via Call) a roundtable talk at AppSecEU in Cambridge on the 24th June 2pm-6pm. Attendees will be able to join in person or attend online and all will be asked to [http://attending.io/events/appseceu register on our event page] We aim to inform the appsec community of our initiative and gain advocates, help and initiative sponsors.<br />
<br />
'''Update: Tuesday 10th June'''<br />
<br />
Conference call meeting led by Samantha Groves on the project summit at Cambridge, this is where we host our roundtable event presenting the cyber startup initiative. Logistics and setup discussed including live web call for those unable to attend. All preparation ahead of the live event on the 24th June.<br />
<br />
<br />
<br />
<br />
<br />
<br />
= Milestones =<br />
<br />
'''Milestones and Goals'''<br />
<br />
The OWASP pre-incubator security start-up project includes the following milestones;<br />
<br />
1) OWASP Security start-up pre-incubator process guide that document the process the WHAT that is a guide that can be followed by a non-profit entity such as OWASP, University, and Government Agency to run a security start-up pre-incubator program. We will document all steps of the process that can be followed to create pre seed funding security start-ups which can be replicated by following this program including<br />
the different stages that lead from opportunity to idea concept to creation of the open source prototype to the start-ups itself. The guide provide guidance on the goals of the various activities such as events, prototyping workshops and hackathons (e.g. goal is to experiment with OWASP open source tools, templates for the development of working prototypes) create and sign legal contract agreements, creation and validation of PoCs Proof of Concepts.<br />
<br />
2) OWASP Security start-up pre-incubator process manual that teaches the HOW that is how to engage with the start-up community locally (start), organize events, workshops, hackathons, mentoring and prepare business plans for participation to security incubators start-ups (end);<br />
<br />
3) OWASP Security start-up pre-incubator wiki site to manage the steps of the startup security pre accelerator process and document the proof of concept prototypes that can go on to be fully incubated start-ups; This wiki site will be created as OWASP pre-accelerator web site and will help it to be taken forward and used by OWASP chapters in different areas/countries.<br />
<br />
4) Documented results of piloting with a start-up pre-incubator real case that includes using the process guide the manual the wiki site to run a real case of pre-incubator program by running it at one of the established start up campuses in London pending on availability and agreements.<br />
<br />
5) OWASP open source working software prototype/PoCof an open source application security software/technology. This prototype/PoC is produced by following theseveral steps of the pre-accelerator security incubator program and is produced by the initiative participants as residents in the pre-accelerator working space and validated by the open source community. The scope of the prototype is to validate a proof of concept of a new idea that makes either web or mobile applications more secure. This prototype is released as open source to the community.<br />
<br />
=How to Get involved=<br />
<br />
Signup to our mailing list, updates coming soon!<br />
Mail list> https://lists.owasp.org/mailman/listinfo/owasp_cyber_security_pre-accelerator_initiative <br />
<br />
__NOTOC__ <headertabs /> <br />
<br />
[[Category:OWASP Global_Initiatives]] <br />
<br />
<br />
<br />
<br />
<br />
<br />
<headertabs/> <br />
__NOTOC__</div>Neill Gernonhttps://wiki.owasp.org/index.php?title=Global_Initiatives/Cyber_Security_Pre-accelerator_Initiative&diff=176250Global Initiatives/Cyber Security Pre-accelerator Initiative2014-06-02T13:08:43Z<p>Neill Gernon: </p>
<hr />
<div>=Main=<br />
<br />
<div style="width:100%;height:160px;border:0,margin:0;overflow: hidden;">[[File:Initiatives_banner_large.jpg|link=]]</div><br />
<br />
{| style="padding: 0;margin:0;margin-top:10px;text-align:left;" |-<br />
| valign="top" style="border-right: 1px dotted gray;padding-right:25px;" |<br />
<br />
==OWASP Cyber Security Startup Initiative==<br />
<br />
The aim of the OWASP Cyber Security Startup Initiative (CSSI) is to catalyse opportunities for innovation in application security by promoting the creation of prototypes of open source tools produced by entrepreneur-lead teams seeking to form cyber-security start-ups. OWASP will be piloting this initiative by running the cyber security incubator with sponsors. The ideal sponsors of this initiative are academic institutions, government entities and corporate sponsors/private investors. OWASP will manage the initiative end to end: from the initial planning and documentation of the cyber-security start-up process to the running and the piloting the initiative to the final documentation of the process and incorporation of the lessons learned. OWASP will be managing the logistical aspects of the program and OWASP leaders will mentor prospective cyber-security start-ups teams in the creation of the prototypes using free open source tools and APIs. OWASP will work together with the sponsors of this initiative by preparing the prospective cyber-security start-up(s) to seek funding by investor(s) at a later acceleration stage of the creation of the start-up.<br />
<br />
==Initiative Goals==<br />
<br />
The main goal of the pre-accelerator is to create opportunities for prospective entrepreneur-lead teams to transform ideas into open source community-validated concepts. The pursuit of innovative ideas can lead to the development of prototypes and (PoCs) Proof of Concept(s). Prospective start-ups can leverage no-cost OWASP resources that includes open source tools, documents/guides and training modules. The OWASP security incubator will offer to the selected entrepreneur-lead teams a structured place to work to experiment with the creation of working prototypes. The program, the workplace and the funding for the creation of the prototypes will be funded by OWASP corporate sponsorship(s). The initiative manuals and the prototypes developed by the start-ups will be released as open source to the application security community. The validation of the ideas with proof of concepts will help the start-up to participate to the next phase that is the cyber-security start-up acceleration program. The experience gained will help prospective start-ups to develop a Minimum Viable Product (MVP) and seek funding from prospective investors for further development.<br />
<br />
==Initiative Focus ==<br />
<br />
This initiative will focus on the pre-incubator/pre-acceleration phase that is the preliminary phase that leads to the incubation of a possible start-up. This is the phase where talent is nurtured and ideas are developed, concepts are validated and prototypes are tested. The goal of the pre-acceleration phase is to create Proof of Concepts (PoCs) of prototypes of application security products. This phase leads to the next phase that is the acceleration phase. Entrepreneur-lead teams participating to the OWASP pre-acceleration program can possibly use these POCs/prototypes to develop Minimum Viable Product (MVPs) in the acceleration stage. These MVPs might be used to present to Angel investors/VCs to seek funding for the creation of their start-ups using these products.<br />
<br />
==Beneficiaries of this Initiative==<br />
<br />
The OWASP pre-incubator security start-up initiative helps the collaborative effort of academic institutions, government entities as well as corporate sponsors in the creation their cyber-security innovation campus/acceleration programs for cyber-security start-ups. The role of OWASP in this initiative is to provide the tools, the training modules, the documentation guides that help start-ups teams selected to participate into the pre-acceleation program to design, implement and test secure software. The ideal candidates for the participation to this initiative are teams of young graduates from universities with curriculum in cyber-security that are interested in experimenting with application security tools and create innovative ways to test and to develop secure software. By spearheading the creation of cyber-security pre-acceleator programs OWASP will also create the opportunity for these teams of young college graduates to experiment with software security concepts, develop working prototypes of secure software. The experience gained by participating to the program will help young graduates to seek a career in software security as well as to become self-employed in a new cyber-security start-up that can leverage OWASP tools and prototypes developed (e.g. by using them in the start-up software security consulting services). The experience gained will help start-ups to develop their business plans and MVPs. These business plans and MVPs could be presented to prospective investors for funding. By participating to this initiative, prospective start-ups will be better positioned to move up to the next phase and seek funds such as seed capital investment from prospective investors/VCs/Angels. <br />
<br />
==Initiative Participation Requirements==<br />
<br />
Participants to the OWASP pre-acceleration security start-up program are required to respect the open source licenses for the use of OWASP tools and for the prototypes/PoCs being developed. OWASP prototypes/PoCs should be released as open source and subjected to the Creative Commons 3.0 License (see [https://www.owasp.org/index.php/OWASP_Licenses OWASP licenses] for details). <br />
<br />
==The role of OWASP in this Initiative==<br />
<br />
OWASP will provide funding for running of the initiative using OWASP corporate sponsorship. The funding will be used to run the initiative and to manage the logistical aspects of the program that includes providing office space for prospective start-up teams, conduct the "hackatons" to experiment with OWASP tools and resources and organize training sessions with application security mentors. The artefacts produced by the start-ups will also funded by the initiative: these will be released as open source at the end of the program. Part of the funding will be also allocated for documenting the process such as creation of guidelines for managing the pre-accelerator for security start-ups. The lessons learned by running the pre-accelerator program will be documented and distributed to the various sponsors of the initiative (e.g. academic institutions, corporate sponsors, government institutions) as well as released as free resource to be used by the application security community as a whole.<br />
<br />
Since OWASP is a non for profit organisation is not involved in any commercialisation aspects of the tools and products/MVPs that will be developed in the future by the start-ups that participated to the pre-acceleration program. OWASP will be only involved in running the start-up incubator program and in the funding of OWASP open source projects created by the start-ups that participate to this initiative. OWASP will not invest into the start-ups and will not take any commercial interests in the development of products that the start-up will develop outside this program. This includes also products/MVPs that are used to seek funds such as seed capital for the start-up.<br />
<br />
The OWASP organization, through the global foundation and his local chapters and the leaders of this initiative will ONLY run and manage the security start-up pre-accelerator program and fund the development of prototypes/PoCs that will be released as open source. OWASP will provide in-person mentoring in application security to the start-up teams participating to the program and mentoring to help teams to take their ideas into working prototypes/tools. OWASP will also collect data while running this program that will be useful for the documentation of the program manuals as lesson learnt. A the end of the pre-incubation phase, OWASP mentors will also teach the start-ups on how to create business plans and will advise in the technical aspects related to the proposal of new products and services. <br />
<br />
==Initiative Collaboration Effort==<br />
<br />
OWASP will be managing and run this initiative in collaboration with the sponsors. The likely sponsor(s) of this initiative are academic institutions that already have cyber-security curriculum and graduate programs in cyber-security as well as government organisations, corporate sponsors that would like to partner with academic institutions for the creation of cyber-security incubators for start-ups. Examples of these academic-government-private partnerships are the [http://cyber.bgu.ac.il/research Cyber Labs incubator in Israel], the [https://www.mach37.com Cyber-security start-up accelerators in VA USA] the [http://www.bwtechumbc.com/cyber/ Cyber Incubator@bwtech in MD USA] and the [http://cyberhivesandiego.org/about/about-cyberhive/ CyberHive in CA-USA San Diego]<br />
<br />
==Participation and Sponsorship Appeal==<br />
<br />
Corporate sponsors, academic institutions and government organisations interested in participating in the OWASP cyber-security pre-acceleration initiative can contact the initiative leaders (ref to the leaders info of this page) as well as [https://www.owasp.org/index.php/About_OWASP OWASP foundation board] directly. OWASP has different corporate sponsorship options available and all provide benefits. More information on OWASP corporate sponsorship can be found [https://www.owasp.org/index.php/Corporate_Membership here]<br />
<br />
If you are interested to directly contribute to the Cyber Security Pre Startup Accelerator Initiative please fill in the following [https://docs.google.com/forms/d/1hg3xqM3fHKDda0WshTEC7UTzK4nwcr1j6H79mHXSBoQ/viewform sponsorship form]<br />
<br />
==References==<br />
<br />
Ron Moritz, CISSP Managing Director, MTC OWASP:, 1 October 2013, [https://www.owasp.org/images/4/4d/OWASP_IL_2013_10_OWASP_Ron_Moritz_Why_Are_Investors_Excited_About_Cyber_Security_Startups.pdf Why Investors are excited about cyber-security start-ups, again?]<br />
<br />
Trusted Software Alliance, May 26, 2014, Security start-ups with Michael Coates [http://trustedsoftwarealliance.com/category/tswa-news-network/security-start-ups/ podcast]<br />
<br />
Financial Times: Investors flock to [http://www.ft.com/intl/cms/s/0/f5c87808-a883-11e3-b50f-00144feab7de.html#axzz32vM8YvW6/ Cyber Security Startups]<br />
<br />
| valign="top" style="padding-left:25px;width:200px;border-right: 1px dotted gray;padding-right:25px;" |<br />
<br />
== Presentation Materials ==<br />
<br />
[https://www.owasp.org/images/4/42/OWASP_Security_Pre-Accelerator_Initiative.pdf OWASP Start-up initiative proposal documentation]<br />
<br />
[https://www.owasp.org/images/9/9b/OWASP_Security_Incubator_Presentation.pdf Atrovate proposal to OWASP presentation deck]<br />
<br />
[https://docs.google.com/presentation/d/1gktnLLffegbiqiMTAFLUM7GXXANg7zGbMDaP5ZiJE-A/edit Presentation for Sponsors]<br />
<br />
''Note: this initiative proposal is released to OWASP for the purpose of seeking OWASP corporate funding only and should considered propriety of the authors and OWASP. This material cannot distributed and used for commercial purposes and without consent of the authors''<br />
<br />
== Initiative Events ==<br />
<br />
We host a roundtable event on this initiative at the [https://2014.appsec.eu/ AppSec Europe conference] in Cambridge on the 24th June. Attendees can join in person or online. Please signup on the [http://attending.io/events/appseceu Event Page]<br />
<br />
== Initiative Leader(s) ==<br />
<br />
[https://www.owasp.org/index.php/User:Neill_Gernon Neill Gernon]<br />
[https://www.owasp.org/index.php/Marco_Morana Marco Morana]<br />
<br />
<br />
== Mailing List ==<br />
<br />
* [https://lists.owasp.org/mailman/listinfo/owasp_cyber_security_pre-accelerator_initiative Mailing List]<br />
<br />
|}<br />
<br />
= News and updates =<br />
<br />
'''Starting point/To date'''<br />
Neill Gernon and Marco Morana have worked up to this point on:<br />
-Startup community engagement> Meetings with London startup hubs including Level39 (Europes largest accelerator space), IDEALondon and universitys like Kings University where Marco spoke about the programme with thier security leaders. Also had meetings inside Google Campus London, Tech Hub and Central Working.<br />
-Programme planning> Designing the programme which has taken inspiration from lean prototyping workshops that Neill Gernon runs in London and Dublin startup clusters. Planning stages also included engaging with owasp staff including Samantha Groves, Kelly Santalucia and GK Southwick to conclude that this should be submitted and structured as an initiative.<br />
-Coordinating owasp meetings: Meetings with owasp chapter leaders including Tobias Gondrom, Justin Clarke and Marco Morana.<br />
<br />
'''Thursday, 24th April - Meeting.'''<br />
Meeting (conference call) between Neill Gernon & Marco Morana concluded the following:<br />
-Speakers/Mentors> <br />
(a) Will will be looking to confirm speakers for the first kick off event (mid May). At this kick off event Neill Gernon & Marco Morana will talk on the programme format and the benifits to participants - this is an overview of the programme and a chance for all interested to come together and connect pre- initiative launch. Also to answer any questions attendees have before beginning. <br />
(b) Will be looking to confirm mentors for the pre-accelerator programme. These mentors will commit to specific calander dates to give team advisory, product validation, people mentorship and guidance through out the initiative.<br />
-Calander> Now we have a chosen starting point (kick off event by the 22nd May in London), we will be outlining the calander timeline of events, workshops and hackathon dates/times. *This initiative schedule will be updated to the wiki soon*<br />
-Sponsor details: Waiting to get confirmation from sponsors on how they wish to support initiative and owasp<br />
-How to continuously update the wiki for future updates and initiative news.<br />
<br />
Kick off event date, sponsor details, speakers and mentor confirmation will be following this meeting.<br />
<br />
<br />
'''Friday 9th May - Update on sponsor signup'''<br />
Created a quick "google form" along with a new presentation to get sponsors signed up to the initiative. Confirmation of dates and venue pending and subject to sponsor commitment due to venue expenses. <br />
Potential sponsors have been two options: <br />
1. join owasp membership and a % goes toward the initiative<br />
2. sponsor initiative direct<br />
Google form found [here> https://docs.google.com/forms/d/1hg3xqM3fHKDda0WshTEC7UTzK4nwcr1j6H79mHXSBoQ/viewform .]<br />
<br />
Additional updates> <br />
1. Wednesday meeting with Marco Moran confirmed to discuss initiative progress, venue, dates and sponsor confirmation.<br />
2. Monday - Meeting with IDEALondon to discuss venue and initiative start dates<br />
3. Monday - Meeting with a London university to propose initiative sponsorship<br />
<br />
<br />
''''Friday 23rd May - Update on sponsor/meeting progress''''<br />
Coordinating venue, sponsor and dates has taking longer than expected but continuing to progress with target engagements.<br />
Continued email discussions with Neill Gernon and Marco Morana on the progress of initiative to this date.<br />
<br />
'''Academic Sponsors/meeting.'''<br />
'''Securing dates to meet with UCL'''<br />
Meeting with researchers from the Research Institute in Science of Cybersecurity [http://www.ucl.ac.uk/cybersecurity] for the week of the 2nd of June. Meeting will be Neill Gernon and Marco Morana presenting initiative to Professor M. Angela Sasse [http://sec.cs.ucl.ac.uk/people/m_angela_sasse/] and to Professor David Pym [http://www0.cs.ucl.ac.uk/people/D.Pym.html] as well as other additional professors from the Institute. The goal is to present the initiative as potential r&d research for UCL and as a career route for UCL students to create cyber security startups to drive cyber security innovation. <br />
<br />
'''Progress with Kings University'''<br />
Marco Morana will also be engaging with contacts at Kings University London to arrange meeting to present the initiative for the university/students. <br />
<br />
'''Securing dates to meet with Royal Holloway'''<br />
Currently coordinating meetings with Royal Holloway with Lorenzo Cavallaro (through Marco Morana) and also to Justin O'Brian (through Samantha Groves) to help us present the initiative to Royal Holloway as an initiative that their students can participate in. <br />
<br />
'''Confirming a round table session at AppSec UK.'''<br />
We are currently confirming a roundtable session to be held at AppSec UK [https://2014.appsec.eu/] in Cambridge to present the initiative to owasp members/sponsors - both academic/corporate. Coordinating this roundtable session with Samantha Groves, Adrian Winckles and Tobias Gondrom which will be held at the AppSec Project Summitt [https://www.owasp.org/index.php/OWASP_Project_Summit_2014/Home] and presented by Neill Gernon on June 23rd/24th at Angelia Ruskin University Cambridge.<br />
<br />
<br />
'''Update: Tuesday 27th May'''<br />
<br />
Meeting with Justin O'Brian (MBA Director & entrepreneurship at Royal Holloway) went well and he is recommending our initiative to professors leading the computer science, info security and IT institutes.<br />
<br />
<br />
'''Update: Monday 2nd June'''<br />
<br />
Meeting confirmed for 20th June to present initiative with UCL professors Angela Sasse, David Pym and team at the Research institute in the Science of Cyber Security at UCL.<br />
<br />
Roundtable event confirmed. Neill Gernon will be presenting (joined by Marco Morana via Call) a roundtable talk at AppSecEU in Cambridge on the 24th June 2pm-6pm. Attendees will be able to join in person or attend online and all will be asked to [http://attending.io/events/appseceu register on our event page] We aim to inform the appsec community of our initiative and gain advocates, help and initiative sponsors.<br />
<br />
<br />
<br />
<br />
<br />
<br />
= Milestones =<br />
<br />
'''Milestones and Goals'''<br />
<br />
The OWASP pre-incubator security start-up project includes the following milestones;<br />
<br />
1) OWASP Security start-up pre-incubator process guide that document the process the WHAT that is a guide that can be followed by a non-profit entity such as OWASP, University, and Government Agency to run a security start-up pre-incubator program. We will document all steps of the process that can be followed to create pre seed funding security start-ups which can be replicated by following this program including<br />
the different stages that lead from opportunity to idea concept to creation of the open source prototype to the start-ups itself. The guide provide guidance on the goals of the various activities such as events, prototyping workshops and hackathons (e.g. goal is to experiment with OWASP open source tools, templates for the development of working prototypes) create and sign legal contract agreements, creation and validation of PoCs Proof of Concepts.<br />
<br />
2) OWASP Security start-up pre-incubator process manual that teaches the HOW that is how to engage with the start-up community locally (start), organize events, workshops, hackathons, mentoring and prepare business plans for participation to security incubators start-ups (end);<br />
<br />
3) OWASP Security start-up pre-incubator wiki site to manage the steps of the startup security pre accelerator process and document the proof of concept prototypes that can go on to be fully incubated start-ups; This wiki site will be created as OWASP pre-accelerator web site and will help it to be taken forward and used by OWASP chapters in different areas/countries.<br />
<br />
4) Documented results of piloting with a start-up pre-incubator real case that includes using the process guide the manual the wiki site to run a real case of pre-incubator program by running it at one of the established start up campuses in London pending on availability and agreements.<br />
<br />
5) OWASP open source working software prototype/PoCof an open source application security software/technology. This prototype/PoC is produced by following theseveral steps of the pre-accelerator security incubator program and is produced by the initiative participants as residents in the pre-accelerator working space and validated by the open source community. The scope of the prototype is to validate a proof of concept of a new idea that makes either web or mobile applications more secure. This prototype is released as open source to the community.<br />
<br />
=How to Get involved=<br />
<br />
Signup to our mailing list, updates coming soon!<br />
Mail list> https://lists.owasp.org/mailman/listinfo/owasp_cyber_security_pre-accelerator_initiative <br />
<br />
__NOTOC__ <headertabs /> <br />
<br />
[[Category:OWASP Global_Initiatives]] <br />
<br />
<br />
<br />
<br />
<br />
<br />
<headertabs/> <br />
__NOTOC__</div>Neill Gernonhttps://wiki.owasp.org/index.php?title=Global_Initiatives/Cyber_Security_Pre-accelerator_Initiative&diff=176248Global Initiatives/Cyber Security Pre-accelerator Initiative2014-06-02T13:06:38Z<p>Neill Gernon: </p>
<hr />
<div>=Main=<br />
<br />
<div style="width:100%;height:160px;border:0,margin:0;overflow: hidden;">[[File:Initiatives_banner_large.jpg|link=]]</div><br />
<br />
{| style="padding: 0;margin:0;margin-top:10px;text-align:left;" |-<br />
| valign="top" style="border-right: 1px dotted gray;padding-right:25px;" |<br />
<br />
==OWASP Cyber Security Startup Initiative==<br />
<br />
The aim of the OWASP Cyber Security Startup Initiative (CSSI) is to catalyse opportunities for innovation in application security by promoting the creation of prototypes of open source tools produced by entrepreneur-lead teams seeking to form cyber-security start-ups. OWASP will be piloting this initiative by running the cyber security incubator with sponsors. The ideal sponsors of this initiative are academic institutions, government entities and corporate sponsors/private investors. OWASP will manage the initiative end to end: from the initial planning and documentation of the cyber-security start-up process to the running and the piloting the initiative to the final documentation of the process and incorporation of the lessons learned. OWASP will be managing the logistical aspects of the program and OWASP leaders will mentor prospective cyber-security start-ups teams in the creation of the prototypes using free open source tools and APIs. OWASP will work together with the sponsors of this initiative by preparing the prospective cyber-security start-up(s) to seek funding by investor(s) at a later acceleration stage of the creation of the start-up.<br />
<br />
==Initiative Goals==<br />
<br />
The main goal of the pre-accelerator is to create opportunities for prospective entrepreneur-lead teams to transform ideas into open source community-validated concepts. The pursuit of innovative ideas can lead to the development of prototypes and (PoCs) Proof of Concept(s). Prospective start-ups can leverage no-cost OWASP resources that includes open source tools, documents/guides and training modules. The OWASP security incubator will offer to the selected entrepreneur-lead teams a structured place to work to experiment with the creation of working prototypes. The program, the workplace and the funding for the creation of the prototypes will be funded by OWASP corporate sponsorship(s). The initiative manuals and the prototypes developed by the start-ups will be released as open source to the application security community. The validation of the ideas with proof of concepts will help the start-up to participate to the next phase that is the cyber-security start-up acceleration program. The experience gained will help prospective start-ups to develop a Minimum Viable Product (MVP) and seek funding from prospective investors for further development.<br />
<br />
==Initiative Focus ==<br />
<br />
This initiative will focus on the pre-incubator/pre-acceleration phase that is the preliminary phase that leads to the incubation of a possible start-up. This is the phase where talent is nurtured and ideas are developed, concepts are validated and prototypes are tested. The goal of the pre-acceleration phase is to create Proof of Concepts (PoCs) of prototypes of application security products. This phase leads to the next phase that is the acceleration phase. Entrepreneur-lead teams participating to the OWASP pre-acceleration program can possibly use these POCs/prototypes to develop Minimum Viable Product (MVPs) in the acceleration stage. These MVPs might be used to present to Angel investors/VCs to seek funding for the creation of their start-ups using these products.<br />
<br />
==Beneficiaries of this Initiative==<br />
<br />
The OWASP pre-incubator security start-up initiative helps the collaborative effort of academic institutions, government entities as well as corporate sponsors in the creation their cyber-security innovation campus/acceleration programs for cyber-security start-ups. The role of OWASP in this initiative is to provide the tools, the training modules, the documentation guides that help start-ups teams selected to participate into the pre-acceleation program to design, implement and test secure software. The ideal candidates for the participation to this initiative are teams of young graduates from universities with curriculum in cyber-security that are interested in experimenting with application security tools and create innovative ways to test and to develop secure software. By spearheading the creation of cyber-security pre-acceleator programs OWASP will also create the opportunity for these teams of young college graduates to experiment with software security concepts, develop working prototypes of secure software. The experience gained by participating to the program will help young graduates to seek a career in software security as well as to become self-employed in a new cyber-security start-up that can leverage OWASP tools and prototypes developed (e.g. by using them in the start-up software security consulting services). The experience gained will help start-ups to develop their business plans and MVPs. These business plans and MVPs could be presented to prospective investors for funding. By participating to this initiative, prospective start-ups will be better positioned to move up to the next phase and seek funds such as seed capital investment from prospective investors/VCs/Angels. <br />
<br />
==Initiative Participation Requirements==<br />
<br />
Participants to the OWASP pre-acceleration security start-up program are required to respect the open source licenses for the use of OWASP tools and for the prototypes/PoCs being developed. OWASP prototypes/PoCs should be released as open source and subjected to the Creative Commons 3.0 License (see [https://www.owasp.org/index.php/OWASP_Licenses OWASP licenses] for details). <br />
<br />
==The role of OWASP in this Initiative==<br />
<br />
OWASP will provide funding for running of the initiative using OWASP corporate sponsorship. The funding will be used to run the initiative and to manage the logistical aspects of the program that includes providing office space for prospective start-up teams, conduct the "hackatons" to experiment with OWASP tools and resources and organize training sessions with application security mentors. The artefacts produced by the start-ups will also funded by the initiative: these will be released as open source at the end of the program. Part of the funding will be also allocated for documenting the process such as creation of guidelines for managing the pre-accelerator for security start-ups. The lessons learned by running the pre-accelerator program will be documented and distributed to the various sponsors of the initiative (e.g. academic institutions, corporate sponsors, government institutions) as well as released as free resource to be used by the application security community as a whole.<br />
<br />
Since OWASP is a non for profit organisation is not involved in any commercialisation aspects of the tools and products/MVPs that will be developed in the future by the start-ups that participated to the pre-acceleration program. OWASP will be only involved in running the start-up incubator program and in the funding of OWASP open source projects created by the start-ups that participate to this initiative. OWASP will not invest into the start-ups and will not take any commercial interests in the development of products that the start-up will develop outside this program. This includes also products/MVPs that are used to seek funds such as seed capital for the start-up.<br />
<br />
The OWASP organization, through the global foundation and his local chapters and the leaders of this initiative will ONLY run and manage the security start-up pre-accelerator program and fund the development of prototypes/PoCs that will be released as open source. OWASP will provide in-person mentoring in application security to the start-up teams participating to the program and mentoring to help teams to take their ideas into working prototypes/tools. OWASP will also collect data while running this program that will be useful for the documentation of the program manuals as lesson learnt. A the end of the pre-incubation phase, OWASP mentors will also teach the start-ups on how to create business plans and will advise in the technical aspects related to the proposal of new products and services. <br />
<br />
==Initiative Collaboration Effort==<br />
<br />
OWASP will be managing and run this initiative in collaboration with the sponsors. The likely sponsor(s) of this initiative are academic institutions that already have cyber-security curriculum and graduate programs in cyber-security as well as government organisations, corporate sponsors that would like to partner with academic institutions for the creation of cyber-security incubators for start-ups. Examples of these academic-government-private partnerships are the [http://cyber.bgu.ac.il/research Cyber Labs incubator in Israel], the [https://www.mach37.com Cyber-security start-up accelerators in VA USA] the [http://www.bwtechumbc.com/cyber/ Cyber Incubator@bwtech in MD USA] and the [http://cyberhivesandiego.org/about/about-cyberhive/ CyberHive in CA-USA San Diego]<br />
<br />
==Participation and Sponsorship Appeal==<br />
<br />
Corporate sponsors, academic institutions and government organisations interested in participating in the OWASP cyber-security pre-acceleration initiative can contact the initiative leaders (ref to the leaders info of this page) as well as [https://www.owasp.org/index.php/About_OWASP OWASP foundation board] directly. OWASP has different corporate sponsorship options available and all provide benefits. More information on OWASP corporate sponsorship can be found [https://www.owasp.org/index.php/Corporate_Membership here]<br />
<br />
If you are interested to directly contribute to the Cyber Security Pre Startup Accelerator Initiative please fill in the following [https://docs.google.com/forms/d/1hg3xqM3fHKDda0WshTEC7UTzK4nwcr1j6H79mHXSBoQ/viewform sponsorship form]<br />
<br />
==References==<br />
<br />
Ron Moritz, CISSP Managing Director, MTC OWASP:, 1 October 2013, [https://www.owasp.org/images/4/4d/OWASP_IL_2013_10_OWASP_Ron_Moritz_Why_Are_Investors_Excited_About_Cyber_Security_Startups.pdf Why Investors are excited about cyber-security start-ups, again?]<br />
<br />
Trusted Software Alliance, May 26, 2014, Security start-ups with Michael Coates [http://trustedsoftwarealliance.com/category/tswa-news-network/security-start-ups/ podcast]<br />
<br />
Financial Times: Investors flock to [http://www.ft.com/intl/cms/s/0/f5c87808-a883-11e3-b50f-00144feab7de.html#axzz32vM8YvW6/ Cyber Security Startups]<br />
<br />
| valign="top" style="padding-left:25px;width:200px;border-right: 1px dotted gray;padding-right:25px;" |<br />
<br />
== Presentation Materials ==<br />
<br />
[https://www.owasp.org/images/4/42/OWASP_Security_Pre-Accelerator_Initiative.pdf OWASP Start-up initiative proposal documentation]<br />
<br />
[https://www.owasp.org/images/9/9b/OWASP_Security_Incubator_Presentation.pdf Atrovate proposal to OWASP presentation deck]<br />
<br />
[https://docs.google.com/presentation/d/1gktnLLffegbiqiMTAFLUM7GXXANg7zGbMDaP5ZiJE-A/edit Presentation for Sponsors]<br />
<br />
''Note: this initiative proposal is released to OWASP for the purpose of seeking OWASP corporate funding only and should considered propriety of the authors and OWASP. This material cannot distributed and used for commercial purposes and without consent of the authors''<br />
<br />
== Community Events ==<br />
<br />
Roundtable event at the [https://2014.appsec.eu/ AppSec Europe conference] in Cambridge on the 24th June. Attendees can join in person or online. Please signup on the [http://attending.io/events/appseceu Event Page]<br />
<br />
== Initiative Leader(s) ==<br />
<br />
[https://www.owasp.org/index.php/User:Neill_Gernon Neill Gernon]<br />
[https://www.owasp.org/index.php/Marco_Morana Marco Morana]<br />
<br />
<br />
== Mailing List ==<br />
<br />
* [https://lists.owasp.org/mailman/listinfo/owasp_cyber_security_pre-accelerator_initiative Mailing List]<br />
<br />
|}<br />
<br />
= News and updates =<br />
<br />
'''Starting point/To date'''<br />
Neill Gernon and Marco Morana have worked up to this point on:<br />
-Startup community engagement> Meetings with London startup hubs including Level39 (Europes largest accelerator space), IDEALondon and universitys like Kings University where Marco spoke about the programme with thier security leaders. Also had meetings inside Google Campus London, Tech Hub and Central Working.<br />
-Programme planning> Designing the programme which has taken inspiration from lean prototyping workshops that Neill Gernon runs in London and Dublin startup clusters. Planning stages also included engaging with owasp staff including Samantha Groves, Kelly Santalucia and GK Southwick to conclude that this should be submitted and structured as an initiative.<br />
-Coordinating owasp meetings: Meetings with owasp chapter leaders including Tobias Gondrom, Justin Clarke and Marco Morana.<br />
<br />
'''Thursday, 24th April - Meeting.'''<br />
Meeting (conference call) between Neill Gernon & Marco Morana concluded the following:<br />
-Speakers/Mentors> <br />
(a) Will will be looking to confirm speakers for the first kick off event (mid May). At this kick off event Neill Gernon & Marco Morana will talk on the programme format and the benifits to participants - this is an overview of the programme and a chance for all interested to come together and connect pre- initiative launch. Also to answer any questions attendees have before beginning. <br />
(b) Will be looking to confirm mentors for the pre-accelerator programme. These mentors will commit to specific calander dates to give team advisory, product validation, people mentorship and guidance through out the initiative.<br />
-Calander> Now we have a chosen starting point (kick off event by the 22nd May in London), we will be outlining the calander timeline of events, workshops and hackathon dates/times. *This initiative schedule will be updated to the wiki soon*<br />
-Sponsor details: Waiting to get confirmation from sponsors on how they wish to support initiative and owasp<br />
-How to continuously update the wiki for future updates and initiative news.<br />
<br />
Kick off event date, sponsor details, speakers and mentor confirmation will be following this meeting.<br />
<br />
<br />
'''Friday 9th May - Update on sponsor signup'''<br />
Created a quick "google form" along with a new presentation to get sponsors signed up to the initiative. Confirmation of dates and venue pending and subject to sponsor commitment due to venue expenses. <br />
Potential sponsors have been two options: <br />
1. join owasp membership and a % goes toward the initiative<br />
2. sponsor initiative direct<br />
Google form found [here> https://docs.google.com/forms/d/1hg3xqM3fHKDda0WshTEC7UTzK4nwcr1j6H79mHXSBoQ/viewform .]<br />
<br />
Additional updates> <br />
1. Wednesday meeting with Marco Moran confirmed to discuss initiative progress, venue, dates and sponsor confirmation.<br />
2. Monday - Meeting with IDEALondon to discuss venue and initiative start dates<br />
3. Monday - Meeting with a London university to propose initiative sponsorship<br />
<br />
<br />
''''Friday 23rd May - Update on sponsor/meeting progress''''<br />
Coordinating venue, sponsor and dates has taking longer than expected but continuing to progress with target engagements.<br />
Continued email discussions with Neill Gernon and Marco Morana on the progress of initiative to this date.<br />
<br />
'''Academic Sponsors/meeting.'''<br />
'''Securing dates to meet with UCL'''<br />
Meeting with researchers from the Research Institute in Science of Cybersecurity [http://www.ucl.ac.uk/cybersecurity] for the week of the 2nd of June. Meeting will be Neill Gernon and Marco Morana presenting initiative to Professor M. Angela Sasse [http://sec.cs.ucl.ac.uk/people/m_angela_sasse/] and to Professor David Pym [http://www0.cs.ucl.ac.uk/people/D.Pym.html] as well as other additional professors from the Institute. The goal is to present the initiative as potential r&d research for UCL and as a career route for UCL students to create cyber security startups to drive cyber security innovation. <br />
<br />
'''Progress with Kings University'''<br />
Marco Morana will also be engaging with contacts at Kings University London to arrange meeting to present the initiative for the university/students. <br />
<br />
'''Securing dates to meet with Royal Holloway'''<br />
Currently coordinating meetings with Royal Holloway with Lorenzo Cavallaro (through Marco Morana) and also to Justin O'Brian (through Samantha Groves) to help us present the initiative to Royal Holloway as an initiative that their students can participate in. <br />
<br />
'''Confirming a round table session at AppSec UK.'''<br />
We are currently confirming a roundtable session to be held at AppSec UK [https://2014.appsec.eu/] in Cambridge to present the initiative to owasp members/sponsors - both academic/corporate. Coordinating this roundtable session with Samantha Groves, Adrian Winckles and Tobias Gondrom which will be held at the AppSec Project Summitt [https://www.owasp.org/index.php/OWASP_Project_Summit_2014/Home] and presented by Neill Gernon on June 23rd/24th at Angelia Ruskin University Cambridge.<br />
<br />
<br />
'''Update: Tuesday 27th May'''<br />
<br />
Meeting with Justin O'Brian (MBA Director & entrepreneurship at Royal Holloway) went well and he is recommending our initiative to professors leading the computer science, info security and IT institutes.<br />
<br />
<br />
'''Update: Monday 2nd June'''<br />
<br />
Meeting confirmed for 20th June to present initiative with UCL professors Angela Sasse, David Pym and team at the Research institute in the Science of Cyber Security at UCL.<br />
<br />
Roundtable event confirmed. Neill Gernon will be presenting (joined by Marco Morana via Call) a roundtable talk at AppSecEU in Cambridge on the 24th June 2pm-6pm. Attendees will be able to join in person or attend online and all will be asked to [http://attending.io/events/appseceu register on our event page] We aim to inform the appsec community of our initiative and gain advocates, help and initiative sponsors.<br />
<br />
<br />
<br />
<br />
<br />
<br />
= Milestones =<br />
<br />
'''Milestones and Goals'''<br />
<br />
The OWASP pre-incubator security start-up project includes the following milestones;<br />
<br />
1) OWASP Security start-up pre-incubator process guide that document the process the WHAT that is a guide that can be followed by a non-profit entity such as OWASP, University, and Government Agency to run a security start-up pre-incubator program. We will document all steps of the process that can be followed to create pre seed funding security start-ups which can be replicated by following this program including<br />
the different stages that lead from opportunity to idea concept to creation of the open source prototype to the start-ups itself. The guide provide guidance on the goals of the various activities such as events, prototyping workshops and hackathons (e.g. goal is to experiment with OWASP open source tools, templates for the development of working prototypes) create and sign legal contract agreements, creation and validation of PoCs Proof of Concepts.<br />
<br />
2) OWASP Security start-up pre-incubator process manual that teaches the HOW that is how to engage with the start-up community locally (start), organize events, workshops, hackathons, mentoring and prepare business plans for participation to security incubators start-ups (end);<br />
<br />
3) OWASP Security start-up pre-incubator wiki site to manage the steps of the startup security pre accelerator process and document the proof of concept prototypes that can go on to be fully incubated start-ups; This wiki site will be created as OWASP pre-accelerator web site and will help it to be taken forward and used by OWASP chapters in different areas/countries.<br />
<br />
4) Documented results of piloting with a start-up pre-incubator real case that includes using the process guide the manual the wiki site to run a real case of pre-incubator program by running it at one of the established start up campuses in London pending on availability and agreements.<br />
<br />
5) OWASP open source working software prototype/PoCof an open source application security software/technology. This prototype/PoC is produced by following theseveral steps of the pre-accelerator security incubator program and is produced by the initiative participants as residents in the pre-accelerator working space and validated by the open source community. The scope of the prototype is to validate a proof of concept of a new idea that makes either web or mobile applications more secure. This prototype is released as open source to the community.<br />
<br />
=How to Get involved=<br />
<br />
Signup to our mailing list, updates coming soon!<br />
Mail list> https://lists.owasp.org/mailman/listinfo/owasp_cyber_security_pre-accelerator_initiative <br />
<br />
__NOTOC__ <headertabs /> <br />
<br />
[[Category:OWASP Global_Initiatives]] <br />
<br />
<br />
<br />
<br />
<br />
<br />
<headertabs/> <br />
__NOTOC__</div>Neill Gernonhttps://wiki.owasp.org/index.php?title=Global_Initiatives/Cyber_Security_Pre-accelerator_Initiative&diff=176247Global Initiatives/Cyber Security Pre-accelerator Initiative2014-06-02T13:05:02Z<p>Neill Gernon: </p>
<hr />
<div>=Main=<br />
<br />
<div style="width:100%;height:160px;border:0,margin:0;overflow: hidden;">[[File:Initiatives_banner_large.jpg|link=]]</div><br />
<br />
{| style="padding: 0;margin:0;margin-top:10px;text-align:left;" |-<br />
| valign="top" style="border-right: 1px dotted gray;padding-right:25px;" |<br />
<br />
==OWASP Cyber Security Startup Initiative==<br />
<br />
The aim of the OWASP Cyber Security Startup Initiative (CSSI) is to catalyse opportunities for innovation in application security by promoting the creation of prototypes of open source tools produced by entrepreneur-lead teams seeking to form cyber-security start-ups. OWASP will be piloting this initiative by running the cyber security incubator with sponsors. The ideal sponsors of this initiative are academic institutions, government entities and corporate sponsors/private investors. OWASP will manage the initiative end to end: from the initial planning and documentation of the cyber-security start-up process to the running and the piloting the initiative to the final documentation of the process and incorporation of the lessons learned. OWASP will be managing the logistical aspects of the program and OWASP leaders will mentor prospective cyber-security start-ups teams in the creation of the prototypes using free open source tools and APIs. OWASP will work together with the sponsors of this initiative by preparing the prospective cyber-security start-up(s) to seek funding by investor(s) at a later acceleration stage of the creation of the start-up.<br />
<br />
==Initiative Goals==<br />
<br />
The main goal of the pre-accelerator is to create opportunities for prospective entrepreneur-lead teams to transform ideas into open source community-validated concepts. The pursuit of innovative ideas can lead to the development of prototypes and (PoCs) Proof of Concept(s). Prospective start-ups can leverage no-cost OWASP resources that includes open source tools, documents/guides and training modules. The OWASP security incubator will offer to the selected entrepreneur-lead teams a structured place to work to experiment with the creation of working prototypes. The program, the workplace and the funding for the creation of the prototypes will be funded by OWASP corporate sponsorship(s). The initiative manuals and the prototypes developed by the start-ups will be released as open source to the application security community. The validation of the ideas with proof of concepts will help the start-up to participate to the next phase that is the cyber-security start-up acceleration program. The experience gained will help prospective start-ups to develop a Minimum Viable Product (MVP) and seek funding from prospective investors for further development.<br />
<br />
==Initiative Focus ==<br />
<br />
This initiative will focus on the pre-incubator/pre-acceleration phase that is the preliminary phase that leads to the incubation of a possible start-up. This is the phase where talent is nurtured and ideas are developed, concepts are validated and prototypes are tested. The goal of the pre-acceleration phase is to create Proof of Concepts (PoCs) of prototypes of application security products. This phase leads to the next phase that is the acceleration phase. Entrepreneur-lead teams participating to the OWASP pre-acceleration program can possibly use these POCs/prototypes to develop Minimum Viable Product (MVPs) in the acceleration stage. These MVPs might be used to present to Angel investors/VCs to seek funding for the creation of their start-ups using these products.<br />
<br />
==Beneficiaries of this Initiative==<br />
<br />
The OWASP pre-incubator security start-up initiative helps the collaborative effort of academic institutions, government entities as well as corporate sponsors in the creation their cyber-security innovation campus/acceleration programs for cyber-security start-ups. The role of OWASP in this initiative is to provide the tools, the training modules, the documentation guides that help start-ups teams selected to participate into the pre-acceleation program to design, implement and test secure software. The ideal candidates for the participation to this initiative are teams of young graduates from universities with curriculum in cyber-security that are interested in experimenting with application security tools and create innovative ways to test and to develop secure software. By spearheading the creation of cyber-security pre-acceleator programs OWASP will also create the opportunity for these teams of young college graduates to experiment with software security concepts, develop working prototypes of secure software. The experience gained by participating to the program will help young graduates to seek a career in software security as well as to become self-employed in a new cyber-security start-up that can leverage OWASP tools and prototypes developed (e.g. by using them in the start-up software security consulting services). The experience gained will help start-ups to develop their business plans and MVPs. These business plans and MVPs could be presented to prospective investors for funding. By participating to this initiative, prospective start-ups will be better positioned to move up to the next phase and seek funds such as seed capital investment from prospective investors/VCs/Angels. <br />
<br />
==Initiative Participation Requirements==<br />
<br />
Participants to the OWASP pre-acceleration security start-up program are required to respect the open source licenses for the use of OWASP tools and for the prototypes/PoCs being developed. OWASP prototypes/PoCs should be released as open source and subjected to the Creative Commons 3.0 License (see [https://www.owasp.org/index.php/OWASP_Licenses OWASP licenses] for details). <br />
<br />
==The role of OWASP in this Initiative==<br />
<br />
OWASP will provide funding for running of the initiative using OWASP corporate sponsorship. The funding will be used to run the initiative and to manage the logistical aspects of the program that includes providing office space for prospective start-up teams, conduct the "hackatons" to experiment with OWASP tools and resources and organize training sessions with application security mentors. The artefacts produced by the start-ups will also funded by the initiative: these will be released as open source at the end of the program. Part of the funding will be also allocated for documenting the process such as creation of guidelines for managing the pre-accelerator for security start-ups. The lessons learned by running the pre-accelerator program will be documented and distributed to the various sponsors of the initiative (e.g. academic institutions, corporate sponsors, government institutions) as well as released as free resource to be used by the application security community as a whole.<br />
<br />
Since OWASP is a non for profit organisation is not involved in any commercialisation aspects of the tools and products/MVPs that will be developed in the future by the start-ups that participated to the pre-acceleration program. OWASP will be only involved in running the start-up incubator program and in the funding of OWASP open source projects created by the start-ups that participate to this initiative. OWASP will not invest into the start-ups and will not take any commercial interests in the development of products that the start-up will develop outside this program. This includes also products/MVPs that are used to seek funds such as seed capital for the start-up.<br />
<br />
The OWASP organization, through the global foundation and his local chapters and the leaders of this initiative will ONLY run and manage the security start-up pre-accelerator program and fund the development of prototypes/PoCs that will be released as open source. OWASP will provide in-person mentoring in application security to the start-up teams participating to the program and mentoring to help teams to take their ideas into working prototypes/tools. OWASP will also collect data while running this program that will be useful for the documentation of the program manuals as lesson learnt. A the end of the pre-incubation phase, OWASP mentors will also teach the start-ups on how to create business plans and will advise in the technical aspects related to the proposal of new products and services. <br />
<br />
==Initiative Collaboration Effort==<br />
<br />
OWASP will be managing and run this initiative in collaboration with the sponsors. The likely sponsor(s) of this initiative are academic institutions that already have cyber-security curriculum and graduate programs in cyber-security as well as government organisations, corporate sponsors that would like to partner with academic institutions for the creation of cyber-security incubators for start-ups. Examples of these academic-government-private partnerships are the [http://cyber.bgu.ac.il/research Cyber Labs incubator in Israel], the [https://www.mach37.com Cyber-security start-up accelerators in VA USA] the [http://www.bwtechumbc.com/cyber/ Cyber Incubator@bwtech in MD USA] and the [http://cyberhivesandiego.org/about/about-cyberhive/ CyberHive in CA-USA San Diego]<br />
<br />
==Participation and Sponsorship Appeal==<br />
<br />
Corporate sponsors, academic institutions and government organisations interested in participating in the OWASP cyber-security pre-acceleration initiative can contact the initiative leaders (ref to the leaders info of this page) as well as [https://www.owasp.org/index.php/About_OWASP OWASP foundation board] directly. OWASP has different corporate sponsorship options available and all provide benefits. More information on OWASP corporate sponsorship can be found [https://www.owasp.org/index.php/Corporate_Membership here]<br />
<br />
If you are interested to directly contribute to the Cyber Security Pre Startup Accelerator Initiative please fill in the following [https://docs.google.com/forms/d/1hg3xqM3fHKDda0WshTEC7UTzK4nwcr1j6H79mHXSBoQ/viewform sponsorship form]<br />
<br />
==References==<br />
<br />
Ron Moritz, CISSP Managing Director, MTC OWASP:, 1 October 2013, [https://www.owasp.org/images/4/4d/OWASP_IL_2013_10_OWASP_Ron_Moritz_Why_Are_Investors_Excited_About_Cyber_Security_Startups.pdf Why Investors are excited about cyber-security start-ups, again?]<br />
<br />
Trusted Software Alliance, May 26, 2014, Security start-ups with Michael Coates [http://trustedsoftwarealliance.com/category/tswa-news-network/security-start-ups/ podcast]<br />
<br />
Financial Times: Investors flock to [http://www.ft.com/intl/cms/s/0/f5c87808-a883-11e3-b50f-00144feab7de.html#axzz32vM8YvW6/ Cyber Security Startups]<br />
<br />
| valign="top" style="padding-left:25px;width:200px;border-right: 1px dotted gray;padding-right:25px;" |<br />
<br />
== Presentation Materials ==<br />
<br />
[https://www.owasp.org/images/4/42/OWASP_Security_Pre-Accelerator_Initiative.pdf OWASP Start-up initiative proposal documentation]<br />
<br />
[https://www.owasp.org/images/9/9b/OWASP_Security_Incubator_Presentation.pdf Atrovate proposal to OWASP presentation deck]<br />
<br />
[https://docs.google.com/presentation/d/1gktnLLffegbiqiMTAFLUM7GXXANg7zGbMDaP5ZiJE-A/edit Presentation for Sponsors]<br />
<br />
''Note: this initiative proposal is released to OWASP for the purpose of seeking OWASP corporate funding only and should considered propriety of the authors and OWASP. This material cannot distributed and used for commercial purposes and without consent of the authors''<br />
<br />
== Community Events ==<br />
<br />
Roundtable event at the [https://2014.appsec.eu/ AppSec Europe conference] in Cambridge on the 24th June. Attendees can join in person or online [http://attending.io/events/appseceu event and signup page]<br />
<br />
== Initiative Leader(s) ==<br />
<br />
[https://www.owasp.org/index.php/User:Neill_Gernon Neill Gernon]<br />
[https://www.owasp.org/index.php/Marco_Morana Marco Morana]<br />
<br />
<br />
== Mailing List ==<br />
<br />
* [https://lists.owasp.org/mailman/listinfo/owasp_cyber_security_pre-accelerator_initiative Mailing List]<br />
<br />
|}<br />
<br />
= News and updates =<br />
<br />
'''Starting point/To date'''<br />
Neill Gernon and Marco Morana have worked up to this point on:<br />
-Startup community engagement> Meetings with London startup hubs including Level39 (Europes largest accelerator space), IDEALondon and universitys like Kings University where Marco spoke about the programme with thier security leaders. Also had meetings inside Google Campus London, Tech Hub and Central Working.<br />
-Programme planning> Designing the programme which has taken inspiration from lean prototyping workshops that Neill Gernon runs in London and Dublin startup clusters. Planning stages also included engaging with owasp staff including Samantha Groves, Kelly Santalucia and GK Southwick to conclude that this should be submitted and structured as an initiative.<br />
-Coordinating owasp meetings: Meetings with owasp chapter leaders including Tobias Gondrom, Justin Clarke and Marco Morana.<br />
<br />
'''Thursday, 24th April - Meeting.'''<br />
Meeting (conference call) between Neill Gernon & Marco Morana concluded the following:<br />
-Speakers/Mentors> <br />
(a) Will will be looking to confirm speakers for the first kick off event (mid May). At this kick off event Neill Gernon & Marco Morana will talk on the programme format and the benifits to participants - this is an overview of the programme and a chance for all interested to come together and connect pre- initiative launch. Also to answer any questions attendees have before beginning. <br />
(b) Will be looking to confirm mentors for the pre-accelerator programme. These mentors will commit to specific calander dates to give team advisory, product validation, people mentorship and guidance through out the initiative.<br />
-Calander> Now we have a chosen starting point (kick off event by the 22nd May in London), we will be outlining the calander timeline of events, workshops and hackathon dates/times. *This initiative schedule will be updated to the wiki soon*<br />
-Sponsor details: Waiting to get confirmation from sponsors on how they wish to support initiative and owasp<br />
-How to continuously update the wiki for future updates and initiative news.<br />
<br />
Kick off event date, sponsor details, speakers and mentor confirmation will be following this meeting.<br />
<br />
<br />
'''Friday 9th May - Update on sponsor signup'''<br />
Created a quick "google form" along with a new presentation to get sponsors signed up to the initiative. Confirmation of dates and venue pending and subject to sponsor commitment due to venue expenses. <br />
Potential sponsors have been two options: <br />
1. join owasp membership and a % goes toward the initiative<br />
2. sponsor initiative direct<br />
Google form found [here> https://docs.google.com/forms/d/1hg3xqM3fHKDda0WshTEC7UTzK4nwcr1j6H79mHXSBoQ/viewform .]<br />
<br />
Additional updates> <br />
1. Wednesday meeting with Marco Moran confirmed to discuss initiative progress, venue, dates and sponsor confirmation.<br />
2. Monday - Meeting with IDEALondon to discuss venue and initiative start dates<br />
3. Monday - Meeting with a London university to propose initiative sponsorship<br />
<br />
<br />
''''Friday 23rd May - Update on sponsor/meeting progress''''<br />
Coordinating venue, sponsor and dates has taking longer than expected but continuing to progress with target engagements.<br />
Continued email discussions with Neill Gernon and Marco Morana on the progress of initiative to this date.<br />
<br />
'''Academic Sponsors/meeting.'''<br />
'''Securing dates to meet with UCL'''<br />
Meeting with researchers from the Research Institute in Science of Cybersecurity [http://www.ucl.ac.uk/cybersecurity] for the week of the 2nd of June. Meeting will be Neill Gernon and Marco Morana presenting initiative to Professor M. Angela Sasse [http://sec.cs.ucl.ac.uk/people/m_angela_sasse/] and to Professor David Pym [http://www0.cs.ucl.ac.uk/people/D.Pym.html] as well as other additional professors from the Institute. The goal is to present the initiative as potential r&d research for UCL and as a career route for UCL students to create cyber security startups to drive cyber security innovation. <br />
<br />
'''Progress with Kings University'''<br />
Marco Morana will also be engaging with contacts at Kings University London to arrange meeting to present the initiative for the university/students. <br />
<br />
'''Securing dates to meet with Royal Holloway'''<br />
Currently coordinating meetings with Royal Holloway with Lorenzo Cavallaro (through Marco Morana) and also to Justin O'Brian (through Samantha Groves) to help us present the initiative to Royal Holloway as an initiative that their students can participate in. <br />
<br />
'''Confirming a round table session at AppSec UK.'''<br />
We are currently confirming a roundtable session to be held at AppSec UK [https://2014.appsec.eu/] in Cambridge to present the initiative to owasp members/sponsors - both academic/corporate. Coordinating this roundtable session with Samantha Groves, Adrian Winckles and Tobias Gondrom which will be held at the AppSec Project Summitt [https://www.owasp.org/index.php/OWASP_Project_Summit_2014/Home] and presented by Neill Gernon on June 23rd/24th at Angelia Ruskin University Cambridge.<br />
<br />
<br />
'''Update: Tuesday 27th May'''<br />
<br />
Meeting with Justin O'Brian (MBA Director & entrepreneurship at Royal Holloway) went well and he is recommending our initiative to professors leading the computer science, info security and IT institutes.<br />
<br />
<br />
'''Update: Monday 2nd June'''<br />
<br />
Meeting confirmed for 20th June to present initiative with UCL professors Angela Sasse, David Pym and team at the Research institute in the Science of Cyber Security at UCL.<br />
<br />
Roundtable event confirmed. Neill Gernon will be presenting (joined by Marco Morana via Call) a roundtable talk at AppSecEU in Cambridge on the 24th June 2pm-6pm. Attendees will be able to join in person or attend online and all will be asked to [http://attending.io/events/appseceu register on our event page] We aim to inform the appsec community of our initiative and gain advocates, help and initiative sponsors.<br />
<br />
<br />
<br />
<br />
<br />
<br />
= Milestones =<br />
<br />
'''Milestones and Goals'''<br />
<br />
The OWASP pre-incubator security start-up project includes the following milestones;<br />
<br />
1) OWASP Security start-up pre-incubator process guide that document the process the WHAT that is a guide that can be followed by a non-profit entity such as OWASP, University, and Government Agency to run a security start-up pre-incubator program. We will document all steps of the process that can be followed to create pre seed funding security start-ups which can be replicated by following this program including<br />
the different stages that lead from opportunity to idea concept to creation of the open source prototype to the start-ups itself. The guide provide guidance on the goals of the various activities such as events, prototyping workshops and hackathons (e.g. goal is to experiment with OWASP open source tools, templates for the development of working prototypes) create and sign legal contract agreements, creation and validation of PoCs Proof of Concepts.<br />
<br />
2) OWASP Security start-up pre-incubator process manual that teaches the HOW that is how to engage with the start-up community locally (start), organize events, workshops, hackathons, mentoring and prepare business plans for participation to security incubators start-ups (end);<br />
<br />
3) OWASP Security start-up pre-incubator wiki site to manage the steps of the startup security pre accelerator process and document the proof of concept prototypes that can go on to be fully incubated start-ups; This wiki site will be created as OWASP pre-accelerator web site and will help it to be taken forward and used by OWASP chapters in different areas/countries.<br />
<br />
4) Documented results of piloting with a start-up pre-incubator real case that includes using the process guide the manual the wiki site to run a real case of pre-incubator program by running it at one of the established start up campuses in London pending on availability and agreements.<br />
<br />
5) OWASP open source working software prototype/PoCof an open source application security software/technology. This prototype/PoC is produced by following theseveral steps of the pre-accelerator security incubator program and is produced by the initiative participants as residents in the pre-accelerator working space and validated by the open source community. The scope of the prototype is to validate a proof of concept of a new idea that makes either web or mobile applications more secure. This prototype is released as open source to the community.<br />
<br />
=How to Get involved=<br />
<br />
Signup to our mailing list, updates coming soon!<br />
Mail list> https://lists.owasp.org/mailman/listinfo/owasp_cyber_security_pre-accelerator_initiative <br />
<br />
__NOTOC__ <headertabs /> <br />
<br />
[[Category:OWASP Global_Initiatives]] <br />
<br />
<br />
<br />
<br />
<br />
<br />
<headertabs/> <br />
__NOTOC__</div>Neill Gernonhttps://wiki.owasp.org/index.php?title=Global_Initiatives/Cyber_Security_Pre-accelerator_Initiative&diff=176245Global Initiatives/Cyber Security Pre-accelerator Initiative2014-06-02T12:58:43Z<p>Neill Gernon: </p>
<hr />
<div>=Main=<br />
<br />
<div style="width:100%;height:160px;border:0,margin:0;overflow: hidden;">[[File:Initiatives_banner_large.jpg|link=]]</div><br />
<br />
{| style="padding: 0;margin:0;margin-top:10px;text-align:left;" |-<br />
| valign="top" style="border-right: 1px dotted gray;padding-right:25px;" |<br />
<br />
==OWASP Cyber Security Startup Initiative==<br />
<br />
The aim of the OWASP Cyber Security Startup Initiative (CSSI) is to catalyse opportunities for innovation in application security by promoting the creation of prototypes of open source tools produced by entrepreneur-lead teams seeking to form cyber-security start-ups. OWASP will be piloting this initiative by running the cyber security incubator with sponsors. The ideal sponsors of this initiative are academic institutions, government entities and corporate sponsors/private investors. OWASP will manage the initiative end to end: from the initial planning and documentation of the cyber-security start-up process to the running and the piloting the initiative to the final documentation of the process and incorporation of the lessons learned. OWASP will be managing the logistical aspects of the program and OWASP leaders will mentor prospective cyber-security start-ups teams in the creation of the prototypes using free open source tools and APIs. OWASP will work together with the sponsors of this initiative by preparing the prospective cyber-security start-up(s) to seek funding by investor(s) at a later acceleration stage of the creation of the start-up.<br />
<br />
==Initiative Goals==<br />
<br />
The main goal of the pre-accelerator is to create opportunities for prospective entrepreneur-lead teams to transform ideas into open source community-validated concepts. The pursuit of innovative ideas can lead to the development of prototypes and (PoCs) Proof of Concept(s). Prospective start-ups can leverage no-cost OWASP resources that includes open source tools, documents/guides and training modules. The OWASP security incubator will offer to the selected entrepreneur-lead teams a structured place to work to experiment with the creation of working prototypes. The program, the workplace and the funding for the creation of the prototypes will be funded by OWASP corporate sponsorship(s). The initiative manuals and the prototypes developed by the start-ups will be released as open source to the application security community. The validation of the ideas with proof of concepts will help the start-up to participate to the next phase that is the cyber-security start-up acceleration program. The experience gained will help prospective start-ups to develop a Minimum Viable Product (MVP) and seek funding from prospective investors for further development.<br />
<br />
==Initiative Focus ==<br />
<br />
This initiative will focus on the pre-incubator/pre-acceleration phase that is the preliminary phase that leads to the incubation of a possible start-up. This is the phase where talent is nurtured and ideas are developed, concepts are validated and prototypes are tested. The goal of the pre-acceleration phase is to create Proof of Concepts (PoCs) of prototypes of application security products. This phase leads to the next phase that is the acceleration phase. Entrepreneur-lead teams participating to the OWASP pre-acceleration program can possibly use these POCs/prototypes to develop Minimum Viable Product (MVPs) in the acceleration stage. These MVPs might be used to present to Angel investors/VCs to seek funding for the creation of their start-ups using these products.<br />
<br />
==Beneficiaries of this Initiative==<br />
<br />
The OWASP pre-incubator security start-up initiative helps the collaborative effort of academic institutions, government entities as well as corporate sponsors in the creation their cyber-security innovation campus/acceleration programs for cyber-security start-ups. The role of OWASP in this initiative is to provide the tools, the training modules, the documentation guides that help start-ups teams selected to participate into the pre-acceleation program to design, implement and test secure software. The ideal candidates for the participation to this initiative are teams of young graduates from universities with curriculum in cyber-security that are interested in experimenting with application security tools and create innovative ways to test and to develop secure software. By spearheading the creation of cyber-security pre-acceleator programs OWASP will also create the opportunity for these teams of young college graduates to experiment with software security concepts, develop working prototypes of secure software. The experience gained by participating to the program will help young graduates to seek a career in software security as well as to become self-employed in a new cyber-security start-up that can leverage OWASP tools and prototypes developed (e.g. by using them in the start-up software security consulting services). The experience gained will help start-ups to develop their business plans and MVPs. These business plans and MVPs could be presented to prospective investors for funding. By participating to this initiative, prospective start-ups will be better positioned to move up to the next phase and seek funds such as seed capital investment from prospective investors/VCs/Angels. <br />
<br />
==Initiative Participation Requirements==<br />
<br />
Participants to the OWASP pre-acceleration security start-up program are required to respect the open source licenses for the use of OWASP tools and for the prototypes/PoCs being developed. OWASP prototypes/PoCs should be released as open source and subjected to the Creative Commons 3.0 License (see [https://www.owasp.org/index.php/OWASP_Licenses OWASP licenses] for details). <br />
<br />
==The role of OWASP in this Initiative==<br />
<br />
OWASP will provide funding for running of the initiative using OWASP corporate sponsorship. The funding will be used to run the initiative and to manage the logistical aspects of the program that includes providing office space for prospective start-up teams, conduct the "hackatons" to experiment with OWASP tools and resources and organize training sessions with application security mentors. The artefacts produced by the start-ups will also funded by the initiative: these will be released as open source at the end of the program. Part of the funding will be also allocated for documenting the process such as creation of guidelines for managing the pre-accelerator for security start-ups. The lessons learned by running the pre-accelerator program will be documented and distributed to the various sponsors of the initiative (e.g. academic institutions, corporate sponsors, government institutions) as well as released as free resource to be used by the application security community as a whole.<br />
<br />
Since OWASP is a non for profit organisation is not involved in any commercialisation aspects of the tools and products/MVPs that will be developed in the future by the start-ups that participated to the pre-acceleration program. OWASP will be only involved in running the start-up incubator program and in the funding of OWASP open source projects created by the start-ups that participate to this initiative. OWASP will not invest into the start-ups and will not take any commercial interests in the development of products that the start-up will develop outside this program. This includes also products/MVPs that are used to seek funds such as seed capital for the start-up.<br />
<br />
The OWASP organization, through the global foundation and his local chapters and the leaders of this initiative will ONLY run and manage the security start-up pre-accelerator program and fund the development of prototypes/PoCs that will be released as open source. OWASP will provide in-person mentoring in application security to the start-up teams participating to the program and mentoring to help teams to take their ideas into working prototypes/tools. OWASP will also collect data while running this program that will be useful for the documentation of the program manuals as lesson learnt. A the end of the pre-incubation phase, OWASP mentors will also teach the start-ups on how to create business plans and will advise in the technical aspects related to the proposal of new products and services. <br />
<br />
==Initiative Collaboration Effort==<br />
<br />
OWASP will be managing and run this initiative in collaboration with the sponsors. The likely sponsor(s) of this initiative are academic institutions that already have cyber-security curriculum and graduate programs in cyber-security as well as government organisations, corporate sponsors that would like to partner with academic institutions for the creation of cyber-security incubators for start-ups. Examples of these academic-government-private partnerships are the [http://cyber.bgu.ac.il/research Cyber Labs incubator in Israel], the [https://www.mach37.com Cyber-security start-up accelerators in VA USA] the [http://www.bwtechumbc.com/cyber/ Cyber Incubator@bwtech in MD USA] and the [http://cyberhivesandiego.org/about/about-cyberhive/ CyberHive in CA-USA San Diego]<br />
<br />
==Participation and Sponsorship Appeal==<br />
<br />
Corporate sponsors, academic institutions and government organisations interested in participating in the OWASP cyber-security pre-acceleration initiative can contact the initiative leaders (ref to the leaders info of this page) as well as [https://www.owasp.org/index.php/About_OWASP OWASP foundation board] directly. OWASP has different corporate sponsorship options available and all provide benefits. More information on OWASP corporate sponsorship can be found [https://www.owasp.org/index.php/Corporate_Membership here]<br />
<br />
If you are interested to directly contribute to the Cyber Security Pre Startup Accelerator Initiative please fill in the following [https://docs.google.com/forms/d/1hg3xqM3fHKDda0WshTEC7UTzK4nwcr1j6H79mHXSBoQ/viewform sponsorship form]<br />
<br />
==References==<br />
<br />
Ron Moritz, CISSP Managing Director, MTC OWASP:, 1 October 2013, [https://www.owasp.org/images/4/4d/OWASP_IL_2013_10_OWASP_Ron_Moritz_Why_Are_Investors_Excited_About_Cyber_Security_Startups.pdf Why Investors are excited about cyber-security start-ups, again?]<br />
<br />
Trusted Software Alliance, May 26, 2014, Security start-ups with Michael Coates [http://trustedsoftwarealliance.com/category/tswa-news-network/security-start-ups/ podcast]<br />
<br />
Financial Times: Investors flock to [http://www.ft.com/intl/cms/s/0/f5c87808-a883-11e3-b50f-00144feab7de.html#axzz32vM8YvW6/ Cyber Security Startups]<br />
<br />
| valign="top" style="padding-left:25px;width:200px;border-right: 1px dotted gray;padding-right:25px;" |<br />
<br />
== Presentation Materials ==<br />
<br />
[https://www.owasp.org/images/4/42/OWASP_Security_Pre-Accelerator_Initiative.pdf OWASP Start-up initiative proposal documentation]<br />
<br />
[https://www.owasp.org/images/9/9b/OWASP_Security_Incubator_Presentation.pdf Atrovate proposal to OWASP presentation deck]<br />
<br />
[https://docs.google.com/presentation/d/1gktnLLffegbiqiMTAFLUM7GXXANg7zGbMDaP5ZiJE-A/edit Presentation for Sponsors]<br />
<br />
''Note: this initiative proposal is released to OWASP for the purpose of seeking OWASP corporate funding only and should considered propriety of the authors and OWASP. This material cannot distributed and used for commercial purposes and without consent of the authors''<br />
<br />
== Events / Workshops ==<br />
<br />
Initiative presentation. Roundtable event at AppSec Europe conference in Cambridge on the 24th June. [http://attending.io/events/appseceu Event page and participant signup]<br />
<br />
== Initiative Leader(s) ==<br />
<br />
[https://www.owasp.org/index.php/User:Neill_Gernon Neill Gernon]<br />
[https://www.owasp.org/index.php/Marco_Morana Marco Morana]<br />
<br />
<br />
== Mailing List ==<br />
<br />
* [https://lists.owasp.org/mailman/listinfo/owasp_cyber_security_pre-accelerator_initiative Mailing List]<br />
<br />
|}<br />
<br />
= News and Events =<br />
<br />
'''Starting point/To date'''<br />
Neill Gernon and Marco Morana have worked up to this point on:<br />
-Startup community engagement> Meetings with London startup hubs including Level39 (Europes largest accelerator space), IDEALondon and universitys like Kings University where Marco spoke about the programme with thier security leaders. Also had meetings inside Google Campus London, Tech Hub and Central Working.<br />
-Programme planning> Designing the programme which has taken inspiration from lean prototyping workshops that Neill Gernon runs in London and Dublin startup clusters. Planning stages also included engaging with owasp staff including Samantha Groves, Kelly Santalucia and GK Southwick to conclude that this should be submitted and structured as an initiative.<br />
-Coordinating owasp meetings: Meetings with owasp chapter leaders including Tobias Gondrom, Justin Clarke and Marco Morana.<br />
<br />
'''Thursday, 24th April - Meeting.'''<br />
Meeting (conference call) between Neill Gernon & Marco Morana concluded the following:<br />
-Speakers/Mentors> <br />
(a) Will will be looking to confirm speakers for the first kick off event (mid May). At this kick off event Neill Gernon & Marco Morana will talk on the programme format and the benifits to participants - this is an overview of the programme and a chance for all interested to come together and connect pre- initiative launch. Also to answer any questions attendees have before beginning. <br />
(b) Will be looking to confirm mentors for the pre-accelerator programme. These mentors will commit to specific calander dates to give team advisory, product validation, people mentorship and guidance through out the initiative.<br />
-Calander> Now we have a chosen starting point (kick off event by the 22nd May in London), we will be outlining the calander timeline of events, workshops and hackathon dates/times. *This initiative schedule will be updated to the wiki soon*<br />
-Sponsor details: Waiting to get confirmation from sponsors on how they wish to support initiative and owasp<br />
-How to continuously update the wiki for future updates and initiative news.<br />
<br />
Kick off event date, sponsor details, speakers and mentor confirmation will be following this meeting.<br />
<br />
<br />
'''Friday 9th May - Update on sponsor signup'''<br />
Created a quick "google form" along with a new presentation to get sponsors signed up to the initiative. Confirmation of dates and venue pending and subject to sponsor commitment due to venue expenses. <br />
Potential sponsors have been two options: <br />
1. join owasp membership and a % goes toward the initiative<br />
2. sponsor initiative direct<br />
Google form found [here> https://docs.google.com/forms/d/1hg3xqM3fHKDda0WshTEC7UTzK4nwcr1j6H79mHXSBoQ/viewform .]<br />
<br />
Additional updates> <br />
1. Wednesday meeting with Marco Moran confirmed to discuss initiative progress, venue, dates and sponsor confirmation.<br />
2. Monday - Meeting with IDEALondon to discuss venue and initiative start dates<br />
3. Monday - Meeting with a London university to propose initiative sponsorship<br />
<br />
<br />
''''Friday 23rd May - Update on sponsor/meeting progress''''<br />
Coordinating venue, sponsor and dates has taking longer than expected but continuing to progress with target engagements.<br />
Continued email discussions with Neill Gernon and Marco Morana on the progress of initiative to this date.<br />
<br />
'''Academic Sponsors/meeting.'''<br />
'''Securing dates to meet with UCL'''<br />
Meeting with researchers from the Research Institute in Science of Cybersecurity [http://www.ucl.ac.uk/cybersecurity] for the week of the 2nd of June. Meeting will be Neill Gernon and Marco Morana presenting initiative to Professor M. Angela Sasse [http://sec.cs.ucl.ac.uk/people/m_angela_sasse/] and to Professor David Pym [http://www0.cs.ucl.ac.uk/people/D.Pym.html] as well as other additional professors from the Institute. The goal is to present the initiative as potential r&d research for UCL and as a career route for UCL students to create cyber security startups to drive cyber security innovation. <br />
<br />
'''Progress with Kings University'''<br />
Marco Morana will also be engaging with contacts at Kings University London to arrange meeting to present the initiative for the university/students. <br />
<br />
'''Securing dates to meet with Royal Holloway'''<br />
Currently coordinating meetings with Royal Holloway with Lorenzo Cavallaro (through Marco Morana) and also to Justin O'Brian (through Samantha Groves) to help us present the initiative to Royal Holloway as an initiative that their students can participate in. <br />
<br />
'''Confirming a round table session at AppSec UK.'''<br />
We are currently confirming a roundtable session to be held at AppSec UK [https://2014.appsec.eu/] in Cambridge to present the initiative to owasp members/sponsors - both academic/corporate. Coordinating this roundtable session with Samantha Groves, Adrian Winckles and Tobias Gondrom which will be held at the AppSec Project Summitt [https://www.owasp.org/index.php/OWASP_Project_Summit_2014/Home] and presented by Neill Gernon on June 23rd/24th at Angelia Ruskin University Cambridge.<br />
<br />
<br />
'''Update: Tuesday 27th May'''<br />
<br />
Meeting with Justin O'Brian (MBA Director & entrepreneurship at Royal Holloway) went well and he is recommending our initiative to professors leading the computer science, info security and IT institutes.<br />
<br />
<br />
'''Update: Monday 2nd June'''<br />
<br />
Meeting confirmed for 20th June to present initiative with UCL professors Angela Sasse, David Pym and team at the Research institute in the Science of Cyber Security at UCL.<br />
<br />
Roundtable event confirmed. Neill Gernon will be presenting (joined by Marco Morana via Call) a roundtable talk at AppSecEU in Cambridge on the 24th June 2pm-6pm. Attendees will be able to join in person or attend online and all will be asked to [http://attending.io/events/appseceu register on our event page] We aim to inform the appsec community of our initiative and gain advocates, help and initiative sponsors.<br />
<br />
<br />
<br />
<br />
<br />
<br />
= Milestones =<br />
<br />
'''Milestones and Goals'''<br />
<br />
The OWASP pre-incubator security start-up project includes the following milestones;<br />
<br />
1) OWASP Security start-up pre-incubator process guide that document the process the WHAT that is a guide that can be followed by a non-profit entity such as OWASP, University, and Government Agency to run a security start-up pre-incubator program. We will document all steps of the process that can be followed to create pre seed funding security start-ups which can be replicated by following this program including<br />
the different stages that lead from opportunity to idea concept to creation of the open source prototype to the start-ups itself. The guide provide guidance on the goals of the various activities such as events, prototyping workshops and hackathons (e.g. goal is to experiment with OWASP open source tools, templates for the development of working prototypes) create and sign legal contract agreements, creation and validation of PoCs Proof of Concepts.<br />
<br />
2) OWASP Security start-up pre-incubator process manual that teaches the HOW that is how to engage with the start-up community locally (start), organize events, workshops, hackathons, mentoring and prepare business plans for participation to security incubators start-ups (end);<br />
<br />
3) OWASP Security start-up pre-incubator wiki site to manage the steps of the startup security pre accelerator process and document the proof of concept prototypes that can go on to be fully incubated start-ups; This wiki site will be created as OWASP pre-accelerator web site and will help it to be taken forward and used by OWASP chapters in different areas/countries.<br />
<br />
4) Documented results of piloting with a start-up pre-incubator real case that includes using the process guide the manual the wiki site to run a real case of pre-incubator program by running it at one of the established start up campuses in London pending on availability and agreements.<br />
<br />
5) OWASP open source working software prototype/PoCof an open source application security software/technology. This prototype/PoC is produced by following theseveral steps of the pre-accelerator security incubator program and is produced by the initiative participants as residents in the pre-accelerator working space and validated by the open source community. The scope of the prototype is to validate a proof of concept of a new idea that makes either web or mobile applications more secure. This prototype is released as open source to the community.<br />
<br />
=How to Get involved=<br />
<br />
Signup to our mailing list, updates coming soon!<br />
Mail list> https://lists.owasp.org/mailman/listinfo/owasp_cyber_security_pre-accelerator_initiative <br />
<br />
__NOTOC__ <headertabs /> <br />
<br />
[[Category:OWASP Global_Initiatives]] <br />
<br />
<br />
<br />
<br />
<br />
<br />
<headertabs/> <br />
__NOTOC__</div>Neill Gernonhttps://wiki.owasp.org/index.php?title=Global_Initiatives/Cyber_Security_Pre-accelerator_Initiative&diff=176244Global Initiatives/Cyber Security Pre-accelerator Initiative2014-06-02T12:53:40Z<p>Neill Gernon: </p>
<hr />
<div>=Main=<br />
<br />
<div style="width:100%;height:160px;border:0,margin:0;overflow: hidden;">[[File:Initiatives_banner_large.jpg|link=]]</div><br />
<br />
{| style="padding: 0;margin:0;margin-top:10px;text-align:left;" |-<br />
| valign="top" style="border-right: 1px dotted gray;padding-right:25px;" |<br />
<br />
==OWASP Cyber Security Startup Initiative==<br />
<br />
The aim of the OWASP Cyber Security Startup Initiative (CSSI) is to catalyse opportunities for innovation in application security by promoting the creation of prototypes of open source tools produced by entrepreneur-lead teams seeking to form cyber-security start-ups. OWASP will be piloting this initiative by running the cyber security incubator with sponsors. The ideal sponsors of this initiative are academic institutions, government entities and corporate sponsors/private investors. OWASP will manage the initiative end to end: from the initial planning and documentation of the cyber-security start-up process to the running and the piloting the initiative to the final documentation of the process and incorporation of the lessons learned. OWASP will be managing the logistical aspects of the program and OWASP leaders will mentor prospective cyber-security start-ups teams in the creation of the prototypes using free open source tools and APIs. OWASP will work together with the sponsors of this initiative by preparing the prospective cyber-security start-up(s) to seek funding by investor(s) at a later acceleration stage of the creation of the start-up.<br />
<br />
==Initiative Goals==<br />
<br />
The main goal of the pre-accelerator is to create opportunities for prospective entrepreneur-lead teams to transform ideas into open source community-validated concepts. The pursuit of innovative ideas can lead to the development of prototypes and (PoCs) Proof of Concept(s). Prospective start-ups can leverage no-cost OWASP resources that includes open source tools, documents/guides and training modules. The OWASP security incubator will offer to the selected entrepreneur-lead teams a structured place to work to experiment with the creation of working prototypes. The program, the workplace and the funding for the creation of the prototypes will be funded by OWASP corporate sponsorship(s). The initiative manuals and the prototypes developed by the start-ups will be released as open source to the application security community. The validation of the ideas with proof of concepts will help the start-up to participate to the next phase that is the cyber-security start-up acceleration program. The experience gained will help prospective start-ups to develop a Minimum Viable Product (MVP) and seek funding from prospective investors for further development.<br />
<br />
==Initiative Focus ==<br />
<br />
This initiative will focus on the pre-incubator/pre-acceleration phase that is the preliminary phase that leads to the incubation of a possible start-up. This is the phase where talent is nurtured and ideas are developed, concepts are validated and prototypes are tested. The goal of the pre-acceleration phase is to create Proof of Concepts (PoCs) of prototypes of application security products. This phase leads to the next phase that is the acceleration phase. Entrepreneur-lead teams participating to the OWASP pre-acceleration program can possibly use these POCs/prototypes to develop Minimum Viable Product (MVPs) in the acceleration stage. These MVPs might be used to present to Angel investors/VCs to seek funding for the creation of their start-ups using these products.<br />
<br />
==Beneficiaries of this Initiative==<br />
<br />
The OWASP pre-incubator security start-up initiative helps the collaborative effort of academic institutions, government entities as well as corporate sponsors in the creation their cyber-security innovation campus/acceleration programs for cyber-security start-ups. The role of OWASP in this initiative is to provide the tools, the training modules, the documentation guides that help start-ups teams selected to participate into the pre-acceleation program to design, implement and test secure software. The ideal candidates for the participation to this initiative are teams of young graduates from universities with curriculum in cyber-security that are interested in experimenting with application security tools and create innovative ways to test and to develop secure software. By spearheading the creation of cyber-security pre-acceleator programs OWASP will also create the opportunity for these teams of young college graduates to experiment with software security concepts, develop working prototypes of secure software. The experience gained by participating to the program will help young graduates to seek a career in software security as well as to become self-employed in a new cyber-security start-up that can leverage OWASP tools and prototypes developed (e.g. by using them in the start-up software security consulting services). The experience gained will help start-ups to develop their business plans and MVPs. These business plans and MVPs could be presented to prospective investors for funding. By participating to this initiative, prospective start-ups will be better positioned to move up to the next phase and seek funds such as seed capital investment from prospective investors/VCs/Angels. <br />
<br />
==Initiative Participation Requirements==<br />
<br />
Participants to the OWASP pre-acceleration security start-up program are required to respect the open source licenses for the use of OWASP tools and for the prototypes/PoCs being developed. OWASP prototypes/PoCs should be released as open source and subjected to the Creative Commons 3.0 License (see [https://www.owasp.org/index.php/OWASP_Licenses OWASP licenses] for details). <br />
<br />
==The role of OWASP in this Initiative==<br />
<br />
OWASP will provide funding for running of the initiative using OWASP corporate sponsorship. The funding will be used to run the initiative and to manage the logistical aspects of the program that includes providing office space for prospective start-up teams, conduct the "hackatons" to experiment with OWASP tools and resources and organize training sessions with application security mentors. The artefacts produced by the start-ups will also funded by the initiative: these will be released as open source at the end of the program. Part of the funding will be also allocated for documenting the process such as creation of guidelines for managing the pre-accelerator for security start-ups. The lessons learned by running the pre-accelerator program will be documented and distributed to the various sponsors of the initiative (e.g. academic institutions, corporate sponsors, government institutions) as well as released as free resource to be used by the application security community as a whole.<br />
<br />
Since OWASP is a non for profit organisation is not involved in any commercialisation aspects of the tools and products/MVPs that will be developed in the future by the start-ups that participated to the pre-acceleration program. OWASP will be only involved in running the start-up incubator program and in the funding of OWASP open source projects created by the start-ups that participate to this initiative. OWASP will not invest into the start-ups and will not take any commercial interests in the development of products that the start-up will develop outside this program. This includes also products/MVPs that are used to seek funds such as seed capital for the start-up.<br />
<br />
The OWASP organization, through the global foundation and his local chapters and the leaders of this initiative will ONLY run and manage the security start-up pre-accelerator program and fund the development of prototypes/PoCs that will be released as open source. OWASP will provide in-person mentoring in application security to the start-up teams participating to the program and mentoring to help teams to take their ideas into working prototypes/tools. OWASP will also collect data while running this program that will be useful for the documentation of the program manuals as lesson learnt. A the end of the pre-incubation phase, OWASP mentors will also teach the start-ups on how to create business plans and will advise in the technical aspects related to the proposal of new products and services. <br />
<br />
==Initiative Collaboration Effort==<br />
<br />
OWASP will be managing and run this initiative in collaboration with the sponsors. The likely sponsor(s) of this initiative are academic institutions that already have cyber-security curriculum and graduate programs in cyber-security as well as government organisations, corporate sponsors that would like to partner with academic institutions for the creation of cyber-security incubators for start-ups. Examples of these academic-government-private partnerships are the [http://cyber.bgu.ac.il/research Cyber Labs incubator in Israel], the [https://www.mach37.com Cyber-security start-up accelerators in VA USA] the [http://www.bwtechumbc.com/cyber/ Cyber Incubator@bwtech in MD USA] and the [http://cyberhivesandiego.org/about/about-cyberhive/ CyberHive in CA-USA San Diego]<br />
<br />
==Participation and Sponsorship Appeal==<br />
<br />
Corporate sponsors, academic institutions and government organisations interested in participating in the OWASP cyber-security pre-acceleration initiative can contact the initiative leaders (ref to the leaders info of this page) as well as [https://www.owasp.org/index.php/About_OWASP OWASP foundation board] directly. OWASP has different corporate sponsorship options available and all provide benefits. More information on OWASP corporate sponsorship can be found [https://www.owasp.org/index.php/Corporate_Membership here]<br />
<br />
If you are interested to directly contribute to the Cyber Security Pre Startup Accelerator Initiative please fill in the following [https://docs.google.com/forms/d/1hg3xqM3fHKDda0WshTEC7UTzK4nwcr1j6H79mHXSBoQ/viewform sponsorship form]<br />
<br />
==References==<br />
<br />
Ron Moritz, CISSP Managing Director, MTC OWASP:, 1 October 2013, [https://www.owasp.org/images/4/4d/OWASP_IL_2013_10_OWASP_Ron_Moritz_Why_Are_Investors_Excited_About_Cyber_Security_Startups.pdf Why Investors are excited about cyber-security start-ups, again?]<br />
<br />
Trusted Software Alliance, May 26, 2014, Security start-ups with Michael Coates [http://trustedsoftwarealliance.com/category/tswa-news-network/security-start-ups/ podcast]<br />
<br />
Financial Times: Investors flock to [http://www.ft.com/intl/cms/s/0/f5c87808-a883-11e3-b50f-00144feab7de.html#axzz32vM8YvW6/ Cyber Security Startups]<br />
<br />
| valign="top" style="padding-left:25px;width:200px;border-right: 1px dotted gray;padding-right:25px;" |<br />
<br />
== Presentation Materials ==<br />
<br />
[https://www.owasp.org/images/4/42/OWASP_Security_Pre-Accelerator_Initiative.pdf OWASP Start-up initiative proposal documentation]<br />
<br />
[https://www.owasp.org/images/9/9b/OWASP_Security_Incubator_Presentation.pdf Atrovate proposal to OWASP presentation deck]<br />
<br />
[https://docs.google.com/presentation/d/1gktnLLffegbiqiMTAFLUM7GXXANg7zGbMDaP5ZiJE-A/edit Presentation for Sponsors]<br />
<br />
''Note: this initiative proposal is released to OWASP for the purpose of seeking OWASP corporate funding only and should considered propriety of the authors and OWASP. This material cannot distributed and used for commercial purposes and without consent of the authors''<br />
<br />
== Initiative Leader(s) ==<br />
<br />
[https://www.owasp.org/index.php/User:Neill_Gernon Neill Gernon]<br />
[https://www.owasp.org/index.php/Marco_Morana Marco Morana]<br />
<br />
<br />
== Mailing List ==<br />
<br />
* [https://lists.owasp.org/mailman/listinfo/owasp_cyber_security_pre-accelerator_initiative Mailing List]<br />
<br />
|}<br />
<br />
= News and Events =<br />
<br />
'''Starting point/To date'''<br />
Neill Gernon and Marco Morana have worked up to this point on:<br />
-Startup community engagement> Meetings with London startup hubs including Level39 (Europes largest accelerator space), IDEALondon and universitys like Kings University where Marco spoke about the programme with thier security leaders. Also had meetings inside Google Campus London, Tech Hub and Central Working.<br />
-Programme planning> Designing the programme which has taken inspiration from lean prototyping workshops that Neill Gernon runs in London and Dublin startup clusters. Planning stages also included engaging with owasp staff including Samantha Groves, Kelly Santalucia and GK Southwick to conclude that this should be submitted and structured as an initiative.<br />
-Coordinating owasp meetings: Meetings with owasp chapter leaders including Tobias Gondrom, Justin Clarke and Marco Morana.<br />
<br />
'''Thursday, 24th April - Meeting.'''<br />
Meeting (conference call) between Neill Gernon & Marco Morana concluded the following:<br />
-Speakers/Mentors> <br />
(a) Will will be looking to confirm speakers for the first kick off event (mid May). At this kick off event Neill Gernon & Marco Morana will talk on the programme format and the benifits to participants - this is an overview of the programme and a chance for all interested to come together and connect pre- initiative launch. Also to answer any questions attendees have before beginning. <br />
(b) Will be looking to confirm mentors for the pre-accelerator programme. These mentors will commit to specific calander dates to give team advisory, product validation, people mentorship and guidance through out the initiative.<br />
-Calander> Now we have a chosen starting point (kick off event by the 22nd May in London), we will be outlining the calander timeline of events, workshops and hackathon dates/times. *This initiative schedule will be updated to the wiki soon*<br />
-Sponsor details: Waiting to get confirmation from sponsors on how they wish to support initiative and owasp<br />
-How to continuously update the wiki for future updates and initiative news.<br />
<br />
Kick off event date, sponsor details, speakers and mentor confirmation will be following this meeting.<br />
<br />
<br />
'''Friday 9th May - Update on sponsor signup'''<br />
Created a quick "google form" along with a new presentation to get sponsors signed up to the initiative. Confirmation of dates and venue pending and subject to sponsor commitment due to venue expenses. <br />
Potential sponsors have been two options: <br />
1. join owasp membership and a % goes toward the initiative<br />
2. sponsor initiative direct<br />
Google form found [here> https://docs.google.com/forms/d/1hg3xqM3fHKDda0WshTEC7UTzK4nwcr1j6H79mHXSBoQ/viewform .]<br />
<br />
Additional updates> <br />
1. Wednesday meeting with Marco Moran confirmed to discuss initiative progress, venue, dates and sponsor confirmation.<br />
2. Monday - Meeting with IDEALondon to discuss venue and initiative start dates<br />
3. Monday - Meeting with a London university to propose initiative sponsorship<br />
<br />
<br />
''''Friday 23rd May - Update on sponsor/meeting progress''''<br />
Coordinating venue, sponsor and dates has taking longer than expected but continuing to progress with target engagements.<br />
Continued email discussions with Neill Gernon and Marco Morana on the progress of initiative to this date.<br />
<br />
'''Academic Sponsors/meeting.'''<br />
'''Securing dates to meet with UCL'''<br />
Meeting with researchers from the Research Institute in Science of Cybersecurity [http://www.ucl.ac.uk/cybersecurity] for the week of the 2nd of June. Meeting will be Neill Gernon and Marco Morana presenting initiative to Professor M. Angela Sasse [http://sec.cs.ucl.ac.uk/people/m_angela_sasse/] and to Professor David Pym [http://www0.cs.ucl.ac.uk/people/D.Pym.html] as well as other additional professors from the Institute. The goal is to present the initiative as potential r&d research for UCL and as a career route for UCL students to create cyber security startups to drive cyber security innovation. <br />
<br />
'''Progress with Kings University'''<br />
Marco Morana will also be engaging with contacts at Kings University London to arrange meeting to present the initiative for the university/students. <br />
<br />
'''Securing dates to meet with Royal Holloway'''<br />
Currently coordinating meetings with Royal Holloway with Lorenzo Cavallaro (through Marco Morana) and also to Justin O'Brian (through Samantha Groves) to help us present the initiative to Royal Holloway as an initiative that their students can participate in. <br />
<br />
'''Confirming a round table session at AppSec UK.'''<br />
We are currently confirming a roundtable session to be held at AppSec UK [https://2014.appsec.eu/] in Cambridge to present the initiative to owasp members/sponsors - both academic/corporate. Coordinating this roundtable session with Samantha Groves, Adrian Winckles and Tobias Gondrom which will be held at the AppSec Project Summitt [https://www.owasp.org/index.php/OWASP_Project_Summit_2014/Home] and presented by Neill Gernon on June 23rd/24th at Angelia Ruskin University Cambridge.<br />
<br />
<br />
'''Update: Tuesday 27th May'''<br />
<br />
Meeting with Justin O'Brian (MBA Director & entrepreneurship at Royal Holloway) went well and he is recommending our initiative to professors leading the computer science, info security and IT institutes.<br />
<br />
<br />
'''Update: Monday 2nd June'''<br />
<br />
Meeting confirmed for 20th June to present initiative with UCL professors Angela Sasse, David Pym and team at the Research institute in the Science of Cyber Security at UCL.<br />
<br />
Roundtable event confirmed. Neill Gernon will be presenting (joined by Marco Morana via Call) a roundtable talk at AppSecEU in Cambridge on the 24th June 2pm-6pm. Attendees will be able to join in person or attend online and all will be asked to [http://attending.io/events/appseceu register on our event page] We aim to inform the appsec community of our initiative and gain advocates, help and initiative sponsors.<br />
<br />
<br />
<br />
<br />
<br />
<br />
= Milestones =<br />
<br />
'''Milestones and Goals'''<br />
<br />
The OWASP pre-incubator security start-up project includes the following milestones;<br />
<br />
1) OWASP Security start-up pre-incubator process guide that document the process the WHAT that is a guide that can be followed by a non-profit entity such as OWASP, University, and Government Agency to run a security start-up pre-incubator program. We will document all steps of the process that can be followed to create pre seed funding security start-ups which can be replicated by following this program including<br />
the different stages that lead from opportunity to idea concept to creation of the open source prototype to the start-ups itself. The guide provide guidance on the goals of the various activities such as events, prototyping workshops and hackathons (e.g. goal is to experiment with OWASP open source tools, templates for the development of working prototypes) create and sign legal contract agreements, creation and validation of PoCs Proof of Concepts.<br />
<br />
2) OWASP Security start-up pre-incubator process manual that teaches the HOW that is how to engage with the start-up community locally (start), organize events, workshops, hackathons, mentoring and prepare business plans for participation to security incubators start-ups (end);<br />
<br />
3) OWASP Security start-up pre-incubator wiki site to manage the steps of the startup security pre accelerator process and document the proof of concept prototypes that can go on to be fully incubated start-ups; This wiki site will be created as OWASP pre-accelerator web site and will help it to be taken forward and used by OWASP chapters in different areas/countries.<br />
<br />
4) Documented results of piloting with a start-up pre-incubator real case that includes using the process guide the manual the wiki site to run a real case of pre-incubator program by running it at one of the established start up campuses in London pending on availability and agreements.<br />
<br />
5) OWASP open source working software prototype/PoCof an open source application security software/technology. This prototype/PoC is produced by following theseveral steps of the pre-accelerator security incubator program and is produced by the initiative participants as residents in the pre-accelerator working space and validated by the open source community. The scope of the prototype is to validate a proof of concept of a new idea that makes either web or mobile applications more secure. This prototype is released as open source to the community.<br />
<br />
=How to Get involved=<br />
<br />
Signup to our mailing list, updates coming soon!<br />
Mail list> https://lists.owasp.org/mailman/listinfo/owasp_cyber_security_pre-accelerator_initiative <br />
<br />
__NOTOC__ <headertabs /> <br />
<br />
[[Category:OWASP Global_Initiatives]] <br />
<br />
<br />
<br />
<br />
<br />
<br />
<headertabs/> <br />
__NOTOC__</div>Neill Gernonhttps://wiki.owasp.org/index.php?title=Global_Initiatives/Cyber_Security_Pre-accelerator_Initiative&diff=176242Global Initiatives/Cyber Security Pre-accelerator Initiative2014-06-02T12:38:35Z<p>Neill Gernon: </p>
<hr />
<div>=Main=<br />
<br />
<div style="width:100%;height:160px;border:0,margin:0;overflow: hidden;">[[File:Initiatives_banner_large.jpg|link=]]</div><br />
<br />
{| style="padding: 0;margin:0;margin-top:10px;text-align:left;" |-<br />
| valign="top" style="border-right: 1px dotted gray;padding-right:25px;" |<br />
<br />
==OWASP Cyber Security Startup Initiative==<br />
<br />
The aim of the OWASP Cyber Security Startup Initiative (CSSI) is to catalyse opportunities for innovation in application security by promoting the creation of prototypes of open source tools produced by entrepreneur-lead teams seeking to form cyber-security start-ups. OWASP will be piloting this initiative by running the cyber security incubator with sponsors. The ideal sponsors of this initiative are academic institutions, government entities and corporate sponsors/private investors. OWASP will manage the initiative end to end: from the initial planning and documentation of the cyber-security start-up process to the running and the piloting the initiative to the final documentation of the process and incorporation of the lessons learned. OWASP will be managing the logistical aspects of the program and OWASP leaders will mentor prospective cyber-security start-ups teams in the creation of the prototypes using free open source tools and APIs. OWASP will work together with the sponsors of this initiative by preparing the prospective cyber-security start-up(s) to seek funding by investor(s) at a later acceleration stage of the creation of the start-up.<br />
<br />
==Initiative Goals==<br />
<br />
The main goal of the pre-accelerator is to create opportunities for prospective entrepreneur-lead teams to transform ideas into open source community-validated concepts. The pursuit of innovative ideas can lead to the development of prototypes and (PoCs) Proof of Concept(s). Prospective start-ups can leverage no-cost OWASP resources that includes open source tools, documents/guides and training modules. The OWASP security incubator will offer to the selected entrepreneur-lead teams a structured place to work to experiment with the creation of working prototypes. The program, the workplace and the funding for the creation of the prototypes will be funded by OWASP corporate sponsorship(s). The initiative manuals and the prototypes developed by the start-ups will be released as open source to the application security community. The validation of the ideas with proof of concepts will help the start-up to participate to the next phase that is the cyber-security start-up acceleration program. The experience gained will help prospective start-ups to develop a Minimum Viable Product (MVP) and seek funding from prospective investors for further development.<br />
<br />
==Initiative Focus ==<br />
<br />
This initiative will focus on the pre-incubator/pre-acceleration phase that is the preliminary phase that leads to the incubation of a possible start-up. This is the phase where talent is nurtured and ideas are developed, concepts are validated and prototypes are tested. The goal of the pre-acceleration phase is to create Proof of Concepts (PoCs) of prototypes of application security products. This phase leads to the next phase that is the acceleration phase. Entrepreneur-lead teams participating to the OWASP pre-acceleration program can possibly use these POCs/prototypes to develop Minimum Viable Product (MVPs) in the acceleration stage. These MVPs might be used to present to Angel investors/VCs to seek funding for the creation of their start-ups using these products.<br />
<br />
==Beneficiaries of this Initiative==<br />
<br />
The OWASP pre-incubator security start-up initiative helps the collaborative effort of academic institutions, government entities as well as corporate sponsors in the creation their cyber-security innovation campus/acceleration programs for cyber-security start-ups. The role of OWASP in this initiative is to provide the tools, the training modules, the documentation guides that help start-ups teams selected to participate into the pre-acceleation program to design, implement and test secure software. The ideal candidates for the participation to this initiative are teams of young graduates from universities with curriculum in cyber-security that are interested in experimenting with application security tools and create innovative ways to test and to develop secure software. By spearheading the creation of cyber-security pre-acceleator programs OWASP will also create the opportunity for these teams of young college graduates to experiment with software security concepts, develop working prototypes of secure software. The experience gained by participating to the program will help young graduates to seek a career in software security as well as to become self-employed in a new cyber-security start-up that can leverage OWASP tools and prototypes developed (e.g. by using them in the start-up software security consulting services). The experience gained will help start-ups to develop their business plans and MVPs. These business plans and MVPs could be presented to prospective investors for funding. By participating to this initiative, prospective start-ups will be better positioned to move up to the next phase and seek funds such as seed capital investment from prospective investors/VCs/Angels. <br />
<br />
==Initiative Participation Requirements==<br />
<br />
Participants to the OWASP pre-acceleration security start-up program are required to respect the open source licenses for the use of OWASP tools and for the prototypes/PoCs being developed. OWASP prototypes/PoCs should be released as open source and subjected to the Creative Commons 3.0 License (see [https://www.owasp.org/index.php/OWASP_Licenses OWASP licenses] for details). <br />
<br />
==The role of OWASP in this Initiative==<br />
<br />
OWASP will provide funding for running of the initiative using OWASP corporate sponsorship. The funding will be used to run the initiative and to manage the logistical aspects of the program that includes providing office space for prospective start-up teams, conduct the "hackatons" to experiment with OWASP tools and resources and organize training sessions with application security mentors. The artefacts produced by the start-ups will also funded by the initiative: these will be released as open source at the end of the program. Part of the funding will be also allocated for documenting the process such as creation of guidelines for managing the pre-accelerator for security start-ups. The lessons learned by running the pre-accelerator program will be documented and distributed to the various sponsors of the initiative (e.g. academic institutions, corporate sponsors, government institutions) as well as released as free resource to be used by the application security community as a whole.<br />
<br />
Since OWASP is a non for profit organisation is not involved in any commercialisation aspects of the tools and products/MVPs that will be developed in the future by the start-ups that participated to the pre-acceleration program. OWASP will be only involved in running the start-up incubator program and in the funding of OWASP open source projects created by the start-ups that participate to this initiative. OWASP will not invest into the start-ups and will not take any commercial interests in the development of products that the start-up will develop outside this program. This includes also products/MVPs that are used to seek funds such as seed capital for the start-up.<br />
<br />
The OWASP organization, through the global foundation and his local chapters and the leaders of this initiative will ONLY run and manage the security start-up pre-accelerator program and fund the development of prototypes/PoCs that will be released as open source. OWASP will provide in-person mentoring in application security to the start-up teams participating to the program and mentoring to help teams to take their ideas into working prototypes/tools. OWASP will also collect data while running this program that will be useful for the documentation of the program manuals as lesson learnt. A the end of the pre-incubation phase, OWASP mentors will also teach the start-ups on how to create business plans and will advise in the technical aspects related to the proposal of new products and services. <br />
<br />
==Initiative Collaboration Effort==<br />
<br />
OWASP will be managing and run this initiative in collaboration with the sponsors. The likely sponsor(s) of this initiative are academic institutions that already have cyber-security curriculum and graduate programs in cyber-security as well as government organisations, corporate sponsors that would like to partner with academic institutions for the creation of cyber-security incubators for start-ups. Examples of these academic-government-private partnerships are the [http://cyber.bgu.ac.il/research Cyber Labs incubator in Israel], the [https://www.mach37.com Cyber-security start-up accelerators in VA USA] the [http://www.bwtechumbc.com/cyber/ Cyber Incubator@bwtech in MD USA] and the [http://cyberhivesandiego.org/about/about-cyberhive/ CyberHive in CA-USA San Diego]<br />
<br />
==Participation and Sponsorship Appeal==<br />
<br />
Corporate sponsors, academic institutions and government organisations interested in participating in the OWASP cyber-security pre-acceleration initiative can contact the initiative leaders (ref to the leaders info of this page) as well as [https://www.owasp.org/index.php/About_OWASP OWASP foundation board] directly. OWASP has different corporate sponsorship options available and all provide benefits. More information on OWASP corporate sponsorship can be found [https://www.owasp.org/index.php/Corporate_Membership here]<br />
<br />
If you are interested to directly contribute to the Cyber Security Pre Startup Accelerator Initiative please fill in the following [https://docs.google.com/forms/d/1hg3xqM3fHKDda0WshTEC7UTzK4nwcr1j6H79mHXSBoQ/viewform sponsorship form]<br />
<br />
==References==<br />
<br />
Ron Moritz, CISSP Managing Director, MTC OWASP:, 1 October 2013, [https://www.owasp.org/images/4/4d/OWASP_IL_2013_10_OWASP_Ron_Moritz_Why_Are_Investors_Excited_About_Cyber_Security_Startups.pdf Why Investors are excited about cyber-security start-ups, again?]<br />
<br />
Trusted Software Alliance, May 26, 2014, Security start-ups with Michael Coates [http://trustedsoftwarealliance.com/category/tswa-news-network/security-start-ups/ podcast]<br />
<br />
Financial Times: Investors flock to [http://www.ft.com/intl/cms/s/0/f5c87808-a883-11e3-b50f-00144feab7de.html#axzz32vM8YvW6/ Cyber Security Startups]<br />
<br />
| valign="top" style="padding-left:25px;width:200px;border-right: 1px dotted gray;padding-right:25px;" |<br />
<br />
== Presentation Materials ==<br />
<br />
[https://www.owasp.org/images/4/42/OWASP_Security_Pre-Accelerator_Initiative.pdf OWASP Start-up initiative proposal documentation]<br />
<br />
[https://www.owasp.org/images/9/9b/OWASP_Security_Incubator_Presentation.pdf Atrovate proposal to OWASP presentation deck]<br />
<br />
[https://docs.google.com/presentation/d/1gktnLLffegbiqiMTAFLUM7GXXANg7zGbMDaP5ZiJE-A/edit Presentation for Sponsors]<br />
<br />
''Note: this initiative proposal is released to OWASP for the purpose of seeking OWASP corporate funding only and should considered propriety of the authors and OWASP. This material cannot distributed and used for commercial purposes and without consent of the authors''<br />
<br />
== Initiative Leader(s) ==<br />
<br />
[https://www.owasp.org/index.php/User:Neill_Gernon Neill Gernon]<br />
[https://www.owasp.org/index.php/Marco_Morana Marco Morana]<br />
<br />
<br />
== Mailing List ==<br />
<br />
* [https://lists.owasp.org/mailman/listinfo/owasp_cyber_security_pre-accelerator_initiative Mailing List]<br />
<br />
|}<br />
<br />
= News and Events =<br />
<br />
'''Starting point/To date'''<br />
Neill Gernon and Marco Morana have worked up to this point on:<br />
-Startup community engagement> Meetings with London startup hubs including Level39 (Europes largest accelerator space), IDEALondon and universitys like Kings University where Marco spoke about the programme with thier security leaders. Also had meetings inside Google Campus London, Tech Hub and Central Working.<br />
-Programme planning> Designing the programme which has taken inspiration from lean prototyping workshops that Neill Gernon runs in London and Dublin startup clusters. Planning stages also included engaging with owasp staff including Samantha Groves, Kelly Santalucia and GK Southwick to conclude that this should be submitted and structured as an initiative.<br />
-Coordinating owasp meetings: Meetings with owasp chapter leaders including Tobias Gondrom, Justin Clarke and Marco Morana.<br />
<br />
'''Thursday, 24th April - Meeting.'''<br />
Meeting (conference call) between Neill Gernon & Marco Morana concluded the following:<br />
-Speakers/Mentors> <br />
(a) Will will be looking to confirm speakers for the first kick off event (mid May). At this kick off event Neill Gernon & Marco Morana will talk on the programme format and the benifits to participants - this is an overview of the programme and a chance for all interested to come together and connect pre- initiative launch. Also to answer any questions attendees have before beginning. <br />
(b) Will be looking to confirm mentors for the pre-accelerator programme. These mentors will commit to specific calander dates to give team advisory, product validation, people mentorship and guidance through out the initiative.<br />
-Calander> Now we have a chosen starting point (kick off event by the 22nd May in London), we will be outlining the calander timeline of events, workshops and hackathon dates/times. *This initiative schedule will be updated to the wiki soon*<br />
-Sponsor details: Waiting to get confirmation from sponsors on how they wish to support initiative and owasp<br />
-How to continuously update the wiki for future updates and initiative news.<br />
<br />
Kick off event date, sponsor details, speakers and mentor confirmation will be following this meeting.<br />
<br />
<br />
'''Friday 9th May - Update on sponsor signup'''<br />
Created a quick "google form" along with a new presentation to get sponsors signed up to the initiative. Confirmation of dates and venue pending and subject to sponsor commitment due to venue expenses. <br />
Potential sponsors have been two options: <br />
1. join owasp membership and a % goes toward the initiative<br />
2. sponsor initiative direct<br />
Google form found [here> https://docs.google.com/forms/d/1hg3xqM3fHKDda0WshTEC7UTzK4nwcr1j6H79mHXSBoQ/viewform .]<br />
<br />
Additional updates> <br />
1. Wednesday meeting with Marco Moran confirmed to discuss initiative progress, venue, dates and sponsor confirmation.<br />
2. Monday - Meeting with IDEALondon to discuss venue and initiative start dates<br />
3. Monday - Meeting with a London university to propose initiative sponsorship<br />
<br />
<br />
''''Friday 23rd May - Update on sponsor/meeting progress''''<br />
Coordinating venue, sponsor and dates has taking longer than expected but continuing to progress with target engagements.<br />
Continued email discussions with Neill Gernon and Marco Morana on the progress of initiative to this date.<br />
<br />
'''Academic Sponsors/meeting.'''<br />
'''Securing dates to meet with UCL'''<br />
Meeting with researchers from the Research Institute in Science of Cybersecurity [http://www.ucl.ac.uk/cybersecurity] for the week of the 2nd of June. Meeting will be Neill Gernon and Marco Morana presenting initiative to Professor M. Angela Sasse [http://sec.cs.ucl.ac.uk/people/m_angela_sasse/] and to Professor David Pym [http://www0.cs.ucl.ac.uk/people/D.Pym.html] as well as other additional professors from the Institute. The goal is to present the initiative as potential r&d research for UCL and as a career route for UCL students to create cyber security startups to drive cyber security innovation. <br />
<br />
'''Progress with Kings University'''<br />
Marco Morana will also be engaging with contacts at Kings University London to arrange meeting to present the initiative for the university/students. <br />
<br />
'''Securing dates to meet with Royal Holloway'''<br />
Currently coordinating meetings with Royal Holloway with Lorenzo Cavallaro (through Marco Morana) and also to Justin O'Brian (through Samantha Groves) to help us present the initiative to Royal Holloway as an initiative that their students can participate in. <br />
<br />
'''Confirming a round table session at AppSec UK.'''<br />
We are currently confirming a roundtable session to be held at AppSec UK [https://2014.appsec.eu/] in Cambridge to present the initiative to owasp members/sponsors - both academic/corporate. Coordinating this roundtable session with Samantha Groves, Adrian Winckles and Tobias Gondrom which will be held at the AppSec Project Summitt [https://www.owasp.org/index.php/OWASP_Project_Summit_2014/Home] and presented by Neill Gernon on June 23rd/24th at Angelia Ruskin University Cambridge.<br />
<br />
<br />
'''Update: Tuesday 27th May'''<br />
Meeting with Justin O'Brian (MBA Director & entrepreneurship at Royal Holloway) went well and he is recommending our initiative to professors leading the computer science, info security and IT institutes.<br />
<br />
<br />
'''Update: Monday 2nd June'''<br />
Meeting confirmed for 20th June to present initiative with UCL professors Angela Sasse, David Pym and team at the Research institute in the Science of Cyber Security at UCL.<br />
<br />
Roundtable event confirmed. Neill Gernon will be presenting (joined by Marco Morana via Call) a roundtable talk at AppSecEU in Cambridge on the 24th June 2pm-6pm. Attendees will be able to join in person or attend online and all will be asked to [http://attending.io/events/appseceu register on our event page] We aim to inform the appsec community of our initiative and gain advocates, help and initiative sponsors.<br />
<br />
<br />
<br />
<br />
<br />
<br />
= Milestones =<br />
<br />
'''Milestones and Goals'''<br />
<br />
The OWASP pre-incubator security start-up project includes the following milestones;<br />
<br />
1) OWASP Security start-up pre-incubator process guide that document the process the WHAT that is a guide that can be followed by a non-profit entity such as OWASP, University, and Government Agency to run a security start-up pre-incubator program. We will document all steps of the process that can be followed to create pre seed funding security start-ups which can be replicated by following this program including<br />
the different stages that lead from opportunity to idea concept to creation of the open source prototype to the start-ups itself. The guide provide guidance on the goals of the various activities such as events, prototyping workshops and hackathons (e.g. goal is to experiment with OWASP open source tools, templates for the development of working prototypes) create and sign legal contract agreements, creation and validation of PoCs Proof of Concepts.<br />
<br />
2) OWASP Security start-up pre-incubator process manual that teaches the HOW that is how to engage with the start-up community locally (start), organize events, workshops, hackathons, mentoring and prepare business plans for participation to security incubators start-ups (end);<br />
<br />
3) OWASP Security start-up pre-incubator wiki site to manage the steps of the startup security pre accelerator process and document the proof of concept prototypes that can go on to be fully incubated start-ups; This wiki site will be created as OWASP pre-accelerator web site and will help it to be taken forward and used by OWASP chapters in different areas/countries.<br />
<br />
4) Documented results of piloting with a start-up pre-incubator real case that includes using the process guide the manual the wiki site to run a real case of pre-incubator program by running it at one of the established start up campuses in London pending on availability and agreements.<br />
<br />
5) OWASP open source working software prototype/PoCof an open source application security software/technology. This prototype/PoC is produced by following theseveral steps of the pre-accelerator security incubator program and is produced by the initiative participants as residents in the pre-accelerator working space and validated by the open source community. The scope of the prototype is to validate a proof of concept of a new idea that makes either web or mobile applications more secure. This prototype is released as open source to the community.<br />
<br />
=How to Get involved=<br />
<br />
Signup to our mailing list, updates coming soon!<br />
Mail list> https://lists.owasp.org/mailman/listinfo/owasp_cyber_security_pre-accelerator_initiative <br />
<br />
__NOTOC__ <headertabs /> <br />
<br />
[[Category:OWASP Global_Initiatives]] <br />
<br />
<br />
<br />
<br />
<br />
<br />
<headertabs/> <br />
__NOTOC__</div>Neill Gernonhttps://wiki.owasp.org/index.php?title=Global_Initiatives/Cyber_Security_Pre-accelerator_Initiative&diff=176241Global Initiatives/Cyber Security Pre-accelerator Initiative2014-06-02T12:36:39Z<p>Neill Gernon: </p>
<hr />
<div>=Main=<br />
<br />
<div style="width:100%;height:160px;border:0,margin:0;overflow: hidden;">[[File:Initiatives_banner_large.jpg|link=]]</div><br />
<br />
{| style="padding: 0;margin:0;margin-top:10px;text-align:left;" |-<br />
| valign="top" style="border-right: 1px dotted gray;padding-right:25px;" |<br />
<br />
==OWASP Cyber Security Startup Initiative==<br />
<br />
The aim of the OWASP Cyber Security Startup Initiative (CSSI) is to catalyse opportunities for innovation in application security by promoting the creation of prototypes of open source tools produced by entrepreneur-lead teams seeking to form cyber-security start-ups. OWASP will be piloting this initiative by running the cyber security incubator with sponsors. The ideal sponsors of this initiative are academic institutions, government entities and corporate sponsors/private investors. OWASP will manage the initiative end to end: from the initial planning and documentation of the cyber-security start-up process to the running and the piloting the initiative to the final documentation of the process and incorporation of the lessons learned. OWASP will be managing the logistical aspects of the program and OWASP leaders will mentor prospective cyber-security start-ups teams in the creation of the prototypes using free open source tools and APIs. OWASP will work together with the sponsors of this initiative by preparing the prospective cyber-security start-up(s) to seek funding by investor(s) at a later acceleration stage of the creation of the start-up.<br />
<br />
==Initiative Goals==<br />
<br />
The main goal of the pre-accelerator is to create opportunities for prospective entrepreneur-lead teams to transform ideas into open source community-validated concepts. The pursuit of innovative ideas can lead to the development of prototypes and (PoCs) Proof of Concept(s). Prospective start-ups can leverage no-cost OWASP resources that includes open source tools, documents/guides and training modules. The OWASP security incubator will offer to the selected entrepreneur-lead teams a structured place to work to experiment with the creation of working prototypes. The program, the workplace and the funding for the creation of the prototypes will be funded by OWASP corporate sponsorship(s). The initiative manuals and the prototypes developed by the start-ups will be released as open source to the application security community. The validation of the ideas with proof of concepts will help the start-up to participate to the next phase that is the cyber-security start-up acceleration program. The experience gained will help prospective start-ups to develop a Minimum Viable Product (MVP) and seek funding from prospective investors for further development.<br />
<br />
==Initiative Focus ==<br />
<br />
This initiative will focus on the pre-incubator/pre-acceleration phase that is the preliminary phase that leads to the incubation of a possible start-up. This is the phase where talent is nurtured and ideas are developed, concepts are validated and prototypes are tested. The goal of the pre-acceleration phase is to create Proof of Concepts (PoCs) of prototypes of application security products. This phase leads to the next phase that is the acceleration phase. Entrepreneur-lead teams participating to the OWASP pre-acceleration program can possibly use these POCs/prototypes to develop Minimum Viable Product (MVPs) in the acceleration stage. These MVPs might be used to present to Angel investors/VCs to seek funding for the creation of their start-ups using these products.<br />
<br />
==Beneficiaries of this Initiative==<br />
<br />
The OWASP pre-incubator security start-up initiative helps the collaborative effort of academic institutions, government entities as well as corporate sponsors in the creation their cyber-security innovation campus/acceleration programs for cyber-security start-ups. The role of OWASP in this initiative is to provide the tools, the training modules, the documentation guides that help start-ups teams selected to participate into the pre-acceleation program to design, implement and test secure software. The ideal candidates for the participation to this initiative are teams of young graduates from universities with curriculum in cyber-security that are interested in experimenting with application security tools and create innovative ways to test and to develop secure software. By spearheading the creation of cyber-security pre-acceleator programs OWASP will also create the opportunity for these teams of young college graduates to experiment with software security concepts, develop working prototypes of secure software. The experience gained by participating to the program will help young graduates to seek a career in software security as well as to become self-employed in a new cyber-security start-up that can leverage OWASP tools and prototypes developed (e.g. by using them in the start-up software security consulting services). The experience gained will help start-ups to develop their business plans and MVPs. These business plans and MVPs could be presented to prospective investors for funding. By participating to this initiative, prospective start-ups will be better positioned to move up to the next phase and seek funds such as seed capital investment from prospective investors/VCs/Angels. <br />
<br />
==Initiative Participation Requirements==<br />
<br />
Participants to the OWASP pre-acceleration security start-up program are required to respect the open source licenses for the use of OWASP tools and for the prototypes/PoCs being developed. OWASP prototypes/PoCs should be released as open source and subjected to the Creative Commons 3.0 License (see [https://www.owasp.org/index.php/OWASP_Licenses OWASP licenses] for details). <br />
<br />
==The role of OWASP in this Initiative==<br />
<br />
OWASP will provide funding for running of the initiative using OWASP corporate sponsorship. The funding will be used to run the initiative and to manage the logistical aspects of the program that includes providing office space for prospective start-up teams, conduct the "hackatons" to experiment with OWASP tools and resources and organize training sessions with application security mentors. The artefacts produced by the start-ups will also funded by the initiative: these will be released as open source at the end of the program. Part of the funding will be also allocated for documenting the process such as creation of guidelines for managing the pre-accelerator for security start-ups. The lessons learned by running the pre-accelerator program will be documented and distributed to the various sponsors of the initiative (e.g. academic institutions, corporate sponsors, government institutions) as well as released as free resource to be used by the application security community as a whole.<br />
<br />
Since OWASP is a non for profit organisation is not involved in any commercialisation aspects of the tools and products/MVPs that will be developed in the future by the start-ups that participated to the pre-acceleration program. OWASP will be only involved in running the start-up incubator program and in the funding of OWASP open source projects created by the start-ups that participate to this initiative. OWASP will not invest into the start-ups and will not take any commercial interests in the development of products that the start-up will develop outside this program. This includes also products/MVPs that are used to seek funds such as seed capital for the start-up.<br />
<br />
The OWASP organization, through the global foundation and his local chapters and the leaders of this initiative will ONLY run and manage the security start-up pre-accelerator program and fund the development of prototypes/PoCs that will be released as open source. OWASP will provide in-person mentoring in application security to the start-up teams participating to the program and mentoring to help teams to take their ideas into working prototypes/tools. OWASP will also collect data while running this program that will be useful for the documentation of the program manuals as lesson learnt. A the end of the pre-incubation phase, OWASP mentors will also teach the start-ups on how to create business plans and will advise in the technical aspects related to the proposal of new products and services. <br />
<br />
==Initiative Collaboration Effort==<br />
<br />
OWASP will be managing and run this initiative in collaboration with the sponsors. The likely sponsor(s) of this initiative are academic institutions that already have cyber-security curriculum and graduate programs in cyber-security as well as government organisations, corporate sponsors that would like to partner with academic institutions for the creation of cyber-security incubators for start-ups. Examples of these academic-government-private partnerships are the [http://cyber.bgu.ac.il/research Cyber Labs incubator in Israel], the [https://www.mach37.com Cyber-security start-up accelerators in VA USA] the [http://www.bwtechumbc.com/cyber/ Cyber Incubator@bwtech in MD USA] and the [http://cyberhivesandiego.org/about/about-cyberhive/ CyberHive in CA-USA San Diego]<br />
<br />
==Participation and Sponsorship Appeal==<br />
<br />
Corporate sponsors, academic institutions and government organisations interested in participating in the OWASP cyber-security pre-acceleration initiative can contact the initiative leaders (ref to the leaders info of this page) as well as [https://www.owasp.org/index.php/About_OWASP OWASP foundation board] directly. OWASP has different corporate sponsorship options available and all provide benefits. More information on OWASP corporate sponsorship can be found [https://www.owasp.org/index.php/Corporate_Membership here]<br />
<br />
If you are interested to directly contribute to the Cyber Security Pre Startup Accelerator Initiative please fill in the following [https://docs.google.com/forms/d/1hg3xqM3fHKDda0WshTEC7UTzK4nwcr1j6H79mHXSBoQ/viewform sponsorship form]<br />
<br />
==References==<br />
<br />
Ron Moritz, CISSP Managing Director, MTC OWASP:, 1 October 2013, [https://www.owasp.org/images/4/4d/OWASP_IL_2013_10_OWASP_Ron_Moritz_Why_Are_Investors_Excited_About_Cyber_Security_Startups.pdf Why Investors are excited about cyber-security start-ups, again?]<br />
<br />
Trusted Software Alliance, May 26, 2014, Security start-ups with Michael Coates [http://trustedsoftwarealliance.com/category/tswa-news-network/security-start-ups/ podcast]<br />
<br />
Financial Times: Investors flock to [http://www.ft.com/intl/cms/s/0/f5c87808-a883-11e3-b50f-00144feab7de.html#axzz32vM8YvW6/ Cyber Security Startups]<br />
<br />
| valign="top" style="padding-left:25px;width:200px;border-right: 1px dotted gray;padding-right:25px;" |<br />
<br />
== Presentation Materials ==<br />
<br />
[https://www.owasp.org/images/4/42/OWASP_Security_Pre-Accelerator_Initiative.pdf OWASP Start-up initiative proposal documentation]<br />
<br />
[https://www.owasp.org/images/9/9b/OWASP_Security_Incubator_Presentation.pdf Atrovate proposal to OWASP presentation deck]<br />
<br />
[https://docs.google.com/presentation/d/1gktnLLffegbiqiMTAFLUM7GXXANg7zGbMDaP5ZiJE-A/edit Presentation for Sponsors]<br />
<br />
''Note: this initiative proposal is released to OWASP for the purpose of seeking OWASP corporate funding only and should considered propriety of the authors and OWASP. This material cannot distributed and used for commercial purposes and without consent of the authors''<br />
<br />
== Initiative Leader(s) ==<br />
<br />
[https://www.owasp.org/index.php/User:Neill_Gernon Neill Gernon]<br />
[https://www.owasp.org/index.php/Marco_Morana Marco Morana]<br />
<br />
<br />
== Mailing List ==<br />
<br />
* [https://lists.owasp.org/mailman/listinfo/owasp_cyber_security_pre-accelerator_initiative Mailing List]<br />
<br />
|}<br />
<br />
= News and Events =<br />
<br />
'''Starting point/To date'''<br />
Neill Gernon and Marco Morana have worked up to this point on:<br />
-Startup community engagement> Meetings with London startup hubs including Level39 (Europes largest accelerator space), IDEALondon and universitys like Kings University where Marco spoke about the programme with thier security leaders. Also had meetings inside Google Campus London, Tech Hub and Central Working.<br />
-Programme planning> Designing the programme which has taken inspiration from lean prototyping workshops that Neill Gernon runs in London and Dublin startup clusters. Planning stages also included engaging with owasp staff including Samantha Groves, Kelly Santalucia and GK Southwick to conclude that this should be submitted and structured as an initiative.<br />
-Coordinating owasp meetings: Meetings with owasp chapter leaders including Tobias Gondrom, Justin Clarke and Marco Morana.<br />
<br />
'''Thursday, 24th April - Meeting.'''<br />
Meeting (conference call) between Neill Gernon & Marco Morana concluded the following:<br />
-Speakers/Mentors> <br />
(a) Will will be looking to confirm speakers for the first kick off event (mid May). At this kick off event Neill Gernon & Marco Morana will talk on the programme format and the benifits to participants - this is an overview of the programme and a chance for all interested to come together and connect pre- initiative launch. Also to answer any questions attendees have before beginning. <br />
(b) Will be looking to confirm mentors for the pre-accelerator programme. These mentors will commit to specific calander dates to give team advisory, product validation, people mentorship and guidance through out the initiative.<br />
-Calander> Now we have a chosen starting point (kick off event by the 22nd May in London), we will be outlining the calander timeline of events, workshops and hackathon dates/times. *This initiative schedule will be updated to the wiki soon*<br />
-Sponsor details: Waiting to get confirmation from sponsors on how they wish to support initiative and owasp<br />
-How to continuously update the wiki for future updates and initiative news.<br />
<br />
Kick off event date, sponsor details, speakers and mentor confirmation will be following this meeting.<br />
<br />
<br />
'''Friday 9th May - Update on sponsor signup'''<br />
Created a quick "google form" along with a new presentation to get sponsors signed up to the initiative. Confirmation of dates and venue pending and subject to sponsor commitment due to venue expenses. <br />
Potential sponsors have been two options: <br />
1. join owasp membership and a % goes toward the initiative<br />
2. sponsor initiative direct<br />
Google form found [here> https://docs.google.com/forms/d/1hg3xqM3fHKDda0WshTEC7UTzK4nwcr1j6H79mHXSBoQ/viewform .]<br />
<br />
Additional updates> <br />
1. Wednesday meeting with Marco Moran confirmed to discuss initiative progress, venue, dates and sponsor confirmation.<br />
2. Monday - Meeting with IDEALondon to discuss venue and initiative start dates<br />
3. Monday - Meeting with a London university to propose initiative sponsorship<br />
<br />
<br />
''''Friday 23rd May - Update on sponsor/meeting progress''''<br />
Coordinating venue, sponsor and dates has taking longer than expected but continuing to progress with target engagements.<br />
Continued email discussions with Neill Gernon and Marco Morana on the progress of initiative to this date.<br />
<br />
'''Academic Sponsors/meeting.'''<br />
'''Securing dates to meet with UCL'''<br />
Meeting with researchers from the Research Institute in Science of Cybersecurity [http://www.ucl.ac.uk/cybersecurity] for the week of the 2nd of June. Meeting will be Neill Gernon and Marco Morana presenting initiative to Professor M. Angela Sasse [http://sec.cs.ucl.ac.uk/people/m_angela_sasse/] and to Professor David Pym [http://www0.cs.ucl.ac.uk/people/D.Pym.html] as well as other additional professors from the Institute. The goal is to present the initiative as potential r&d research for UCL and as a career route for UCL students to create cyber security startups to drive cyber security innovation. <br />
<br />
'''Progress with Kings University'''<br />
Marco Morana will also be engaging with contacts at Kings University London to arrange meeting to present the initiative for the university/students. <br />
<br />
'''Securing dates to meet with Royal Holloway'''<br />
Currently coordinating meetings with Royal Holloway with Lorenzo Cavallaro (through Marco Morana) and also to Justin O'Brian (through Samantha Groves) to help us present the initiative to Royal Holloway as an initiative that their students can participate in. <br />
<br />
'''Confirming a round table session at AppSec UK.'''<br />
We are currently confirming a roundtable session to be held at AppSec UK [https://2014.appsec.eu/] in Cambridge to present the initiative to owasp members/sponsors - both academic/corporate. Coordinating this roundtable session with Samantha Groves, Adrian Winckles and Tobias Gondrom which will be held at the AppSec Project Summitt [https://www.owasp.org/index.php/OWASP_Project_Summit_2014/Home] and presented by Neill Gernon on June 23rd/24th at Angelia Ruskin University Cambridge.<br />
<br />
<br />
'''Update: Tuesday 27th May'''<br />
Meeting with Justin O'Brian (MBA Director & entrepreneurship at Royal Holloway) went well and he is recommending our initiative to professors leading the computer science, info security and IT institutes.<br />
<br />
<br />
'''Update: Monday 2nd June'''<br />
Meeting confirmed for 20th June to present initiative with UCL professors Angela Sasse, David Pym and team at the Research institute in the Science of Cyber Security at UCL.<br />
<br />
Roundtable event confirmed. Neill Gernon will be presenting (joined by Marco Morana via Call) a roundtable talk at AppSecEU in Cambridge on the 24th June 2pm-6pm. Attendees will be able to join in person or attend online and all will be asked to register on event page [here http://attending.io/events/appseceu] We aim to inform the appsec community of our initiative and gain advocates, help and initiative sponsors.<br />
<br />
<br />
<br />
<br />
<br />
<br />
= Milestones =<br />
<br />
'''Milestones and Goals'''<br />
<br />
The OWASP pre-incubator security start-up project includes the following milestones;<br />
<br />
1) OWASP Security start-up pre-incubator process guide that document the process the WHAT that is a guide that can be followed by a non-profit entity such as OWASP, University, and Government Agency to run a security start-up pre-incubator program. We will document all steps of the process that can be followed to create pre seed funding security start-ups which can be replicated by following this program including<br />
the different stages that lead from opportunity to idea concept to creation of the open source prototype to the start-ups itself. The guide provide guidance on the goals of the various activities such as events, prototyping workshops and hackathons (e.g. goal is to experiment with OWASP open source tools, templates for the development of working prototypes) create and sign legal contract agreements, creation and validation of PoCs Proof of Concepts.<br />
<br />
2) OWASP Security start-up pre-incubator process manual that teaches the HOW that is how to engage with the start-up community locally (start), organize events, workshops, hackathons, mentoring and prepare business plans for participation to security incubators start-ups (end);<br />
<br />
3) OWASP Security start-up pre-incubator wiki site to manage the steps of the startup security pre accelerator process and document the proof of concept prototypes that can go on to be fully incubated start-ups; This wiki site will be created as OWASP pre-accelerator web site and will help it to be taken forward and used by OWASP chapters in different areas/countries.<br />
<br />
4) Documented results of piloting with a start-up pre-incubator real case that includes using the process guide the manual the wiki site to run a real case of pre-incubator program by running it at one of the established start up campuses in London pending on availability and agreements.<br />
<br />
5) OWASP open source working software prototype/PoCof an open source application security software/technology. This prototype/PoC is produced by following theseveral steps of the pre-accelerator security incubator program and is produced by the initiative participants as residents in the pre-accelerator working space and validated by the open source community. The scope of the prototype is to validate a proof of concept of a new idea that makes either web or mobile applications more secure. This prototype is released as open source to the community.<br />
<br />
=How to Get involved=<br />
<br />
Signup to our mailing list, updates coming soon!<br />
Mail list> https://lists.owasp.org/mailman/listinfo/owasp_cyber_security_pre-accelerator_initiative <br />
<br />
__NOTOC__ <headertabs /> <br />
<br />
[[Category:OWASP Global_Initiatives]] <br />
<br />
<br />
<br />
<br />
<br />
<br />
<headertabs/> <br />
__NOTOC__</div>Neill Gernonhttps://wiki.owasp.org/index.php?title=Global_Initiatives/Cyber_Security_Pre-accelerator_Initiative&diff=175856Global Initiatives/Cyber Security Pre-accelerator Initiative2014-05-27T14:59:55Z<p>Neill Gernon: </p>
<hr />
<div>=Main=<br />
<br />
<div style="width:100%;height:160px;border:0,margin:0;overflow: hidden;">[[File:Initiatives_banner_large.jpg|link=]]</div><br />
<br />
{| style="padding: 0;margin:0;margin-top:10px;text-align:left;" |-<br />
| valign="top" style="border-right: 1px dotted gray;padding-right:25px;" |<br />
<br />
==OWASP Cyber Security Startup Initiative==<br />
<br />
The aim of the OWASP Cyber Security Startup Initiative (CSSI) is to catalyse opportunities for innovation in application security by promoting the creation of prototypes of open source tools produced by entrepreneur-lead teams seeking to form cyber-security start-ups. OWASP will be piloting this initiative by running the cyber security incubator with sponsors. The ideal sponsors of this initiative are academic institutions, government entities and corporate sponsors/private investors. OWASP will manage the initiative end to end: from the initial planning and documentation of the cyber-security start-up process to the running and the piloting the initiative to the final documentation of the process and incorporation of the lessons learned. OWASP will be managing the logistical aspects of the program and OWASP leaders will mentor prospective cyber-security start-ups teams in the creation of the prototypes using free open source tools and APIs. OWASP will work together with the sponsors of this initiative by preparing the prospective cyber-security start-up(s) to seek funding by investor(s) at a later acceleration stage of the creation of the start-up.<br />
<br />
==Initiative Goals==<br />
<br />
The main goal of the pre-accelerator is to create opportunities for prospective entrepreneur-lead teams to transform ideas into open source community-validated concepts. The pursuit of innovative ideas can lead to the development of prototypes and (PoCs) Proof of Concept(s). Prospective start-ups can leverage no-cost OWASP resources that includes open source tools, documents/guides and training modules. The OWASP security incubator will offer to the selected entrepreneur-lead teams a structured place to work to experiment with the creation of working prototypes. The program, the workplace and the funding for the creation of the prototypes will be funded by OWASP corporate sponsorship(s). The initiative manuals and the prototypes developed by the start-ups will be released as open source to the application security community. The validation of the ideas with proof of concepts will help the start-up to participate to the next phase that is the cyber-security start-up acceleration program. The experience gained will help prospective start-ups to develop a Minimum Viable Product (MVP) and seek funding from prospective investors for further development.<br />
<br />
==Initiative Focus ==<br />
<br />
This initiative will focus on the pre-incubator/pre-acceleration phase that is the preliminary phase that leads to the incubation of a possible start-up. This is the phase where talent is nurtured and ideas are developed, concepts are validated and prototypes are tested. The goal of the pre-acceleration phase is to create Proof of Concepts (PoCs) of prototypes of application security products. This phase leads to the next phase that is the acceleration phase. Entrepreneur-lead teams participating to the OWASP pre-acceleration program can possibly use these POCs/prototypes to develop Minimum Viable Product (MVPs) in the acceleration stage. These MVPs might be used to present to Angel investors/VCs to seek funding for the creation of their start-ups using these products.<br />
<br />
==Beneficiaries of this Initiative==<br />
<br />
The OWASP pre-incubator security start-up initiative helps the collaborative effort of academic institutions, government entities as well as corporate sponsors in the creation their cyber-security innovation campus/acceleration programs for cyber-security start-ups. The role of OWASP in this initiative is to provide the tools, the training modules, the documentation guides that help start-ups teams selected to participate into the pre-acceleation program to design, implement and test secure software. The ideal candidates for the participation to this initiative are teams of young graduates from universities with curriculum in cyber-security that are interested in experimenting with application security tools and create innovative ways to test and to develop secure software. By spearheading the creation of cyber-security pre-acceleator programs OWASP will also create the opportunity for these teams of young college graduates to experiment with software security concepts, develop working prototypes of secure software. The experience gained by participating to the program will help young graduates to seek a career in software security as well as to become self-employed in a new cyber-security start-up that can leverage OWASP tools and prototypes developed (e.g. by using them in the start-up software security consulting services). The experience gained will help start-ups to develop their business plans and MVPs. These business plans and MVPs could be presented to prospective investors for funding. By participating to this initiative, prospective start-ups will be better positioned to move up to the next phase and seek funds such as seed capital investment from prospective investors/VCs/Angels. <br />
<br />
==Initiative Participation Requirements==<br />
<br />
Participants to the OWASP pre-acceleration security start-up program are required to respect the open source licenses for the use of OWASP tools and for the prototypes/PoCs being developed. OWASP prototypes/PoCs should be released as open source and subjected to the Creative Commons 3.0 License (see [https://www.owasp.org/index.php/OWASP_Licenses OWASP licenses] for details). <br />
<br />
==The role of OWASP in this Initiative==<br />
<br />
OWASP will provide funding for running of the initiative using OWASP corporate sponsorship. The funding will be used to run the initiative and to manage the logistical aspects of the program that includes providing office space for prospective start-up teams, conduct the "hackatons" to experiment with OWASP tools and resources and organize training sessions with application security mentors. The artefacts produced by the start-ups will also funded by the initiative: these will be released as open source at the end of the program. Part of the funding will be also allocated for documenting the process such as creation of guidelines for managing the pre-accelerator for security start-ups. The lessons learned by running the pre-accelerator program will be documented and distributed to the various sponsors of the initiative (e.g. academic institutions, corporate sponsors, government institutions) as well as released as free resource to be used by the application security community as a whole.<br />
<br />
Since OWASP is a non for profit organisation is not involved in any commercialisation aspects of the tools and products/MVPs that will be developed in the future by the start-ups that participated to the pre-acceleration program. OWASP will be only involved in running the start-up incubator program and in the funding of OWASP open source projects created by the start-ups that participate to this initiative. OWASP will not invest into the start-ups and will not take any commercial interests in the development of products that the start-up will develop outside this program. This includes also products/MVPs that are used to seek funds such as seed capital for the start-up.<br />
<br />
The OWASP organization, through the global foundation and his local chapters and the leaders of this initiative will ONLY run and manage the security start-up pre-accelerator program and fund the development of prototypes/PoCs that will be released as open source. OWASP will provide in-person mentoring in application security to the start-up teams participating to the program and mentoring to help teams to take their ideas into working prototypes/tools. OWASP will also collect data while running this program that will be useful for the documentation of the program manuals as lesson learnt. A the end of the pre-incubation phase, OWASP mentors will also teach the start-ups on how to create business plans and will advise in the technical aspects related to the proposal of new products and services. <br />
<br />
==Initiative Collaboration Effort==<br />
<br />
OWASP will be managing and run this initiative in collaboration with the sponsors. The likely sponsor(s) of this initiative are academic institutions that already have cyber-security curriculum and graduate programs in cyber-security as well as government organisations, corporate sponsors that would like to partner with academic institutions for the creation of cyber-security incubators for start-ups. Examples of these academic-government-private partnerships are the [http://cyber.bgu.ac.il/research Cyber Labs incubator in Israel], the [https://www.mach37.com Cyber-security start-up accelerators in VA USA] the [http://www.bwtechumbc.com/cyber/ Cyber Incubator@bwtech in MD USA] and the [http://cyberhivesandiego.org/about/about-cyberhive/ CyberHive in CA-USA San Diego]<br />
<br />
==Participation and Sponsorship Appeal==<br />
<br />
Corporate sponsors, academic institutions and government organisations interested in participating in the OWASP cyber-security pre-acceleration initiative can contact the initiative leaders (ref to the leaders info of this page) as well as [https://www.owasp.org/index.php/About_OWASP OWASP foundation board] directly. OWASP has different corporate sponsorship options available and all provide benefits. More information on OWASP corporate sponsorship can be found [https://www.owasp.org/index.php/Corporate_Membership here]<br />
<br />
If you are interested to directly contribute to the Cyber Security Pre Startup Accelerator Initiative please fill in the following [https://docs.google.com/forms/d/1hg3xqM3fHKDda0WshTEC7UTzK4nwcr1j6H79mHXSBoQ/viewform sponsorship form]<br />
<br />
==References==<br />
<br />
Ron Moritz, CISSP Managing Director, MTC OWASP:, 1 October 2013, [https://www.owasp.org/images/4/4d/OWASP_IL_2013_10_OWASP_Ron_Moritz_Why_Are_Investors_Excited_About_Cyber_Security_Startups.pdf Why Investors are excited about cyber-security start-ups, again?]<br />
<br />
Trusted Software Alliance, May 26, 2014, Security start-ups with Michael Coates [http://trustedsoftwarealliance.com/category/tswa-news-network/security-start-ups/ podcast]<br />
<br />
Financial Times: Investors flock to [http://www.ft.com/intl/cms/s/0/f5c87808-a883-11e3-b50f-00144feab7de.html#axzz32vM8YvW6/ Cyber Security Startups]<br />
<br />
| valign="top" style="padding-left:25px;width:200px;border-right: 1px dotted gray;padding-right:25px;" |<br />
<br />
== Presentation Materials ==<br />
<br />
[https://www.owasp.org/images/4/42/OWASP_Security_Pre-Accelerator_Initiative.pdf OWASP Start-up initiative proposal documentation]<br />
<br />
[https://www.owasp.org/images/9/9b/OWASP_Security_Incubator_Presentation.pdf Atrovate proposal to OWASP presentation deck]<br />
<br />
[https://docs.google.com/presentation/d/1gktnLLffegbiqiMTAFLUM7GXXANg7zGbMDaP5ZiJE-A/edit Presentation for Sponsors]<br />
<br />
''Note: this initiative proposal is released to OWASP for the purpose of seeking OWASP corporate funding only and should considered propriety of the authors and OWASP. This material cannot distributed and used for commercial purposes and without consent of the authors''<br />
<br />
== Initiative Leader(s) ==<br />
<br />
[https://www.owasp.org/index.php/User:Neill_Gernon Neill Gernon]<br />
[https://www.owasp.org/index.php/Marco_Morana Marco Morana]<br />
<br />
<br />
== Mailing List ==<br />
<br />
* [https://lists.owasp.org/mailman/listinfo/owasp_cyber_security_pre-accelerator_initiative Mailing List]<br />
<br />
|}<br />
<br />
= News and Events =<br />
<br />
'''Starting point/To date'''<br />
Neill Gernon and Marco Morana have worked up to this point on:<br />
-Startup community engagement> Meetings with London startup hubs including Level39 (Europes largest accelerator space), IDEALondon and universitys like Kings University where Marco spoke about the programme with thier security leaders. Also had meetings inside Google Campus London, Tech Hub and Central Working.<br />
-Programme planning> Designing the programme which has taken inspiration from lean prototyping workshops that Neill Gernon runs in London and Dublin startup clusters. Planning stages also included engaging with owasp staff including Samantha Groves, Kelly Santalucia and GK Southwick to conclude that this should be submitted and structured as an initiative.<br />
-Coordinating owasp meetings: Meetings with owasp chapter leaders including Tobias Gondrom, Justin Clarke and Marco Morana.<br />
<br />
'''Thursday, 24th April - Meeting.'''<br />
Meeting (conference call) between Neill Gernon & Marco Morana concluded the following:<br />
-Speakers/Mentors> <br />
(a) Will will be looking to confirm speakers for the first kick off event (mid May). At this kick off event Neill Gernon & Marco Morana will talk on the programme format and the benifits to participants - this is an overview of the programme and a chance for all interested to come together and connect pre- initiative launch. Also to answer any questions attendees have before beginning. <br />
(b) Will be looking to confirm mentors for the pre-accelerator programme. These mentors will commit to specific calander dates to give team advisory, product validation, people mentorship and guidance through out the initiative.<br />
-Calander> Now we have a chosen starting point (kick off event by the 22nd May in London), we will be outlining the calander timeline of events, workshops and hackathon dates/times. *This initiative schedule will be updated to the wiki soon*<br />
-Sponsor details: Waiting to get confirmation from sponsors on how they wish to support initiative and owasp<br />
-How to continuously update the wiki for future updates and initiative news.<br />
<br />
Kick off event date, sponsor details, speakers and mentor confirmation will be following this meeting.<br />
<br />
<br />
'''Friday 9th May - Update on sponsor signup'''<br />
Created a quick "google form" along with a new presentation to get sponsors signed up to the initiative. Confirmation of dates and venue pending and subject to sponsor commitment due to venue expenses. <br />
Potential sponsors have been two options: <br />
1. join owasp membership and a % goes toward the initiative<br />
2. sponsor initiative direct<br />
Google form found [here> https://docs.google.com/forms/d/1hg3xqM3fHKDda0WshTEC7UTzK4nwcr1j6H79mHXSBoQ/viewform .]<br />
<br />
Additional updates> <br />
1. Wednesday meeting with Marco Moran confirmed to discuss initiative progress, venue, dates and sponsor confirmation.<br />
2. Monday - Meeting with IDEALondon to discuss venue and initiative start dates<br />
3. Monday - Meeting with a London university to propose initiative sponsorship<br />
<br />
<br />
''''Friday 23rd May - Update on sponsor/meeting progress''''<br />
Coordinating venue, sponsor and dates has taking longer than expected but continuing to progress with target engagements.<br />
Continued email discussions with Neill Gernon and Marco Morana on the progress of initiative to this date.<br />
<br />
'''Academic Sponsors/meeting.'''<br />
'''Securing dates to meet with UCL'''<br />
Meeting with researchers from the Research Institute in Science of Cybersecurity [http://www.ucl.ac.uk/cybersecurity] for the week of the 2nd of June. Meeting will be Neill Gernon and Marco Morana presenting initiative to Professor M. Angela Sasse [http://sec.cs.ucl.ac.uk/people/m_angela_sasse/] and to Professor David Pym [http://www0.cs.ucl.ac.uk/people/D.Pym.html] as well as other additional professors from the Institute. The goal is to present the initiative as potential r&d research for UCL and as a career route for UCL students to create cyber security startups to drive cyber security innovation. <br />
<br />
'''Progress with Kings University'''<br />
Marco Morana will also be engaging with contacts at Kings University London to arrange meeting to present the initiative for the university/students. <br />
<br />
'''Securing dates to meet with Royal Holloway'''<br />
Currently coordinating meetings with Royal Holloway with Lorenzo Cavallaro (through Marco Morana) and also to Justin O'Brian (through Samantha Groves) to help us present the initiative to Royal Holloway as an initiative that their students can participate in. <br />
<br />
'''Confirming a round table session at AppSec UK.'''<br />
We are currently confirming a roundtable session to be held at AppSec UK [https://2014.appsec.eu/] in Cambridge to present the initiative to owasp members/sponsors - both academic/corporate. Coordinating this roundtable session with Samantha Groves, Adrian Winckles and Tobias Gondrom which will be held at the AppSec Project Summitt [https://www.owasp.org/index.php/OWASP_Project_Summit_2014/Home] and presented by Neill Gernon on June 23rd/24th at Angelia Ruskin University Cambridge.<br />
<br />
<br />
'''Tuesday 27th May'''<br />
Meeting with Justin O'Brian (MBA Director & entrepreneurship at Royal Holloway) went well and he is recommending our initiative to professors leading the computer science, info security and IT institutes.<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
= Milestones =<br />
<br />
'''Milestones and Goals'''<br />
<br />
The OWASP pre-incubator security start-up project includes the following milestones;<br />
<br />
1) OWASP Security start-up pre-incubator process guide that document the process the WHAT that is a guide that can be followed by a non-profit entity such as OWASP, University, and Government Agency to run a security start-up pre-incubator program. We will document all steps of the process that can be followed to create pre seed funding security start-ups which can be replicated by following this program including<br />
the different stages that lead from opportunity to idea concept to creation of the open source prototype to the start-ups itself. The guide provide guidance on the goals of the various activities such as events, prototyping workshops and hackathons (e.g. goal is to experiment with OWASP open source tools, templates for the development of working prototypes) create and sign legal contract agreements, creation and validation of PoCs Proof of Concepts.<br />
<br />
2) OWASP Security start-up pre-incubator process manual that teaches the HOW that is how to engage with the start-up community locally (start), organize events, workshops, hackathons, mentoring and prepare business plans for participation to security incubators start-ups (end);<br />
<br />
3) OWASP Security start-up pre-incubator wiki site to manage the steps of the startup security pre accelerator process and document the proof of concept prototypes that can go on to be fully incubated start-ups; This wiki site will be created as OWASP pre-accelerator web site and will help it to be taken forward and used by OWASP chapters in different areas/countries.<br />
<br />
4) Documented results of piloting with a start-up pre-incubator real case that includes using the process guide the manual the wiki site to run a real case of pre-incubator program by running it at one of the established start up campuses in London pending on availability and agreements.<br />
<br />
5) OWASP open source working software prototype/PoCof an open source application security software/technology. This prototype/PoC is produced by following theseveral steps of the pre-accelerator security incubator program and is produced by the initiative participants as residents in the pre-accelerator working space and validated by the open source community. The scope of the prototype is to validate a proof of concept of a new idea that makes either web or mobile applications more secure. This prototype is released as open source to the community.<br />
<br />
=How to Get involved=<br />
<br />
Signup to our mailing list, updates coming soon!<br />
Mail list> https://lists.owasp.org/mailman/listinfo/owasp_cyber_security_pre-accelerator_initiative <br />
<br />
__NOTOC__ <headertabs /> <br />
<br />
[[Category:OWASP Global_Initiatives]] <br />
<br />
<br />
<br />
<br />
<br />
<br />
<headertabs/> <br />
__NOTOC__</div>Neill Gernonhttps://wiki.owasp.org/index.php?title=Global_Initiatives/Cyber_Security_Pre-accelerator_Initiative&diff=175853Global Initiatives/Cyber Security Pre-accelerator Initiative2014-05-27T14:57:32Z<p>Neill Gernon: </p>
<hr />
<div>=Main=<br />
<br />
<div style="width:100%;height:160px;border:0,margin:0;overflow: hidden;">[[File:Initiatives_banner_large.jpg|link=]]</div><br />
<br />
{| style="padding: 0;margin:0;margin-top:10px;text-align:left;" |-<br />
| valign="top" style="border-right: 1px dotted gray;padding-right:25px;" |<br />
<br />
==OWASP Cyber Security Startup Initiative==<br />
<br />
The aim of the OWASP Cyber Security Startup Initiative (CSSI) is to catalyse opportunities for innovation in application security by promoting the creation of prototypes of open source tools produced by entrepreneur-lead teams seeking to form cyber-security start-ups. OWASP will be piloting this initiative by running the cyber security incubator with sponsors. The ideal sponsors of this initiative are academic institutions, government entities and corporate sponsors/private investors. OWASP will manage the initiative end to end: from the initial planning and documentation of the cyber-security start-up process to the running and the piloting the initiative to the final documentation of the process and incorporation of the lessons learned. OWASP will be managing the logistical aspects of the program and OWASP leaders will mentor prospective cyber-security start-ups teams in the creation of the prototypes using free open source tools and APIs. OWASP will work together with the sponsors of this initiative by preparing the prospective cyber-security start-up(s) to seek funding by investor(s) at a later acceleration stage of the creation of the start-up.<br />
<br />
==Initiative Goals==<br />
<br />
The main goal of the pre-accelerator is to create opportunities for prospective entrepreneur-lead teams to transform ideas into open source community-validated concepts. The pursuit of innovative ideas can lead to the development of prototypes and (PoCs) Proof of Concept(s). Prospective start-ups can leverage no-cost OWASP resources that includes open source tools, documents/guides and training modules. The OWASP security incubator will offer to the selected entrepreneur-lead teams a structured place to work to experiment with the creation of working prototypes. The program, the workplace and the funding for the creation of the prototypes will be funded by OWASP corporate sponsorship(s). The initiative manuals and the prototypes developed by the start-ups will be released as open source to the application security community. The validation of the ideas with proof of concepts will help the start-up to participate to the next phase that is the cyber-security start-up acceleration program. The experience gained will help prospective start-ups to develop a Minimum Viable Product (MVP) and seek funding from prospective investors for further development.<br />
<br />
==Initiative Focus ==<br />
<br />
This initiative will focus on the pre-incubator/pre-acceleration phase that is the preliminary phase that leads to the incubation of a possible start-up. This is the phase where talent is nurtured and ideas are developed, concepts are validated and prototypes are tested. The goal of the pre-acceleration phase is to create Proof of Concepts (PoCs) of prototypes of application security products. This phase leads to the next phase that is the acceleration phase. Entrepreneur-lead teams participating to the OWASP pre-acceleration program can possibly use these POCs/prototypes to develop Minimum Viable Product (MVPs) in the acceleration stage. These MVPs might be used to present to Angel investors/VCs to seek funding for the creation of their start-ups using these products.<br />
<br />
==Beneficiaries of this Initiative==<br />
<br />
The OWASP pre-incubator security start-up initiative helps the collaborative effort of academic institutions, government entities as well as corporate sponsors in the creation their cyber-security innovation campus/acceleration programs for cyber-security start-ups. The role of OWASP in this initiative is to provide the tools, the training modules, the documentation guides that help start-ups teams selected to participate into the pre-acceleation program to design, implement and test secure software. The ideal candidates for the participation to this initiative are teams of young graduates from universities with curriculum in cyber-security that are interested in experimenting with application security tools and create innovative ways to test and to develop secure software. By spearheading the creation of cyber-security pre-acceleator programs OWASP will also create the opportunity for these teams of young college graduates to experiment with software security concepts, develop working prototypes of secure software. The experience gained by participating to the program will help young graduates to seek a career in software security as well as to become self-employed in a new cyber-security start-up that can leverage OWASP tools and prototypes developed (e.g. by using them in the start-up software security consulting services). The experience gained will help start-ups to develop their business plans and MVPs. These business plans and MVPs could be presented to prospective investors for funding. By participating to this initiative, prospective start-ups will be better positioned to move up to the next phase and seek funds such as seed capital investment from prospective investors/VCs/Angels. <br />
<br />
==Initiative Participation Requirements==<br />
<br />
Participants to the OWASP pre-acceleration security start-up program are required to respect the open source licenses for the use of OWASP tools and for the prototypes/PoCs being developed. OWASP prototypes/PoCs should be released as open source and subjected to the Creative Commons 3.0 License (see [https://www.owasp.org/index.php/OWASP_Licenses OWASP licenses] for details). <br />
<br />
==The role of OWASP in this Initiative==<br />
<br />
OWASP will provide funding for running of the initiative using OWASP corporate sponsorship. The funding will be used to run the initiative and to manage the logistical aspects of the program that includes providing office space for prospective start-up teams, conduct the "hackatons" to experiment with OWASP tools and resources and organize training sessions with application security mentors. The artefacts produced by the start-ups will also funded by the initiative: these will be released as open source at the end of the program. Part of the funding will be also allocated for documenting the process such as creation of guidelines for managing the pre-accelerator for security start-ups. The lessons learned by running the pre-accelerator program will be documented and distributed to the various sponsors of the initiative (e.g. academic institutions, corporate sponsors, government institutions) as well as released as free resource to be used by the application security community as a whole.<br />
<br />
Since OWASP is a non for profit organisation is not involved in any commercialisation aspects of the tools and products/MVPs that will be developed in the future by the start-ups that participated to the pre-acceleration program. OWASP will be only involved in running the start-up incubator program and in the funding of OWASP open source projects created by the start-ups that participate to this initiative. OWASP will not invest into the start-ups and will not take any commercial interests in the development of products that the start-up will develop outside this program. This includes also products/MVPs that are used to seek funds such as seed capital for the start-up.<br />
<br />
The OWASP organization, through the global foundation and his local chapters and the leaders of this initiative will ONLY run and manage the security start-up pre-accelerator program and fund the development of prototypes/PoCs that will be released as open source. OWASP will provide in-person mentoring in application security to the start-up teams participating to the program and mentoring to help teams to take their ideas into working prototypes/tools. OWASP will also collect data while running this program that will be useful for the documentation of the program manuals as lesson learnt. A the end of the pre-incubation phase, OWASP mentors will also teach the start-ups on how to create business plans and will advise in the technical aspects related to the proposal of new products and services. <br />
<br />
==Initiative Collaboration Effort==<br />
<br />
OWASP will be managing and run this initiative in collaboration with the sponsors. The likely sponsor(s) of this initiative are academic institutions that already have cyber-security curriculum and graduate programs in cyber-security as well as government organisations, corporate sponsors that would like to partner with academic institutions for the creation of cyber-security incubators for start-ups. Examples of these academic-government-private partnerships are the [http://cyber.bgu.ac.il/research Cyber Labs incubator in Israel], the [https://www.mach37.com Cyber-security start-up accelerators in VA USA] the [http://www.bwtechumbc.com/cyber/ Cyber Incubator@bwtech in MD USA] and the [http://cyberhivesandiego.org/about/about-cyberhive/ CyberHive in CA-USA San Diego]<br />
<br />
==Participation and Sponsorship Appeal==<br />
<br />
Corporate sponsors, academic institutions and government organisations interested in participating in the OWASP cyber-security pre-acceleration initiative can contact the initiative leaders (ref to the leaders info of this page) as well as [https://www.owasp.org/index.php/About_OWASP OWASP foundation board] directly. OWASP has different corporate sponsorship options available and all provide benefits. More information on OWASP corporate sponsorship can be found [https://www.owasp.org/index.php/Corporate_Membership here]<br />
<br />
If you are interested to directly contribute to the Cyber Security Pre Startup Accelerator Initiative please fill in the following [https://docs.google.com/forms/d/1hg3xqM3fHKDda0WshTEC7UTzK4nwcr1j6H79mHXSBoQ/viewform sponsorship form]<br />
<br />
==References==<br />
<br />
Ron Moritz, CISSP Managing Director, MTC OWASP:, 1 October 2013, [https://www.owasp.org/images/4/4d/OWASP_IL_2013_10_OWASP_Ron_Moritz_Why_Are_Investors_Excited_About_Cyber_Security_Startups.pdf Why Investors are excited about cyber-security start-ups, again?]<br />
<br />
Trusted Software Alliance, May 26, 2014, Security start-ups with Michael Coates [http://trustedsoftwarealliance.com/category/tswa-news-network/security-start-ups/ podcast]<br />
<br />
Financial Times: Investors flock to [http://www.ft.com/intl/cms/s/0/f5c87808-a883-11e3-b50f-00144feab7de.html#axzz32vM8YvW6/ Cyber Security Startups]<br />
<br />
| valign="top" style="padding-left:25px;width:200px;border-right: 1px dotted gray;padding-right:25px;" |<br />
<br />
== Presentation Materials ==<br />
<br />
[https://www.owasp.org/images/4/42/OWASP_Security_Pre-Accelerator_Initiative.pdf OWASP Start-up initiative proposal documentation]<br />
<br />
[https://www.owasp.org/images/9/9b/OWASP_Security_Incubator_Presentation.pdf Atrovate proposal to OWASP presentation deck]<br />
<br />
''Note: this initiative proposal is released to OWASP for the purpose of seeking OWASP corporate funding only and should considered propriety of the authors and OWASP. This material cannot distributed and used for commercial purposes and without consent of the authors''<br />
<br />
== Initiative Leader(s) ==<br />
<br />
[https://www.owasp.org/index.php/User:Neill_Gernon Neill Gernon]<br />
[https://www.owasp.org/index.php/Marco_Morana Marco Morana]<br />
<br />
<br />
== Mailing List ==<br />
<br />
* [https://lists.owasp.org/mailman/listinfo/owasp_cyber_security_pre-accelerator_initiative Mailing List]<br />
<br />
|}<br />
<br />
= News and Events =<br />
<br />
'''Starting point/To date'''<br />
Neill Gernon and Marco Morana have worked up to this point on:<br />
-Startup community engagement> Meetings with London startup hubs including Level39 (Europes largest accelerator space), IDEALondon and universitys like Kings University where Marco spoke about the programme with thier security leaders. Also had meetings inside Google Campus London, Tech Hub and Central Working.<br />
-Programme planning> Designing the programme which has taken inspiration from lean prototyping workshops that Neill Gernon runs in London and Dublin startup clusters. Planning stages also included engaging with owasp staff including Samantha Groves, Kelly Santalucia and GK Southwick to conclude that this should be submitted and structured as an initiative.<br />
-Coordinating owasp meetings: Meetings with owasp chapter leaders including Tobias Gondrom, Justin Clarke and Marco Morana.<br />
<br />
'''Thursday, 24th April - Meeting.'''<br />
Meeting (conference call) between Neill Gernon & Marco Morana concluded the following:<br />
-Speakers/Mentors> <br />
(a) Will will be looking to confirm speakers for the first kick off event (mid May). At this kick off event Neill Gernon & Marco Morana will talk on the programme format and the benifits to participants - this is an overview of the programme and a chance for all interested to come together and connect pre- initiative launch. Also to answer any questions attendees have before beginning. <br />
(b) Will be looking to confirm mentors for the pre-accelerator programme. These mentors will commit to specific calander dates to give team advisory, product validation, people mentorship and guidance through out the initiative.<br />
-Calander> Now we have a chosen starting point (kick off event by the 22nd May in London), we will be outlining the calander timeline of events, workshops and hackathon dates/times. *This initiative schedule will be updated to the wiki soon*<br />
-Sponsor details: Waiting to get confirmation from sponsors on how they wish to support initiative and owasp<br />
-How to continuously update the wiki for future updates and initiative news.<br />
<br />
Kick off event date, sponsor details, speakers and mentor confirmation will be following this meeting.<br />
<br />
<br />
'''Friday 9th May - Update on sponsor signup'''<br />
Created a quick "google form" along with a new presentation to get sponsors signed up to the initiative. Confirmation of dates and venue pending and subject to sponsor commitment due to venue expenses. <br />
Potential sponsors have been two options: <br />
1. join owasp membership and a % goes toward the initiative<br />
2. sponsor initiative direct<br />
Google form found [here> https://docs.google.com/forms/d/1hg3xqM3fHKDda0WshTEC7UTzK4nwcr1j6H79mHXSBoQ/viewform .]<br />
<br />
Additional updates> <br />
1. Wednesday meeting with Marco Moran confirmed to discuss initiative progress, venue, dates and sponsor confirmation.<br />
2. Monday - Meeting with IDEALondon to discuss venue and initiative start dates<br />
3. Monday - Meeting with a London university to propose initiative sponsorship<br />
<br />
<br />
''''Friday 23rd May - Update on sponsor/meeting progress''''<br />
Coordinating venue, sponsor and dates has taking longer than expected but continuing to progress with target engagements.<br />
Continued email discussions with Neill Gernon and Marco Morana on the progress of initiative to this date.<br />
<br />
'''Academic Sponsors/meeting.'''<br />
'''Securing dates to meet with UCL'''<br />
Meeting with researchers from the Research Institute in Science of Cybersecurity [http://www.ucl.ac.uk/cybersecurity] for the week of the 2nd of June. Meeting will be Neill Gernon and Marco Morana presenting initiative to Professor M. Angela Sasse [http://sec.cs.ucl.ac.uk/people/m_angela_sasse/] and to Professor David Pym [http://www0.cs.ucl.ac.uk/people/D.Pym.html] as well as other additional professors from the Institute. The goal is to present the initiative as potential r&d research for UCL and as a career route for UCL students to create cyber security startups to drive cyber security innovation. <br />
<br />
'''Progress with Kings University'''<br />
Marco Morana will also be engaging with contacts at Kings University London to arrange meeting to present the initiative for the university/students. <br />
<br />
'''Securing dates to meet with Royal Holloway'''<br />
Currently coordinating meetings with Royal Holloway with Lorenzo Cavallaro (through Marco Morana) and also to Justin O'Brian (through Samantha Groves) to help us present the initiative to Royal Holloway as an initiative that their students can participate in. <br />
<br />
'''Confirming a round table session at AppSec UK.'''<br />
We are currently confirming a roundtable session to be held at AppSec UK [https://2014.appsec.eu/] in Cambridge to present the initiative to owasp members/sponsors - both academic/corporate. Coordinating this roundtable session with Samantha Groves, Adrian Winckles and Tobias Gondrom which will be held at the AppSec Project Summitt [https://www.owasp.org/index.php/OWASP_Project_Summit_2014/Home] and presented by Neill Gernon on June 23rd/24th at Angelia Ruskin University Cambridge.<br />
<br />
<br />
'''Tuesday 27th May'''<br />
Meeting with Justin O'Brian (MBA Director & entrepreneurship at Royal Holloway) went well and he is recommending our initiative to professors leading the computer science, info security and IT institutes.<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
= Milestones =<br />
<br />
'''Milestones and Goals'''<br />
<br />
The OWASP pre-incubator security start-up project includes the following milestones;<br />
<br />
1) OWASP Security start-up pre-incubator process guide that document the process the WHAT that is a guide that can be followed by a non-profit entity such as OWASP, University, and Government Agency to run a security start-up pre-incubator program. We will document all steps of the process that can be followed to create pre seed funding security start-ups which can be replicated by following this program including<br />
the different stages that lead from opportunity to idea concept to creation of the open source prototype to the start-ups itself. The guide provide guidance on the goals of the various activities such as events, prototyping workshops and hackathons (e.g. goal is to experiment with OWASP open source tools, templates for the development of working prototypes) create and sign legal contract agreements, creation and validation of PoCs Proof of Concepts.<br />
<br />
2) OWASP Security start-up pre-incubator process manual that teaches the HOW that is how to engage with the start-up community locally (start), organize events, workshops, hackathons, mentoring and prepare business plans for participation to security incubators start-ups (end);<br />
<br />
3) OWASP Security start-up pre-incubator wiki site to manage the steps of the startup security pre accelerator process and document the proof of concept prototypes that can go on to be fully incubated start-ups; This wiki site will be created as OWASP pre-accelerator web site and will help it to be taken forward and used by OWASP chapters in different areas/countries.<br />
<br />
4) Documented results of piloting with a start-up pre-incubator real case that includes using the process guide the manual the wiki site to run a real case of pre-incubator program by running it at one of the established start up campuses in London pending on availability and agreements.<br />
<br />
5) OWASP open source working software prototype/PoCof an open source application security software/technology. This prototype/PoC is produced by following theseveral steps of the pre-accelerator security incubator program and is produced by the initiative participants as residents in the pre-accelerator working space and validated by the open source community. The scope of the prototype is to validate a proof of concept of a new idea that makes either web or mobile applications more secure. This prototype is released as open source to the community.<br />
<br />
=How to Get involved=<br />
<br />
Signup to our mailing list, updates coming soon!<br />
Mail list> https://lists.owasp.org/mailman/listinfo/owasp_cyber_security_pre-accelerator_initiative <br />
<br />
__NOTOC__ <headertabs /> <br />
<br />
[[Category:OWASP Global_Initiatives]] <br />
<br />
<br />
<br />
<br />
<br />
<br />
<headertabs/> <br />
__NOTOC__</div>Neill Gernonhttps://wiki.owasp.org/index.php?title=Global_Initiatives/Cyber_Security_Pre-accelerator_Initiative&diff=175840Global Initiatives/Cyber Security Pre-accelerator Initiative2014-05-27T14:20:58Z<p>Neill Gernon: </p>
<hr />
<div>=Main=<br />
<br />
<div style="width:100%;height:160px;border:0,margin:0;overflow: hidden;">[[File:Initiatives_banner_large.jpg|link=]]</div><br />
<br />
{| style="padding: 0;margin:0;margin-top:10px;text-align:left;" |-<br />
| valign="top" style="border-right: 1px dotted gray;padding-right:25px;" |<br />
<br />
==OWASP Cyber Security Startup Initiative==<br />
<br />
The aim of the OWASP Cyber Security Startup Initiative (CSSI) is to catalyse opportunities for innovation in application security by promoting the creation of prototypes of open source tools produced by entrepreneur-lead teams seeking to form cyber-security start-ups. OWASP will be piloting this initiative by running the cyber security incubator with sponsors. The ideal sponsors of this initiative are academic institutions, government entities and corporate sponsors/private investors. OWASP will manage the initiative end to end: from the initial planning and documentation of the cyber-security start-up process to the running and the piloting the initiative to the final documentation of the process and incorporation of the lessons learned. OWASP will be managing the logistical aspects of the program and OWASP leaders will mentor prospective cyber-security start-ups teams in the creation of the prototypes using free open source tools and APIs. OWASP will work together with the sponsors of this initiative by preparing the prospective cyber-security start-up(s) to seek funding by investor(s) at a later acceleration stage of the creation of the start-up.<br />
<br />
==Initiative Goals==<br />
<br />
The main goal of the pre-accelerator is to create opportunities for prospective entrepreneur-lead teams to transform ideas into open source community-validated concepts. The pursuit of innovative ideas can lead to the development of prototypes and (PoCs) Proof of Concept(s). Prospective start-ups can leverage no-cost OWASP resources that includes open source tools, documents/guides and training modules. The OWASP security incubator will offer to the selected entrepreneur-lead teams a structured place to work to experiment with the creation of working prototypes. The program, the workplace and the funding for the creation of the prototypes will be funded by OWASP corporate sponsorship(s). The initiative manuals and the prototypes developed by the start-ups will be released as open source to the application security community. The validation of the ideas with proof of concepts will help the start-up to participate to the next phase that is the cyber-security start-up acceleration program. The experience gained will help prospective start-ups to develop a Minimum Viable Product (MVP) and seek funding from prospective investors for further development.<br />
<br />
==Initiative Focus ==<br />
<br />
This initiative will focus on the pre-incubator/pre-acceleration phase that is the preliminary phase that leads to the incubation of a possible start-up. This is the phase where talent is nurtured and ideas are developed, concepts are validated and prototypes are tested. The goal of the pre-acceleration phase is to create Proof of Concepts (PoCs) of prototypes of application security products. This phase leads to the next phase that is the acceleration phase. Entrepreneur-lead teams participating to the OWASP pre-acceleration program can possibly use these POCs/prototypes to develop Minimum Viable Product (MVPs) in the acceleration stage. These MVPs might be used to present to Angel investors/VCs to seek funding for the creation of their start-ups using these products.<br />
<br />
==Beneficiaries of this Initiative==<br />
<br />
The OWASP pre-incubator security start-up initiative helps the collaborative effort of academic institutions, government entities as well as corporate sponsors in the creation their cyber-security innovation campus/acceleration programs for cyber-security start-ups. The role of OWASP in this initiative is to provide the tools, the training modules, the documentation guides that help start-ups teams selected to participate into the pre-acceleation program to design, implement and test secure software. The ideal candidates for the participation to this initiative are teams of young graduates from universities with curriculum in cyber-security that are interested in experimenting with application security tools and create innovative ways to test and to develop secure software. By spearheading the creation of cyber-security pre-acceleator programs OWASP will also create the opportunity for these teams of young college graduates to experiment with software security concepts, develop working prototypes of secure software. The experience gained by participating to the program will help young graduates to seek a career in software security as well as to become self-employed in a new cyber-security start-up that can leverage OWASP tools and prototypes developed (e.g. by using them in the start-up software security consulting services). The experience gained will help start-ups to develop their business plans and MVPs. These business plans and MVPs could be presented to prospective investors for funding. By participating to this initiative, prospective start-ups will be better positioned to move up to the next phase and seek funds such as seed capital investment from prospective investors/VCs/Angels. <br />
<br />
==Initiative Participation Requirements==<br />
<br />
Participants to the OWASP pre-acceleration security start-up program are required to respect the open source licenses for the use of OWASP tools and for the prototypes/PoCs being developed. OWASP prototypes/PoCs should be released as open source and subjected to the Creative Commons 3.0 License (see [https://www.owasp.org/index.php/OWASP_Licenses OWASP licenses] for details). <br />
<br />
==The role of OWASP in this Initiative==<br />
<br />
OWASP will provide funding for running of the initiative using OWASP corporate sponsorship. The funding will be used to run the initiative and to manage the logistical aspects of the program that includes providing office space for prospective start-up teams, conduct the "hackatons" to experiment with OWASP tools and resources and organize training sessions with application security mentors. The artefacts produced by the start-ups will also funded by the initiative: these will be released as open source at the end of the program. Part of the funding will be also allocated for documenting the process such as creation of guidelines for managing the pre-accelerator for security start-ups. The lessons learned by running the pre-accelerator program will be documented and distributed to the various sponsors of the initiative (e.g. academic institutions, corporate sponsors, government institutions) as well as released as free resource to be used by the application security community as a whole.<br />
<br />
Since OWASP is a non for profit organisation is not involved in any commercialisation aspects of the tools and products/MVPs that will be developed in the future by the start-ups that participated to the pre-acceleration program. OWASP will be only involved in running the start-up incubator program and in the funding of OWASP open source projects created by the start-ups that participate to this initiative. OWASP will not invest into the start-ups and will not take any commercial interests in the development of products that the start-up will develop outside this program. This includes also products/MVPs that are used to seek funds such as seed capital for the start-up.<br />
<br />
The OWASP organization, through the global foundation and his local chapters and the leaders of this initiative will ONLY run and manage the security start-up pre-accelerator program and fund the development of prototypes/PoCs that will be released as open source. OWASP will provide in-person mentoring in application security to the start-up teams participating to the program and mentoring to help teams to take their ideas into working prototypes/tools. OWASP will also collect data while running this program that will be useful for the documentation of the program manuals as lesson learnt. A the end of the pre-incubation phase, OWASP mentors will also teach the start-ups on how to create business plans and will advise in the technical aspects related to the proposal of new products and services. <br />
<br />
==Initiative Collaboration Effort==<br />
<br />
OWASP will be managing and run this initiative in collaboration with the sponsors. The likely sponsor(s) of this initiative are academic institutions that already have cyber-security curriculum and graduate programs in cyber-security as well as government organisations, corporate sponsors that would like to partner with academic institutions for the creation of cyber-security incubators for start-ups. Examples of these academic-government-private partnerships are the [http://cyber.bgu.ac.il/research Cyber Labs incubator in Israel], the [https://www.mach37.com Cyber-security start-up accelerators in VA USA] the [http://www.bwtechumbc.com/cyber/ Cyber Incubator@bwtech in MD USA] and the [http://cyberhivesandiego.org/about/about-cyberhive/ CyberHive in CA-USA San Diego]<br />
<br />
==Participation and Sponsorship Appeal==<br />
<br />
Corporate sponsors, academic institutions and government organisations interested in participating in the OWASP cyber-security pre-acceleration initiative can contact the initiative leaders (ref to the leaders info of this page) as well as [https://www.owasp.org/index.php/About_OWASP OWASP foundation board] directly. OWASP has different corporate sponsorship options available and all provide benefits. More information on OWASP corporate sponsorship can be found [https://www.owasp.org/index.php/Corporate_Membership here]<br />
<br />
If you are interested to directly contribute to the Cyber Security Pre Startup Accelerator Initiative please fill in the following [https://docs.google.com/forms/d/1hg3xqM3fHKDda0WshTEC7UTzK4nwcr1j6H79mHXSBoQ/viewform sponsorship form]<br />
<br />
==References==<br />
<br />
Ron Moritz, CISSP Managing Director, MTC OWASP:, 1 October 2013, [https://www.owasp.org/images/4/4d/OWASP_IL_2013_10_OWASP_Ron_Moritz_Why_Are_Investors_Excited_About_Cyber_Security_Startups.pdf Why Investors are excited about cyber-security start-ups, again?]<br />
<br />
Trusted Software Alliance, May 26, 2014, Security start-ups with Michael Coates [http://trustedsoftwarealliance.com/category/tswa-news-network/security-start-ups/ podcast]<br />
<br />
Investors flock to [http://www.ft.com/intl/cms/s/0/f5c87808-a883-11e3-b50f-00144feab7de.html#axzz32vM8YvW6/ Cyber Security Startups]<br />
<br />
| valign="top" style="padding-left:25px;width:200px;border-right: 1px dotted gray;padding-right:25px;" |<br />
<br />
== Presentation Materials ==<br />
<br />
[https://www.owasp.org/images/4/42/OWASP_Security_Pre-Accelerator_Initiative.pdf OWASP Start-up initiative proposal documentation]<br />
<br />
[https://www.owasp.org/images/9/9b/OWASP_Security_Incubator_Presentation.pdf Atrovate proposal to OWASP presentation deck]<br />
<br />
''Note: this initiative proposal is released to OWASP for the purpose of seeking OWASP corporate funding only and should considered propriety of the authors and OWASP. This material cannot distributed and used for commercial purposes and without consent of the authors''<br />
<br />
== Initiative Leader(s) ==<br />
<br />
[https://www.owasp.org/index.php/User:Neill_Gernon Neill Gernon]<br />
[https://www.owasp.org/index.php/Marco_Morana Marco Morana]<br />
<br />
<br />
== Mailing List ==<br />
<br />
* [https://lists.owasp.org/mailman/listinfo/owasp_cyber_security_pre-accelerator_initiative Mailing List]<br />
<br />
|}<br />
<br />
= News and Events =<br />
<br />
'''Starting point/To date'''<br />
Neill Gernon and Marco Morana have worked up to this point on:<br />
-Startup community engagement> Meetings with London startup hubs including Level39 (Europes largest accelerator space), IDEALondon and universitys like Kings University where Marco spoke about the programme with thier security leaders. Also had meetings inside Google Campus London, Tech Hub and Central Working.<br />
-Programme planning> Designing the programme which has taken inspiration from lean prototyping workshops that Neill Gernon runs in London and Dublin startup clusters. Planning stages also included engaging with owasp staff including Samantha Groves, Kelly Santalucia and GK Southwick to conclude that this should be submitted and structured as an initiative.<br />
-Coordinating owasp meetings: Meetings with owasp chapter leaders including Tobias Gondrom, Justin Clarke and Marco Morana.<br />
<br />
'''Thursday, 24th April - Meeting.'''<br />
Meeting (conference call) between Neill Gernon & Marco Morana concluded the following:<br />
-Speakers/Mentors> <br />
(a) Will will be looking to confirm speakers for the first kick off event (mid May). At this kick off event Neill Gernon & Marco Morana will talk on the programme format and the benifits to participants - this is an overview of the programme and a chance for all interested to come together and connect pre- initiative launch. Also to answer any questions attendees have before beginning. <br />
(b) Will be looking to confirm mentors for the pre-accelerator programme. These mentors will commit to specific calander dates to give team advisory, product validation, people mentorship and guidance through out the initiative.<br />
-Calander> Now we have a chosen starting point (kick off event by the 22nd May in London), we will be outlining the calander timeline of events, workshops and hackathon dates/times. *This initiative schedule will be updated to the wiki soon*<br />
-Sponsor details: Waiting to get confirmation from sponsors on how they wish to support initiative and owasp<br />
-How to continuously update the wiki for future updates and initiative news.<br />
<br />
Kick off event date, sponsor details, speakers and mentor confirmation will be following this meeting.<br />
<br />
<br />
'''Friday 9th May - Update on sponsor signup'''<br />
Created a quick "google form" along with a new presentation to get sponsors signed up to the initiative. Confirmation of dates and venue pending and subject to sponsor commitment due to venue expenses. <br />
Potential sponsors have been two options: <br />
1. join owasp membership and a % goes toward the initiative<br />
2. sponsor initiative direct<br />
Google form found [here> https://docs.google.com/forms/d/1hg3xqM3fHKDda0WshTEC7UTzK4nwcr1j6H79mHXSBoQ/viewform .]<br />
<br />
Additional updates> <br />
1. Wednesday meeting with Marco Moran confirmed to discuss initiative progress, venue, dates and sponsor confirmation.<br />
2. Monday - Meeting with IDEALondon to discuss venue and initiative start dates<br />
3. Monday - Meeting with a London university to propose initiative sponsorship<br />
<br />
<br />
''''Friday 23rd May - Update on sponsor/meeting progress''''<br />
Coordinating venue, sponsor and dates has taking longer than expected but continuing to progress with target engagements.<br />
Continued email discussions with Neill Gernon and Marco Morana on the progress of initiative to this date.<br />
<br />
'''Academic Sponsors/meeting.'''<br />
'''Securing dates to meet with UCL'''<br />
Meeting with researchers from the Research Institute in Science of Cybersecurity [http://www.ucl.ac.uk/cybersecurity] for the week of the 2nd of June. Meeting will be Neill Gernon and Marco Morana presenting initiative to Professor M. Angela Sasse [http://sec.cs.ucl.ac.uk/people/m_angela_sasse/] and to Professor David Pym [http://www0.cs.ucl.ac.uk/people/D.Pym.html] as well as other additional professors from the Institute. The goal is to present the initiative as potential r&d research for UCL and as a career route for UCL students to create cyber security startups to drive cyber security innovation. <br />
<br />
'''Progress with Kings University'''<br />
Marco Morana will also be engaging with contacts at Kings University London to arrange meeting to present the initiative for the university/students. <br />
<br />
'''Securing dates to meet with Royal Holloway'''<br />
Currently coordinating meetings with Royal Holloway with Lorenzo Cavallaro (through Marco Morana) and also to Justin O'Brian (through Samantha Groves) to help us present the initiative to Royal Holloway as an initiative that their students can participate in. <br />
<br />
'''Confirming a round table session at AppSec UK.'''<br />
We are currently confirming a roundtable session to be held at AppSec UK [https://2014.appsec.eu/] in Cambridge to present the initiative to owasp members/sponsors - both academic/corporate. Coordinating this roundtable session with Samantha Groves, Adrian Winckles and Tobias Gondrom which will be held at the AppSec Project Summitt [https://www.owasp.org/index.php/OWASP_Project_Summit_2014/Home] and presented by Neill Gernon on June 23rd/24th at Angelia Ruskin University Cambridge.<br />
<br />
<br />
'''Tuesday 27th May'''<br />
Meeting with Justin O'Brian (MBA Director & entrepreneurship at Royal Holloway) went well and he is recommending our initiative to professors leading the computer science, info security and IT institutes.<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
= Milestones =<br />
<br />
'''Milestones and Goals'''<br />
<br />
The OWASP pre-incubator security start-up project includes the following milestones;<br />
<br />
1) OWASP Security start-up pre-incubator process guide that document the process the WHAT that is a guide that can be followed by a non-profit entity such as OWASP, University, and Government Agency to run a security start-up pre-incubator program. We will document all steps of the process that can be followed to create pre seed funding security start-ups which can be replicated by following this program including<br />
the different stages that lead from opportunity to idea concept to creation of the open source prototype to the start-ups itself. The guide provide guidance on the goals of the various activities such as events, prototyping workshops and hackathons (e.g. goal is to experiment with OWASP open source tools, templates for the development of working prototypes) create and sign legal contract agreements, creation and validation of PoCs Proof of Concepts.<br />
<br />
2) OWASP Security start-up pre-incubator process manual that teaches the HOW that is how to engage with the start-up community locally (start), organize events, workshops, hackathons, mentoring and prepare business plans for participation to security incubators start-ups (end);<br />
<br />
3) OWASP Security start-up pre-incubator wiki site to manage the steps of the startup security pre accelerator process and document the proof of concept prototypes that can go on to be fully incubated start-ups; This wiki site will be created as OWASP pre-accelerator web site and will help it to be taken forward and used by OWASP chapters in different areas/countries.<br />
<br />
4) Documented results of piloting with a start-up pre-incubator real case that includes using the process guide the manual the wiki site to run a real case of pre-incubator program by running it at one of the established start up campuses in London pending on availability and agreements.<br />
<br />
5) OWASP open source working software prototype/PoCof an open source application security software/technology. This prototype/PoC is produced by following theseveral steps of the pre-accelerator security incubator program and is produced by the initiative participants as residents in the pre-accelerator working space and validated by the open source community. The scope of the prototype is to validate a proof of concept of a new idea that makes either web or mobile applications more secure. This prototype is released as open source to the community.<br />
<br />
=How to Get involved=<br />
<br />
Signup to our mailing list, updates coming soon!<br />
Mail list> https://lists.owasp.org/mailman/listinfo/owasp_cyber_security_pre-accelerator_initiative <br />
<br />
__NOTOC__ <headertabs /> <br />
<br />
[[Category:OWASP Global_Initiatives]] <br />
<br />
<br />
<br />
<br />
<br />
<br />
<headertabs/> <br />
__NOTOC__</div>Neill Gernonhttps://wiki.owasp.org/index.php?title=Global_Initiatives/Cyber_Security_Pre-accelerator_Initiative&diff=175838Global Initiatives/Cyber Security Pre-accelerator Initiative2014-05-27T14:19:41Z<p>Neill Gernon: </p>
<hr />
<div>=Main=<br />
<br />
<div style="width:100%;height:160px;border:0,margin:0;overflow: hidden;">[[File:Initiatives_banner_large.jpg|link=]]</div><br />
<br />
{| style="padding: 0;margin:0;margin-top:10px;text-align:left;" |-<br />
| valign="top" style="border-right: 1px dotted gray;padding-right:25px;" |<br />
<br />
==OWASP Cyber Security Startup Initiative==<br />
<br />
The aim of the OWASP Cyber Security Startup Initiative (CSSI) is to catalyse opportunities for innovation in application security by promoting the creation of prototypes of open source tools produced by entrepreneur-lead teams seeking to form cyber-security start-ups. OWASP will be piloting this initiative by running the cyber security incubator with sponsors. The ideal sponsors of this initiative are academic institutions, government entities and corporate sponsors/private investors. OWASP will manage the initiative end to end: from the initial planning and documentation of the cyber-security start-up process to the running and the piloting the initiative to the final documentation of the process and incorporation of the lessons learned. OWASP will be managing the logistical aspects of the program and OWASP leaders will mentor prospective cyber-security start-ups teams in the creation of the prototypes using free open source tools and APIs. OWASP will work together with the sponsors of this initiative by preparing the prospective cyber-security start-up(s) to seek funding by investor(s) at a later acceleration stage of the creation of the start-up.<br />
<br />
==Initiative Goals==<br />
<br />
The main goal of the pre-accelerator is to create opportunities for prospective entrepreneur-lead teams to transform ideas into open source community-validated concepts. The pursuit of innovative ideas can lead to the development of prototypes and (PoCs) Proof of Concept(s). Prospective start-ups can leverage no-cost OWASP resources that includes open source tools, documents/guides and training modules. The OWASP security incubator will offer to the selected entrepreneur-lead teams a structured place to work to experiment with the creation of working prototypes. The program, the workplace and the funding for the creation of the prototypes will be funded by OWASP corporate sponsorship(s). The initiative manuals and the prototypes developed by the start-ups will be released as open source to the application security community. The validation of the ideas with proof of concepts will help the start-up to participate to the next phase that is the cyber-security start-up acceleration program. The experience gained will help prospective start-ups to develop a Minimum Viable Product (MVP) and seek funding from prospective investors for further development.<br />
<br />
==Initiative Focus ==<br />
<br />
This initiative will focus on the pre-incubator/pre-acceleration phase that is the preliminary phase that leads to the incubation of a possible start-up. This is the phase where talent is nurtured and ideas are developed, concepts are validated and prototypes are tested. The goal of the pre-acceleration phase is to create Proof of Concepts (PoCs) of prototypes of application security products. This phase leads to the next phase that is the acceleration phase. Entrepreneur-lead teams participating to the OWASP pre-acceleration program can possibly use these POCs/prototypes to develop Minimum Viable Product (MVPs) in the acceleration stage. These MVPs might be used to present to Angel investors/VCs to seek funding for the creation of their start-ups using these products.<br />
<br />
==Beneficiaries of this Initiative==<br />
<br />
The OWASP pre-incubator security start-up initiative helps the collaborative effort of academic institutions, government entities as well as corporate sponsors in the creation their cyber-security innovation campus/acceleration programs for cyber-security start-ups. The role of OWASP in this initiative is to provide the tools, the training modules, the documentation guides that help start-ups teams selected to participate into the pre-acceleation program to design, implement and test secure software. The ideal candidates for the participation to this initiative are teams of young graduates from universities with curriculum in cyber-security that are interested in experimenting with application security tools and create innovative ways to test and to develop secure software. By spearheading the creation of cyber-security pre-acceleator programs OWASP will also create the opportunity for these teams of young college graduates to experiment with software security concepts, develop working prototypes of secure software. The experience gained by participating to the program will help young graduates to seek a career in software security as well as to become self-employed in a new cyber-security start-up that can leverage OWASP tools and prototypes developed (e.g. by using them in the start-up software security consulting services). The experience gained will help start-ups to develop their business plans and MVPs. These business plans and MVPs could be presented to prospective investors for funding. By participating to this initiative, prospective start-ups will be better positioned to move up to the next phase and seek funds such as seed capital investment from prospective investors/VCs/Angels. <br />
<br />
==Initiative Participation Requirements==<br />
<br />
Participants to the OWASP pre-acceleration security start-up program are required to respect the open source licenses for the use of OWASP tools and for the prototypes/PoCs being developed. OWASP prototypes/PoCs should be released as open source and subjected to the Creative Commons 3.0 License (see [https://www.owasp.org/index.php/OWASP_Licenses OWASP licenses] for details). <br />
<br />
==The role of OWASP in this Initiative==<br />
<br />
OWASP will provide funding for running of the initiative using OWASP corporate sponsorship. The funding will be used to run the initiative and to manage the logistical aspects of the program that includes providing office space for prospective start-up teams, conduct the "hackatons" to experiment with OWASP tools and resources and organize training sessions with application security mentors. The artefacts produced by the start-ups will also funded by the initiative: these will be released as open source at the end of the program. Part of the funding will be also allocated for documenting the process such as creation of guidelines for managing the pre-accelerator for security start-ups. The lessons learned by running the pre-accelerator program will be documented and distributed to the various sponsors of the initiative (e.g. academic institutions, corporate sponsors, government institutions) as well as released as free resource to be used by the application security community as a whole.<br />
<br />
Since OWASP is a non for profit organisation is not involved in any commercialisation aspects of the tools and products/MVPs that will be developed in the future by the start-ups that participated to the pre-acceleration program. OWASP will be only involved in running the start-up incubator program and in the funding of OWASP open source projects created by the start-ups that participate to this initiative. OWASP will not invest into the start-ups and will not take any commercial interests in the development of products that the start-up will develop outside this program. This includes also products/MVPs that are used to seek funds such as seed capital for the start-up.<br />
<br />
The OWASP organization, through the global foundation and his local chapters and the leaders of this initiative will ONLY run and manage the security start-up pre-accelerator program and fund the development of prototypes/PoCs that will be released as open source. OWASP will provide in-person mentoring in application security to the start-up teams participating to the program and mentoring to help teams to take their ideas into working prototypes/tools. OWASP will also collect data while running this program that will be useful for the documentation of the program manuals as lesson learnt. A the end of the pre-incubation phase, OWASP mentors will also teach the start-ups on how to create business plans and will advise in the technical aspects related to the proposal of new products and services. <br />
<br />
==Initiative Collaboration Effort==<br />
<br />
OWASP will be managing and run this initiative in collaboration with the sponsors. The likely sponsor(s) of this initiative are academic institutions that already have cyber-security curriculum and graduate programs in cyber-security as well as government organisations, corporate sponsors that would like to partner with academic institutions for the creation of cyber-security incubators for start-ups. Examples of these academic-government-private partnerships are the [http://cyber.bgu.ac.il/research Cyber Labs incubator in Israel], the [https://www.mach37.com Cyber-security start-up accelerators in VA USA] the [http://www.bwtechumbc.com/cyber/ Cyber Incubator@bwtech in MD USA] and the [http://cyberhivesandiego.org/about/about-cyberhive/ CyberHive in CA-USA San Diego]<br />
<br />
==Participation and Sponsorship Appeal==<br />
<br />
Corporate sponsors, academic institutions and government organisations interested in participating in the OWASP cyber-security pre-acceleration initiative can contact the initiative leaders (ref to the leaders info of this page) as well as [https://www.owasp.org/index.php/About_OWASP OWASP foundation board] directly. OWASP has different corporate sponsorship options available and all provide benefits. More information on OWASP corporate sponsorship can be found [https://www.owasp.org/index.php/Corporate_Membership here]<br />
<br />
If you are interested to directly contribute to the Cyber Security Pre Startup Accelerator Initiative please fill in the following [https://docs.google.com/forms/d/1hg3xqM3fHKDda0WshTEC7UTzK4nwcr1j6H79mHXSBoQ/viewform sponsorship form]<br />
<br />
==References==<br />
<br />
Ron Moritz, CISSP Managing Director, MTC OWASP:, 1 October 2013, [https://www.owasp.org/images/4/4d/OWASP_IL_2013_10_OWASP_Ron_Moritz_Why_Are_Investors_Excited_About_Cyber_Security_Startups.pdf Why Investors are excited about cyber-security start-ups, again?]<br />
<br />
Trusted Software Alliance, May 26, 2014, Security start-ups with Michael Coates [http://trustedsoftwarealliance.com/category/tswa-news-network/security-start-ups/ podcast]<br />
<br />
Investors flock to Cyber Security Startups<br />
[http://www.ft.com/intl/cms/s/0/f5c87808-a883-11e3-b50f-00144feab7de.html#axzz32vM8YvW6/ Startups]<br />
<br />
| valign="top" style="padding-left:25px;width:200px;border-right: 1px dotted gray;padding-right:25px;" |<br />
<br />
== Presentation Materials ==<br />
<br />
[https://www.owasp.org/images/4/42/OWASP_Security_Pre-Accelerator_Initiative.pdf OWASP Start-up initiative proposal documentation]<br />
<br />
[https://www.owasp.org/images/9/9b/OWASP_Security_Incubator_Presentation.pdf Atrovate proposal to OWASP presentation deck]<br />
<br />
''Note: this initiative proposal is released to OWASP for the purpose of seeking OWASP corporate funding only and should considered propriety of the authors and OWASP. This material cannot distributed and used for commercial purposes and without consent of the authors''<br />
<br />
== Initiative Leader(s) ==<br />
<br />
[https://www.owasp.org/index.php/User:Neill_Gernon Neill Gernon]<br />
[https://www.owasp.org/index.php/Marco_Morana Marco Morana]<br />
<br />
<br />
== Mailing List ==<br />
<br />
* [https://lists.owasp.org/mailman/listinfo/owasp_cyber_security_pre-accelerator_initiative Mailing List]<br />
<br />
|}<br />
<br />
= News and Events =<br />
<br />
'''Starting point/To date'''<br />
Neill Gernon and Marco Morana have worked up to this point on:<br />
-Startup community engagement> Meetings with London startup hubs including Level39 (Europes largest accelerator space), IDEALondon and universitys like Kings University where Marco spoke about the programme with thier security leaders. Also had meetings inside Google Campus London, Tech Hub and Central Working.<br />
-Programme planning> Designing the programme which has taken inspiration from lean prototyping workshops that Neill Gernon runs in London and Dublin startup clusters. Planning stages also included engaging with owasp staff including Samantha Groves, Kelly Santalucia and GK Southwick to conclude that this should be submitted and structured as an initiative.<br />
-Coordinating owasp meetings: Meetings with owasp chapter leaders including Tobias Gondrom, Justin Clarke and Marco Morana.<br />
<br />
'''Thursday, 24th April - Meeting.'''<br />
Meeting (conference call) between Neill Gernon & Marco Morana concluded the following:<br />
-Speakers/Mentors> <br />
(a) Will will be looking to confirm speakers for the first kick off event (mid May). At this kick off event Neill Gernon & Marco Morana will talk on the programme format and the benifits to participants - this is an overview of the programme and a chance for all interested to come together and connect pre- initiative launch. Also to answer any questions attendees have before beginning. <br />
(b) Will be looking to confirm mentors for the pre-accelerator programme. These mentors will commit to specific calander dates to give team advisory, product validation, people mentorship and guidance through out the initiative.<br />
-Calander> Now we have a chosen starting point (kick off event by the 22nd May in London), we will be outlining the calander timeline of events, workshops and hackathon dates/times. *This initiative schedule will be updated to the wiki soon*<br />
-Sponsor details: Waiting to get confirmation from sponsors on how they wish to support initiative and owasp<br />
-How to continuously update the wiki for future updates and initiative news.<br />
<br />
Kick off event date, sponsor details, speakers and mentor confirmation will be following this meeting.<br />
<br />
<br />
'''Friday 9th May - Update on sponsor signup'''<br />
Created a quick "google form" along with a new presentation to get sponsors signed up to the initiative. Confirmation of dates and venue pending and subject to sponsor commitment due to venue expenses. <br />
Potential sponsors have been two options: <br />
1. join owasp membership and a % goes toward the initiative<br />
2. sponsor initiative direct<br />
Google form found [here> https://docs.google.com/forms/d/1hg3xqM3fHKDda0WshTEC7UTzK4nwcr1j6H79mHXSBoQ/viewform .]<br />
<br />
Additional updates> <br />
1. Wednesday meeting with Marco Moran confirmed to discuss initiative progress, venue, dates and sponsor confirmation.<br />
2. Monday - Meeting with IDEALondon to discuss venue and initiative start dates<br />
3. Monday - Meeting with a London university to propose initiative sponsorship<br />
<br />
<br />
''''Friday 23rd May - Update on sponsor/meeting progress''''<br />
Coordinating venue, sponsor and dates has taking longer than expected but continuing to progress with target engagements.<br />
Continued email discussions with Neill Gernon and Marco Morana on the progress of initiative to this date.<br />
<br />
'''Academic Sponsors/meeting.'''<br />
'''Securing dates to meet with UCL'''<br />
Meeting with researchers from the Research Institute in Science of Cybersecurity [http://www.ucl.ac.uk/cybersecurity] for the week of the 2nd of June. Meeting will be Neill Gernon and Marco Morana presenting initiative to Professor M. Angela Sasse [http://sec.cs.ucl.ac.uk/people/m_angela_sasse/] and to Professor David Pym [http://www0.cs.ucl.ac.uk/people/D.Pym.html] as well as other additional professors from the Institute. The goal is to present the initiative as potential r&d research for UCL and as a career route for UCL students to create cyber security startups to drive cyber security innovation. <br />
<br />
'''Progress with Kings University'''<br />
Marco Morana will also be engaging with contacts at Kings University London to arrange meeting to present the initiative for the university/students. <br />
<br />
'''Securing dates to meet with Royal Holloway'''<br />
Currently coordinating meetings with Royal Holloway with Lorenzo Cavallaro (through Marco Morana) and also to Justin O'Brian (through Samantha Groves) to help us present the initiative to Royal Holloway as an initiative that their students can participate in. <br />
<br />
'''Confirming a round table session at AppSec UK.'''<br />
We are currently confirming a roundtable session to be held at AppSec UK [https://2014.appsec.eu/] in Cambridge to present the initiative to owasp members/sponsors - both academic/corporate. Coordinating this roundtable session with Samantha Groves, Adrian Winckles and Tobias Gondrom which will be held at the AppSec Project Summitt [https://www.owasp.org/index.php/OWASP_Project_Summit_2014/Home] and presented by Neill Gernon on June 23rd/24th at Angelia Ruskin University Cambridge.<br />
<br />
<br />
'''Tuesday 27th May'''<br />
Meeting with Justin O'Brian (MBA Director & entrepreneurship at Royal Holloway) went well and he is recommending our initiative to professors leading the computer science, info security and IT institutes.<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
= Milestones =<br />
<br />
'''Milestones and Goals'''<br />
<br />
The OWASP pre-incubator security start-up project includes the following milestones;<br />
<br />
1) OWASP Security start-up pre-incubator process guide that document the process the WHAT that is a guide that can be followed by a non-profit entity such as OWASP, University, and Government Agency to run a security start-up pre-incubator program. We will document all steps of the process that can be followed to create pre seed funding security start-ups which can be replicated by following this program including<br />
the different stages that lead from opportunity to idea concept to creation of the open source prototype to the start-ups itself. The guide provide guidance on the goals of the various activities such as events, prototyping workshops and hackathons (e.g. goal is to experiment with OWASP open source tools, templates for the development of working prototypes) create and sign legal contract agreements, creation and validation of PoCs Proof of Concepts.<br />
<br />
2) OWASP Security start-up pre-incubator process manual that teaches the HOW that is how to engage with the start-up community locally (start), organize events, workshops, hackathons, mentoring and prepare business plans for participation to security incubators start-ups (end);<br />
<br />
3) OWASP Security start-up pre-incubator wiki site to manage the steps of the startup security pre accelerator process and document the proof of concept prototypes that can go on to be fully incubated start-ups; This wiki site will be created as OWASP pre-accelerator web site and will help it to be taken forward and used by OWASP chapters in different areas/countries.<br />
<br />
4) Documented results of piloting with a start-up pre-incubator real case that includes using the process guide the manual the wiki site to run a real case of pre-incubator program by running it at one of the established start up campuses in London pending on availability and agreements.<br />
<br />
5) OWASP open source working software prototype/PoCof an open source application security software/technology. This prototype/PoC is produced by following theseveral steps of the pre-accelerator security incubator program and is produced by the initiative participants as residents in the pre-accelerator working space and validated by the open source community. The scope of the prototype is to validate a proof of concept of a new idea that makes either web or mobile applications more secure. This prototype is released as open source to the community.<br />
<br />
=How to Get involved=<br />
<br />
Signup to our mailing list, updates coming soon!<br />
Mail list> https://lists.owasp.org/mailman/listinfo/owasp_cyber_security_pre-accelerator_initiative <br />
<br />
__NOTOC__ <headertabs /> <br />
<br />
[[Category:OWASP Global_Initiatives]] <br />
<br />
<br />
<br />
<br />
<br />
<br />
<headertabs/> <br />
__NOTOC__</div>Neill Gernonhttps://wiki.owasp.org/index.php?title=Global_Initiatives/Cyber_Security_Pre-accelerator_Initiative&diff=175837Global Initiatives/Cyber Security Pre-accelerator Initiative2014-05-27T14:17:59Z<p>Neill Gernon: </p>
<hr />
<div>=Main=<br />
<br />
<div style="width:100%;height:160px;border:0,margin:0;overflow: hidden;">[[File:Initiatives_banner_large.jpg|link=]]</div><br />
<br />
{| style="padding: 0;margin:0;margin-top:10px;text-align:left;" |-<br />
| valign="top" style="border-right: 1px dotted gray;padding-right:25px;" |<br />
<br />
==OWASP Cyber Security Startup Initiative==<br />
<br />
The aim of the OWASP Cyber Security Startup Initiative (CSSI) is to catalyse opportunities for innovation in application security by promoting the creation of prototypes of open source tools produced by entrepreneur-lead teams seeking to form cyber-security start-ups. OWASP will be piloting this initiative by running the cyber security incubator with sponsors. The ideal sponsors of this initiative are academic institutions, government entities and corporate sponsors/private investors. OWASP will manage the initiative end to end: from the initial planning and documentation of the cyber-security start-up process to the running and the piloting the initiative to the final documentation of the process and incorporation of the lessons learned. OWASP will be managing the logistical aspects of the program and OWASP leaders will mentor prospective cyber-security start-ups teams in the creation of the prototypes using free open source tools and APIs. OWASP will work together with the sponsors of this initiative by preparing the prospective cyber-security start-up(s) to seek funding by investor(s) at a later acceleration stage of the creation of the start-up.<br />
<br />
==Initiative Goals==<br />
<br />
The main goal of the pre-accelerator is to create opportunities for prospective entrepreneur-lead teams to transform ideas into open source community-validated concepts. The pursuit of innovative ideas can lead to the development of prototypes and (PoCs) Proof of Concept(s). Prospective start-ups can leverage no-cost OWASP resources that includes open source tools, documents/guides and training modules. The OWASP security incubator will offer to the selected entrepreneur-lead teams a structured place to work to experiment with the creation of working prototypes. The program, the workplace and the funding for the creation of the prototypes will be funded by OWASP corporate sponsorship(s). The initiative manuals and the prototypes developed by the start-ups will be released as open source to the application security community. The validation of the ideas with proof of concepts will help the start-up to participate to the next phase that is the cyber-security start-up acceleration program. The experience gained will help prospective start-ups to develop a Minimum Viable Product (MVP) and seek funding from prospective investors for further development.<br />
<br />
==Initiative Focus ==<br />
<br />
This initiative will focus on the pre-incubator/pre-acceleration phase that is the preliminary phase that leads to the incubation of a possible start-up. This is the phase where talent is nurtured and ideas are developed, concepts are validated and prototypes are tested. The goal of the pre-acceleration phase is to create Proof of Concepts (PoCs) of prototypes of application security products. This phase leads to the next phase that is the acceleration phase. Entrepreneur-lead teams participating to the OWASP pre-acceleration program can possibly use these POCs/prototypes to develop Minimum Viable Product (MVPs) in the acceleration stage. These MVPs might be used to present to Angel investors/VCs to seek funding for the creation of their start-ups using these products.<br />
<br />
==Beneficiaries of this Initiative==<br />
<br />
The OWASP pre-incubator security start-up initiative helps the collaborative effort of academic institutions, government entities as well as corporate sponsors in the creation their cyber-security innovation campus/acceleration programs for cyber-security start-ups. The role of OWASP in this initiative is to provide the tools, the training modules, the documentation guides that help start-ups teams selected to participate into the pre-acceleation program to design, implement and test secure software. The ideal candidates for the participation to this initiative are teams of young graduates from universities with curriculum in cyber-security that are interested in experimenting with application security tools and create innovative ways to test and to develop secure software. By spearheading the creation of cyber-security pre-acceleator programs OWASP will also create the opportunity for these teams of young college graduates to experiment with software security concepts, develop working prototypes of secure software. The experience gained by participating to the program will help young graduates to seek a career in software security as well as to become self-employed in a new cyber-security start-up that can leverage OWASP tools and prototypes developed (e.g. by using them in the start-up software security consulting services). The experience gained will help start-ups to develop their business plans and MVPs. These business plans and MVPs could be presented to prospective investors for funding. By participating to this initiative, prospective start-ups will be better positioned to move up to the next phase and seek funds such as seed capital investment from prospective investors/VCs/Angels. <br />
<br />
==Initiative Participation Requirements==<br />
<br />
Participants to the OWASP pre-acceleration security start-up program are required to respect the open source licenses for the use of OWASP tools and for the prototypes/PoCs being developed. OWASP prototypes/PoCs should be released as open source and subjected to the Creative Commons 3.0 License (see [https://www.owasp.org/index.php/OWASP_Licenses OWASP licenses] for details). <br />
<br />
==The role of OWASP in this Initiative==<br />
<br />
OWASP will provide funding for running of the initiative using OWASP corporate sponsorship. The funding will be used to run the initiative and to manage the logistical aspects of the program that includes providing office space for prospective start-up teams, conduct the "hackatons" to experiment with OWASP tools and resources and organize training sessions with application security mentors. The artefacts produced by the start-ups will also funded by the initiative: these will be released as open source at the end of the program. Part of the funding will be also allocated for documenting the process such as creation of guidelines for managing the pre-accelerator for security start-ups. The lessons learned by running the pre-accelerator program will be documented and distributed to the various sponsors of the initiative (e.g. academic institutions, corporate sponsors, government institutions) as well as released as free resource to be used by the application security community as a whole.<br />
<br />
Since OWASP is a non for profit organisation is not involved in any commercialisation aspects of the tools and products/MVPs that will be developed in the future by the start-ups that participated to the pre-acceleration program. OWASP will be only involved in running the start-up incubator program and in the funding of OWASP open source projects created by the start-ups that participate to this initiative. OWASP will not invest into the start-ups and will not take any commercial interests in the development of products that the start-up will develop outside this program. This includes also products/MVPs that are used to seek funds such as seed capital for the start-up.<br />
<br />
The OWASP organization, through the global foundation and his local chapters and the leaders of this initiative will ONLY run and manage the security start-up pre-accelerator program and fund the development of prototypes/PoCs that will be released as open source. OWASP will provide in-person mentoring in application security to the start-up teams participating to the program and mentoring to help teams to take their ideas into working prototypes/tools. OWASP will also collect data while running this program that will be useful for the documentation of the program manuals as lesson learnt. A the end of the pre-incubation phase, OWASP mentors will also teach the start-ups on how to create business plans and will advise in the technical aspects related to the proposal of new products and services. <br />
<br />
==Initiative Collaboration Effort==<br />
<br />
OWASP will be managing and run this initiative in collaboration with the sponsors. The likely sponsor(s) of this initiative are academic institutions that already have cyber-security curriculum and graduate programs in cyber-security as well as government organisations, corporate sponsors that would like to partner with academic institutions for the creation of cyber-security incubators for start-ups. Examples of these academic-government-private partnerships are the [http://cyber.bgu.ac.il/research Cyber Labs incubator in Israel], the [https://www.mach37.com Cyber-security start-up accelerators in VA USA] the [http://www.bwtechumbc.com/cyber/ Cyber Incubator@bwtech in MD USA] and the [http://cyberhivesandiego.org/about/about-cyberhive/ CyberHive in CA-USA San Diego]<br />
<br />
==Participation and Sponsorship Appeal==<br />
<br />
Corporate sponsors, academic institutions and government organisations interested in participating in the OWASP cyber-security pre-acceleration initiative can contact the initiative leaders (ref to the leaders info of this page) as well as [https://www.owasp.org/index.php/About_OWASP OWASP foundation board] directly. OWASP has different corporate sponsorship options available and all provide benefits. More information on OWASP corporate sponsorship can be found [https://www.owasp.org/index.php/Corporate_Membership here]<br />
<br />
If you are interested to directly contribute to the Cyber Security Pre Startup Accelerator Initiative please fill in the following [https://docs.google.com/forms/d/1hg3xqM3fHKDda0WshTEC7UTzK4nwcr1j6H79mHXSBoQ/viewform sponsorship form]<br />
<br />
==References==<br />
<br />
Ron Moritz, CISSP Managing Director, MTC OWASP:, 1 October 2013, [https://www.owasp.org/images/4/4d/OWASP_IL_2013_10_OWASP_Ron_Moritz_Why_Are_Investors_Excited_About_Cyber_Security_Startups.pdf Why Investors are excited about cyber-security start-ups, again?]<br />
<br />
Trusted Software Alliance, May 26, 2014, Security start-ups with Michael Coates [http://trustedsoftwarealliance.com/category/tswa-news-network/security-start-ups/ podcast]<br />
<br />
Investors flock to Cyber Security Startups<br />
[Investors flock to Cyber Security Startups http://www.ft.com/intl/cms/s/0/f5c87808-a883-11e3-b50f-00144feab7de.html#axzz32vM8YvW6]<br />
<br />
| valign="top" style="padding-left:25px;width:200px;border-right: 1px dotted gray;padding-right:25px;" |<br />
<br />
== Presentation Materials ==<br />
<br />
[https://www.owasp.org/images/4/42/OWASP_Security_Pre-Accelerator_Initiative.pdf OWASP Start-up initiative proposal documentation]<br />
<br />
[https://www.owasp.org/images/9/9b/OWASP_Security_Incubator_Presentation.pdf Atrovate proposal to OWASP presentation deck]<br />
<br />
''Note: this initiative proposal is released to OWASP for the purpose of seeking OWASP corporate funding only and should considered propriety of the authors and OWASP. This material cannot distributed and used for commercial purposes and without consent of the authors''<br />
<br />
== Initiative Leader(s) ==<br />
<br />
[https://www.owasp.org/index.php/User:Neill_Gernon Neill Gernon]<br />
[https://www.owasp.org/index.php/Marco_Morana Marco Morana]<br />
<br />
<br />
== Mailing List ==<br />
<br />
* [https://lists.owasp.org/mailman/listinfo/owasp_cyber_security_pre-accelerator_initiative Mailing List]<br />
<br />
|}<br />
<br />
= News and Events =<br />
<br />
'''Starting point/To date'''<br />
Neill Gernon and Marco Morana have worked up to this point on:<br />
-Startup community engagement> Meetings with London startup hubs including Level39 (Europes largest accelerator space), IDEALondon and universitys like Kings University where Marco spoke about the programme with thier security leaders. Also had meetings inside Google Campus London, Tech Hub and Central Working.<br />
-Programme planning> Designing the programme which has taken inspiration from lean prototyping workshops that Neill Gernon runs in London and Dublin startup clusters. Planning stages also included engaging with owasp staff including Samantha Groves, Kelly Santalucia and GK Southwick to conclude that this should be submitted and structured as an initiative.<br />
-Coordinating owasp meetings: Meetings with owasp chapter leaders including Tobias Gondrom, Justin Clarke and Marco Morana.<br />
<br />
'''Thursday, 24th April - Meeting.'''<br />
Meeting (conference call) between Neill Gernon & Marco Morana concluded the following:<br />
-Speakers/Mentors> <br />
(a) Will will be looking to confirm speakers for the first kick off event (mid May). At this kick off event Neill Gernon & Marco Morana will talk on the programme format and the benifits to participants - this is an overview of the programme and a chance for all interested to come together and connect pre- initiative launch. Also to answer any questions attendees have before beginning. <br />
(b) Will be looking to confirm mentors for the pre-accelerator programme. These mentors will commit to specific calander dates to give team advisory, product validation, people mentorship and guidance through out the initiative.<br />
-Calander> Now we have a chosen starting point (kick off event by the 22nd May in London), we will be outlining the calander timeline of events, workshops and hackathon dates/times. *This initiative schedule will be updated to the wiki soon*<br />
-Sponsor details: Waiting to get confirmation from sponsors on how they wish to support initiative and owasp<br />
-How to continuously update the wiki for future updates and initiative news.<br />
<br />
Kick off event date, sponsor details, speakers and mentor confirmation will be following this meeting.<br />
<br />
<br />
'''Friday 9th May - Update on sponsor signup'''<br />
Created a quick "google form" along with a new presentation to get sponsors signed up to the initiative. Confirmation of dates and venue pending and subject to sponsor commitment due to venue expenses. <br />
Potential sponsors have been two options: <br />
1. join owasp membership and a % goes toward the initiative<br />
2. sponsor initiative direct<br />
Google form found [here> https://docs.google.com/forms/d/1hg3xqM3fHKDda0WshTEC7UTzK4nwcr1j6H79mHXSBoQ/viewform .]<br />
<br />
Additional updates> <br />
1. Wednesday meeting with Marco Moran confirmed to discuss initiative progress, venue, dates and sponsor confirmation.<br />
2. Monday - Meeting with IDEALondon to discuss venue and initiative start dates<br />
3. Monday - Meeting with a London university to propose initiative sponsorship<br />
<br />
<br />
''''Friday 23rd May - Update on sponsor/meeting progress''''<br />
Coordinating venue, sponsor and dates has taking longer than expected but continuing to progress with target engagements.<br />
Continued email discussions with Neill Gernon and Marco Morana on the progress of initiative to this date.<br />
<br />
'''Academic Sponsors/meeting.'''<br />
'''Securing dates to meet with UCL'''<br />
Meeting with researchers from the Research Institute in Science of Cybersecurity [http://www.ucl.ac.uk/cybersecurity] for the week of the 2nd of June. Meeting will be Neill Gernon and Marco Morana presenting initiative to Professor M. Angela Sasse [http://sec.cs.ucl.ac.uk/people/m_angela_sasse/] and to Professor David Pym [http://www0.cs.ucl.ac.uk/people/D.Pym.html] as well as other additional professors from the Institute. The goal is to present the initiative as potential r&d research for UCL and as a career route for UCL students to create cyber security startups to drive cyber security innovation. <br />
<br />
'''Progress with Kings University'''<br />
Marco Morana will also be engaging with contacts at Kings University London to arrange meeting to present the initiative for the university/students. <br />
<br />
'''Securing dates to meet with Royal Holloway'''<br />
Currently coordinating meetings with Royal Holloway with Lorenzo Cavallaro (through Marco Morana) and also to Justin O'Brian (through Samantha Groves) to help us present the initiative to Royal Holloway as an initiative that their students can participate in. <br />
<br />
'''Confirming a round table session at AppSec UK.'''<br />
We are currently confirming a roundtable session to be held at AppSec UK [https://2014.appsec.eu/] in Cambridge to present the initiative to owasp members/sponsors - both academic/corporate. Coordinating this roundtable session with Samantha Groves, Adrian Winckles and Tobias Gondrom which will be held at the AppSec Project Summitt [https://www.owasp.org/index.php/OWASP_Project_Summit_2014/Home] and presented by Neill Gernon on June 23rd/24th at Angelia Ruskin University Cambridge.<br />
<br />
<br />
'''Tuesday 27th May'''<br />
Meeting with Justin O'Brian (MBA Director & entrepreneurship at Royal Holloway) went well and he is recommending our initiative to professors leading the computer science, info security and IT institutes.<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
= Milestones =<br />
<br />
'''Milestones and Goals'''<br />
<br />
The OWASP pre-incubator security start-up project includes the following milestones;<br />
<br />
1) OWASP Security start-up pre-incubator process guide that document the process the WHAT that is a guide that can be followed by a non-profit entity such as OWASP, University, and Government Agency to run a security start-up pre-incubator program. We will document all steps of the process that can be followed to create pre seed funding security start-ups which can be replicated by following this program including<br />
the different stages that lead from opportunity to idea concept to creation of the open source prototype to the start-ups itself. The guide provide guidance on the goals of the various activities such as events, prototyping workshops and hackathons (e.g. goal is to experiment with OWASP open source tools, templates for the development of working prototypes) create and sign legal contract agreements, creation and validation of PoCs Proof of Concepts.<br />
<br />
2) OWASP Security start-up pre-incubator process manual that teaches the HOW that is how to engage with the start-up community locally (start), organize events, workshops, hackathons, mentoring and prepare business plans for participation to security incubators start-ups (end);<br />
<br />
3) OWASP Security start-up pre-incubator wiki site to manage the steps of the startup security pre accelerator process and document the proof of concept prototypes that can go on to be fully incubated start-ups; This wiki site will be created as OWASP pre-accelerator web site and will help it to be taken forward and used by OWASP chapters in different areas/countries.<br />
<br />
4) Documented results of piloting with a start-up pre-incubator real case that includes using the process guide the manual the wiki site to run a real case of pre-incubator program by running it at one of the established start up campuses in London pending on availability and agreements.<br />
<br />
5) OWASP open source working software prototype/PoCof an open source application security software/technology. This prototype/PoC is produced by following theseveral steps of the pre-accelerator security incubator program and is produced by the initiative participants as residents in the pre-accelerator working space and validated by the open source community. The scope of the prototype is to validate a proof of concept of a new idea that makes either web or mobile applications more secure. This prototype is released as open source to the community.<br />
<br />
=How to Get involved=<br />
<br />
Signup to our mailing list, updates coming soon!<br />
Mail list> https://lists.owasp.org/mailman/listinfo/owasp_cyber_security_pre-accelerator_initiative <br />
<br />
__NOTOC__ <headertabs /> <br />
<br />
[[Category:OWASP Global_Initiatives]] <br />
<br />
<br />
<br />
<br />
<br />
<br />
<headertabs/> <br />
__NOTOC__</div>Neill Gernonhttps://wiki.owasp.org/index.php?title=Global_Initiatives/Cyber_Security_Pre-accelerator_Initiative&diff=175834Global Initiatives/Cyber Security Pre-accelerator Initiative2014-05-27T14:16:50Z<p>Neill Gernon: </p>
<hr />
<div>=Main=<br />
<br />
<div style="width:100%;height:160px;border:0,margin:0;overflow: hidden;">[[File:Initiatives_banner_large.jpg|link=]]</div><br />
<br />
{| style="padding: 0;margin:0;margin-top:10px;text-align:left;" |-<br />
| valign="top" style="border-right: 1px dotted gray;padding-right:25px;" |<br />
<br />
==OWASP Cyber Security Startup Initiative==<br />
<br />
The aim of the OWASP Cyber Security Startup Initiative (CSSI) is to catalyse opportunities for innovation in application security by promoting the creation of prototypes of open source tools produced by entrepreneur-lead teams seeking to form cyber-security start-ups. OWASP will be piloting this initiative by running the cyber security incubator with sponsors. The ideal sponsors of this initiative are academic institutions, government entities and corporate sponsors/private investors. OWASP will manage the initiative end to end: from the initial planning and documentation of the cyber-security start-up process to the running and the piloting the initiative to the final documentation of the process and incorporation of the lessons learned. OWASP will be managing the logistical aspects of the program and OWASP leaders will mentor prospective cyber-security start-ups teams in the creation of the prototypes using free open source tools and APIs. OWASP will work together with the sponsors of this initiative by preparing the prospective cyber-security start-up(s) to seek funding by investor(s) at a later acceleration stage of the creation of the start-up.<br />
<br />
==Initiative Goals==<br />
<br />
The main goal of the pre-accelerator is to create opportunities for prospective entrepreneur-lead teams to transform ideas into open source community-validated concepts. The pursuit of innovative ideas can lead to the development of prototypes and (PoCs) Proof of Concept(s). Prospective start-ups can leverage no-cost OWASP resources that includes open source tools, documents/guides and training modules. The OWASP security incubator will offer to the selected entrepreneur-lead teams a structured place to work to experiment with the creation of working prototypes. The program, the workplace and the funding for the creation of the prototypes will be funded by OWASP corporate sponsorship(s). The initiative manuals and the prototypes developed by the start-ups will be released as open source to the application security community. The validation of the ideas with proof of concepts will help the start-up to participate to the next phase that is the cyber-security start-up acceleration program. The experience gained will help prospective start-ups to develop a Minimum Viable Product (MVP) and seek funding from prospective investors for further development.<br />
<br />
==Initiative Focus ==<br />
<br />
This initiative will focus on the pre-incubator/pre-acceleration phase that is the preliminary phase that leads to the incubation of a possible start-up. This is the phase where talent is nurtured and ideas are developed, concepts are validated and prototypes are tested. The goal of the pre-acceleration phase is to create Proof of Concepts (PoCs) of prototypes of application security products. This phase leads to the next phase that is the acceleration phase. Entrepreneur-lead teams participating to the OWASP pre-acceleration program can possibly use these POCs/prototypes to develop Minimum Viable Product (MVPs) in the acceleration stage. These MVPs might be used to present to Angel investors/VCs to seek funding for the creation of their start-ups using these products.<br />
<br />
==Beneficiaries of this Initiative==<br />
<br />
The OWASP pre-incubator security start-up initiative helps the collaborative effort of academic institutions, government entities as well as corporate sponsors in the creation their cyber-security innovation campus/acceleration programs for cyber-security start-ups. The role of OWASP in this initiative is to provide the tools, the training modules, the documentation guides that help start-ups teams selected to participate into the pre-acceleation program to design, implement and test secure software. The ideal candidates for the participation to this initiative are teams of young graduates from universities with curriculum in cyber-security that are interested in experimenting with application security tools and create innovative ways to test and to develop secure software. By spearheading the creation of cyber-security pre-acceleator programs OWASP will also create the opportunity for these teams of young college graduates to experiment with software security concepts, develop working prototypes of secure software. The experience gained by participating to the program will help young graduates to seek a career in software security as well as to become self-employed in a new cyber-security start-up that can leverage OWASP tools and prototypes developed (e.g. by using them in the start-up software security consulting services). The experience gained will help start-ups to develop their business plans and MVPs. These business plans and MVPs could be presented to prospective investors for funding. By participating to this initiative, prospective start-ups will be better positioned to move up to the next phase and seek funds such as seed capital investment from prospective investors/VCs/Angels. <br />
<br />
==Initiative Participation Requirements==<br />
<br />
Participants to the OWASP pre-acceleration security start-up program are required to respect the open source licenses for the use of OWASP tools and for the prototypes/PoCs being developed. OWASP prototypes/PoCs should be released as open source and subjected to the Creative Commons 3.0 License (see [https://www.owasp.org/index.php/OWASP_Licenses OWASP licenses] for details). <br />
<br />
==The role of OWASP in this Initiative==<br />
<br />
OWASP will provide funding for running of the initiative using OWASP corporate sponsorship. The funding will be used to run the initiative and to manage the logistical aspects of the program that includes providing office space for prospective start-up teams, conduct the "hackatons" to experiment with OWASP tools and resources and organize training sessions with application security mentors. The artefacts produced by the start-ups will also funded by the initiative: these will be released as open source at the end of the program. Part of the funding will be also allocated for documenting the process such as creation of guidelines for managing the pre-accelerator for security start-ups. The lessons learned by running the pre-accelerator program will be documented and distributed to the various sponsors of the initiative (e.g. academic institutions, corporate sponsors, government institutions) as well as released as free resource to be used by the application security community as a whole.<br />
<br />
Since OWASP is a non for profit organisation is not involved in any commercialisation aspects of the tools and products/MVPs that will be developed in the future by the start-ups that participated to the pre-acceleration program. OWASP will be only involved in running the start-up incubator program and in the funding of OWASP open source projects created by the start-ups that participate to this initiative. OWASP will not invest into the start-ups and will not take any commercial interests in the development of products that the start-up will develop outside this program. This includes also products/MVPs that are used to seek funds such as seed capital for the start-up.<br />
<br />
The OWASP organization, through the global foundation and his local chapters and the leaders of this initiative will ONLY run and manage the security start-up pre-accelerator program and fund the development of prototypes/PoCs that will be released as open source. OWASP will provide in-person mentoring in application security to the start-up teams participating to the program and mentoring to help teams to take their ideas into working prototypes/tools. OWASP will also collect data while running this program that will be useful for the documentation of the program manuals as lesson learnt. A the end of the pre-incubation phase, OWASP mentors will also teach the start-ups on how to create business plans and will advise in the technical aspects related to the proposal of new products and services. <br />
<br />
==Initiative Collaboration Effort==<br />
<br />
OWASP will be managing and run this initiative in collaboration with the sponsors. The likely sponsor(s) of this initiative are academic institutions that already have cyber-security curriculum and graduate programs in cyber-security as well as government organisations, corporate sponsors that would like to partner with academic institutions for the creation of cyber-security incubators for start-ups. Examples of these academic-government-private partnerships are the [http://cyber.bgu.ac.il/research Cyber Labs incubator in Israel], the [https://www.mach37.com Cyber-security start-up accelerators in VA USA] the [http://www.bwtechumbc.com/cyber/ Cyber Incubator@bwtech in MD USA] and the [http://cyberhivesandiego.org/about/about-cyberhive/ CyberHive in CA-USA San Diego]<br />
<br />
==Participation and Sponsorship Appeal==<br />
<br />
Corporate sponsors, academic institutions and government organisations interested in participating in the OWASP cyber-security pre-acceleration initiative can contact the initiative leaders (ref to the leaders info of this page) as well as [https://www.owasp.org/index.php/About_OWASP OWASP foundation board] directly. OWASP has different corporate sponsorship options available and all provide benefits. More information on OWASP corporate sponsorship can be found [https://www.owasp.org/index.php/Corporate_Membership here]<br />
<br />
If you are interested to directly contribute to the Cyber Security Pre Startup Accelerator Initiative please fill in the following [https://docs.google.com/forms/d/1hg3xqM3fHKDda0WshTEC7UTzK4nwcr1j6H79mHXSBoQ/viewform sponsorship form]<br />
<br />
==References==<br />
<br />
Ron Moritz, CISSP Managing Director, MTC OWASP:, 1 October 2013, [https://www.owasp.org/images/4/4d/OWASP_IL_2013_10_OWASP_Ron_Moritz_Why_Are_Investors_Excited_About_Cyber_Security_Startups.pdf Why Investors are excited about cyber-security start-ups, again?]<br />
<br />
Trusted Software Alliance, May 26, 2014, Security start-ups with Michael Coates [http://trustedsoftwarealliance.com/category/tswa-news-network/security-start-ups/ podcast]<br />
<br />
Investors flock to Cyber Security Startups<br />
[http://www.ft.com/intl/cms/s/0/f5c87808-a883-11e3-b50f-00144feab7de.html#axzz32vM8YvW6]<br />
<br />
| valign="top" style="padding-left:25px;width:200px;border-right: 1px dotted gray;padding-right:25px;" |<br />
<br />
== Presentation Materials ==<br />
<br />
[https://www.owasp.org/images/4/42/OWASP_Security_Pre-Accelerator_Initiative.pdf OWASP Start-up initiative proposal documentation]<br />
<br />
[https://www.owasp.org/images/9/9b/OWASP_Security_Incubator_Presentation.pdf Atrovate proposal to OWASP presentation deck]<br />
<br />
''Note: this initiative proposal is released to OWASP for the purpose of seeking OWASP corporate funding only and should considered propriety of the authors and OWASP. This material cannot distributed and used for commercial purposes and without consent of the authors''<br />
<br />
== Initiative Leader(s) ==<br />
<br />
[https://www.owasp.org/index.php/User:Neill_Gernon Neill Gernon]<br />
[https://www.owasp.org/index.php/Marco_Morana Marco Morana]<br />
<br />
<br />
== Mailing List ==<br />
<br />
* [https://lists.owasp.org/mailman/listinfo/owasp_cyber_security_pre-accelerator_initiative Mailing List]<br />
<br />
|}<br />
<br />
= News and Events =<br />
<br />
'''Starting point/To date'''<br />
Neill Gernon and Marco Morana have worked up to this point on:<br />
-Startup community engagement> Meetings with London startup hubs including Level39 (Europes largest accelerator space), IDEALondon and universitys like Kings University where Marco spoke about the programme with thier security leaders. Also had meetings inside Google Campus London, Tech Hub and Central Working.<br />
-Programme planning> Designing the programme which has taken inspiration from lean prototyping workshops that Neill Gernon runs in London and Dublin startup clusters. Planning stages also included engaging with owasp staff including Samantha Groves, Kelly Santalucia and GK Southwick to conclude that this should be submitted and structured as an initiative.<br />
-Coordinating owasp meetings: Meetings with owasp chapter leaders including Tobias Gondrom, Justin Clarke and Marco Morana.<br />
<br />
'''Thursday, 24th April - Meeting.'''<br />
Meeting (conference call) between Neill Gernon & Marco Morana concluded the following:<br />
-Speakers/Mentors> <br />
(a) Will will be looking to confirm speakers for the first kick off event (mid May). At this kick off event Neill Gernon & Marco Morana will talk on the programme format and the benifits to participants - this is an overview of the programme and a chance for all interested to come together and connect pre- initiative launch. Also to answer any questions attendees have before beginning. <br />
(b) Will be looking to confirm mentors for the pre-accelerator programme. These mentors will commit to specific calander dates to give team advisory, product validation, people mentorship and guidance through out the initiative.<br />
-Calander> Now we have a chosen starting point (kick off event by the 22nd May in London), we will be outlining the calander timeline of events, workshops and hackathon dates/times. *This initiative schedule will be updated to the wiki soon*<br />
-Sponsor details: Waiting to get confirmation from sponsors on how they wish to support initiative and owasp<br />
-How to continuously update the wiki for future updates and initiative news.<br />
<br />
Kick off event date, sponsor details, speakers and mentor confirmation will be following this meeting.<br />
<br />
<br />
'''Friday 9th May - Update on sponsor signup'''<br />
Created a quick "google form" along with a new presentation to get sponsors signed up to the initiative. Confirmation of dates and venue pending and subject to sponsor commitment due to venue expenses. <br />
Potential sponsors have been two options: <br />
1. join owasp membership and a % goes toward the initiative<br />
2. sponsor initiative direct<br />
Google form found [here> https://docs.google.com/forms/d/1hg3xqM3fHKDda0WshTEC7UTzK4nwcr1j6H79mHXSBoQ/viewform .]<br />
<br />
Additional updates> <br />
1. Wednesday meeting with Marco Moran confirmed to discuss initiative progress, venue, dates and sponsor confirmation.<br />
2. Monday - Meeting with IDEALondon to discuss venue and initiative start dates<br />
3. Monday - Meeting with a London university to propose initiative sponsorship<br />
<br />
<br />
''''Friday 23rd May - Update on sponsor/meeting progress''''<br />
Coordinating venue, sponsor and dates has taking longer than expected but continuing to progress with target engagements.<br />
Continued email discussions with Neill Gernon and Marco Morana on the progress of initiative to this date.<br />
<br />
'''Academic Sponsors/meeting.'''<br />
'''Securing dates to meet with UCL'''<br />
Meeting with researchers from the Research Institute in Science of Cybersecurity [http://www.ucl.ac.uk/cybersecurity] for the week of the 2nd of June. Meeting will be Neill Gernon and Marco Morana presenting initiative to Professor M. Angela Sasse [http://sec.cs.ucl.ac.uk/people/m_angela_sasse/] and to Professor David Pym [http://www0.cs.ucl.ac.uk/people/D.Pym.html] as well as other additional professors from the Institute. The goal is to present the initiative as potential r&d research for UCL and as a career route for UCL students to create cyber security startups to drive cyber security innovation. <br />
<br />
'''Progress with Kings University'''<br />
Marco Morana will also be engaging with contacts at Kings University London to arrange meeting to present the initiative for the university/students. <br />
<br />
'''Securing dates to meet with Royal Holloway'''<br />
Currently coordinating meetings with Royal Holloway with Lorenzo Cavallaro (through Marco Morana) and also to Justin O'Brian (through Samantha Groves) to help us present the initiative to Royal Holloway as an initiative that their students can participate in. <br />
<br />
'''Confirming a round table session at AppSec UK.'''<br />
We are currently confirming a roundtable session to be held at AppSec UK [https://2014.appsec.eu/] in Cambridge to present the initiative to owasp members/sponsors - both academic/corporate. Coordinating this roundtable session with Samantha Groves, Adrian Winckles and Tobias Gondrom which will be held at the AppSec Project Summitt [https://www.owasp.org/index.php/OWASP_Project_Summit_2014/Home] and presented by Neill Gernon on June 23rd/24th at Angelia Ruskin University Cambridge.<br />
<br />
<br />
'''Tuesday 27th May'''<br />
Meeting with Justin O'Brian (MBA Director & entrepreneurship at Royal Holloway) went well and he is recommending our initiative to professors leading the computer science, info security and IT institutes.<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
= Milestones =<br />
<br />
'''Milestones and Goals'''<br />
<br />
The OWASP pre-incubator security start-up project includes the following milestones;<br />
<br />
1) OWASP Security start-up pre-incubator process guide that document the process the WHAT that is a guide that can be followed by a non-profit entity such as OWASP, University, and Government Agency to run a security start-up pre-incubator program. We will document all steps of the process that can be followed to create pre seed funding security start-ups which can be replicated by following this program including<br />
the different stages that lead from opportunity to idea concept to creation of the open source prototype to the start-ups itself. The guide provide guidance on the goals of the various activities such as events, prototyping workshops and hackathons (e.g. goal is to experiment with OWASP open source tools, templates for the development of working prototypes) create and sign legal contract agreements, creation and validation of PoCs Proof of Concepts.<br />
<br />
2) OWASP Security start-up pre-incubator process manual that teaches the HOW that is how to engage with the start-up community locally (start), organize events, workshops, hackathons, mentoring and prepare business plans for participation to security incubators start-ups (end);<br />
<br />
3) OWASP Security start-up pre-incubator wiki site to manage the steps of the startup security pre accelerator process and document the proof of concept prototypes that can go on to be fully incubated start-ups; This wiki site will be created as OWASP pre-accelerator web site and will help it to be taken forward and used by OWASP chapters in different areas/countries.<br />
<br />
4) Documented results of piloting with a start-up pre-incubator real case that includes using the process guide the manual the wiki site to run a real case of pre-incubator program by running it at one of the established start up campuses in London pending on availability and agreements.<br />
<br />
5) OWASP open source working software prototype/PoCof an open source application security software/technology. This prototype/PoC is produced by following theseveral steps of the pre-accelerator security incubator program and is produced by the initiative participants as residents in the pre-accelerator working space and validated by the open source community. The scope of the prototype is to validate a proof of concept of a new idea that makes either web or mobile applications more secure. This prototype is released as open source to the community.<br />
<br />
=How to Get involved=<br />
<br />
Signup to our mailing list, updates coming soon!<br />
Mail list> https://lists.owasp.org/mailman/listinfo/owasp_cyber_security_pre-accelerator_initiative <br />
<br />
__NOTOC__ <headertabs /> <br />
<br />
[[Category:OWASP Global_Initiatives]] <br />
<br />
<br />
<br />
<br />
<br />
<br />
<headertabs/> <br />
__NOTOC__</div>Neill Gernonhttps://wiki.owasp.org/index.php?title=Global_Initiatives/Cyber_Security_Pre-accelerator_Initiative&diff=175833Global Initiatives/Cyber Security Pre-accelerator Initiative2014-05-27T14:04:01Z<p>Neill Gernon: </p>
<hr />
<div>=Main=<br />
<br />
<div style="width:100%;height:160px;border:0,margin:0;overflow: hidden;">[[File:Initiatives_banner_large.jpg|link=]]</div><br />
<br />
{| style="padding: 0;margin:0;margin-top:10px;text-align:left;" |-<br />
| valign="top" style="border-right: 1px dotted gray;padding-right:25px;" |<br />
<br />
==OWASP Cyber Security Startup Initiative==<br />
<br />
The aim of the OWASP Cyber Security Startup Initiative (CSSI) is to catalyse opportunities for innovation in application security by promoting the creation of prototypes of open source tools produced by entrepreneur-lead teams seeking to form cyber-security start-ups. OWASP will be piloting this initiative by running the cyber security incubator with sponsors. The ideal sponsors of this initiative are academic institutions, government entities and corporate sponsors/private investors. OWASP will manage the initiative end to end: from the initial planning and documentation of the cyber-security start-up process to the running and the piloting the initiative to the final documentation of the process and incorporation of the lessons learned. OWASP will be managing the logistical aspects of the program and OWASP leaders will mentor prospective cyber-security start-ups teams in the creation of the prototypes using free open source tools and APIs. OWASP will work together with the sponsors of this initiative by preparing the prospective cyber-security start-up(s) to seek funding by investor(s) at a later acceleration stage of the creation of the start-up.<br />
<br />
==Initiative Goals==<br />
<br />
The main goal of the pre-accelerator is to create opportunities for prospective entrepreneur-lead teams to transform ideas into open source community-validated concepts. The pursuit of innovative ideas can lead to the development of prototypes and (PoCs) Proof of Concept(s). Prospective start-ups can leverage no-cost OWASP resources that includes open source tools, documents/guides and training modules. The OWASP security incubator will offer to the selected entrepreneur-lead teams a structured place to work to experiment with the creation of working prototypes. The program, the workplace and the funding for the creation of the prototypes will be funded by OWASP corporate sponsorship(s). The initiative manuals and the prototypes developed by the start-ups will be released as open source to the application security community. The validation of the ideas with proof of concepts will help the start-up to participate to the next phase that is the cyber-security start-up acceleration program. The experience gained will help prospective start-ups to develop a Minimum Viable Product (MVP) and seek funding from prospective investors for further development.<br />
<br />
==Initiative Focus ==<br />
<br />
This initiative will focus on the pre-incubator/pre-acceleration phase that is the preliminary phase that leads to the incubation of a possible start-up. This is the phase where talent is nurtured and ideas are developed, concepts are validated and prototypes are tested. The goal of the pre-acceleration phase is to create Proof of Concepts (PoCs) of prototypes of application security products. This phase leads to the next phase that is the acceleration phase. Entrepreneur-lead teams participating to the OWASP pre-acceleration program can possibly use these POCs/prototypes to develop Minimum Viable Product (MVPs) in the acceleration stage. These MVPs might be used to present to Angel investors/VCs to seek funding for the creation of their start-ups using these products.<br />
<br />
==Beneficiaries of this Initiative==<br />
<br />
The OWASP pre-incubator security start-up initiative helps the collaborative effort of academic institutions, government entities as well as corporate sponsors in the creation their cyber-security innovation campus/acceleration programs for cyber-security start-ups. The role of OWASP in this initiative is to provide the tools, the training modules, the documentation guides that help start-ups teams selected to participate into the pre-acceleation program to design, implement and test secure software. The ideal candidates for the participation to this initiative are teams of young graduates from universities with curriculum in cyber-security that are interested in experimenting with application security tools and create innovative ways to test and to develop secure software. By spearheading the creation of cyber-security pre-acceleator programs OWASP will also create the opportunity for these teams of young college graduates to experiment with software security concepts, develop working prototypes of secure software. The experience gained by participating to the program will help young graduates to seek a career in software security as well as to become self-employed in a new cyber-security start-up that can leverage OWASP tools and prototypes developed (e.g. by using them in the start-up software security consulting services). The experience gained will help start-ups to develop their business plans and MVPs. These business plans and MVPs could be presented to prospective investors for funding. By participating to this initiative, prospective start-ups will be better positioned to move up to the next phase and seek funds such as seed capital investment from prospective investors/VCs/Angels. <br />
<br />
==Initiative Participation Requirements==<br />
<br />
Participants to the OWASP pre-acceleration security start-up program are required to respect the open source licenses for the use of OWASP tools and for the prototypes/PoCs being developed. OWASP prototypes/PoCs should be released as open source and subjected to the Creative Commons 3.0 License (see [https://www.owasp.org/index.php/OWASP_Licenses OWASP licenses] for details). <br />
<br />
==The role of OWASP in this Initiative==<br />
<br />
OWASP will provide funding for running of the initiative using OWASP corporate sponsorship. The funding will be used to run the initiative and to manage the logistical aspects of the program that includes providing office space for prospective start-up teams, conduct the "hackatons" to experiment with OWASP tools and resources and organize training sessions with application security mentors. The artefacts produced by the start-ups will also funded by the initiative: these will be released as open source at the end of the program. Part of the funding will be also allocated for documenting the process such as creation of guidelines for managing the pre-accelerator for security start-ups. The lessons learned by running the pre-accelerator program will be documented and distributed to the various sponsors of the initiative (e.g. academic institutions, corporate sponsors, government institutions) as well as released as free resource to be used by the application security community as a whole.<br />
<br />
Since OWASP is a non for profit organisation is not involved in any commercialisation aspects of the tools and products/MVPs that will be developed in the future by the start-ups that participated to the pre-acceleration program. OWASP will be only involved in running the start-up incubator program and in the funding of OWASP open source projects created by the start-ups that participate to this initiative. OWASP will not invest into the start-ups and will not take any commercial interests in the development of products that the start-up will develop outside this program. This includes also products/MVPs that are used to seek funds such as seed capital for the start-up.<br />
<br />
The OWASP organization, through the global foundation and his local chapters and the leaders of this initiative will ONLY run and manage the security start-up pre-accelerator program and fund the development of prototypes/PoCs that will be released as open source. OWASP will provide in-person mentoring in application security to the start-up teams participating to the program and mentoring to help teams to take their ideas into working prototypes/tools. OWASP will also collect data while running this program that will be useful for the documentation of the program manuals as lesson learnt. A the end of the pre-incubation phase, OWASP mentors will also teach the start-ups on how to create business plans and will advise in the technical aspects related to the proposal of new products and services. <br />
<br />
==Initiative Collaboration Effort==<br />
<br />
OWASP will be managing and run this initiative in collaboration with the sponsors. The likely sponsor(s) of this initiative are academic institutions that already have cyber-security curriculum and graduate programs in cyber-security as well as government organisations, corporate sponsors that would like to partner with academic institutions for the creation of cyber-security incubators for start-ups. Examples of these academic-government-private partnerships are the [http://cyber.bgu.ac.il/research Cyber Labs incubator in Israel], the [https://www.mach37.com Cyber-security start-up accelerators in VA USA] the [http://www.bwtechumbc.com/cyber/ Cyber Incubator@bwtech in MD USA] and the [http://cyberhivesandiego.org/about/about-cyberhive/ CyberHive in CA-USA San Diego]<br />
<br />
==Participation and Sponsorship Appeal==<br />
<br />
Corporate sponsors, academic institutions and government organisations interested in participating in the OWASP cyber-security pre-acceleration initiative can contact the initiative leaders (ref to the leaders info of this page) as well as [https://www.owasp.org/index.php/About_OWASP OWASP foundation board] directly. OWASP has different corporate sponsorship options available and all provide benefits. More information on OWASP corporate sponsorship can be found [https://www.owasp.org/index.php/Corporate_Membership here]<br />
<br />
If you are interested to directly contribute to the Cyber Security Pre Startup Accelerator Initiative please fill in the following [https://docs.google.com/forms/d/1hg3xqM3fHKDda0WshTEC7UTzK4nwcr1j6H79mHXSBoQ/viewform sponsorship form]<br />
<br />
==References==<br />
<br />
Ron Moritz, CISSP Managing Director, MTC OWASP:, 1 October 2013, [https://www.owasp.org/images/4/4d/OWASP_IL_2013_10_OWASP_Ron_Moritz_Why_Are_Investors_Excited_About_Cyber_Security_Startups.pdf Why Investors are excited about cyber-security start-ups, again?]<br />
<br />
Trusted Software Alliance, May 26, 2014, Security start-ups with Michael Coates [http://trustedsoftwarealliance.com/category/tswa-news-network/security-start-ups/ podcast]<br />
<br />
| valign="top" style="padding-left:25px;width:200px;border-right: 1px dotted gray;padding-right:25px;" |<br />
<br />
== Presentation Materials ==<br />
<br />
[https://www.owasp.org/images/4/42/OWASP_Security_Pre-Accelerator_Initiative.pdf OWASP Start-up initiative proposal documentation]<br />
<br />
[https://www.owasp.org/images/9/9b/OWASP_Security_Incubator_Presentation.pdf Atrovate proposal to OWASP presentation deck]<br />
<br />
''Note: this initiative proposal is released to OWASP for the purpose of seeking OWASP corporate funding only and should considered propriety of the authors and OWASP. This material cannot distributed and used for commercial purposes and without consent of the authors''<br />
<br />
== Initiative Leader(s) ==<br />
<br />
[https://www.owasp.org/index.php/User:Neill_Gernon Neill Gernon]<br />
[https://www.owasp.org/index.php/Marco_Morana Marco Morana]<br />
<br />
<br />
== Mailing List ==<br />
<br />
* [https://lists.owasp.org/mailman/listinfo/owasp_cyber_security_pre-accelerator_initiative Mailing List]<br />
<br />
|}<br />
<br />
= News and Events =<br />
<br />
'''Starting point/To date'''<br />
Neill Gernon and Marco Morana have worked up to this point on:<br />
-Startup community engagement> Meetings with London startup hubs including Level39 (Europes largest accelerator space), IDEALondon and universitys like Kings University where Marco spoke about the programme with thier security leaders. Also had meetings inside Google Campus London, Tech Hub and Central Working.<br />
-Programme planning> Designing the programme which has taken inspiration from lean prototyping workshops that Neill Gernon runs in London and Dublin startup clusters. Planning stages also included engaging with owasp staff including Samantha Groves, Kelly Santalucia and GK Southwick to conclude that this should be submitted and structured as an initiative.<br />
-Coordinating owasp meetings: Meetings with owasp chapter leaders including Tobias Gondrom, Justin Clarke and Marco Morana.<br />
<br />
'''Thursday, 24th April - Meeting.'''<br />
Meeting (conference call) between Neill Gernon & Marco Morana concluded the following:<br />
-Speakers/Mentors> <br />
(a) Will will be looking to confirm speakers for the first kick off event (mid May). At this kick off event Neill Gernon & Marco Morana will talk on the programme format and the benifits to participants - this is an overview of the programme and a chance for all interested to come together and connect pre- initiative launch. Also to answer any questions attendees have before beginning. <br />
(b) Will be looking to confirm mentors for the pre-accelerator programme. These mentors will commit to specific calander dates to give team advisory, product validation, people mentorship and guidance through out the initiative.<br />
-Calander> Now we have a chosen starting point (kick off event by the 22nd May in London), we will be outlining the calander timeline of events, workshops and hackathon dates/times. *This initiative schedule will be updated to the wiki soon*<br />
-Sponsor details: Waiting to get confirmation from sponsors on how they wish to support initiative and owasp<br />
-How to continuously update the wiki for future updates and initiative news.<br />
<br />
Kick off event date, sponsor details, speakers and mentor confirmation will be following this meeting.<br />
<br />
<br />
'''Friday 9th May - Update on sponsor signup'''<br />
Created a quick "google form" along with a new presentation to get sponsors signed up to the initiative. Confirmation of dates and venue pending and subject to sponsor commitment due to venue expenses. <br />
Potential sponsors have been two options: <br />
1. join owasp membership and a % goes toward the initiative<br />
2. sponsor initiative direct<br />
Google form found [here> https://docs.google.com/forms/d/1hg3xqM3fHKDda0WshTEC7UTzK4nwcr1j6H79mHXSBoQ/viewform .]<br />
<br />
Additional updates> <br />
1. Wednesday meeting with Marco Moran confirmed to discuss initiative progress, venue, dates and sponsor confirmation.<br />
2. Monday - Meeting with IDEALondon to discuss venue and initiative start dates<br />
3. Monday - Meeting with a London university to propose initiative sponsorship<br />
<br />
<br />
''''Friday 23rd May - Update on sponsor/meeting progress''''<br />
Coordinating venue, sponsor and dates has taking longer than expected but continuing to progress with target engagements.<br />
Continued email discussions with Neill Gernon and Marco Morana on the progress of initiative to this date.<br />
<br />
'''Academic Sponsors/meeting.'''<br />
'''Securing dates to meet with UCL'''<br />
Meeting with researchers from the Research Institute in Science of Cybersecurity [http://www.ucl.ac.uk/cybersecurity] for the week of the 2nd of June. Meeting will be Neill Gernon and Marco Morana presenting initiative to Professor M. Angela Sasse [http://sec.cs.ucl.ac.uk/people/m_angela_sasse/] and to Professor David Pym [http://www0.cs.ucl.ac.uk/people/D.Pym.html] as well as other additional professors from the Institute. The goal is to present the initiative as potential r&d research for UCL and as a career route for UCL students to create cyber security startups to drive cyber security innovation. <br />
<br />
'''Progress with Kings University'''<br />
Marco Morana will also be engaging with contacts at Kings University London to arrange meeting to present the initiative for the university/students. <br />
<br />
'''Securing dates to meet with Royal Holloway'''<br />
Currently coordinating meetings with Royal Holloway with Lorenzo Cavallaro (through Marco Morana) and also to Justin O'Brian (through Samantha Groves) to help us present the initiative to Royal Holloway as an initiative that their students can participate in. <br />
<br />
'''Confirming a round table session at AppSec UK.'''<br />
We are currently confirming a roundtable session to be held at AppSec UK [https://2014.appsec.eu/] in Cambridge to present the initiative to owasp members/sponsors - both academic/corporate. Coordinating this roundtable session with Samantha Groves, Adrian Winckles and Tobias Gondrom which will be held at the AppSec Project Summitt [https://www.owasp.org/index.php/OWASP_Project_Summit_2014/Home] and presented by Neill Gernon on June 23rd/24th at Angelia Ruskin University Cambridge.<br />
<br />
<br />
'''Tuesday 27th May'''<br />
Meeting with Justin O'Brian (MBA Director & entrepreneurship at Royal Holloway) went well and he is recommending our initiative to professors leading the computer science, info security and IT institutes. Await<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
= Milestones =<br />
<br />
'''Milestones and Goals'''<br />
<br />
The OWASP pre-incubator security start-up project includes the following milestones;<br />
<br />
1) OWASP Security start-up pre-incubator process guide that document the process the WHAT that is a guide that can be followed by a non-profit entity such as OWASP, University, and Government Agency to run a security start-up pre-incubator program. We will document all steps of the process that can be followed to create pre seed funding security start-ups which can be replicated by following this program including<br />
the different stages that lead from opportunity to idea concept to creation of the open source prototype to the start-ups itself. The guide provide guidance on the goals of the various activities such as events, prototyping workshops and hackathons (e.g. goal is to experiment with OWASP open source tools, templates for the development of working prototypes) create and sign legal contract agreements, creation and validation of PoCs Proof of Concepts.<br />
<br />
2) OWASP Security start-up pre-incubator process manual that teaches the HOW that is how to engage with the start-up community locally (start), organize events, workshops, hackathons, mentoring and prepare business plans for participation to security incubators start-ups (end);<br />
<br />
3) OWASP Security start-up pre-incubator wiki site to manage the steps of the startup security pre accelerator process and document the proof of concept prototypes that can go on to be fully incubated start-ups; This wiki site will be created as OWASP pre-accelerator web site and will help it to be taken forward and used by OWASP chapters in different areas/countries.<br />
<br />
4) Documented results of piloting with a start-up pre-incubator real case that includes using the process guide the manual the wiki site to run a real case of pre-incubator program by running it at one of the established start up campuses in London pending on availability and agreements.<br />
<br />
5) OWASP open source working software prototype/PoCof an open source application security software/technology. This prototype/PoC is produced by following theseveral steps of the pre-accelerator security incubator program and is produced by the initiative participants as residents in the pre-accelerator working space and validated by the open source community. The scope of the prototype is to validate a proof of concept of a new idea that makes either web or mobile applications more secure. This prototype is released as open source to the community.<br />
<br />
=How to Get involved=<br />
<br />
Signup to our mailing list, updates coming soon!<br />
Mail list> https://lists.owasp.org/mailman/listinfo/owasp_cyber_security_pre-accelerator_initiative <br />
<br />
__NOTOC__ <headertabs /> <br />
<br />
[[Category:OWASP Global_Initiatives]] <br />
<br />
<br />
<br />
<br />
<br />
<br />
<headertabs/> <br />
__NOTOC__</div>Neill Gernonhttps://wiki.owasp.org/index.php?title=Global_Initiatives/Cyber_Security_Pre-accelerator_Initiative&diff=175725Global Initiatives/Cyber Security Pre-accelerator Initiative2014-05-24T14:39:16Z<p>Neill Gernon: </p>
<hr />
<div>=Main=<br />
<br />
<div style="width:100%;height:160px;border:0,margin:0;overflow: hidden;">[[File:Initiatives_banner_large.jpg|link=]]</div><br />
<br />
{| style="padding: 0;margin:0;margin-top:10px;text-align:left;" |-<br />
| valign="top" style="border-right: 1px dotted gray;padding-right:25px;" |<br />
<br />
==OWASP Cyber Security Startup Initiative==<br />
<br />
This initiative seeks to catalyze opportunities for innovation in application security by promoting the use of open source security tools within the start-up community. The main outcome of this OWASP initiative is the creation of a process that can be used for running a pre-accelerator for security company start-ups (also referred as start-up incubator) by either public or private industry sectors. One of the possible outcome(s) of this initiative is also the creation of security start-ups for a selected number of teams participating to this initiative. <br />
<br />
==Initiative Goals==<br />
<br />
The main goal of the pre-incubator is to create opportunities for entrepreneur-lead teams to transform their ideas of software security tools/services into open source community-validated concepts such as PoCs/prototypes. The pursuit of innovative ideas and the development of these (PoCs) Proof of Concept(s) can leverage OWASP free resources such as open source tools/documents/trainings. The OWASP security incubator will offer to the selected entrepreneur-lead teams a structured place to work to transform their ideas into working prototypes. This will be done with the support of OWASP and OWASP corporate sponsorship(s). Any artifact developed by the start-ups participating into the program including the PoCs and prototypes being developed will be released as open source to the application security community.<br />
<br />
==Initiative Focus ==<br />
<br />
This initiative will focus on the pre-incubator/pre-acceleration phase that is the preliminary phase that leads to the incubation of a possible start-up. This is the phase where talent is nurtured and ideas are developed, tools are validated and tested. The goal of the pre-acceleration phase is to create Proof of Concepts (PoCs) of software security tool prototypes. This phase leads to the next phase that is the acceleration phase. Entrepreneur-lead teams participating to the OWASP pre-acceleration program can possibly use these POCs/prototypes to develop Minimum Viable Product (MVPs) in the acceleration stage. These MVPs might be used to present to Angel investors/VCs to seek funding for the creation of their start-ups using these products.<br />
<br />
==Beneficiaries of this Initiative==<br />
<br />
The OWASP pre-incubator security start-up initiative helps academic institutions, government entities as well as corporate sponsors to create their own cyber-security innovation campus/acceleration for start-up programs. OWASP will provide the tools, the training modules, the documentation guides and help teams to design, to implement and to test secure software. The ideal targets that can benefit from this initiative are young graduates from universities with curriculum in cyber-security interested in experimenting with application security tools to create innovative ways to test and develop secure software. By spearheading the incubation of security start-ups OWASP will also create the opportunity for these young college graduates to experience with software security, develop working prototypes and PoCs and use them to seek a career in software security as well as to become employed in self created security start-up that can leverage these OWASP tools and prototypes for their software security consulting services. By participating to this initiative prospective start-ups will be better positioned to seek funds and seed capital investment from prospective investors/VCs/Angels. Products/MVPs could be presented to prospective investors for funding. These MVPs can be further developed by the start-up based upon the open source software/prototypes/PoWs begin developed and the technical experience gained while participating to the OWASP pre-acceleration security program.<br />
<br />
==Initiative Participation Requirements==<br />
<br />
Participants to the OWASP pre-acceleration security start-up program such as OWASP corporate sponsors and prospective start-up teams are required to respect the open source licenses for the use of OWASP tools and for the prototypes/PoCs being developed. OWASP prototypes/PoCs should be released as open source and subjected to the Creative Commons 3.0 License (see [https://www.owasp.org/index.php/OWASP_Licenses OWASP licenses] for details). <br />
<br />
==The role of OWASP in this Initiative==<br />
<br />
OWASP will provide funding for running of the initiative using OWASP corporate sponsorship. The funding will be used to run the initiative and to provide the logistical aspects of the program that includes providing office space for prospective start-up teams, conduct the "hackatons" to experiment with OWASP tools and resources and organize training sessions with application security mentors. The artefacts produced by the start-ups will also funded by the initiative, this will be released as open source. Another part of the funding will be allocated for documenting the process for running the pre-accelerator for security start-ups. This includes the lesson learned by running the pre-accelerator program that will be documented in manuals and distributed to the sponsors of the initiative (e.g. Academic institutions, corporate sponsors) as well as free to use by the application security community as a whole.<br />
<br />
OWASP is a non for profit organisation and therefore is not involved in any commercialisation aspects of the tools and products/MVPs that will be developed in the future by the start-ups that participated to the pre-acceleration program. OWASP will be involved only in running the start-up incubator program and the funding of OWASP open source projects created by the start-ups that participate to this initiative. OWASP will not invest into the start-ups and will not take any commercial interests in the development of products that the start-up will develop outside this program. This includes also products/MVPs that are used to seek funds such as seed capital for the start-up.<br />
<br />
The OWASP organization, through the global foundation and his local chapters and the leaders of this initiative will ONLY run and manage the security start-up pre-accelerator program and fund the development of prototypes/PoCs that will be released as open source. OWASP will provide in-person mentoring in application security to the start-up teams participating to the program and mentoring to help teams to take their ideas into working prototypes/tools. OWASP will also collect data while running this program that will be useful for the documentation of the program manuals as lesson learnt. A the end of the pre-incubation phase, OWASP mentors will also teach the start-ups on how to create business plans and will advise in the technical aspects related to the proposal of new products and services. <br />
<br />
==Initiative Collaboration Effort==<br />
<br />
OWASP will be managing and run this initiative in collaboration with the sponsors. The likely sponsor(s) of this initiative are academic institutions that already have cyber-security curriculum and graduate programs in cyber-security as well as government organisations, corporate sponsors that would like to partner with academic institutions for the creation of cyber-security incubators for start-ups. Examples of these collaboration(s) includes the [http://cyber.bgu.ac.il/research Cyber Labs incubator in Israel], the [https://www.mach37.com Cyber-security start-up accelerators in VA USA] the [http://www.bwtechumbc.com/cyber/ Cyber Incubator@bwtech in MD USA] and the [http://cyberhivesandiego.org/about/about-cyberhive/ CyberHive in CA-USA San Diego]<br />
<br />
==Participation and Sponsorship Appeal==<br />
<br />
Corporate sponsors, academic institutions and government organisations interested in the OWASP cyber-security pre-acceleration initiative can contact the initiative leaders (ref to the leaders info of this page) as well as [https://www.owasp.org/index.php/About_OWASP OWASP foundation board] directly. OWASP has different corporate sponsorship options available and all provide benefits. More information on OWASP corporate sponsorship can be found [https://www.owasp.org/index.php/Corporate_Membership here]<br />
<br />
If you are interested to directly contribute to the Cyber Security Pre Startup Accelerator Initiative please fill in the following [https://docs.google.com/forms/d/1hg3xqM3fHKDda0WshTEC7UTzK4nwcr1j6H79mHXSBoQ/viewform sponsorship form]<br />
| valign="top" style="padding-left:25px;width:200px;border-right: 1px dotted gray;padding-right:25px;" |<br />
<br />
== Presentation Materials ==<br />
<br />
[https://www.owasp.org/images/4/42/OWASP_Security_Pre-Accelerator_Initiative.pdf OWASP Start-up initiative proposal documentation]<br />
<br />
[https://www.owasp.org/images/9/9b/OWASP_Security_Incubator_Presentation.pdf Atrovate proposal to OWASP presentation deck]<br />
<br />
''Note: this initiative proposal is released to OWASP for the purpose of seeking OWASP corporate funding only and should considered propriety of the authors and OWASP and cannot distributed and used for commercial purposes and without consent of the authors''<br />
<br />
== Initiative Leader(s) ==<br />
<br />
[https://www.owasp.org/index.php/User:Neill_Gernon Neill Gernon]<br />
[https://www.owasp.org/index.php/Marco_Morana Marco Morana]<br />
<br />
<br />
== Mailing List ==<br />
<br />
* [https://lists.owasp.org/mailman/listinfo/owasp_cyber_security_pre-accelerator_initiative Mailing List]<br />
<br />
|}<br />
<br />
= News and Events =<br />
<br />
'''Starting point/To date'''<br />
Neill Gernon and Marco Morana have worked up to this point on:<br />
-Startup community engagement> Meetings with London startup hubs including Level39 (Europes largest accelerator space), IDEALondon and universitys like Kings University where Marco spoke about the programme with thier security leaders. Also had meetings inside Google Campus London, Tech Hub and Central Working.<br />
-Programme planning> Designing the programme which has taken inspiration from lean prototyping workshops that Neill Gernon runs in London and Dublin startup clusters. Planning stages also included engaging with owasp staff including Samantha Groves, Kelly Santalucia and GK Southwick to conclude that this should be submitted and structured as an initiative.<br />
-Coordinating owasp meetings: Meetings with owasp chapter leaders including Tobias Gondrom, Justin Clarke and Marco Morana.<br />
<br />
'''Thursday, 24th April - Meeting.'''<br />
Meeting (conference call) between Neill Gernon & Marco Morana concluded the following:<br />
-Speakers/Mentors> <br />
(a) Will will be looking to confirm speakers for the first kick off event (mid May). At this kick off event Neill Gernon & Marco Morana will talk on the programme format and the benifits to participants - this is an overview of the programme and a chance for all interested to come together and connect pre- initiative launch. Also to answer any questions attendees have before beginning. <br />
(b) Will be looking to confirm mentors for the pre-accelerator programme. These mentors will commit to specific calander dates to give team advisory, product validation, people mentorship and guidance through out the initiative.<br />
-Calander> Now we have a chosen starting point (kick off event by the 22nd May in London), we will be outlining the calander timeline of events, workshops and hackathon dates/times. *This initiative schedule will be updated to the wiki soon*<br />
-Sponsor details: Waiting to get confirmation from sponsors on how they wish to support initiative and owasp<br />
-How to continuously update the wiki for future updates and initiative news.<br />
<br />
Kick off event date, sponsor details, speakers and mentor confirmation will be following this meeting.<br />
<br />
<br />
'''Friday 9th May - Update on sponsor signup'''<br />
Created a quick "google form" along with a new presentation to get sponsors signed up to the initiative. Confirmation of dates and venue pending and subject to sponsor commitment due to venue expenses. <br />
Potential sponsors have been two options: <br />
1. join owasp membership and a % goes toward the initiative<br />
2. sponsor initiative direct<br />
Google form found [here> https://docs.google.com/forms/d/1hg3xqM3fHKDda0WshTEC7UTzK4nwcr1j6H79mHXSBoQ/viewform .]<br />
<br />
Additional updates> <br />
1. Wednesday meeting with Marco Moran confirmed to discuss initiative progress, venue, dates and sponsor confirmation.<br />
2. Monday - Meeting with IDEALondon to discuss venue and initiative start dates<br />
3. Monday - Meeting with a London university to propose initiative sponsorship<br />
<br />
<br />
''''Friday 23rd May - Update on sponsor/meeting progress''''<br />
Coordinating venue, sponsor and dates has taking longer than expected but continuing to progress with target engagements.<br />
Continued email discussions with Neill Gernon and Marco Morana on the progress of initiative to this date.<br />
<br />
'''Academic Sponsors/meeting.'''<br />
'''Securing dates to meet with UCL'''<br />
Meeting with researchers from the Research Institute in Science of Cybersecurity [http://www.ucl.ac.uk/cybersecurity] for the week of the 2nd of June. Meeting will be Neill Gernon and Marco Morana presenting initiative to Professor M. Angela Sasse [http://sec.cs.ucl.ac.uk/people/m_angela_sasse/] and to Professor David Pym [http://www0.cs.ucl.ac.uk/people/D.Pym.html] as well as other additional professors from the Institute. The goal is to present the initiative as potential r&d research for UCL and as a career route for UCL students to create cyber security startups to drive cyber security innovation. <br />
<br />
'''Progress with Kings University'''<br />
Marco Morana will also be engaging with contacts at Kings University London to arrange meeting to present the initiative for the university/students. <br />
<br />
'''Securing dates to meet with Royal Holloway'''<br />
Currently coordinating meetings with Royal Holloway with Lorenzo Cavallaro (through Marco Morana) and also to Justin O'Brian (through Samantha Groves) to help us present the initiative to Royal Holloway as an initiative that their students can participate in. <br />
<br />
'''Confirming a round table session at AppSec UK.'''<br />
We are currently confirming a roundtable session to be held at AppSec UK [https://2014.appsec.eu/] in Cambridge to present the initiative to owasp members/sponsors - both academic/corporate. Coordinating this roundtable session with Samantha Groves, Adrian Winckles and Tobias Gondrom which will be held at the AppSec Project Summitt [https://www.owasp.org/index.php/OWASP_Project_Summit_2014/Home] and presented by Neill Gernon on June 23rd/24th at Angelia Ruskin University Cambridge.<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
= Milestones =<br />
<br />
'''Milestones and Goals'''<br />
<br />
The OWASP pre-incubator security start-up project includes the following milestones;<br />
<br />
1) OWASP Security start-up pre-incubator process guide that document the process the WHAT that is a guide that can be followed by a non-profit entity such as OWASP, University, and Government Agency to run a security start-up pre-incubator program. We will document all steps of the process that can be followed to create pre seed funding security start-ups which can be replicated by following this program including<br />
the different stages that lead from opportunity to idea concept to creation of the open source prototype to the start-ups itself. The guide provide guidance on the goals of the various activities such as events, prototyping workshops and hackathons (e.g. goal is to experiment with OWASP open source tools, templates for the development of working prototypes) create and sign legal contract agreements, creation and validation of PoCs Proof of Concepts.<br />
<br />
2) OWASP Security start-up pre-incubator process manual that teaches the HOW that is how to engage with the start-up community locally (start), organize events, workshops, hackathons, mentoring and prepare business plans for participation to security incubators start-ups (end);<br />
<br />
3) OWASP Security start-up pre-incubator wiki site to manage the steps of the startup security pre accelerator process and document the proof of concept prototypes that can go on to be fully incubated start-ups; This wiki site will be created as OWASP pre-accelerator web site and will help it to be taken forward and used by OWASP chapters in different areas/countries.<br />
<br />
4) Documented results of piloting with a start-up pre-incubator real case that includes using the process guide the manual the wiki site to run a real case of pre-incubator program by running it at one of the established start up campuses in London pending on availability and agreements.<br />
<br />
5) OWASP open source working software prototype/PoCof an open source application security software/technology. This prototype/PoC is produced by following theseveral steps of the pre-accelerator security incubator program and is produced by the initiative participants as residents in the pre-accelerator working space and validated by the open source community. The scope of the prototype is to validate a proof of concept of a new idea that makes either web or mobile applications more secure. This prototype is released as open source to the community.<br />
<br />
=How to Get involved=<br />
<br />
Signup to our mailing list, updates coming soon!<br />
Mail list> https://lists.owasp.org/mailman/listinfo/owasp_cyber_security_pre-accelerator_initiative <br />
<br />
__NOTOC__ <headertabs /> <br />
<br />
[[Category:OWASP Global_Initiatives]] <br />
<br />
<br />
<br />
<br />
<br />
<br />
<headertabs/> <br />
__NOTOC__</div>Neill Gernonhttps://wiki.owasp.org/index.php?title=Global_Initiatives/Cyber_Security_Pre-accelerator_Initiative&diff=175724Global Initiatives/Cyber Security Pre-accelerator Initiative2014-05-24T14:37:41Z<p>Neill Gernon: </p>
<hr />
<div>=Main=<br />
<br />
<div style="width:100%;height:160px;border:0,margin:0;overflow: hidden;">[[File:Initiatives_banner_large.jpg|link=]]</div><br />
<br />
{| style="padding: 0;margin:0;margin-top:10px;text-align:left;" |-<br />
| valign="top" style="border-right: 1px dotted gray;padding-right:25px;" |<br />
<br />
==OWASP Cyber Security Startup Initiative==<br />
<br />
This initiative seeks to catalyze opportunities for innovation in application security by promoting the use of open source security tools within the start-up community. The main outcome of this OWASP initiative is the creation of a process that can be used for running a pre-accelerator for security company start-ups (also referred as start-up incubator) by either public or private industry sectors. One of the possible outcome(s) of this initiative is also the creation of security start-ups for a selected number of teams participating to this initiative. <br />
<br />
==Initiative Goals==<br />
<br />
The main goal of the pre-incubator is to create opportunities for entrepreneur-lead teams to transform their ideas of software security tools/services into open source community-validated concepts such as PoCs/prototypes. The pursuit of innovative ideas and the development of these (PoCs) Proof of Concept(s) can leverage OWASP free resources such as open source tools/documents/trainings. The OWASP security incubator will offer to the selected entrepreneur-lead teams a structured place to work to transform their ideas into working prototypes. This will be done with the support of OWASP and OWASP corporate sponsorship(s). Any artifact developed by the start-ups participating into the program including the PoCs and prototypes being developed will be released as open source to the application security community.<br />
<br />
==Initiative Focus ==<br />
<br />
This initiative will focus on the pre-incubator/pre-acceleration phase that is the preliminary phase that leads to the incubation of a possible start-up. This is the phase where talent is nurtured and ideas are developed, tools are validated and tested. The goal of the pre-acceleration phase is to create Proof of Concepts (PoCs) of software security tool prototypes. This phase leads to the next phase that is the acceleration phase. Entrepreneur-lead teams participating to the OWASP pre-acceleration program can possibly use these POCs/prototypes to develop Minimum Viable Product (MVPs) in the acceleration stage. These MVPs might be used to present to Angel investors/VCs to seek funding for the creation of their start-ups using these products.<br />
<br />
==Beneficiaries of this Initiative==<br />
<br />
The OWASP pre-incubator security start-up initiative helps academic institutions, government entities as well as corporate sponsors to create their own cyber-security innovation campus/acceleration for start-up programs. OWASP will provide the tools, the training modules, the documentation guides and help teams to design, to implement and to test secure software. The ideal targets that can benefit from this initiative are young graduates from universities with curriculum in cyber-security interested in experimenting with application security tools to create innovative ways to test and develop secure software. By spearheading the incubation of security start-ups OWASP will also create the opportunity for these young college graduates to experience with software security, develop working prototypes and PoCs and use them to seek a career in software security as well as to become employed in self created security start-up that can leverage these OWASP tools and prototypes for their software security consulting services. By participating to this initiative prospective start-ups will be better positioned to seek funds and seed capital investment from prospective investors/VCs/Angels. Products/MVPs could be presented to prospective investors for funding. These MVPs can be further developed by the start-up based upon the open source software/prototypes/PoWs begin developed and the technical experience gained while participating to the OWASP pre-acceleration security program.<br />
<br />
==Initiative Participation Requirements==<br />
<br />
Participants to the OWASP pre-acceleration security start-up program such as OWASP corporate sponsors and prospective start-up teams are required to respect the open source licenses for the use of OWASP tools and for the prototypes/PoCs being developed. OWASP prototypes/PoCs should be released as open source and subjected to the Creative Commons 3.0 License (see [https://www.owasp.org/index.php/OWASP_Licenses OWASP licenses] for details). <br />
<br />
==The role of OWASP in this Initiative==<br />
<br />
OWASP will provide funding for running of the initiative using OWASP corporate sponsorship. The funding will be used to run the initiative and to provide the logistical aspects of the program that includes providing office space for prospective start-up teams, conduct the "hackatons" to experiment with OWASP tools and resources and organize training sessions with application security mentors. The artefacts produced by the start-ups will also funded by the initiative, this will be released as open source. Another part of the funding will be allocated for documenting the process for running the pre-accelerator for security start-ups. This includes the lesson learned by running the pre-accelerator program that will be documented in manuals and distributed to the sponsors of the initiative (e.g. Academic institutions, corporate sponsors) as well as free to use by the application security community as a whole.<br />
<br />
OWASP is a non for profit organisation and therefore is not involved in any commercialisation aspects of the tools and products/MVPs that will be developed in the future by the start-ups that participated to the pre-acceleration program. OWASP will be involved only in running the start-up incubator program and the funding of OWASP open source projects created by the start-ups that participate to this initiative. OWASP will not invest into the start-ups and will not take any commercial interests in the development of products that the start-up will develop outside this program. This includes also products/MVPs that are used to seek funds such as seed capital for the start-up.<br />
<br />
The OWASP organization, through the global foundation and his local chapters and the leaders of this initiative will ONLY run and manage the security start-up pre-accelerator program and fund the development of prototypes/PoCs that will be released as open source. OWASP will provide in-person mentoring in application security to the start-up teams participating to the program and mentoring to help teams to take their ideas into working prototypes/tools. OWASP will also collect data while running this program that will be useful for the documentation of the program manuals as lesson learnt. A the end of the pre-incubation phase, OWASP mentors will also teach the start-ups on how to create business plans and will advise in the technical aspects related to the proposal of new products and services. <br />
<br />
==Initiative Collaboration Effort==<br />
<br />
OWASP will be managing and run this initiative in collaboration with the sponsors. The likely sponsor(s) of this initiative are academic institutions that already have cyber-security curriculum and graduate programs in cyber-security as well as government organisations, corporate sponsors that would like to partner with academic institutions for the creation of cyber-security incubators for start-ups. Examples of these collaboration(s) includes the [http://cyber.bgu.ac.il/research Cyber Labs incubator in Israel], the [https://www.mach37.com Cyber-security start-up accelerators in VA USA] the [http://www.bwtechumbc.com/cyber/ Cyber Incubator@bwtech in MD USA] and the [http://cyberhivesandiego.org/about/about-cyberhive/ CyberHive in CA-USA San Diego]<br />
<br />
==Participation and Sponsorship Appeal==<br />
<br />
Corporate sponsors, academic institutions and government organisations interested in the OWASP cyber-security pre-acceleration initiative can contact the initiative leaders (ref to the leaders info of this page) as well as [https://www.owasp.org/index.php/About_OWASP OWASP foundation board] directly. OWASP has different corporate sponsorship options available and all provide benefits. More information on OWASP corporate sponsorship can be found [https://www.owasp.org/index.php/Corporate_Membership here]<br />
<br />
If you are interested to directly contribute to the Cyber Security Pre Startup Accelerator Initiative please fill in the following [https://docs.google.com/forms/d/1hg3xqM3fHKDda0WshTEC7UTzK4nwcr1j6H79mHXSBoQ/viewform sponsorship form]<br />
| valign="top" style="padding-left:25px;width:200px;border-right: 1px dotted gray;padding-right:25px;" |<br />
<br />
== Presentation Materials ==<br />
<br />
[https://www.owasp.org/images/4/42/OWASP_Security_Pre-Accelerator_Initiative.pdf OWASP Start-up initiative proposal documentation]<br />
<br />
[https://www.owasp.org/images/9/9b/OWASP_Security_Incubator_Presentation.pdf Atrovate proposal to OWASP presentation deck]<br />
<br />
''Note: this initiative proposal is released to OWASP for the purpose of seeking OWASP corporate funding only and should considered propriety of the authors and OWASP and cannot distributed and used for commercial purposes and without consent of the authors''<br />
<br />
== Initiative Leader(s) ==<br />
<br />
[https://www.owasp.org/index.php/User:Neill_Gernon Neill Gernon]<br />
[https://www.owasp.org/index.php/Marco_Morana Marco Morana]<br />
<br />
<br />
== Mailing List ==<br />
<br />
* [https://lists.owasp.org/mailman/listinfo/owasp_cyber_security_pre-accelerator_initiative Mailing List]<br />
<br />
|}<br />
<br />
= News and Events =<br />
<br />
'''Starting point/To date'''<br />
Neill Gernon and Marco Morana have worked up to this point on:<br />
-Startup community engagement> Meetings with London startup hubs including Level39 (Europes largest accelerator space), IDEALondon and universitys like Kings University where Marco spoke about the programme with thier security leaders. Also had meetings inside Google Campus London, Tech Hub and Central Working.<br />
-Programme planning> Designing the programme which has taken inspiration from lean prototyping workshops that Neill Gernon runs in London and Dublin startup clusters. Planning stages also included engaging with owasp staff including Samantha Groves, Kelly Santalucia and GK Southwick to conclude that this should be submitted and structured as an initiative.<br />
-Coordinating owasp meetings: Meetings with owasp chapter leaders including Tobias Gondrom, Justin Clarke and Marco Morana.<br />
<br />
'''Thursday, 24th April - Meeting.'''<br />
Meeting (conference call) between Neill Gernon & Marco Morana concluded the following:<br />
-Speakers/Mentors> <br />
(a) Will will be looking to confirm speakers for the first kick off event (mid May). At this kick off event Neill Gernon & Marco Morana will talk on the programme format and the benifits to participants - this is an overview of the programme and a chance for all interested to come together and connect pre- initiative launch. Also to answer any questions attendees have before beginning. <br />
(b) Will be looking to confirm mentors for the pre-accelerator programme. These mentors will commit to specific calander dates to give team advisory, product validation, people mentorship and guidance through out the initiative.<br />
-Calander> Now we have a chosen starting point (kick off event by the 22nd May in London), we will be outlining the calander timeline of events, workshops and hackathon dates/times. *This initiative schedule will be updated to the wiki soon*<br />
-Sponsor details: Waiting to get confirmation from sponsors on how they wish to support initiative and owasp<br />
-How to continuously update the wiki for future updates and initiative news.<br />
<br />
Kick off event date, sponsor details, speakers and mentor confirmation will be following this meeting.<br />
<br />
<br />
'''Friday 9th May - Update on sponsor signup'''<br />
Created a quick "google form" along with a new presentation to get sponsors signed up to the initiative. Confirmation of dates and venue pending and subject to sponsor commitment due to venue expenses. <br />
Potential sponsors have been two options: <br />
1. join owasp membership and a % goes toward the initiative<br />
2. sponsor initiative direct<br />
Google form found [here> https://docs.google.com/forms/d/1hg3xqM3fHKDda0WshTEC7UTzK4nwcr1j6H79mHXSBoQ/viewform .]<br />
<br />
Additional updates> <br />
1. Wednesday meeting with Marco Moran confirmed to discuss initiative progress, venue, dates and sponsor confirmation.<br />
2. Monday - Meeting with IDEALondon to discuss venue and initiative start dates<br />
3. Monday - Meeting with a London university to propose initiative sponsorship<br />
<br />
<br />
''''Friday 23rd May - Update on sponsor/meeting progress''''<br />
Coordinating venue, sponsor and dates has taking longer than expected but continuing to progress with target engagements.<br />
Continued email discussions with Neill Gernon and Marco Morana on the progress of initiative to this date.<br />
<br />
'''Academic Sponsors/meeting.'''<br />
'''Securing dates to meet with UCL'''<br />
Meeting with researchers from the Research Institute in Science of Cybersecurity [http://www.ucl.ac.uk/cybersecurity] for the week of the 2nd of June. Meeting will be Neill Gernon and Marco Morana presenting initiative to Professor M. Angela Sasse [http://sec.cs.ucl.ac.uk/people/m_angela_sasse/] and to Professor David Pym [http://www0.cs.ucl.ac.uk/people/D.Pym.html] as well as other additional professors from the Institute. The goal is to present the initiative as potential r&d research for UCL and as a career route for UCL students to create cyber security startups to drive cyber security innovation. <br />
<br />
'''Progress with Kings University'''<br />
Marco Moran will also be engaging with contacts at Kings University London to arrange meting to present the initiative for the university/students. <br />
<br />
'''Securing dates to meet with Royal Holloway'''<br />
Currently coordinating meetings with Royal Holloway with Lorenzo Cavallaro (through Marco Morana) and also to Justin O'Brian (through Samantha Groves) to help us present the initiative to Royal Holloway as an initiative that their students can participate in. <br />
<br />
'''Confirming a round table session at AppSec UK.'''<br />
We are currently confirming a roundtable session to be held at AppSec UK [https://2014.appsec.eu/] in Cambridge to present the initiative to owasp members/sponsors - both academic/corporate. Coordinating this roundtable session with Samantha Groves, Adrian Winckles and Tobias Gondrom which will be held at the AppSec Project Summitt [https://www.owasp.org/index.php/OWASP_Project_Summit_2014/Home] and presented by Neill Gernon on June 23rd/24th at Angelia Ruskin University Cambridge.<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
= Milestones =<br />
<br />
'''Milestones and Goals'''<br />
<br />
The OWASP pre-incubator security start-up project includes the following milestones;<br />
<br />
1) OWASP Security start-up pre-incubator process guide that document the process the WHAT that is a guide that can be followed by a non-profit entity such as OWASP, University, and Government Agency to run a security start-up pre-incubator program. We will document all steps of the process that can be followed to create pre seed funding security start-ups which can be replicated by following this program including<br />
the different stages that lead from opportunity to idea concept to creation of the open source prototype to the start-ups itself. The guide provide guidance on the goals of the various activities such as events, prototyping workshops and hackathons (e.g. goal is to experiment with OWASP open source tools, templates for the development of working prototypes) create and sign legal contract agreements, creation and validation of PoCs Proof of Concepts.<br />
<br />
2) OWASP Security start-up pre-incubator process manual that teaches the HOW that is how to engage with the start-up community locally (start), organize events, workshops, hackathons, mentoring and prepare business plans for participation to security incubators start-ups (end);<br />
<br />
3) OWASP Security start-up pre-incubator wiki site to manage the steps of the startup security pre accelerator process and document the proof of concept prototypes that can go on to be fully incubated start-ups; This wiki site will be created as OWASP pre-accelerator web site and will help it to be taken forward and used by OWASP chapters in different areas/countries.<br />
<br />
4) Documented results of piloting with a start-up pre-incubator real case that includes using the process guide the manual the wiki site to run a real case of pre-incubator program by running it at one of the established start up campuses in London pending on availability and agreements.<br />
<br />
5) OWASP open source working software prototype/PoCof an open source application security software/technology. This prototype/PoC is produced by following theseveral steps of the pre-accelerator security incubator program and is produced by the initiative participants as residents in the pre-accelerator working space and validated by the open source community. The scope of the prototype is to validate a proof of concept of a new idea that makes either web or mobile applications more secure. This prototype is released as open source to the community.<br />
<br />
=How to Get involved=<br />
<br />
Signup to our mailing list, updates coming soon!<br />
Mail list> https://lists.owasp.org/mailman/listinfo/owasp_cyber_security_pre-accelerator_initiative <br />
<br />
__NOTOC__ <headertabs /> <br />
<br />
[[Category:OWASP Global_Initiatives]] <br />
<br />
<br />
<br />
<br />
<br />
<br />
<headertabs/> <br />
__NOTOC__</div>Neill Gernonhttps://wiki.owasp.org/index.php?title=Global_Initiatives/Cyber_Security_Pre-accelerator_Initiative&diff=175723Global Initiatives/Cyber Security Pre-accelerator Initiative2014-05-24T14:36:52Z<p>Neill Gernon: </p>
<hr />
<div>=Main=<br />
<br />
<div style="width:100%;height:160px;border:0,margin:0;overflow: hidden;">[[File:Initiatives_banner_large.jpg|link=]]</div><br />
<br />
{| style="padding: 0;margin:0;margin-top:10px;text-align:left;" |-<br />
| valign="top" style="border-right: 1px dotted gray;padding-right:25px;" |<br />
<br />
==OWASP Cyber Security Startup Initiative==<br />
<br />
This initiative seeks to catalyze opportunities for innovation in application security by promoting the use of open source security tools within the start-up community. The main outcome of this OWASP initiative is the creation of a process that can be used for running a pre-accelerator for security company start-ups (also referred as start-up incubator) by either public or private industry sectors. One of the possible outcome(s) of this initiative is also the creation of security start-ups for a selected number of teams participating to this initiative. <br />
<br />
==Initiative Goals==<br />
<br />
The main goal of the pre-incubator is to create opportunities for entrepreneur-lead teams to transform their ideas of software security tools/services into open source community-validated concepts such as PoCs/prototypes. The pursuit of innovative ideas and the development of these (PoCs) Proof of Concept(s) can leverage OWASP free resources such as open source tools/documents/trainings. The OWASP security incubator will offer to the selected entrepreneur-lead teams a structured place to work to transform their ideas into working prototypes. This will be done with the support of OWASP and OWASP corporate sponsorship(s). Any artifact developed by the start-ups participating into the program including the PoCs and prototypes being developed will be released as open source to the application security community.<br />
<br />
==Initiative Focus ==<br />
<br />
This initiative will focus on the pre-incubator/pre-acceleration phase that is the preliminary phase that leads to the incubation of a possible start-up. This is the phase where talent is nurtured and ideas are developed, tools are validated and tested. The goal of the pre-acceleration phase is to create Proof of Concepts (PoCs) of software security tool prototypes. This phase leads to the next phase that is the acceleration phase. Entrepreneur-lead teams participating to the OWASP pre-acceleration program can possibly use these POCs/prototypes to develop Minimum Viable Product (MVPs) in the acceleration stage. These MVPs might be used to present to Angel investors/VCs to seek funding for the creation of their start-ups using these products.<br />
<br />
==Beneficiaries of this Initiative==<br />
<br />
The OWASP pre-incubator security start-up initiative helps academic institutions, government entities as well as corporate sponsors to create their own cyber-security innovation campus/acceleration for start-up programs. OWASP will provide the tools, the training modules, the documentation guides and help teams to design, to implement and to test secure software. The ideal targets that can benefit from this initiative are young graduates from universities with curriculum in cyber-security interested in experimenting with application security tools to create innovative ways to test and develop secure software. By spearheading the incubation of security start-ups OWASP will also create the opportunity for these young college graduates to experience with software security, develop working prototypes and PoCs and use them to seek a career in software security as well as to become employed in self created security start-up that can leverage these OWASP tools and prototypes for their software security consulting services. By participating to this initiative prospective start-ups will be better positioned to seek funds and seed capital investment from prospective investors/VCs/Angels. Products/MVPs could be presented to prospective investors for funding. These MVPs can be further developed by the start-up based upon the open source software/prototypes/PoWs begin developed and the technical experience gained while participating to the OWASP pre-acceleration security program.<br />
<br />
==Initiative Participation Requirements==<br />
<br />
Participants to the OWASP pre-acceleration security start-up program such as OWASP corporate sponsors and prospective start-up teams are required to respect the open source licenses for the use of OWASP tools and for the prototypes/PoCs being developed. OWASP prototypes/PoCs should be released as open source and subjected to the Creative Commons 3.0 License (see [https://www.owasp.org/index.php/OWASP_Licenses OWASP licenses] for details). <br />
<br />
==The role of OWASP in this Initiative==<br />
<br />
OWASP will provide funding for running of the initiative using OWASP corporate sponsorship. The funding will be used to run the initiative and to provide the logistical aspects of the program that includes providing office space for prospective start-up teams, conduct the "hackatons" to experiment with OWASP tools and resources and organize training sessions with application security mentors. The artefacts produced by the start-ups will also funded by the initiative, this will be released as open source. Another part of the funding will be allocated for documenting the process for running the pre-accelerator for security start-ups. This includes the lesson learned by running the pre-accelerator program that will be documented in manuals and distributed to the sponsors of the initiative (e.g. Academic institutions, corporate sponsors) as well as free to use by the application security community as a whole.<br />
<br />
OWASP is a non for profit organisation and therefore is not involved in any commercialisation aspects of the tools and products/MVPs that will be developed in the future by the start-ups that participated to the pre-acceleration program. OWASP will be involved only in running the start-up incubator program and the funding of OWASP open source projects created by the start-ups that participate to this initiative. OWASP will not invest into the start-ups and will not take any commercial interests in the development of products that the start-up will develop outside this program. This includes also products/MVPs that are used to seek funds such as seed capital for the start-up.<br />
<br />
The OWASP organization, through the global foundation and his local chapters and the leaders of this initiative will ONLY run and manage the security start-up pre-accelerator program and fund the development of prototypes/PoCs that will be released as open source. OWASP will provide in-person mentoring in application security to the start-up teams participating to the program and mentoring to help teams to take their ideas into working prototypes/tools. OWASP will also collect data while running this program that will be useful for the documentation of the program manuals as lesson learnt. A the end of the pre-incubation phase, OWASP mentors will also teach the start-ups on how to create business plans and will advise in the technical aspects related to the proposal of new products and services. <br />
<br />
==Initiative Collaboration Effort==<br />
<br />
OWASP will be managing and run this initiative in collaboration with the sponsors. The likely sponsor(s) of this initiative are academic institutions that already have cyber-security curriculum and graduate programs in cyber-security as well as government organisations, corporate sponsors that would like to partner with academic institutions for the creation of cyber-security incubators for start-ups. Examples of these collaboration(s) includes the [http://cyber.bgu.ac.il/research Cyber Labs incubator in Israel], the [https://www.mach37.com Cyber-security start-up accelerators in VA USA] the [http://www.bwtechumbc.com/cyber/ Cyber Incubator@bwtech in MD USA] and the [http://cyberhivesandiego.org/about/about-cyberhive/ CyberHive in CA-USA San Diego]<br />
<br />
==Participation and Sponsorship Appeal==<br />
<br />
Corporate sponsors, academic institutions and government organisations interested in the OWASP cyber-security pre-acceleration initiative can contact the initiative leaders (ref to the leaders info of this page) as well as [https://www.owasp.org/index.php/About_OWASP OWASP foundation board] directly. OWASP has different corporate sponsorship options available and all provide benefits. More information on OWASP corporate sponsorship can be found [https://www.owasp.org/index.php/Corporate_Membership here]<br />
<br />
If you are interested to directly contribute to the Cyber Security Pre Startup Accelerator Initiative please fill in the following [https://docs.google.com/forms/d/1hg3xqM3fHKDda0WshTEC7UTzK4nwcr1j6H79mHXSBoQ/viewform sponsorship form]<br />
| valign="top" style="padding-left:25px;width:200px;border-right: 1px dotted gray;padding-right:25px;" |<br />
<br />
== Presentation Materials ==<br />
<br />
[https://www.owasp.org/images/4/42/OWASP_Security_Pre-Accelerator_Initiative.pdf OWASP Start-up initiative proposal documentation]<br />
<br />
[https://www.owasp.org/images/9/9b/OWASP_Security_Incubator_Presentation.pdf Atrovate proposal to OWASP presentation deck]<br />
<br />
''Note: this initiative proposal is released to OWASP for the purpose of seeking OWASP corporate funding only and should considered propriety of the authors and OWASP and cannot distributed and used for commercial purposes and without consent of the authors''<br />
<br />
== Initiative Leader(s) ==<br />
<br />
[https://www.owasp.org/index.php/User:Neill_Gernon Neill Gernon]<br />
[https://www.owasp.org/index.php/Marco_Morana Marco Morana]<br />
<br />
<br />
== Mailing List ==<br />
<br />
* [https://lists.owasp.org/mailman/listinfo/owasp_cyber_security_pre-accelerator_initiative Mailing List]<br />
<br />
|}<br />
<br />
= News and Events =<br />
<br />
'''Starting point/To date'''<br />
Neill Gernon and Marco Morana have worked up to this point on:<br />
-Startup community engagement> Meetings with London startup hubs including Level39 (Europes largest accelerator space), IDEALondon and universitys like Kings University where Marco spoke about the programme with thier security leaders. Also had meetings inside Google Campus London, Tech Hub and Central Working.<br />
-Programme planning> Designing the programme which has taken inspiration from lean prototyping workshops that Neill Gernon runs in London and Dublin startup clusters. Planning stages also included engaging with owasp staff including Samantha Groves, Kelly Santalucia and GK Southwick to conclude that this should be submitted and structured as an initiative.<br />
-Coordinating owasp meetings: Meetings with owasp chapter leaders including Tobias Gondrom, Justin Clarke and Marco Morana.<br />
<br />
'''Thursday, 24th April - Meeting.'''<br />
Meeting (conference call) between Neill Gernon & Marco Morana concluded the following:<br />
-Speakers/Mentors> <br />
(a) Will will be looking to confirm speakers for the first kick off event (mid May). At this kick off event Neill Gernon & Marco Morana will talk on the programme format and the benifits to participants - this is an overview of the programme and a chance for all interested to come together and connect pre- initiative launch. Also to answer any questions attendees have before beginning. <br />
(b) Will be looking to confirm mentors for the pre-accelerator programme. These mentors will commit to specific calander dates to give team advisory, product validation, people mentorship and guidance through out the initiative.<br />
-Calander> Now we have a chosen starting point (kick off event by the 22nd May in London), we will be outlining the calander timeline of events, workshops and hackathon dates/times. *This initiative schedule will be updated to the wiki soon*<br />
-Sponsor details: Waiting to get confirmation from sponsors on how they wish to support initiative and owasp<br />
-How to continuously update the wiki for future updates and initiative news.<br />
<br />
Kick off event date, sponsor details, speakers and mentor confirmation will be following this meeting.<br />
<br />
<br />
'''Friday 9th May - Update on sponsor signup'''<br />
Created a quick "google form" along with a new presentation to get sponsors signed up to the initiative. Confirmation of dates and venue pending and subject to sponsor commitment due to venue expenses. <br />
Potential sponsors have been two options: <br />
1. join owasp membership and a % goes toward the initiative<br />
2. sponsor initiative direct<br />
Google form found [here> https://docs.google.com/forms/d/1hg3xqM3fHKDda0WshTEC7UTzK4nwcr1j6H79mHXSBoQ/viewform .]<br />
<br />
Additional updates> <br />
1. Wednesday meeting with Marco Moran confirmed to discuss initiative progress, venue, dates and sponsor confirmation.<br />
2. Monday - Meeting with IDEALondon to discuss venue and initiative start dates<br />
3. Monday - Meeting with a London university to propose initiative sponsorship<br />
<br />
<br />
''''Friday 23rd May - Update on sponsor/meeting progress''''<br />
Coordinating venue, sponsor and dates has taking longer than expected but continuing to progress with target engagements.<br />
Continued email discussions with Neill Gernon and Marco Morana on the progress of initiative to this date.<br />
<br />
[['''Academic Sponsors/meeting.''']]<br />
<br />
'''Securing dates to meet with UCL'''<br />
Meeting with researchers from the Research Institute in Science of Cybersecurity [http://www.ucl.ac.uk/cybersecurity] for the week of the 2nd of June. Meeting will be Neill Gernon and Marco Morana presenting initiative to Professor M. Angela Sasse [http://sec.cs.ucl.ac.uk/people/m_angela_sasse/] and to Professor David Pym [http://www0.cs.ucl.ac.uk/people/D.Pym.html] as well as other additional professors from the Institute. The goal is to present the initiative as potential r&d research for UCL and as a career route for UCL students to create cyber security startups to drive cyber security innovation. <br />
<br />
'''Progress with Kings University'''<br />
Marco Moran will also be engaging with contacts at Kings University London to arrange meting to present the initiative for the university/students. <br />
<br />
'''Securing dates to meet with Royal Holloway'''<br />
Currently coordinating meetings with Royal Holloway with Lorenzo Cavallaro (through Marco Morana) and also to Justin O'Brian (through Samantha Groves) to help us present the initiative to Royal Holloway as an initiative that their students can participate in. <br />
<br />
'''Confirming a round table session at AppSec UK.'''<br />
We are currently confirming a roundtable session to be held at AppSec UK [https://2014.appsec.eu/] in Cambridge to present the initiative to owasp members/sponsors - both academic/corporate. Coordinating this roundtable session with Samantha Groves, Adrian Winckles and Tobias Gondrom which will be held at the AppSec Project Summitt [https://www.owasp.org/index.php/OWASP_Project_Summit_2014/Home] and presented by Neill Gernon on June 23rd/24th at Angelia Ruskin University Cambridge.<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
= Milestones =<br />
<br />
'''Milestones and Goals'''<br />
<br />
The OWASP pre-incubator security start-up project includes the following milestones;<br />
<br />
1) OWASP Security start-up pre-incubator process guide that document the process the WHAT that is a guide that can be followed by a non-profit entity such as OWASP, University, and Government Agency to run a security start-up pre-incubator program. We will document all steps of the process that can be followed to create pre seed funding security start-ups which can be replicated by following this program including<br />
the different stages that lead from opportunity to idea concept to creation of the open source prototype to the start-ups itself. The guide provide guidance on the goals of the various activities such as events, prototyping workshops and hackathons (e.g. goal is to experiment with OWASP open source tools, templates for the development of working prototypes) create and sign legal contract agreements, creation and validation of PoCs Proof of Concepts.<br />
<br />
2) OWASP Security start-up pre-incubator process manual that teaches the HOW that is how to engage with the start-up community locally (start), organize events, workshops, hackathons, mentoring and prepare business plans for participation to security incubators start-ups (end);<br />
<br />
3) OWASP Security start-up pre-incubator wiki site to manage the steps of the startup security pre accelerator process and document the proof of concept prototypes that can go on to be fully incubated start-ups; This wiki site will be created as OWASP pre-accelerator web site and will help it to be taken forward and used by OWASP chapters in different areas/countries.<br />
<br />
4) Documented results of piloting with a start-up pre-incubator real case that includes using the process guide the manual the wiki site to run a real case of pre-incubator program by running it at one of the established start up campuses in London pending on availability and agreements.<br />
<br />
5) OWASP open source working software prototype/PoCof an open source application security software/technology. This prototype/PoC is produced by following theseveral steps of the pre-accelerator security incubator program and is produced by the initiative participants as residents in the pre-accelerator working space and validated by the open source community. The scope of the prototype is to validate a proof of concept of a new idea that makes either web or mobile applications more secure. This prototype is released as open source to the community.<br />
<br />
=How to Get involved=<br />
<br />
Signup to our mailing list, updates coming soon!<br />
Mail list> https://lists.owasp.org/mailman/listinfo/owasp_cyber_security_pre-accelerator_initiative <br />
<br />
__NOTOC__ <headertabs /> <br />
<br />
[[Category:OWASP Global_Initiatives]] <br />
<br />
<br />
<br />
<br />
<br />
<br />
<headertabs/> <br />
__NOTOC__</div>Neill Gernonhttps://wiki.owasp.org/index.php?title=Global_Initiatives/Cyber_Security_Pre-accelerator_Initiative&diff=175722Global Initiatives/Cyber Security Pre-accelerator Initiative2014-05-24T14:33:48Z<p>Neill Gernon: </p>
<hr />
<div>=Main=<br />
<br />
<div style="width:100%;height:160px;border:0,margin:0;overflow: hidden;">[[File:Initiatives_banner_large.jpg|link=]]</div><br />
<br />
{| style="padding: 0;margin:0;margin-top:10px;text-align:left;" |-<br />
| valign="top" style="border-right: 1px dotted gray;padding-right:25px;" |<br />
<br />
==OWASP Cyber Security Startup Initiative==<br />
<br />
This initiative seeks to catalyze opportunities for innovation in application security by promoting the use of open source security tools within the start-up community. The main outcome of this OWASP initiative is the creation of a process that can be used for running a pre-accelerator for security company start-ups (also referred as start-up incubator) by either public or private industry sectors. One of the possible outcome(s) of this initiative is also the creation of security start-ups for a selected number of teams participating to this initiative. <br />
<br />
==Initiative Goals==<br />
<br />
The main goal of the pre-incubator is to create opportunities for entrepreneur-lead teams to transform their ideas of software security tools/services into open source community-validated concepts such as PoCs/prototypes. The pursuit of innovative ideas and the development of these (PoCs) Proof of Concept(s) can leverage OWASP free resources such as open source tools/documents/trainings. The OWASP security incubator will offer to the selected entrepreneur-lead teams a structured place to work to transform their ideas into working prototypes. This will be done with the support of OWASP and OWASP corporate sponsorship(s). Any artifact developed by the start-ups participating into the program including the PoCs and prototypes being developed will be released as open source to the application security community.<br />
<br />
==Initiative Focus ==<br />
<br />
This initiative will focus on the pre-incubator/pre-acceleration phase that is the preliminary phase that leads to the incubation of a possible start-up. This is the phase where talent is nurtured and ideas are developed, tools are validated and tested. The goal of the pre-acceleration phase is to create Proof of Concepts (PoCs) of software security tool prototypes. This phase leads to the next phase that is the acceleration phase. Entrepreneur-lead teams participating to the OWASP pre-acceleration program can possibly use these POCs/prototypes to develop Minimum Viable Product (MVPs) in the acceleration stage. These MVPs might be used to present to Angel investors/VCs to seek funding for the creation of their start-ups using these products.<br />
<br />
==Beneficiaries of this Initiative==<br />
<br />
The OWASP pre-incubator security start-up initiative helps academic institutions, government entities as well as corporate sponsors to create their own cyber-security innovation campus/acceleration for start-up programs. OWASP will provide the tools, the training modules, the documentation guides and help teams to design, to implement and to test secure software. The ideal targets that can benefit from this initiative are young graduates from universities with curriculum in cyber-security interested in experimenting with application security tools to create innovative ways to test and develop secure software. By spearheading the incubation of security start-ups OWASP will also create the opportunity for these young college graduates to experience with software security, develop working prototypes and PoCs and use them to seek a career in software security as well as to become employed in self created security start-up that can leverage these OWASP tools and prototypes for their software security consulting services. By participating to this initiative prospective start-ups will be better positioned to seek funds and seed capital investment from prospective investors/VCs/Angels. Products/MVPs could be presented to prospective investors for funding. These MVPs can be further developed by the start-up based upon the open source software/prototypes/PoWs begin developed and the technical experience gained while participating to the OWASP pre-acceleration security program.<br />
<br />
==Initiative Participation Requirements==<br />
<br />
Participants to the OWASP pre-acceleration security start-up program such as OWASP corporate sponsors and prospective start-up teams are required to respect the open source licenses for the use of OWASP tools and for the prototypes/PoCs being developed. OWASP prototypes/PoCs should be released as open source and subjected to the Creative Commons 3.0 License (see [https://www.owasp.org/index.php/OWASP_Licenses OWASP licenses] for details). <br />
<br />
==The role of OWASP in this Initiative==<br />
<br />
OWASP will provide funding for running of the initiative using OWASP corporate sponsorship. The funding will be used to run the initiative and to provide the logistical aspects of the program that includes providing office space for prospective start-up teams, conduct the "hackatons" to experiment with OWASP tools and resources and organize training sessions with application security mentors. The artefacts produced by the start-ups will also funded by the initiative, this will be released as open source. Another part of the funding will be allocated for documenting the process for running the pre-accelerator for security start-ups. This includes the lesson learned by running the pre-accelerator program that will be documented in manuals and distributed to the sponsors of the initiative (e.g. Academic institutions, corporate sponsors) as well as free to use by the application security community as a whole.<br />
<br />
OWASP is a non for profit organisation and therefore is not involved in any commercialisation aspects of the tools and products/MVPs that will be developed in the future by the start-ups that participated to the pre-acceleration program. OWASP will be involved only in running the start-up incubator program and the funding of OWASP open source projects created by the start-ups that participate to this initiative. OWASP will not invest into the start-ups and will not take any commercial interests in the development of products that the start-up will develop outside this program. This includes also products/MVPs that are used to seek funds such as seed capital for the start-up.<br />
<br />
The OWASP organization, through the global foundation and his local chapters and the leaders of this initiative will ONLY run and manage the security start-up pre-accelerator program and fund the development of prototypes/PoCs that will be released as open source. OWASP will provide in-person mentoring in application security to the start-up teams participating to the program and mentoring to help teams to take their ideas into working prototypes/tools. OWASP will also collect data while running this program that will be useful for the documentation of the program manuals as lesson learnt. A the end of the pre-incubation phase, OWASP mentors will also teach the start-ups on how to create business plans and will advise in the technical aspects related to the proposal of new products and services. <br />
<br />
==Initiative Collaboration Effort==<br />
<br />
OWASP will be managing and run this initiative in collaboration with the sponsors. The likely sponsor(s) of this initiative are academic institutions that already have cyber-security curriculum and graduate programs in cyber-security as well as government organisations, corporate sponsors that would like to partner with academic institutions for the creation of cyber-security incubators for start-ups. Examples of these collaboration(s) includes the [http://cyber.bgu.ac.il/research Cyber Labs incubator in Israel], the [https://www.mach37.com Cyber-security start-up accelerators in VA USA] the [http://www.bwtechumbc.com/cyber/ Cyber Incubator@bwtech in MD USA] and the [http://cyberhivesandiego.org/about/about-cyberhive/ CyberHive in CA-USA San Diego]<br />
<br />
==Participation and Sponsorship Appeal==<br />
<br />
Corporate sponsors, academic institutions and government organisations interested in the OWASP cyber-security pre-acceleration initiative can contact the initiative leaders (ref to the leaders info of this page) as well as [https://www.owasp.org/index.php/About_OWASP OWASP foundation board] directly. OWASP has different corporate sponsorship options available and all provide benefits. More information on OWASP corporate sponsorship can be found [https://www.owasp.org/index.php/Corporate_Membership here]<br />
<br />
If you are interested to directly contribute to the Cyber Security Pre Startup Accelerator Initiative please fill in the following [https://docs.google.com/forms/d/1hg3xqM3fHKDda0WshTEC7UTzK4nwcr1j6H79mHXSBoQ/viewform sponsorship form]<br />
| valign="top" style="padding-left:25px;width:200px;border-right: 1px dotted gray;padding-right:25px;" |<br />
<br />
== Presentation Materials ==<br />
<br />
[https://www.owasp.org/images/4/42/OWASP_Security_Pre-Accelerator_Initiative.pdf OWASP Start-up initiative proposal documentation]<br />
<br />
[https://www.owasp.org/images/9/9b/OWASP_Security_Incubator_Presentation.pdf Atrovate proposal to OWASP presentation deck]<br />
<br />
''Note: this initiative proposal is released to OWASP for the purpose of seeking OWASP corporate funding only and should considered propriety of the authors and OWASP and cannot distributed and used for commercial purposes and without consent of the authors''<br />
<br />
== Initiative Leader(s) ==<br />
<br />
[https://www.owasp.org/index.php/User:Neill_Gernon Neill Gernon]<br />
[https://www.owasp.org/index.php/Marco_Morana Marco Morana]<br />
<br />
<br />
== Mailing List ==<br />
<br />
* [https://lists.owasp.org/mailman/listinfo/owasp_cyber_security_pre-accelerator_initiative Mailing List]<br />
<br />
|}<br />
<br />
= News and Events =<br />
<br />
'''Starting point/To date'''<br />
Neill Gernon and Marco Morana have worked up to this point on:<br />
-Startup community engagement> Meetings with London startup hubs including Level39 (Europes largest accelerator space), IDEALondon and universitys like Kings University where Marco spoke about the programme with thier security leaders. Also had meetings inside Google Campus London, Tech Hub and Central Working.<br />
-Programme planning> Designing the programme which has taken inspiration from lean prototyping workshops that Neill Gernon runs in London and Dublin startup clusters. Planning stages also included engaging with owasp staff including Samantha Groves, Kelly Santalucia and GK Southwick to conclude that this should be submitted and structured as an initiative.<br />
-Coordinating owasp meetings: Meetings with owasp chapter leaders including Tobias Gondrom, Justin Clarke and Marco Morana.<br />
<br />
'''Thursday, 24th April - Meeting.'''<br />
Meeting (conference call) between Neill Gernon & Marco Morana concluded the following:<br />
-Speakers/Mentors> <br />
(a) Will will be looking to confirm speakers for the first kick off event (mid May). At this kick off event Neill Gernon & Marco Morana will talk on the programme format and the benifits to participants - this is an overview of the programme and a chance for all interested to come together and connect pre- initiative launch. Also to answer any questions attendees have before beginning. <br />
(b) Will be looking to confirm mentors for the pre-accelerator programme. These mentors will commit to specific calander dates to give team advisory, product validation, people mentorship and guidance through out the initiative.<br />
-Calander> Now we have a chosen starting point (kick off event by the 22nd May in London), we will be outlining the calander timeline of events, workshops and hackathon dates/times. *This initiative schedule will be updated to the wiki soon*<br />
-Sponsor details: Waiting to get confirmation from sponsors on how they wish to support initiative and owasp<br />
-How to continuously update the wiki for future updates and initiative news.<br />
<br />
Kick off event date, sponsor details, speakers and mentor confirmation will be following this meeting.<br />
<br />
<br />
'''Friday 9th May - Update on sponsor signup'''<br />
Created a quick "google form" along with a new presentation to get sponsors signed up to the initiative. Confirmation of dates and venue pending and subject to sponsor commitment due to venue expenses. <br />
Potential sponsors have been two options: <br />
1. join owasp membership and a % goes toward the initiative<br />
2. sponsor initiative direct<br />
Google form found [here> https://docs.google.com/forms/d/1hg3xqM3fHKDda0WshTEC7UTzK4nwcr1j6H79mHXSBoQ/viewform .]<br />
<br />
Additional updates> <br />
1. Wednesday meeting with Marco Moran confirmed to discuss initiative progress, venue, dates and sponsor confirmation.<br />
2. Monday - Meeting with IDEALondon to discuss venue and initiative start dates<br />
3. Monday - Meeting with a London university to propose initiative sponsorship<br />
<br />
<br />
''''Friday 23rd May - Update on sponsor/meeting progress''''<br />
Coordinating venue, sponsor and dates has taking longer than expected but continuing to progress with target engagements.<br />
Continued email discussions with Neill Gernon and Marco Morana on the progress of initiative to this date.<br />
<br />
'''Academic Sponsors/meeting.'''<br />
Securing dates to meet with UCL researchers from the Research Institute in Science of Cybersecurity [http://www.ucl.ac.uk/cybersecurity] for the week of the 2nd of June. Meeting will be Neill Gernon and Marco Morana presenting initiative to Professor M. Angela Sasse [http://sec.cs.ucl.ac.uk/people/m_angela_sasse/] and to Professor David Pym [http://www0.cs.ucl.ac.uk/people/D.Pym.html] as well as other additional professors from the Institute. The goal is to present the initiative as potential r&d research for UCL and as a career route for UCL students to create cyber security startups to drive cyber security innovation. <br />
<br />
'''Securing dates to meet with Royal Holloway'''<br />
Currently coordinating meetings with Royal Holloway with Lorenzo Cavallaro (through Marco Morana) and also to Justin O'Brian (through Samantha Groves) to help us present the initiative to Royal Holloway as an initiative that their students can participate in. <br />
<br />
'''Confirming a round table session at AppSec UK.'''<br />
We are currently confirming a roundtable session to be held at AppSec UK [https://2014.appsec.eu/] in Cambridge to present the initiative to owasp members/sponsors - both academic/corporate. Coordinating this roundtable session with Samantha Groves, Adrian Winckles and Tobias Gondrom which will be held at the AppSec Project Summitt [https://www.owasp.org/index.php/OWASP_Project_Summit_2014/Home] and presented by Neill Gernon on June 23rd/24th at Angelia Ruskin University Cambridge.<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
= Milestones =<br />
<br />
'''Milestones and Goals'''<br />
<br />
The OWASP pre-incubator security start-up project includes the following milestones;<br />
<br />
1) OWASP Security start-up pre-incubator process guide that document the process the WHAT that is a guide that can be followed by a non-profit entity such as OWASP, University, and Government Agency to run a security start-up pre-incubator program. We will document all steps of the process that can be followed to create pre seed funding security start-ups which can be replicated by following this program including<br />
the different stages that lead from opportunity to idea concept to creation of the open source prototype to the start-ups itself. The guide provide guidance on the goals of the various activities such as events, prototyping workshops and hackathons (e.g. goal is to experiment with OWASP open source tools, templates for the development of working prototypes) create and sign legal contract agreements, creation and validation of PoCs Proof of Concepts.<br />
<br />
2) OWASP Security start-up pre-incubator process manual that teaches the HOW that is how to engage with the start-up community locally (start), organize events, workshops, hackathons, mentoring and prepare business plans for participation to security incubators start-ups (end);<br />
<br />
3) OWASP Security start-up pre-incubator wiki site to manage the steps of the startup security pre accelerator process and document the proof of concept prototypes that can go on to be fully incubated start-ups; This wiki site will be created as OWASP pre-accelerator web site and will help it to be taken forward and used by OWASP chapters in different areas/countries.<br />
<br />
4) Documented results of piloting with a start-up pre-incubator real case that includes using the process guide the manual the wiki site to run a real case of pre-incubator program by running it at one of the established start up campuses in London pending on availability and agreements.<br />
<br />
5) OWASP open source working software prototype/PoCof an open source application security software/technology. This prototype/PoC is produced by following theseveral steps of the pre-accelerator security incubator program and is produced by the initiative participants as residents in the pre-accelerator working space and validated by the open source community. The scope of the prototype is to validate a proof of concept of a new idea that makes either web or mobile applications more secure. This prototype is released as open source to the community.<br />
<br />
=How to Get involved=<br />
<br />
Signup to our mailing list, updates coming soon!<br />
Mail list> https://lists.owasp.org/mailman/listinfo/owasp_cyber_security_pre-accelerator_initiative <br />
<br />
__NOTOC__ <headertabs /> <br />
<br />
[[Category:OWASP Global_Initiatives]] <br />
<br />
<br />
<br />
<br />
<br />
<br />
<headertabs/> <br />
__NOTOC__</div>Neill Gernonhttps://wiki.owasp.org/index.php?title=Global_Initiatives/Cyber_Security_Pre-accelerator_Initiative&diff=175721Global Initiatives/Cyber Security Pre-accelerator Initiative2014-05-24T14:31:56Z<p>Neill Gernon: </p>
<hr />
<div>=Main=<br />
<br />
<div style="width:100%;height:160px;border:0,margin:0;overflow: hidden;">[[File:Initiatives_banner_large.jpg|link=]]</div><br />
<br />
{| style="padding: 0;margin:0;margin-top:10px;text-align:left;" |-<br />
| valign="top" style="border-right: 1px dotted gray;padding-right:25px;" |<br />
<br />
==OWASP Cyber Security Startup Initiative==<br />
<br />
This initiative seeks to catalyze opportunities for innovation in application security by promoting the use of open source security tools within the start-up community. The main outcome of this OWASP initiative is the creation of a process that can be used for running a pre-accelerator for security company start-ups (also referred as start-up incubator) by either public or private industry sectors. One of the possible outcome(s) of this initiative is also the creation of security start-ups for a selected number of teams participating to this initiative. <br />
<br />
==Initiative Goals==<br />
<br />
The main goal of the pre-incubator is to create opportunities for entrepreneur-lead teams to transform their ideas of software security tools/services into open source community-validated concepts such as PoCs/prototypes. The pursuit of innovative ideas and the development of these (PoCs) Proof of Concept(s) can leverage OWASP free resources such as open source tools/documents/trainings. The OWASP security incubator will offer to the selected entrepreneur-lead teams a structured place to work to transform their ideas into working prototypes. This will be done with the support of OWASP and OWASP corporate sponsorship(s). Any artifact developed by the start-ups participating into the program including the PoCs and prototypes being developed will be released as open source to the application security community.<br />
<br />
==Initiative Focus ==<br />
<br />
This initiative will focus on the pre-incubator/pre-acceleration phase that is the preliminary phase that leads to the incubation of a possible start-up. This is the phase where talent is nurtured and ideas are developed, tools are validated and tested. The goal of the pre-acceleration phase is to create Proof of Concepts (PoCs) of software security tool prototypes. This phase leads to the next phase that is the acceleration phase. Entrepreneur-lead teams participating to the OWASP pre-acceleration program can possibly use these POCs/prototypes to develop Minimum Viable Product (MVPs) in the acceleration stage. These MVPs might be used to present to Angel investors/VCs to seek funding for the creation of their start-ups using these products.<br />
<br />
==Beneficiaries of this Initiative==<br />
<br />
The OWASP pre-incubator security start-up initiative helps academic institutions, government entities as well as corporate sponsors to create their own cyber-security innovation campus/acceleration for start-up programs. OWASP will provide the tools, the training modules, the documentation guides and help teams to design, to implement and to test secure software. The ideal targets that can benefit from this initiative are young graduates from universities with curriculum in cyber-security interested in experimenting with application security tools to create innovative ways to test and develop secure software. By spearheading the incubation of security start-ups OWASP will also create the opportunity for these young college graduates to experience with software security, develop working prototypes and PoCs and use them to seek a career in software security as well as to become employed in self created security start-up that can leverage these OWASP tools and prototypes for their software security consulting services. By participating to this initiative prospective start-ups will be better positioned to seek funds and seed capital investment from prospective investors/VCs/Angels. Products/MVPs could be presented to prospective investors for funding. These MVPs can be further developed by the start-up based upon the open source software/prototypes/PoWs begin developed and the technical experience gained while participating to the OWASP pre-acceleration security program.<br />
<br />
==Initiative Participation Requirements==<br />
<br />
Participants to the OWASP pre-acceleration security start-up program such as OWASP corporate sponsors and prospective start-up teams are required to respect the open source licenses for the use of OWASP tools and for the prototypes/PoCs being developed. OWASP prototypes/PoCs should be released as open source and subjected to the Creative Commons 3.0 License (see [https://www.owasp.org/index.php/OWASP_Licenses OWASP licenses] for details). <br />
<br />
==The role of OWASP in this Initiative==<br />
<br />
OWASP will provide funding for running of the initiative using OWASP corporate sponsorship. The funding will be used to run the initiative and to provide the logistical aspects of the program that includes providing office space for prospective start-up teams, conduct the "hackatons" to experiment with OWASP tools and resources and organize training sessions with application security mentors. The artefacts produced by the start-ups will also funded by the initiative, this will be released as open source. Another part of the funding will be allocated for documenting the process for running the pre-accelerator for security start-ups. This includes the lesson learned by running the pre-accelerator program that will be documented in manuals and distributed to the sponsors of the initiative (e.g. Academic institutions, corporate sponsors) as well as free to use by the application security community as a whole.<br />
<br />
OWASP is a non for profit organisation and therefore is not involved in any commercialisation aspects of the tools and products/MVPs that will be developed in the future by the start-ups that participated to the pre-acceleration program. OWASP will be involved only in running the start-up incubator program and the funding of OWASP open source projects created by the start-ups that participate to this initiative. OWASP will not invest into the start-ups and will not take any commercial interests in the development of products that the start-up will develop outside this program. This includes also products/MVPs that are used to seek funds such as seed capital for the start-up.<br />
<br />
The OWASP organization, through the global foundation and his local chapters and the leaders of this initiative will ONLY run and manage the security start-up pre-accelerator program and fund the development of prototypes/PoCs that will be released as open source. OWASP will provide in-person mentoring in application security to the start-up teams participating to the program and mentoring to help teams to take their ideas into working prototypes/tools. OWASP will also collect data while running this program that will be useful for the documentation of the program manuals as lesson learnt. A the end of the pre-incubation phase, OWASP mentors will also teach the start-ups on how to create business plans and will advise in the technical aspects related to the proposal of new products and services. <br />
<br />
==Initiative Collaboration Effort==<br />
<br />
OWASP will be managing and run this initiative in collaboration with the sponsors. The likely sponsor(s) of this initiative are academic institutions that already have cyber-security curriculum and graduate programs in cyber-security as well as government organisations, corporate sponsors that would like to partner with academic institutions for the creation of cyber-security incubators for start-ups. Examples of these collaboration(s) includes the [http://cyber.bgu.ac.il/research Cyber Labs incubator in Israel], the [https://www.mach37.com Cyber-security start-up accelerators in VA USA] the [http://www.bwtechumbc.com/cyber/ Cyber Incubator@bwtech in MD USA] and the [http://cyberhivesandiego.org/about/about-cyberhive/ CyberHive in CA-USA San Diego]<br />
<br />
==Participation and Sponsorship Appeal==<br />
<br />
Corporate sponsors, academic institutions and government organisations interested in the OWASP cyber-security pre-acceleration initiative can contact the initiative leaders (ref to the leaders info of this page) as well as [https://www.owasp.org/index.php/About_OWASP OWASP foundation board] directly. OWASP has different corporate sponsorship options available and all provide benefits. More information on OWASP corporate sponsorship can be found [https://www.owasp.org/index.php/Corporate_Membership here]<br />
<br />
If you are interested to directly contribute to the Cyber Security Pre Startup Accelerator Initiative please fill in the following [https://docs.google.com/forms/d/1hg3xqM3fHKDda0WshTEC7UTzK4nwcr1j6H79mHXSBoQ/viewform sponsorship form]<br />
| valign="top" style="padding-left:25px;width:200px;border-right: 1px dotted gray;padding-right:25px;" |<br />
<br />
== Presentation Materials ==<br />
<br />
[https://www.owasp.org/images/4/42/OWASP_Security_Pre-Accelerator_Initiative.pdf OWASP Start-up initiative proposal documentation]<br />
<br />
[https://www.owasp.org/images/9/9b/OWASP_Security_Incubator_Presentation.pdf Atrovate proposal to OWASP presentation deck]<br />
<br />
''Note: this initiative proposal is released to OWASP for the purpose of seeking OWASP corporate funding only and should considered propriety of the authors and OWASP and cannot distributed and used for commercial purposes and without consent of the authors''<br />
<br />
== Initiative Leader(s) ==<br />
<br />
[https://www.owasp.org/index.php/User:Neill_Gernon Neill Gernon]<br />
[https://www.owasp.org/index.php/Marco_Morana Marco Morana]<br />
<br />
<br />
== Mailing List ==<br />
<br />
* [https://lists.owasp.org/mailman/listinfo/owasp_cyber_security_pre-accelerator_initiative Mailing List]<br />
<br />
|}<br />
<br />
= News and Events =<br />
<br />
'''Starting point/To date'''<br />
Neill Gernon and Marco Morana have worked up to this point on:<br />
-Startup community engagement> Meetings with London startup hubs including Level39 (Europes largest accelerator space), IDEALondon and universitys like Kings University where Marco spoke about the programme with thier security leaders. Also had meetings inside Google Campus London, Tech Hub and Central Working.<br />
-Programme planning> Designing the programme which has taken inspiration from lean prototyping workshops that Neill Gernon runs in London and Dublin startup clusters. Planning stages also included engaging with owasp staff including Samantha Groves, Kelly Santalucia and GK Southwick to conclude that this should be submitted and structured as an initiative.<br />
-Coordinating owasp meetings: Meetings with owasp chapter leaders including Tobias Gondrom, Justin Clarke and Marco Morana.<br />
<br />
'''Thursday, 24th April - Meeting.'''<br />
Meeting (conference call) between Neill Gernon & Marco Morana concluded the following:<br />
-Speakers/Mentors> <br />
(a) Will will be looking to confirm speakers for the first kick off event (mid May). At this kick off event Neill Gernon & Marco Morana will talk on the programme format and the benifits to participants - this is an overview of the programme and a chance for all interested to come together and connect pre- initiative launch. Also to answer any questions attendees have before beginning. <br />
(b) Will be looking to confirm mentors for the pre-accelerator programme. These mentors will commit to specific calander dates to give team advisory, product validation, people mentorship and guidance through out the initiative.<br />
-Calander> Now we have a chosen starting point (kick off event by the 22nd May in London), we will be outlining the calander timeline of events, workshops and hackathon dates/times. *This initiative schedule will be updated to the wiki soon*<br />
-Sponsor details: Waiting to get confirmation from sponsors on how they wish to support initiative and owasp<br />
-How to continuously update the wiki for future updates and initiative news.<br />
<br />
Kick off event date, sponsor details, speakers and mentor confirmation will be following this meeting.<br />
<br />
<br />
'''Friday 9th May - Update on sponsor signup'''<br />
Created a quick "google form" along with a new presentation to get sponsors signed up to the initiative. Confirmation of dates and venue pending and subject to sponsor commitment due to venue expenses. <br />
Potential sponsors have been two options: <br />
1. join owasp membership and a % goes toward the initiative<br />
2. sponsor initiative direct<br />
Google form found [here> https://docs.google.com/forms/d/1hg3xqM3fHKDda0WshTEC7UTzK4nwcr1j6H79mHXSBoQ/viewform .]<br />
<br />
Additional updates> <br />
1. Wednesday meeting with Marco Moran confirmed to discuss initiative progress, venue, dates and sponsor confirmation.<br />
2. Monday - Meeting with IDEALondon to discuss venue and initiative start dates<br />
3. Monday - Meeting with a London university to propose initiative sponsorship<br />
<br />
<br />
''''Friday 23rd May - Update on sponsor/meeting progress''''<br />
Coordinating venue, sponsor and dates has taking longer than expected but continuing to progress with target engagements.<br />
Continued email discussions with Neill Gernon and Marco Morana on the progress of initiative to this date.<br />
<br />
'''Academic Sponsors/meeting.'''<br />
Securing dates to meet with UCL researchers from the Research Institute in Science of Cybersecurity [http://www.ucl.ac.uk/cybersecurity] for the week of the 2nd of June. Meeting will be Neill Gernon and Marco Morana presenting initiative to Professor M. Angela Sasse [http://sec.cs.ucl.ac.uk/people/m_angela_sasse/] and to Professor David Pym [http://www0.cs.ucl.ac.uk/people/D.Pym.html] as well as other additional professors from the Institute. The goal is to present the initiative as potential r&d research for UCL and as a career route for UCL students to create cyber security startups to drive cyber security innovation. <br />
<br />
'''Securing dates to meet with Royal Holloway'''<br />
Currently coordinating meetings with Royal Holloway with Lorenzo Cavallaro (through Marco Morana) and also to Justin O'Brian (through Samantha Groves) to help us present the initiative to Royal Holloway as an initiative that their stduents can participate in. <br />
<br />
'''Confirming a round table session at AppSec UK.'''<br />
We are currently confirming a roundtable session to be held at AppSec UK [https://2014.appsec.eu/] in Cambridge to present the initiative to owasp members/sponsors - both academic/corporate. Coordinating this roundtable session with Samantha Groves, Adrian Winckles and Tobias Gondrom which will be held at the ApSec Project Summitt [https://www.owasp.org/index.php/OWASP_Project_Summit_2014/Home] and presented by Neill Gernon on June 23rd/24th at Angelia Ruskin University Cambridge.<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
= Milestones =<br />
<br />
'''Milestones and Goals'''<br />
<br />
The OWASP pre-incubator security start-up project includes the following milestones;<br />
<br />
1) OWASP Security start-up pre-incubator process guide that document the process the WHAT that is a guide that can be followed by a non-profit entity such as OWASP, University, and Government Agency to run a security start-up pre-incubator program. We will document all steps of the process that can be followed to create pre seed funding security start-ups which can be replicated by following this program including<br />
the different stages that lead from opportunity to idea concept to creation of the open source prototype to the start-ups itself. The guide provide guidance on the goals of the various activities such as events, prototyping workshops and hackathons (e.g. goal is to experiment with OWASP open source tools, templates for the development of working prototypes) create and sign legal contract agreements, creation and validation of PoCs Proof of Concepts.<br />
<br />
2) OWASP Security start-up pre-incubator process manual that teaches the HOW that is how to engage with the start-up community locally (start), organize events, workshops, hackathons, mentoring and prepare business plans for participation to security incubators start-ups (end);<br />
<br />
3) OWASP Security start-up pre-incubator wiki site to manage the steps of the startup security pre accelerator process and document the proof of concept prototypes that can go on to be fully incubated start-ups; This wiki site will be created as OWASP pre-accelerator web site and will help it to be taken forward and used by OWASP chapters in different areas/countries.<br />
<br />
4) Documented results of piloting with a start-up pre-incubator real case that includes using the process guide the manual the wiki site to run a real case of pre-incubator program by running it at one of the established start up campuses in London pending on availability and agreements.<br />
<br />
5) OWASP open source working software prototype/PoCof an open source application security software/technology. This prototype/PoC is produced by following theseveral steps of the pre-accelerator security incubator program and is produced by the initiative participants as residents in the pre-accelerator working space and validated by the open source community. The scope of the prototype is to validate a proof of concept of a new idea that makes either web or mobile applications more secure. This prototype is released as open source to the community.<br />
<br />
=How to Get involved=<br />
<br />
Signup to our mailing list, updates coming soon!<br />
Mail list> https://lists.owasp.org/mailman/listinfo/owasp_cyber_security_pre-accelerator_initiative <br />
<br />
__NOTOC__ <headertabs /> <br />
<br />
[[Category:OWASP Global_Initiatives]] <br />
<br />
<br />
<br />
<br />
<br />
<br />
<headertabs/> <br />
__NOTOC__</div>Neill Gernonhttps://wiki.owasp.org/index.php?title=Global_Initiatives/Cyber_Security_Pre-accelerator_Initiative&diff=175720Global Initiatives/Cyber Security Pre-accelerator Initiative2014-05-24T14:31:03Z<p>Neill Gernon: </p>
<hr />
<div>=Main=<br />
<br />
<div style="width:100%;height:160px;border:0,margin:0;overflow: hidden;">[[File:Initiatives_banner_large.jpg|link=]]</div><br />
<br />
{| style="padding: 0;margin:0;margin-top:10px;text-align:left;" |-<br />
| valign="top" style="border-right: 1px dotted gray;padding-right:25px;" |<br />
<br />
==OWASP Cyber Security Startup Initiative==<br />
<br />
This initiative seeks to catalyze opportunities for innovation in application security by promoting the use of open source security tools within the start-up community. The main outcome of this OWASP initiative is the creation of a process that can be used for running a pre-accelerator for security company start-ups (also referred as start-up incubator) by either public or private industry sectors. One of the possible outcome(s) of this initiative is also the creation of security start-ups for a selected number of teams participating to this initiative. <br />
<br />
==Initiative Goals==<br />
<br />
The main goal of the pre-incubator is to create opportunities for entrepreneur-lead teams to transform their ideas of software security tools/services into open source community-validated concepts such as PoCs/prototypes. The pursuit of innovative ideas and the development of these (PoCs) Proof of Concept(s) can leverage OWASP free resources such as open source tools/documents/trainings. The OWASP security incubator will offer to the selected entrepreneur-lead teams a structured place to work to transform their ideas into working prototypes. This will be done with the support of OWASP and OWASP corporate sponsorship(s). Any artifact developed by the start-ups participating into the program including the PoCs and prototypes being developed will be released as open source to the application security community.<br />
<br />
==Initiative Focus ==<br />
<br />
This initiative will focus on the pre-incubator/pre-acceleration phase that is the preliminary phase that leads to the incubation of a possible start-up. This is the phase where talent is nurtured and ideas are developed, tools are validated and tested. The goal of the pre-acceleration phase is to create Proof of Concepts (PoCs) of software security tool prototypes. This phase leads to the next phase that is the acceleration phase. Entrepreneur-lead teams participating to the OWASP pre-acceleration program can possibly use these POCs/prototypes to develop Minimum Viable Product (MVPs) in the acceleration stage. These MVPs might be used to present to Angel investors/VCs to seek funding for the creation of their start-ups using these products.<br />
<br />
==Beneficiaries of this Initiative==<br />
<br />
The OWASP pre-incubator security start-up initiative helps academic institutions, government entities as well as corporate sponsors to create their own cyber-security innovation campus/acceleration for start-up programs. OWASP will provide the tools, the training modules, the documentation guides and help teams to design, to implement and to test secure software. The ideal targets that can benefit from this initiative are young graduates from universities with curriculum in cyber-security interested in experimenting with application security tools to create innovative ways to test and develop secure software. By spearheading the incubation of security start-ups OWASP will also create the opportunity for these young college graduates to experience with software security, develop working prototypes and PoCs and use them to seek a career in software security as well as to become employed in self created security start-up that can leverage these OWASP tools and prototypes for their software security consulting services. By participating to this initiative prospective start-ups will be better positioned to seek funds and seed capital investment from prospective investors/VCs/Angels. Products/MVPs could be presented to prospective investors for funding. These MVPs can be further developed by the start-up based upon the open source software/prototypes/PoWs begin developed and the technical experience gained while participating to the OWASP pre-acceleration security program.<br />
<br />
==Initiative Participation Requirements==<br />
<br />
Participants to the OWASP pre-acceleration security start-up program such as OWASP corporate sponsors and prospective start-up teams are required to respect the open source licenses for the use of OWASP tools and for the prototypes/PoCs being developed. OWASP prototypes/PoCs should be released as open source and subjected to the Creative Commons 3.0 License (see [https://www.owasp.org/index.php/OWASP_Licenses OWASP licenses] for details). <br />
<br />
==The role of OWASP in this Initiative==<br />
<br />
OWASP will provide funding for running of the initiative using OWASP corporate sponsorship. The funding will be used to run the initiative and to provide the logistical aspects of the program that includes providing office space for prospective start-up teams, conduct the "hackatons" to experiment with OWASP tools and resources and organize training sessions with application security mentors. The artefacts produced by the start-ups will also funded by the initiative, this will be released as open source. Another part of the funding will be allocated for documenting the process for running the pre-accelerator for security start-ups. This includes the lesson learned by running the pre-accelerator program that will be documented in manuals and distributed to the sponsors of the initiative (e.g. Academic institutions, corporate sponsors) as well as free to use by the application security community as a whole.<br />
<br />
OWASP is a non for profit organisation and therefore is not involved in any commercialisation aspects of the tools and products/MVPs that will be developed in the future by the start-ups that participated to the pre-acceleration program. OWASP will be involved only in running the start-up incubator program and the funding of OWASP open source projects created by the start-ups that participate to this initiative. OWASP will not invest into the start-ups and will not take any commercial interests in the development of products that the start-up will develop outside this program. This includes also products/MVPs that are used to seek funds such as seed capital for the start-up.<br />
<br />
The OWASP organization, through the global foundation and his local chapters and the leaders of this initiative will ONLY run and manage the security start-up pre-accelerator program and fund the development of prototypes/PoCs that will be released as open source. OWASP will provide in-person mentoring in application security to the start-up teams participating to the program and mentoring to help teams to take their ideas into working prototypes/tools. OWASP will also collect data while running this program that will be useful for the documentation of the program manuals as lesson learnt. A the end of the pre-incubation phase, OWASP mentors will also teach the start-ups on how to create business plans and will advise in the technical aspects related to the proposal of new products and services. <br />
<br />
==Initiative Collaboration Effort==<br />
<br />
OWASP will be managing and run this initiative in collaboration with the sponsors. The likely sponsor(s) of this initiative are academic institutions that already have cyber-security curriculum and graduate programs in cyber-security as well as government organisations, corporate sponsors that would like to partner with academic institutions for the creation of cyber-security incubators for start-ups. Examples of these collaboration(s) includes the [http://cyber.bgu.ac.il/research Cyber Labs incubator in Israel], the [https://www.mach37.com Cyber-security start-up accelerators in VA USA] the [http://www.bwtechumbc.com/cyber/ Cyber Incubator@bwtech in MD USA] and the [http://cyberhivesandiego.org/about/about-cyberhive/ CyberHive in CA-USA San Diego]<br />
<br />
==Participation and Sponsorship Appeal==<br />
<br />
Corporate sponsors, academic institutions and government organisations interested in the OWASP cyber-security pre-acceleration initiative can contact the initiative leaders (ref to the leaders info of this page) as well as [https://www.owasp.org/index.php/About_OWASP OWASP foundation board] directly. OWASP has different corporate sponsorship options available and all provide benefits. More information on OWASP corporate sponsorship can be found [https://www.owasp.org/index.php/Corporate_Membership here]<br />
<br />
If you are interested to directly contribute to the Cyber Security Pre Startup Accelerator Initiative please fill in the following [https://docs.google.com/forms/d/1hg3xqM3fHKDda0WshTEC7UTzK4nwcr1j6H79mHXSBoQ/viewform sponsorship form]<br />
| valign="top" style="padding-left:25px;width:200px;border-right: 1px dotted gray;padding-right:25px;" |<br />
<br />
== Presentation Materials ==<br />
<br />
[https://www.owasp.org/images/4/42/OWASP_Security_Pre-Accelerator_Initiative.pdf OWASP Start-up initiative proposal documentation]<br />
<br />
[https://www.owasp.org/images/9/9b/OWASP_Security_Incubator_Presentation.pdf Atrovate proposal to OWASP presentation deck]<br />
<br />
''Note: this initiative proposal is released to OWASP for the purpose of seeking OWASP corporate funding only and should considered propriety of the authors and OWASP and cannot distributed and used for commercial purposes and without consent of the authors''<br />
<br />
== Initiative Leader(s) ==<br />
<br />
[https://www.owasp.org/index.php/User:Neill_Gernon Neill Gernon]<br />
[https://www.owasp.org/index.php/Marco_Morana Marco Morana]<br />
<br />
<br />
== Mailing List ==<br />
<br />
* [https://lists.owasp.org/mailman/listinfo/owasp_cyber_security_pre-accelerator_initiative Mailing List]<br />
<br />
|}<br />
<br />
= News and Events =<br />
<br />
'''Starting point/To date'''<br />
Neill Gernon and Marco Morana have worked up to this point on:<br />
-Startup community engagement> Meetings with London startup hubs including Level39 (Europes largest accelerator space), IDEALondon and universitys like Kings University where Marco spoke about the programme with thier security leaders. Also had meetings inside Google Campus London, Tech Hub and Central Working.<br />
-Programme planning> Designing the programme which has taken inspiration from lean prototyping workshops that Neill Gernon runs in London and Dublin startup clusters. Planning stages also included engaging with owasp staff including Samantha Groves, Kelly Santalucia and GK Southwick to conclude that this should be submitted and structured as an initiative.<br />
-Coordinating owasp meetings: Meetings with owasp chapter leaders including Tobias Gondrom, Justin Clarke and Marco Morana.<br />
<br />
'''Thursday, 24th April - Meeting.'''<br />
Meeting (conference call) between Neill Gernon & Marco Morana concluded the following:<br />
-Speakers/Mentors> <br />
(a) Will will be looking to confirm speakers for the first kick off event (mid May). At this kick off event Neill Gernon & Marco Morana will talk on the programme format and the benifits to participants - this is an overview of the programme and a chance for all interested to come together and connect pre- initiative launch. Also to answer any questions attendees have before beginning. <br />
(b) Will be looking to confirm mentors for the pre-accelerator programme. These mentors will commit to specific calander dates to give team advisory, product validation, people mentorship and guidance through out the initiative.<br />
-Calander> Now we have a chosen starting point (kick off event by the 22nd May in London), we will be outlining the calander timeline of events, workshops and hackathon dates/times. *This initiative schedule will be updated to the wiki soon*<br />
-Sponsor details: Waiting to get confirmation from sponsors on how they wish to support initiative and owasp<br />
-How to continuously update the wiki for future updates and initiative news.<br />
<br />
Kick off event date, sponsor details, speakers and mentor confirmation will be following this meeting.<br />
<br />
<br />
'''Friday 9th May - Update on sponsor signup'''<br />
Created a quick "google form" along with a new presentation to get sponsors signed up to the initiative. Confirmation of dates and venue pending and subject to sponsor commitment due to venue expenses. <br />
Potential sponsors have been two options: <br />
1. join owasp membership and a % goes toward the initiative<br />
2. sponsor initiative direct<br />
Google form found [here> https://docs.google.com/forms/d/1hg3xqM3fHKDda0WshTEC7UTzK4nwcr1j6H79mHXSBoQ/viewform .]<br />
<br />
Additional updates> <br />
1. Wednesday meeting with Marco Moran confirmed to discuss initiative progress, venue, dates and sponsor confirmation.<br />
2. Monday - Meeting with IDEALondon to discuss venue and initiative start dates<br />
3. Monday - Meeting with a London university to propose initiative sponsorship<br />
<br />
''''Friday 23rd May - Update on sponsor/meeting progress''''<br />
Coordinating venue, sponsor and dates has taking longer than expected but continuing to progress with target engagements.<br />
Continued email discussions with Neill Gernon and Marco Morana on the progress of initiative to this date.<br />
<br />
'''Academic Sponsors/meeting.'''<br />
Securing dates to meet with UCL researchers from the Research Institute in Science of Cybersecurity [http://www.ucl.ac.uk/cybersecurity] for the week of the 2nd of June. Meeting will be Neill Gernon and Marco Morana presenting initiative to Professor M. Angela Sasse [http://sec.cs.ucl.ac.uk/people/m_angela_sasse/] and to Professor David Pym [http://www0.cs.ucl.ac.uk/people/D.Pym.html] as well as other additional professors from the Institute. The goal is to present the initiative as potential r&d research for UCL and as a career route for UCL students to create cyber security startups to drive cyber security innovation. <br />
<br />
'''Securing dates to meet with Royal Holloway'''<br />
Currently coordinating meetings with Royal Holloway with Lorenzo Cavallaro (through Marco Morana) and also to Justin O'Brian (through Samantha Groves) to help us present the initiative to Royal Holloway as an initiative that their stduents can participate in. <br />
<br />
'''Confirming a round table session at AppSec UK.'''<br />
We are currently confirming a roundtable session to be held at AppSec UK [https://2014.appsec.eu/] in Cambridge to present the initiative to owasp members/sponsors - both academic/corporate. Coordinating this roundtable session with Samantha Groves, Adrian Winckles and Tobias Gondrom which will be held at the ApSec Project Summitt [https://www.owasp.org/index.php/OWASP_Project_Summit_2014/Home] and presented by Neill Gernon on June 23rd/24th at Angelia Ruskin University Cambridge.<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
= Milestones =<br />
<br />
'''Milestones and Goals'''<br />
<br />
The OWASP pre-incubator security start-up project includes the following milestones;<br />
<br />
1) OWASP Security start-up pre-incubator process guide that document the process the WHAT that is a guide that can be followed by a non-profit entity such as OWASP, University, and Government Agency to run a security start-up pre-incubator program. We will document all steps of the process that can be followed to create pre seed funding security start-ups which can be replicated by following this program including<br />
the different stages that lead from opportunity to idea concept to creation of the open source prototype to the start-ups itself. The guide provide guidance on the goals of the various activities such as events, prototyping workshops and hackathons (e.g. goal is to experiment with OWASP open source tools, templates for the development of working prototypes) create and sign legal contract agreements, creation and validation of PoCs Proof of Concepts.<br />
<br />
2) OWASP Security start-up pre-incubator process manual that teaches the HOW that is how to engage with the start-up community locally (start), organize events, workshops, hackathons, mentoring and prepare business plans for participation to security incubators start-ups (end);<br />
<br />
3) OWASP Security start-up pre-incubator wiki site to manage the steps of the startup security pre accelerator process and document the proof of concept prototypes that can go on to be fully incubated start-ups; This wiki site will be created as OWASP pre-accelerator web site and will help it to be taken forward and used by OWASP chapters in different areas/countries.<br />
<br />
4) Documented results of piloting with a start-up pre-incubator real case that includes using the process guide the manual the wiki site to run a real case of pre-incubator program by running it at one of the established start up campuses in London pending on availability and agreements.<br />
<br />
5) OWASP open source working software prototype/PoCof an open source application security software/technology. This prototype/PoC is produced by following theseveral steps of the pre-accelerator security incubator program and is produced by the initiative participants as residents in the pre-accelerator working space and validated by the open source community. The scope of the prototype is to validate a proof of concept of a new idea that makes either web or mobile applications more secure. This prototype is released as open source to the community.<br />
<br />
=How to Get involved=<br />
<br />
Signup to our mailing list, updates coming soon!<br />
Mail list> https://lists.owasp.org/mailman/listinfo/owasp_cyber_security_pre-accelerator_initiative <br />
<br />
__NOTOC__ <headertabs /> <br />
<br />
[[Category:OWASP Global_Initiatives]] <br />
<br />
<br />
<br />
<br />
<br />
<br />
<headertabs/> <br />
__NOTOC__</div>Neill Gernonhttps://wiki.owasp.org/index.php?title=User:Neill_Gernon&diff=175641User:Neill Gernon2014-05-23T13:39:33Z<p>Neill Gernon: </p>
<hr />
<div>Neill is a business innovation and growth strategist with a background in enterprise business development. He has spent the last number of yeas in London and Dublin startup clusters working and advising startups on growth/business model strategy and has been invited to mentor/talk with entrepreneurs at university startup incubators like the launchbox accelerator [http://launchbox.ie/] located in Trinity College Dublin. While in Dublin Neill set up the Ireland version of the international startup community growth event Silicon drinkabout Dublin [http://silicondrinkabout.com/dublin].<br />
<br />
Neill is focused on introducing more structured experimentation to product development, portfolio and innovation strategy in corporates and to early stage startup entrepreneurs. He co-designed the methodology of lean prototyping [http://neillgernon.wordpress.com/2014/02/27/what-is-lean-prototyping/] which he now teaches and facilitates in workshops through HustleHack.com [http://www.hustlehack.com/].<br />
<br />
Currently founder of digital innovation business Atrovate [http://www.atrovate.com/] Neill is passionate for cyber security to be viewed upon as an innovation priority Vs a competitive advantage or portfolio luxury. Along with Marco Morana [https://www.owasp.org/index.php/Marco_Morana] Neill is leading the Global Cyber Security Startup Initiative [https://www.owasp.org/index.php/Global_Initiatives/Cyber_Security_Pre-accelerator_Initiative] with Owasp.</div>Neill Gernonhttps://wiki.owasp.org/index.php?title=User:Neill_Gernon&diff=175640User:Neill Gernon2014-05-23T13:23:47Z<p>Neill Gernon: </p>
<hr />
<div>Neill is a business innovation and growth strategist with a background in enterprise business development. He has spent the last 3 years in London and Dublin startup clusters working and advising startups on growth/business model strategy and has been invited to mentor/talk with entrepreneurs at university startup incubators like the launchbox accelerator [http://launchbox.ie/] located in Trinity College Dublin. While in Dublin Neill set up the Ireland version of the international startup community growth event Silicon drinkabout Dublin [http://silicondrinkabout.com/dublin].<br />
<br />
Neill is focused on introducing more structured experimentation to product development, portfolio and innovation strategy in corporates and to early stage startup entrepreneurs. He co-designed the methodology of lean prototyping [http://neillgernon.wordpress.com/2014/02/27/what-is-lean-prototyping/] which he now teaches and facilitates in workshops through HustleHack.com [http://www.hustlehack.com/].<br />
<br />
Currently founder of digital innovation business Atrovate [http://www.atrovate.com/] Neill is passionate for cyber security to be viewed upon as an innovation priority Vs a competitive advantage or portfolio luxury. Along with Marco Morana [https://www.owasp.org/index.php/Marco_Morana] Neill is leading the Global Cyber Security Startup Initiative [https://www.owasp.org/index.php/Global_Initiatives/Cyber_Security_Pre-accelerator_Initiative] with Owasp.</div>Neill Gernonhttps://wiki.owasp.org/index.php?title=User:Neill_Gernon&diff=175639User:Neill Gernon2014-05-23T12:19:22Z<p>Neill Gernon: </p>
<hr />
<div>Neill is a business innovation and growth strategist with a background in enterprise business development. He has spent the last 3 years in London and Dublin startup clusters working and advising startups on growth/business model strategy and has been invited to mentor/talk with entrepreneurs at university startup incubators like the launchbox accelerator [http://launchbox.ie/] located in Trinity College Dublin. While in Dublin Neill set up the Ireland version of the international startup community growth event Silicon drinkabout Dublin [http://silicondrinkabout.com/dublin].<br />
<br />
Neill is passionate about bringing more structured experimentation to product development, portfolio and innovation strategy in corporates and to early stage startup entrepreneurs. He co-designed the methodology of lean prototyping [http://neillgernon.wordpress.com/2014/02/27/what-is-lean-prototyping/] which he now teaches and facilitates in workshops through HustleHack.com [http://www.hustlehack.com/].<br />
<br />
Currently founder of digital innovation business Atrovate [http://www.atrovate.com/] Neill is passionate for cyber security to be viewed upon as an innovation priority Vs a competitive advantage or portfolio luxury. Along with Marco Morana [https://www.owasp.org/index.php/Marco_Morana] Neill is leading the Global Cyber Security Startup Initiative [https://www.owasp.org/index.php/Global_Initiatives/Cyber_Security_Pre-accelerator_Initiative] with Owasp.</div>Neill Gernonhttps://wiki.owasp.org/index.php?title=User:Neill_Gernon&diff=175638User:Neill Gernon2014-05-23T12:15:12Z<p>Neill Gernon: </p>
<hr />
<div>Neill is a business innovation and growth strategist with a background in enterprise business development. He has spent the last 3 years in London and Dublin startup clusters working and advising startups on growth/business model strategy and has been invited to mentor/talk with entrepreneurs at university startup incubators like the launchbox accelerator [http://launchbox.ie/] located in Trinity College Dublin. While in Dublin Neill set up the Ireland version of the international startup community growth event Silicon drinkabout Dublin [http://silicondrinkabout.com/dublin].<br />
<br />
Neill is passionate about bringing more structured experimentation to product development, portfolio and innovation strategy in corporates and to early stage startup entrepreneurs. He co-designed the methodology of lean prototyping [http://neillgernon.wordpress.com/2014/02/27/what-is-lean-prototyping/] which he now teaches and facilitates in workshops through HustleHack.com [http://www.hustlehack.com/].<br />
<br />
Currently founder of digital innovation business Atrovate [http://www.atrovate.com/] and leading the Cyber Security Startup Global Initiative [https://www.owasp.org/index.php/Global_Initiatives/Cyber_Security_Pre-accelerator_Initiative] with Owasp.</div>Neill Gernonhttps://wiki.owasp.org/index.php?title=User:Neill_Gernon&diff=175637User:Neill Gernon2014-05-23T12:14:16Z<p>Neill Gernon: </p>
<hr />
<div>Neill is a business innovation and growth strategist with a background in enterprise business development. He has spent the last 3 years in London and Dublin startup clusters working and advising startups on growth/business model strategy and has been invited to mentor/talk with entrepreneurs at university startup incubators like the [launchbox accelerator] [http://launchbox.ie/] located in Trinity College Dublin. While in Dublin Neill set up the Ireland version of the international startup community growth event Silicon drinkabout Dublin [http://silicondrinkabout.com/dublin].<br />
<br />
Neill is passionate about bringing more structured experimentation to product development, portfolio and innovation strategy in corporates and to early stage startup entrepreneurs. He co-designed the methodology of lean prototyping [http://neillgernon.wordpress.com/2014/02/27/what-is-lean-prototyping/] which he now teaches and facilitates in workshops through HustleHack.com [http://www.hustlehack.com/].<br />
<br />
Currently founder of digital innovation business Atrovate [http://www.atrovate.com/] and leading the Cyber Security Startup Global Initiative [https://www.owasp.org/index.php/Global_Initiatives/Cyber_Security_Pre-accelerator_Initiative] with Owasp.</div>Neill Gernonhttps://wiki.owasp.org/index.php?title=User:Neill_Gernon&diff=175636User:Neill Gernon2014-05-23T12:13:37Z<p>Neill Gernon: </p>
<hr />
<div>Neill is a business innovation and growth strategist with a background in enterprise business development. He has spent the last 3 years in London and Dublin startup clusters working and advising startups on growth/business model strategy and has been invited to mentor/talk with entrepreneurs at university startup incubators like the [launchbox accelerator http://launchbox.ie/] located in Trinity College Dublin. While in Dublin Neill set up the Ireland version of the international startup community growth event Silicon drinkabout Dublin [http://silicondrinkabout.com/dublin].<br />
<br />
Neill is passionate about bringing more structured experimentation to product development, portfolio and innovation strategy in corporates and to early stage startup entrepreneurs. He co-designed the methodology of lean prototyping [http://neillgernon.wordpress.com/2014/02/27/what-is-lean-prototyping/] which he now teaches and facilitates in workshops through HustleHack.com [http://www.hustlehack.com/].<br />
<br />
Currently founder of digital innovation business Atrovate [http://www.atrovate.com/] and leading the Cyber Security Startup Global Initiative [https://www.owasp.org/index.php/Global_Initiatives/Cyber_Security_Pre-accelerator_Initiative] with Owasp.</div>Neill Gernonhttps://wiki.owasp.org/index.php?title=Global_Initiatives/Cyber_Security_Pre-accelerator_Initiative&diff=175635Global Initiatives/Cyber Security Pre-accelerator Initiative2014-05-23T12:12:57Z<p>Neill Gernon: </p>
<hr />
<div>=Main=<br />
<br />
<div style="width:100%;height:160px;border:0,margin:0;overflow: hidden;">[[File:Initiatives_banner_large.jpg|link=]]</div><br />
<br />
{| style="padding: 0;margin:0;margin-top:10px;text-align:left;" |-<br />
| valign="top" style="border-right: 1px dotted gray;padding-right:25px;" |<br />
<br />
==OWASP Cyber Security Startup Initiative==<br />
<br />
This initiative seeks to catalyse innovation in application security by promoting the use of open source such as OWASP testing tools, technical documentation, training modules within the start-up community in the context of incubation of a possible startup and in a roadmap for the creation of possible application security start-ups.<br />
<br />
The main outcome of this initiative is the creation of documentation manuals for running an incubator/acceleration program for security start-ups and collect useful data from the experience of running a pilot of a security incubator program. The intended target of this material are non-profit academic institutions, government entities that seek to invest in the creation of a security start-up incubator program (also referred as company accelerator, innovation campus).<br />
<br />
This initiative will focus on the pre-incubator/pre-acceleration phase that is the preliminary phase that leads to incubation of a possible startup. This is the phase where talent is nurtured and ideas are developed, tools are validated and tested. This phase leads to the next phase that is the acceleration phase. The goal of the acceleration phase is to create Proof of Concepts (PoCs) of software security tool prototypes. Entrapenuer-lead teams participating to the OWASP pre-acceleration program can possibly use these POCs/prototypes to develop Minimum Viable Product (MVPs). These MVPs might be used to present to Angel investors/VCs to seek funding for the creation of their start ups using these products. <br />
<br />
==Initiative Goals==<br />
<br />
The goal of the pre-incubator is to create opportunities for entrapeneur-lead teams to transform their ideas of software security tools/services into open source community-validated concepts such as PoCs/prototypes. The pursuit of innovative ideas and the development of these PoCs Proof of Concept leverages the use of OWASP free resources such as open source tools/documents/trainings. The OWASP security incubator will offer to selected entrepeneur-lead teams a structured place to work to pre-incubate their ideas into working prototypes using OWASP funds and backing of OWASP corporate sponsorship. These PoCs developed will be released as OWASP open source and released to the community to be use as a free resource and not for commercial use.<br />
<br />
==Participation and Sponsorship Appeal==<br />
<br />
Interested corporate sponsors, academic institutions and government organisations can contact OWASP to become a sponsor of the Cyber Security Pre Startup Accelerator Initiative by filling in the following [https://docs.google.com/forms/d/1hg3xqM3fHKDda0WshTEC7UTzK4nwcr1j6H79mHXSBoQ/viewform sponsorship form]<br />
<br />
==Benefits for Sponsors of this Initiative==<br />
<br />
The OWASP pre-incubator security start-up project empowers academic institutions, government entities as well as corporate sponsors to promote the creation of application security tools, foster education in application and software security among students as well as early graduated software security teams interested in experimenting with OWASP open source tools and entrepeneur-lead teams seeking to create software security start-ups. By spearheading the incubation of security start-ups OWASP will create the opportunity for software developers, software and application security testers and consultants to become self-sufficient in supporting the further development of software and services as a security start-up. These security start-ups will have the opportunity to leverage OWASP tools for their security consulting services, application security training and secure software development services. The possible investment that the start-up might obtain from investors might be used to fund the creation of a consulting services start-up company that plan to use open source tools including OWASP tools as well as for the creation of a software security technology focused company. These software security start-ups might invest money and resources for the creation of MVPs to be presented to prospective investors for funding. These MVPs can be developed based upon the experience gained participating to the OWASP pre-acceleration security program and the lessons learnt by developing the software/prototypes/PoWs within the pre-acceleration program.<br />
<br />
== For Non-Profit use Limitations and Open Source Licensing Requirements==<br />
<br />
Participants to the OWASP pre-acceleration security start-up program have a legal requirement to respect the open source licenses for the OWASP tools, and prototypes being developed such as the Creative Commons 3.0 License (see OWASP:Copyrights for details). These licensing agreement legally bind the start up in the respect of these license agreements when OWASP open source tools are used for commercial consulting services as well as when are integrated as part of their commercial tools/products.<br />
<br />
OWASP won’t be involved in the creation and commercialisation aspects of the tools that can be further be developed by the cerated start-ups that participated to the program. OWASP will be involved only in the mentoring and funding support of the activities of the pre-accelerator program and in the funding of OWASP open source projects. These OWASP projects can be lead by prospective entrepreneur-lead teams that are enrolled in the pre-incubator start-up program. <br />
<br />
The OWASP organisation, through his local chapters will run and manage the security start-up pre-accelerator program ONLY, seek to provide in-person mentoring in application security to the teams participating to the program and provide mentoring to help teams to take their ideas into working prototypes/tools. During the pre-incubation phase, OWASP might also mentor the start-ups in the creation of the business plans and advise in the technical aspects related to the investment sought for the development of MVPs. OWASP won't participate in the start-up since OWASP is a non-profit organisation and won't take any commercial interests in the development of MVPs or be part as organisation in the business plan/proposal of the start-up.<br />
<br />
| valign="top" style="padding-left:25px;width:200px;border-right: 1px dotted gray;padding-right:25px;" |<br />
<br />
<br />
== Presentation Materials ==<br />
<br />
[https://www.owasp.org/images/4/42/OWASP_Security_Pre-Accelerator_Initiative.pdf OWASP Start-up initiative proposal documentation]<br />
<br />
[https://www.owasp.org/images/9/9b/OWASP_Security_Incubator_Presentation.pdf Atrovate proposal to OWASP presentation deck]<br />
<br />
''Note: this initiative proposal is released to OWASP for the purpose of seeking OWASP corporate funding only and should considered propriety of the authors and OWASP and cannot distributed and used for commercial purposes and without consent of the authors''<br />
<br />
== Initiative Leader(s) ==<br />
<br />
[https://www.owasp.org/index.php/User:Neill_Gernon Neill Gernon]<br />
[https://www.owasp.org/index.php/Marco_Morana Marco Morana]<br />
<br />
<br />
== Mailing List ==<br />
<br />
* [https://lists.owasp.org/mailman/listinfo/owasp_cyber_security_pre-accelerator_initiative Mailing List]<br />
<br />
|}<br />
<br />
= News and Events =<br />
<br />
'''Starting point/To date'''<br />
Neill Gernon and Marco Morana have worked up to this point on:<br />
-Startup community engagement> Meetings with London startup hubs including Level39 (Europes largest accelerator space), IDEALondon and universitys like Kings University where Marco spoke about the programme with thier security leaders. Also had meetings inside Google Campus London, Tech Hub and Central Working.<br />
-Programme planning> Designing the programme which has taken inspiration from lean prototyping workshops that Neill Gernon runs in London and Dublin startup clusters. Planning stages also included engaging with owasp staff including Samantha Groves, Kelly Santalucia and GK Southwick to conclude that this should be submitted and structured as an initiative.<br />
-Coordinating owasp meetings: Meetings with owasp chapter leaders including Tobias Gondrom, Justin Clarke and Marco Morana.<br />
<br />
'''Thursday, 24th April - Meeting.'''<br />
Meeting (conference call) between Neill Gernon & Marco Morana concluded the following:<br />
-Speakers/Mentors> <br />
(a) Will will be looking to confirm speakers for the first kick off event (mid May). At this kick off event Neill Gernon & Marco Morana will talk on the programme format and the benifits to participants - this is an overview of the programme and a chance for all interested to come together and connect pre- initiative launch. Also to answer any questions attendees have before beginning. <br />
(b) Will be looking to confirm mentors for the pre-accelerator programme. These mentors will commit to specific calander dates to give team advisory, product validation, people mentorship and guidance through out the initiative.<br />
-Calander> Now we have a chosen starting point (kick off event by the 22nd May in London), we will be outlining the calander timeline of events, workshops and hackathon dates/times. *This initiative schedule will be updated to the wiki soon*<br />
-Sponsor details: Waiting to get confirmation from sponsors on how they wish to support initiative and owasp<br />
-How to continuously update the wiki for future updates and initiative news.<br />
<br />
Kick off event date, sponsor details, speakers and mentor confirmation will be following this meeting.<br />
<br />
<br />
'''Friday 9th May - Update on sponsor signup'''<br />
Created a quick "google form" along with a new presentation to get sponsors signed up to the initiative. Confirmation of dates and venue pending and subject to sponsor commitment due to venue expenses. <br />
Potential sponsors have been two options: <br />
1. join owasp membership and a % goes toward the initiative<br />
2. sponsor initiative direct<br />
Google form found [here> https://docs.google.com/forms/d/1hg3xqM3fHKDda0WshTEC7UTzK4nwcr1j6H79mHXSBoQ/viewform .]<br />
<br />
Additional updates> <br />
1. Wednesday meeting with Marco Moran confirmed to discuss initiative progress, venue, dates and sponsor confirmation.<br />
2. Monday - Meeting with IDEALondon to discuss venue and initiative start dates<br />
3. Monday - Meeting with a London university to propose initiative sponsorship<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
= Milestones =<br />
<br />
'''Milestones and Goals'''<br />
<br />
The OWASP pre-incubator security start-up project includes the following milestones;<br />
<br />
1) OWASP Security start-up pre-incubator process guide that document the process the WHAT that is a guide that can be followed by a non-profit entity such as OWASP, University, and Government Agency to run a security start-up pre-incubator program. We will document all steps of the process that can be followed to create pre seed funding security start-ups which can be replicated by following this program including<br />
the different stages that lead from opportunity to idea concept to creation of the open source prototype to the start-ups itself. The guide provide guidance on the goals of the various activities such as events, prototyping workshops and hackathons (e.g. goal is to experiment with OWASP open source tools, templates for the development of working prototypes) create and sign legal contract agreements, creation and validation of PoCs Proof of Concepts.<br />
<br />
2) OWASP Security start-up pre-incubator process manual that teaches the HOW that is how to engage with the start-up community locally (start), organize events, workshops, hackathons, mentoring and prepare business plans for participation to security incubators start-ups (end);<br />
<br />
3) OWASP Security start-up pre-incubator wiki site to manage the steps of the startup security pre accelerator process and document the proof of concept prototypes that can go on to be fully incubated start-ups; This wiki site will be created as OWASP pre-accelerator web site and will help it to be taken forward and used by OWASP chapters in different areas/countries.<br />
<br />
4) Documented results of piloting with a start-up pre-incubator real case that includes using the process guide the manual the wiki site to run a real case of pre-incubator program by running it at one of the established start up campuses in London pending on availability and agreements.<br />
<br />
5) OWASP open source working software prototype/PoCof an open source application security software/technology. This prototype/PoC is produced by following theseveral steps of the pre-accelerator security incubator program and is produced by the initiative participants as residents in the pre-accelerator working space and validated by the open source community. The scope of the prototype is to validate a proof of concept of a new idea that makes either web or mobile applications more secure. This prototype is released as open source to the community.<br />
<br />
=How to Get involved=<br />
<br />
Signup to our mailing list, updates coming soon!<br />
Mail list> https://lists.owasp.org/mailman/listinfo/owasp_cyber_security_pre-accelerator_initiative <br />
<br />
__NOTOC__ <headertabs /> <br />
<br />
[[Category:OWASP Global_Initiatives]] <br />
<br />
<br />
<br />
<br />
<br />
<br />
<headertabs/> <br />
__NOTOC__</div>Neill Gernonhttps://wiki.owasp.org/index.php?title=Global_Initiatives/Cyber_Security_Pre-accelerator_Initiative&diff=175634Global Initiatives/Cyber Security Pre-accelerator Initiative2014-05-23T12:11:40Z<p>Neill Gernon: </p>
<hr />
<div>=Main=<br />
<br />
<div style="width:100%;height:160px;border:0,margin:0;overflow: hidden;">[[File:Initiatives_banner_large.jpg|link=]]</div><br />
<br />
{| style="padding: 0;margin:0;margin-top:10px;text-align:left;" |-<br />
| valign="top" style="border-right: 1px dotted gray;padding-right:25px;" |<br />
<br />
==OWASP Cyber Security Startup Initiative==<br />
<br />
This initiative seeks to catalyse innovation in application security by promoting the use of open source such as OWASP testing tools, technical documentation, training modules within the start-up community in the context of incubation of a possible startup and in a roadmap for the creation of possible application security start-ups.<br />
<br />
The main outcome of this initiative is the creation of documentation manuals for running an incubator/acceleration program for security start-ups and collect useful data from the experience of running a pilot of a security incubator program. The intended target of this material are non-profit academic institutions, government entities that seek to invest in the creation of a security start-up incubator program (also referred as company accelerator, innovation campus).<br />
<br />
This initiative will focus on the pre-incubator/pre-acceleration phase that is the preliminary phase that leads to incubation of a possible startup. This is the phase where talent is nurtured and ideas are developed, tools are validated and tested. This phase leads to the next phase that is the acceleration phase. The goal of the acceleration phase is to create Proof of Concepts (PoCs) of software security tool prototypes. Entrapenuer-lead teams participating to the OWASP pre-acceleration program can possibly use these POCs/prototypes to develop Minimum Viable Product (MVPs). These MVPs might be used to present to Angel investors/VCs to seek funding for the creation of their start ups using these products. <br />
<br />
==Initiative Goals==<br />
<br />
The goal of the pre-incubator is to create opportunities for entrapeneur-lead teams to transform their ideas of software security tools/services into open source community-validated concepts such as PoCs/prototypes. The pursuit of innovative ideas and the development of these PoCs Proof of Concept leverages the use of OWASP free resources such as open source tools/documents/trainings. The OWASP security incubator will offer to selected entrepeneur-lead teams a structured place to work to pre-incubate their ideas into working prototypes using OWASP funds and backing of OWASP corporate sponsorship. These PoCs developed will be released as OWASP open source and released to the community to be use as a free resource and not for commercial use.<br />
<br />
==Participation and Sponsorship Appeal==<br />
<br />
Interested corporate sponsors, academic institutions and government organisations can contact OWASP to become a sponsor of the Cyber Security Pre Startup Accelerator Initiative by filling in the following [https://docs.google.com/forms/d/1hg3xqM3fHKDda0WshTEC7UTzK4nwcr1j6H79mHXSBoQ/viewform sponsorship form]<br />
<br />
==Benefits for Sponsors of this Initiative==<br />
<br />
The OWASP pre-incubator security start-up project empowers academic institutions, government entities as well as corporate sponsors to promote the creation of application security tools, foster education in application and software security among students as well as early graduated software security teams interested in experimenting with OWASP open source tools and entrepeneur-lead teams seeking to create software security start-ups. By spearheading the incubation of security start-ups OWASP will create the opportunity for software developers, software and application security testers and consultants to become self-sufficient in supporting the further development of software and services as a security start-up. These security start-ups will have the opportunity to leverage OWASP tools for their security consulting services, application security training and secure software development services. The possible investment that the start-up might obtain from investors might be used to fund the creation of a consulting services start-up company that plan to use open source tools including OWASP tools as well as for the creation of a software security technology focused company. These software security start-ups might invest money and resources for the creation of MVPs to be presented to prospective investors for funding. These MVPs can be developed based upon the experience gained participating to the OWASP pre-acceleration security program and the lessons learnt by developing the software/prototypes/PoWs within the pre-acceleration program.<br />
<br />
== For Non-Profit use Limitations and Open Source Licensing Requirements==<br />
<br />
Participants to the OWASP pre-acceleration security start-up program have a legal requirement to respect the open source licenses for the OWASP tools, and prototypes being developed such as the Creative Commons 3.0 License (see OWASP:Copyrights for details). These licensing agreement legally bind the start up in the respect of these license agreements when OWASP open source tools are used for commercial consulting services as well as when are integrated as part of their commercial tools/products.<br />
<br />
OWASP won’t be involved in the creation and commercialisation aspects of the tools that can be further be developed by the cerated start-ups that participated to the program. OWASP will be involved only in the mentoring and funding support of the activities of the pre-accelerator program and in the funding of OWASP open source projects. These OWASP projects can be lead by prospective entrepreneur-lead teams that are enrolled in the pre-incubator start-up program. <br />
<br />
The OWASP organisation, through his local chapters will run and manage the security start-up pre-accelerator program ONLY, seek to provide in-person mentoring in application security to the teams participating to the program and provide mentoring to help teams to take their ideas into working prototypes/tools. During the pre-incubation phase, OWASP might also mentor the start-ups in the creation of the business plans and advise in the technical aspects related to the investment sought for the development of MVPs. OWASP won't participate in the start-up since OWASP is a non-profit organisation and won't take any commercial interests in the development of MVPs or be part as organisation in the business plan/proposal of the start-up.<br />
<br />
| valign="top" style="padding-left:25px;width:200px;border-right: 1px dotted gray;padding-right:25px;" |<br />
<br />
<br />
== Presentation Materials ==<br />
<br />
[https://www.owasp.org/images/4/42/OWASP_Security_Pre-Accelerator_Initiative.pdf OWASP Start-up initiative proposal documentation]<br />
<br />
[https://www.owasp.org/images/9/9b/OWASP_Security_Incubator_Presentation.pdf Atrovate proposal to OWASP presentation deck]<br />
<br />
''Note: this initiative proposal is released to OWASP for the purpose of seeking OWASP corporate funding only and should considered propriety of the authors and OWASP and cannot distributed and used for commercial purposes and without consent of the authors''<br />
<br />
== Initiative Leader(s) ==<br />
<br />
[https://www.owasp.org/index.php/Neill_Gernon Neill Gernon]<br />
[https://www.owasp.org/index.php/Marco_Morana Marco Morana]<br />
<br />
<br />
== Mailing List ==<br />
<br />
* [https://lists.owasp.org/mailman/listinfo/owasp_cyber_security_pre-accelerator_initiative Mailing List]<br />
<br />
|}<br />
<br />
= News and Events =<br />
<br />
'''Starting point/To date'''<br />
Neill Gernon and Marco Morana have worked up to this point on:<br />
-Startup community engagement> Meetings with London startup hubs including Level39 (Europes largest accelerator space), IDEALondon and universitys like Kings University where Marco spoke about the programme with thier security leaders. Also had meetings inside Google Campus London, Tech Hub and Central Working.<br />
-Programme planning> Designing the programme which has taken inspiration from lean prototyping workshops that Neill Gernon runs in London and Dublin startup clusters. Planning stages also included engaging with owasp staff including Samantha Groves, Kelly Santalucia and GK Southwick to conclude that this should be submitted and structured as an initiative.<br />
-Coordinating owasp meetings: Meetings with owasp chapter leaders including Tobias Gondrom, Justin Clarke and Marco Morana.<br />
<br />
'''Thursday, 24th April - Meeting.'''<br />
Meeting (conference call) between Neill Gernon & Marco Morana concluded the following:<br />
-Speakers/Mentors> <br />
(a) Will will be looking to confirm speakers for the first kick off event (mid May). At this kick off event Neill Gernon & Marco Morana will talk on the programme format and the benifits to participants - this is an overview of the programme and a chance for all interested to come together and connect pre- initiative launch. Also to answer any questions attendees have before beginning. <br />
(b) Will be looking to confirm mentors for the pre-accelerator programme. These mentors will commit to specific calander dates to give team advisory, product validation, people mentorship and guidance through out the initiative.<br />
-Calander> Now we have a chosen starting point (kick off event by the 22nd May in London), we will be outlining the calander timeline of events, workshops and hackathon dates/times. *This initiative schedule will be updated to the wiki soon*<br />
-Sponsor details: Waiting to get confirmation from sponsors on how they wish to support initiative and owasp<br />
-How to continuously update the wiki for future updates and initiative news.<br />
<br />
Kick off event date, sponsor details, speakers and mentor confirmation will be following this meeting.<br />
<br />
<br />
'''Friday 9th May - Update on sponsor signup'''<br />
Created a quick "google form" along with a new presentation to get sponsors signed up to the initiative. Confirmation of dates and venue pending and subject to sponsor commitment due to venue expenses. <br />
Potential sponsors have been two options: <br />
1. join owasp membership and a % goes toward the initiative<br />
2. sponsor initiative direct<br />
Google form found [here> https://docs.google.com/forms/d/1hg3xqM3fHKDda0WshTEC7UTzK4nwcr1j6H79mHXSBoQ/viewform .]<br />
<br />
Additional updates> <br />
1. Wednesday meeting with Marco Moran confirmed to discuss initiative progress, venue, dates and sponsor confirmation.<br />
2. Monday - Meeting with IDEALondon to discuss venue and initiative start dates<br />
3. Monday - Meeting with a London university to propose initiative sponsorship<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
= Milestones =<br />
<br />
'''Milestones and Goals'''<br />
<br />
The OWASP pre-incubator security start-up project includes the following milestones;<br />
<br />
1) OWASP Security start-up pre-incubator process guide that document the process the WHAT that is a guide that can be followed by a non-profit entity such as OWASP, University, and Government Agency to run a security start-up pre-incubator program. We will document all steps of the process that can be followed to create pre seed funding security start-ups which can be replicated by following this program including<br />
the different stages that lead from opportunity to idea concept to creation of the open source prototype to the start-ups itself. The guide provide guidance on the goals of the various activities such as events, prototyping workshops and hackathons (e.g. goal is to experiment with OWASP open source tools, templates for the development of working prototypes) create and sign legal contract agreements, creation and validation of PoCs Proof of Concepts.<br />
<br />
2) OWASP Security start-up pre-incubator process manual that teaches the HOW that is how to engage with the start-up community locally (start), organize events, workshops, hackathons, mentoring and prepare business plans for participation to security incubators start-ups (end);<br />
<br />
3) OWASP Security start-up pre-incubator wiki site to manage the steps of the startup security pre accelerator process and document the proof of concept prototypes that can go on to be fully incubated start-ups; This wiki site will be created as OWASP pre-accelerator web site and will help it to be taken forward and used by OWASP chapters in different areas/countries.<br />
<br />
4) Documented results of piloting with a start-up pre-incubator real case that includes using the process guide the manual the wiki site to run a real case of pre-incubator program by running it at one of the established start up campuses in London pending on availability and agreements.<br />
<br />
5) OWASP open source working software prototype/PoCof an open source application security software/technology. This prototype/PoC is produced by following theseveral steps of the pre-accelerator security incubator program and is produced by the initiative participants as residents in the pre-accelerator working space and validated by the open source community. The scope of the prototype is to validate a proof of concept of a new idea that makes either web or mobile applications more secure. This prototype is released as open source to the community.<br />
<br />
=How to Get involved=<br />
<br />
Signup to our mailing list, updates coming soon!<br />
Mail list> https://lists.owasp.org/mailman/listinfo/owasp_cyber_security_pre-accelerator_initiative <br />
<br />
__NOTOC__ <headertabs /> <br />
<br />
[[Category:OWASP Global_Initiatives]] <br />
<br />
<br />
<br />
<br />
<br />
<br />
<headertabs/> <br />
__NOTOC__</div>Neill Gernonhttps://wiki.owasp.org/index.php?title=Global_Initiatives/Cyber_Security_Pre-accelerator_Initiative&diff=175633Global Initiatives/Cyber Security Pre-accelerator Initiative2014-05-23T12:10:52Z<p>Neill Gernon: </p>
<hr />
<div>=Main=<br />
<br />
<div style="width:100%;height:160px;border:0,margin:0;overflow: hidden;">[[File:Initiatives_banner_large.jpg|link=]]</div><br />
<br />
{| style="padding: 0;margin:0;margin-top:10px;text-align:left;" |-<br />
| valign="top" style="border-right: 1px dotted gray;padding-right:25px;" |<br />
<br />
==OWASP Cyber Security Startup Initiative==<br />
<br />
This initiative seeks to catalyse innovation in application security by promoting the use of open source such as OWASP testing tools, technical documentation, training modules within the start-up community in the context of incubation of a possible startup and in a roadmap for the creation of possible application security start-ups.<br />
<br />
The main outcome of this initiative is the creation of documentation manuals for running an incubator/acceleration program for security start-ups and collect useful data from the experience of running a pilot of a security incubator program. The intended target of this material are non-profit academic institutions, government entities that seek to invest in the creation of a security start-up incubator program (also referred as company accelerator, innovation campus).<br />
<br />
This initiative will focus on the pre-incubator/pre-acceleration phase that is the preliminary phase that leads to incubation of a possible startup. This is the phase where talent is nurtured and ideas are developed, tools are validated and tested. This phase leads to the next phase that is the acceleration phase. The goal of the acceleration phase is to create Proof of Concepts (PoCs) of software security tool prototypes. Entrapenuer-lead teams participating to the OWASP pre-acceleration program can possibly use these POCs/prototypes to develop Minimum Viable Product (MVPs). These MVPs might be used to present to Angel investors/VCs to seek funding for the creation of their start ups using these products. <br />
<br />
==Initiative Goals==<br />
<br />
The goal of the pre-incubator is to create opportunities for entrapeneur-lead teams to transform their ideas of software security tools/services into open source community-validated concepts such as PoCs/prototypes. The pursuit of innovative ideas and the development of these PoCs Proof of Concept leverages the use of OWASP free resources such as open source tools/documents/trainings. The OWASP security incubator will offer to selected entrepeneur-lead teams a structured place to work to pre-incubate their ideas into working prototypes using OWASP funds and backing of OWASP corporate sponsorship. These PoCs developed will be released as OWASP open source and released to the community to be use as a free resource and not for commercial use.<br />
<br />
==Participation and Sponsorship Appeal==<br />
<br />
Interested corporate sponsors, academic institutions and government organisations can contact OWASP to become a sponsor of the Cyber Security Pre Startup Accelerator Initiative by filling in the following [https://docs.google.com/forms/d/1hg3xqM3fHKDda0WshTEC7UTzK4nwcr1j6H79mHXSBoQ/viewform sponsorship form]<br />
<br />
==Benefits for Sponsors of this Initiative==<br />
<br />
The OWASP pre-incubator security start-up project empowers academic institutions, government entities as well as corporate sponsors to promote the creation of application security tools, foster education in application and software security among students as well as early graduated software security teams interested in experimenting with OWASP open source tools and entrepeneur-lead teams seeking to create software security start-ups. By spearheading the incubation of security start-ups OWASP will create the opportunity for software developers, software and application security testers and consultants to become self-sufficient in supporting the further development of software and services as a security start-up. These security start-ups will have the opportunity to leverage OWASP tools for their security consulting services, application security training and secure software development services. The possible investment that the start-up might obtain from investors might be used to fund the creation of a consulting services start-up company that plan to use open source tools including OWASP tools as well as for the creation of a software security technology focused company. These software security start-ups might invest money and resources for the creation of MVPs to be presented to prospective investors for funding. These MVPs can be developed based upon the experience gained participating to the OWASP pre-acceleration security program and the lessons learnt by developing the software/prototypes/PoWs within the pre-acceleration program.<br />
<br />
== For Non-Profit use Limitations and Open Source Licensing Requirements==<br />
<br />
Participants to the OWASP pre-acceleration security start-up program have a legal requirement to respect the open source licenses for the OWASP tools, and prototypes being developed such as the Creative Commons 3.0 License (see OWASP:Copyrights for details). These licensing agreement legally bind the start up in the respect of these license agreements when OWASP open source tools are used for commercial consulting services as well as when are integrated as part of their commercial tools/products.<br />
<br />
OWASP won’t be involved in the creation and commercialisation aspects of the tools that can be further be developed by the cerated start-ups that participated to the program. OWASP will be involved only in the mentoring and funding support of the activities of the pre-accelerator program and in the funding of OWASP open source projects. These OWASP projects can be lead by prospective entrepreneur-lead teams that are enrolled in the pre-incubator start-up program. <br />
<br />
The OWASP organisation, through his local chapters will run and manage the security start-up pre-accelerator program ONLY, seek to provide in-person mentoring in application security to the teams participating to the program and provide mentoring to help teams to take their ideas into working prototypes/tools. During the pre-incubation phase, OWASP might also mentor the start-ups in the creation of the business plans and advise in the technical aspects related to the investment sought for the development of MVPs. OWASP won't participate in the start-up since OWASP is a non-profit organisation and won't take any commercial interests in the development of MVPs or be part as organisation in the business plan/proposal of the start-up.<br />
<br />
| valign="top" style="padding-left:25px;width:200px;border-right: 1px dotted gray;padding-right:25px;" |<br />
<br />
<br />
== Presentation Materials ==<br />
<br />
[https://www.owasp.org/images/4/42/OWASP_Security_Pre-Accelerator_Initiative.pdf OWASP Start-up initiative proposal documentation]<br />
<br />
[https://www.owasp.org/images/9/9b/OWASP_Security_Incubator_Presentation.pdf Atrovate proposal to OWASP presentation deck]<br />
<br />
''Note: this initiative proposal is released to OWASP for the purpose of seeking OWASP corporate funding only and should considered propriety of the authors and OWASP and cannot distributed and used for commercial purposes and without consent of the authors''<br />
<br />
== Initiative Leader(s) ==<br />
<br />
[https://www.owasp.org/index.php/User:Neill_Gernon]<br />
[https://www.owasp.org/index.php/Marco_Morana Marco Morana]<br />
<br />
<br />
== Mailing List ==<br />
<br />
* [https://lists.owasp.org/mailman/listinfo/owasp_cyber_security_pre-accelerator_initiative Mailing List]<br />
<br />
|}<br />
<br />
= News and Events =<br />
<br />
'''Starting point/To date'''<br />
Neill Gernon and Marco Morana have worked up to this point on:<br />
-Startup community engagement> Meetings with London startup hubs including Level39 (Europes largest accelerator space), IDEALondon and universitys like Kings University where Marco spoke about the programme with thier security leaders. Also had meetings inside Google Campus London, Tech Hub and Central Working.<br />
-Programme planning> Designing the programme which has taken inspiration from lean prototyping workshops that Neill Gernon runs in London and Dublin startup clusters. Planning stages also included engaging with owasp staff including Samantha Groves, Kelly Santalucia and GK Southwick to conclude that this should be submitted and structured as an initiative.<br />
-Coordinating owasp meetings: Meetings with owasp chapter leaders including Tobias Gondrom, Justin Clarke and Marco Morana.<br />
<br />
'''Thursday, 24th April - Meeting.'''<br />
Meeting (conference call) between Neill Gernon & Marco Morana concluded the following:<br />
-Speakers/Mentors> <br />
(a) Will will be looking to confirm speakers for the first kick off event (mid May). At this kick off event Neill Gernon & Marco Morana will talk on the programme format and the benifits to participants - this is an overview of the programme and a chance for all interested to come together and connect pre- initiative launch. Also to answer any questions attendees have before beginning. <br />
(b) Will be looking to confirm mentors for the pre-accelerator programme. These mentors will commit to specific calander dates to give team advisory, product validation, people mentorship and guidance through out the initiative.<br />
-Calander> Now we have a chosen starting point (kick off event by the 22nd May in London), we will be outlining the calander timeline of events, workshops and hackathon dates/times. *This initiative schedule will be updated to the wiki soon*<br />
-Sponsor details: Waiting to get confirmation from sponsors on how they wish to support initiative and owasp<br />
-How to continuously update the wiki for future updates and initiative news.<br />
<br />
Kick off event date, sponsor details, speakers and mentor confirmation will be following this meeting.<br />
<br />
<br />
'''Friday 9th May - Update on sponsor signup'''<br />
Created a quick "google form" along with a new presentation to get sponsors signed up to the initiative. Confirmation of dates and venue pending and subject to sponsor commitment due to venue expenses. <br />
Potential sponsors have been two options: <br />
1. join owasp membership and a % goes toward the initiative<br />
2. sponsor initiative direct<br />
Google form found [here> https://docs.google.com/forms/d/1hg3xqM3fHKDda0WshTEC7UTzK4nwcr1j6H79mHXSBoQ/viewform .]<br />
<br />
Additional updates> <br />
1. Wednesday meeting with Marco Moran confirmed to discuss initiative progress, venue, dates and sponsor confirmation.<br />
2. Monday - Meeting with IDEALondon to discuss venue and initiative start dates<br />
3. Monday - Meeting with a London university to propose initiative sponsorship<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
= Milestones =<br />
<br />
'''Milestones and Goals'''<br />
<br />
The OWASP pre-incubator security start-up project includes the following milestones;<br />
<br />
1) OWASP Security start-up pre-incubator process guide that document the process the WHAT that is a guide that can be followed by a non-profit entity such as OWASP, University, and Government Agency to run a security start-up pre-incubator program. We will document all steps of the process that can be followed to create pre seed funding security start-ups which can be replicated by following this program including<br />
the different stages that lead from opportunity to idea concept to creation of the open source prototype to the start-ups itself. The guide provide guidance on the goals of the various activities such as events, prototyping workshops and hackathons (e.g. goal is to experiment with OWASP open source tools, templates for the development of working prototypes) create and sign legal contract agreements, creation and validation of PoCs Proof of Concepts.<br />
<br />
2) OWASP Security start-up pre-incubator process manual that teaches the HOW that is how to engage with the start-up community locally (start), organize events, workshops, hackathons, mentoring and prepare business plans for participation to security incubators start-ups (end);<br />
<br />
3) OWASP Security start-up pre-incubator wiki site to manage the steps of the startup security pre accelerator process and document the proof of concept prototypes that can go on to be fully incubated start-ups; This wiki site will be created as OWASP pre-accelerator web site and will help it to be taken forward and used by OWASP chapters in different areas/countries.<br />
<br />
4) Documented results of piloting with a start-up pre-incubator real case that includes using the process guide the manual the wiki site to run a real case of pre-incubator program by running it at one of the established start up campuses in London pending on availability and agreements.<br />
<br />
5) OWASP open source working software prototype/PoCof an open source application security software/technology. This prototype/PoC is produced by following theseveral steps of the pre-accelerator security incubator program and is produced by the initiative participants as residents in the pre-accelerator working space and validated by the open source community. The scope of the prototype is to validate a proof of concept of a new idea that makes either web or mobile applications more secure. This prototype is released as open source to the community.<br />
<br />
=How to Get involved=<br />
<br />
Signup to our mailing list, updates coming soon!<br />
Mail list> https://lists.owasp.org/mailman/listinfo/owasp_cyber_security_pre-accelerator_initiative <br />
<br />
__NOTOC__ <headertabs /> <br />
<br />
[[Category:OWASP Global_Initiatives]] <br />
<br />
<br />
<br />
<br />
<br />
<br />
<headertabs/> <br />
__NOTOC__</div>Neill Gernonhttps://wiki.owasp.org/index.php?title=Global_Initiatives/Cyber_Security_Pre-accelerator_Initiative&diff=175632Global Initiatives/Cyber Security Pre-accelerator Initiative2014-05-23T12:09:55Z<p>Neill Gernon: </p>
<hr />
<div>=Main=<br />
<br />
<div style="width:100%;height:160px;border:0,margin:0;overflow: hidden;">[[File:Initiatives_banner_large.jpg|link=]]</div><br />
<br />
{| style="padding: 0;margin:0;margin-top:10px;text-align:left;" |-<br />
| valign="top" style="border-right: 1px dotted gray;padding-right:25px;" |<br />
<br />
==OWASP Cyber Security Startup Initiative==<br />
<br />
This initiative seeks to catalyse innovation in application security by promoting the use of open source such as OWASP testing tools, technical documentation, training modules within the start-up community in the context of incubation of a possible startup and in a roadmap for the creation of possible application security start-ups.<br />
<br />
The main outcome of this initiative is the creation of documentation manuals for running an incubator/acceleration program for security start-ups and collect useful data from the experience of running a pilot of a security incubator program. The intended target of this material are non-profit academic institutions, government entities that seek to invest in the creation of a security start-up incubator program (also referred as company accelerator, innovation campus).<br />
<br />
This initiative will focus on the pre-incubator/pre-acceleration phase that is the preliminary phase that leads to incubation of a possible startup. This is the phase where talent is nurtured and ideas are developed, tools are validated and tested. This phase leads to the next phase that is the acceleration phase. The goal of the acceleration phase is to create Proof of Concepts (PoCs) of software security tool prototypes. Entrapenuer-lead teams participating to the OWASP pre-acceleration program can possibly use these POCs/prototypes to develop Minimum Viable Product (MVPs). These MVPs might be used to present to Angel investors/VCs to seek funding for the creation of their start ups using these products. <br />
<br />
==Initiative Goals==<br />
<br />
The goal of the pre-incubator is to create opportunities for entrapeneur-lead teams to transform their ideas of software security tools/services into open source community-validated concepts such as PoCs/prototypes. The pursuit of innovative ideas and the development of these PoCs Proof of Concept leverages the use of OWASP free resources such as open source tools/documents/trainings. The OWASP security incubator will offer to selected entrepeneur-lead teams a structured place to work to pre-incubate their ideas into working prototypes using OWASP funds and backing of OWASP corporate sponsorship. These PoCs developed will be released as OWASP open source and released to the community to be use as a free resource and not for commercial use.<br />
<br />
==Participation and Sponsorship Appeal==<br />
<br />
Interested corporate sponsors, academic institutions and government organisations can contact OWASP to become a sponsor of the Cyber Security Pre Startup Accelerator Initiative by filling in the following [https://docs.google.com/forms/d/1hg3xqM3fHKDda0WshTEC7UTzK4nwcr1j6H79mHXSBoQ/viewform sponsorship form]<br />
<br />
==Benefits for Sponsors of this Initiative==<br />
<br />
The OWASP pre-incubator security start-up project empowers academic institutions, government entities as well as corporate sponsors to promote the creation of application security tools, foster education in application and software security among students as well as early graduated software security teams interested in experimenting with OWASP open source tools and entrepeneur-lead teams seeking to create software security start-ups. By spearheading the incubation of security start-ups OWASP will create the opportunity for software developers, software and application security testers and consultants to become self-sufficient in supporting the further development of software and services as a security start-up. These security start-ups will have the opportunity to leverage OWASP tools for their security consulting services, application security training and secure software development services. The possible investment that the start-up might obtain from investors might be used to fund the creation of a consulting services start-up company that plan to use open source tools including OWASP tools as well as for the creation of a software security technology focused company. These software security start-ups might invest money and resources for the creation of MVPs to be presented to prospective investors for funding. These MVPs can be developed based upon the experience gained participating to the OWASP pre-acceleration security program and the lessons learnt by developing the software/prototypes/PoWs within the pre-acceleration program.<br />
<br />
== For Non-Profit use Limitations and Open Source Licensing Requirements==<br />
<br />
Participants to the OWASP pre-acceleration security start-up program have a legal requirement to respect the open source licenses for the OWASP tools, and prototypes being developed such as the Creative Commons 3.0 License (see OWASP:Copyrights for details). These licensing agreement legally bind the start up in the respect of these license agreements when OWASP open source tools are used for commercial consulting services as well as when are integrated as part of their commercial tools/products.<br />
<br />
OWASP won’t be involved in the creation and commercialisation aspects of the tools that can be further be developed by the cerated start-ups that participated to the program. OWASP will be involved only in the mentoring and funding support of the activities of the pre-accelerator program and in the funding of OWASP open source projects. These OWASP projects can be lead by prospective entrepreneur-lead teams that are enrolled in the pre-incubator start-up program. <br />
<br />
The OWASP organisation, through his local chapters will run and manage the security start-up pre-accelerator program ONLY, seek to provide in-person mentoring in application security to the teams participating to the program and provide mentoring to help teams to take their ideas into working prototypes/tools. During the pre-incubation phase, OWASP might also mentor the start-ups in the creation of the business plans and advise in the technical aspects related to the investment sought for the development of MVPs. OWASP won't participate in the start-up since OWASP is a non-profit organisation and won't take any commercial interests in the development of MVPs or be part as organisation in the business plan/proposal of the start-up.<br />
<br />
| valign="top" style="padding-left:25px;width:200px;border-right: 1px dotted gray;padding-right:25px;" |<br />
<br />
<br />
== Presentation Materials ==<br />
<br />
[https://www.owasp.org/images/4/42/OWASP_Security_Pre-Accelerator_Initiative.pdf OWASP Start-up initiative proposal documentation]<br />
<br />
[https://www.owasp.org/images/9/9b/OWASP_Security_Incubator_Presentation.pdf Atrovate proposal to OWASP presentation deck]<br />
<br />
''Note: this initiative proposal is released to OWASP for the purpose of seeking OWASP corporate funding only and should considered propriety of the authors and OWASP and cannot distributed and used for commercial purposes and without consent of the authors''<br />
<br />
== Initiative Leader(s) ==<br />
<br />
[https://www.owasp.org/index.php/Neill_Gernon Neill Gernon]<br />
[https://www.owasp.org/index.php/Marco_Morana Marco Morana]<br />
<br />
<br />
== Mailing List ==<br />
<br />
* [https://lists.owasp.org/mailman/listinfo/owasp_cyber_security_pre-accelerator_initiative Mailing List]<br />
<br />
|}<br />
<br />
= News and Events =<br />
<br />
'''Starting point/To date'''<br />
Neill Gernon and Marco Morana have worked up to this point on:<br />
-Startup community engagement> Meetings with London startup hubs including Level39 (Europes largest accelerator space), IDEALondon and universitys like Kings University where Marco spoke about the programme with thier security leaders. Also had meetings inside Google Campus London, Tech Hub and Central Working.<br />
-Programme planning> Designing the programme which has taken inspiration from lean prototyping workshops that Neill Gernon runs in London and Dublin startup clusters. Planning stages also included engaging with owasp staff including Samantha Groves, Kelly Santalucia and GK Southwick to conclude that this should be submitted and structured as an initiative.<br />
-Coordinating owasp meetings: Meetings with owasp chapter leaders including Tobias Gondrom, Justin Clarke and Marco Morana.<br />
<br />
'''Thursday, 24th April - Meeting.'''<br />
Meeting (conference call) between Neill Gernon & Marco Morana concluded the following:<br />
-Speakers/Mentors> <br />
(a) Will will be looking to confirm speakers for the first kick off event (mid May). At this kick off event Neill Gernon & Marco Morana will talk on the programme format and the benifits to participants - this is an overview of the programme and a chance for all interested to come together and connect pre- initiative launch. Also to answer any questions attendees have before beginning. <br />
(b) Will be looking to confirm mentors for the pre-accelerator programme. These mentors will commit to specific calander dates to give team advisory, product validation, people mentorship and guidance through out the initiative.<br />
-Calander> Now we have a chosen starting point (kick off event by the 22nd May in London), we will be outlining the calander timeline of events, workshops and hackathon dates/times. *This initiative schedule will be updated to the wiki soon*<br />
-Sponsor details: Waiting to get confirmation from sponsors on how they wish to support initiative and owasp<br />
-How to continuously update the wiki for future updates and initiative news.<br />
<br />
Kick off event date, sponsor details, speakers and mentor confirmation will be following this meeting.<br />
<br />
<br />
'''Friday 9th May - Update on sponsor signup'''<br />
Created a quick "google form" along with a new presentation to get sponsors signed up to the initiative. Confirmation of dates and venue pending and subject to sponsor commitment due to venue expenses. <br />
Potential sponsors have been two options: <br />
1. join owasp membership and a % goes toward the initiative<br />
2. sponsor initiative direct<br />
Google form found [here> https://docs.google.com/forms/d/1hg3xqM3fHKDda0WshTEC7UTzK4nwcr1j6H79mHXSBoQ/viewform .]<br />
<br />
Additional updates> <br />
1. Wednesday meeting with Marco Moran confirmed to discuss initiative progress, venue, dates and sponsor confirmation.<br />
2. Monday - Meeting with IDEALondon to discuss venue and initiative start dates<br />
3. Monday - Meeting with a London university to propose initiative sponsorship<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
= Milestones =<br />
<br />
'''Milestones and Goals'''<br />
<br />
The OWASP pre-incubator security start-up project includes the following milestones;<br />
<br />
1) OWASP Security start-up pre-incubator process guide that document the process the WHAT that is a guide that can be followed by a non-profit entity such as OWASP, University, and Government Agency to run a security start-up pre-incubator program. We will document all steps of the process that can be followed to create pre seed funding security start-ups which can be replicated by following this program including<br />
the different stages that lead from opportunity to idea concept to creation of the open source prototype to the start-ups itself. The guide provide guidance on the goals of the various activities such as events, prototyping workshops and hackathons (e.g. goal is to experiment with OWASP open source tools, templates for the development of working prototypes) create and sign legal contract agreements, creation and validation of PoCs Proof of Concepts.<br />
<br />
2) OWASP Security start-up pre-incubator process manual that teaches the HOW that is how to engage with the start-up community locally (start), organize events, workshops, hackathons, mentoring and prepare business plans for participation to security incubators start-ups (end);<br />
<br />
3) OWASP Security start-up pre-incubator wiki site to manage the steps of the startup security pre accelerator process and document the proof of concept prototypes that can go on to be fully incubated start-ups; This wiki site will be created as OWASP pre-accelerator web site and will help it to be taken forward and used by OWASP chapters in different areas/countries.<br />
<br />
4) Documented results of piloting with a start-up pre-incubator real case that includes using the process guide the manual the wiki site to run a real case of pre-incubator program by running it at one of the established start up campuses in London pending on availability and agreements.<br />
<br />
5) OWASP open source working software prototype/PoCof an open source application security software/technology. This prototype/PoC is produced by following theseveral steps of the pre-accelerator security incubator program and is produced by the initiative participants as residents in the pre-accelerator working space and validated by the open source community. The scope of the prototype is to validate a proof of concept of a new idea that makes either web or mobile applications more secure. This prototype is released as open source to the community.<br />
<br />
=How to Get involved=<br />
<br />
Signup to our mailing list, updates coming soon!<br />
Mail list> https://lists.owasp.org/mailman/listinfo/owasp_cyber_security_pre-accelerator_initiative <br />
<br />
__NOTOC__ <headertabs /> <br />
<br />
[[Category:OWASP Global_Initiatives]] <br />
<br />
<br />
<br />
<br />
<br />
<br />
<headertabs/> <br />
__NOTOC__</div>Neill Gernonhttps://wiki.owasp.org/index.php?title=User:Neill_Gernon&diff=175631User:Neill Gernon2014-05-23T12:08:47Z<p>Neill Gernon: </p>
<hr />
<div>Neill is a business innovation and growth strategist with a background in enterprise business development. He has spent the last 3 years in London and Dublin startup clusters working and advising startups on growth/business model strategy and has been invited to mentor/talk with entrepreneurs at university startup incubators like the launchbox accelerator [http://launchbox.ie/] located in Trinity College Dublin. While in Dublin Neill set up the Ireland version of the international startup community growth event Silicon drinkabout Dublin [http://silicondrinkabout.com/dublin].<br />
<br />
Neill is passionate about bringing more structured experimentation to product development, portfolio and innovation strategy in corporates and to early stage startup entrepreneurs. He co-designed the methodology of lean prototyping [http://neillgernon.wordpress.com/2014/02/27/what-is-lean-prototyping/] which he now teaches and facilitates in workshops through HustleHack.com [http://www.hustlehack.com/].<br />
<br />
Currently founder of digital innovation business Atrovate [http://www.atrovate.com/] and leading the Cyber Security Startup Global Initiative [https://www.owasp.org/index.php/Global_Initiatives/Cyber_Security_Pre-accelerator_Initiative] with Owasp.</div>Neill Gernonhttps://wiki.owasp.org/index.php?title=User:Neill_Gernon&diff=175628User:Neill Gernon2014-05-23T11:12:17Z<p>Neill Gernon: </p>
<hr />
<div>Neill is a business innovation and growth strategist with a background in enterprise business development. He has spent the last 3 years in London and Dublin startup clusters working and advising startups on growth/business model strategy and has been invited to mentor/talk with entrepreneurs at university startup incubators like the launchbox accelerator [http://launchbox.ie/] located in Trinity College Dublin.<br />
<br />
A startup community advocate and a co organisor of the community growth event Silicon drinkabout Dublin [http://silicondrinkabout.com/dublin].<br />
<br />
Neill is passionate about bringing more structured experimentation to product development, portfolio and innovation strategy in corporates and to early stage startup entrepreneurs. He co-designed the methodology of lean prototyping [http://neillgernon.wordpress.com/2014/02/27/what-is-lean-prototyping/] which he now teaches and facilitates in workshops through HustleHack.com [http://www.hustlehack.com/].<br />
<br />
Currently founder of digital innovation business Atrovate [http://www.atrovate.com/] and leading the Cyber Security Startup Global Initiative [https://www.owasp.org/index.php/Global_Initiatives/Cyber_Security_Pre-accelerator_Initiative] with Owasp.</div>Neill Gernonhttps://wiki.owasp.org/index.php?title=User:Neill_Gernon&diff=175627User:Neill Gernon2014-05-23T11:11:47Z<p>Neill Gernon: </p>
<hr />
<div>Neill is a business innovation and growth strategist with a background in enterprise business development. He has spent the last 3 years in London and Dublin startup clusters working and advising startups on growth/business model strategy and has been asked to mentor/talk at university startup incubators like the launchbox accelerator [http://launchbox.ie/] located in Trinity College Dublin.<br />
<br />
A startup community advocate and a co organisor of the community growth event Silicon drinkabout Dublin [http://silicondrinkabout.com/dublin].<br />
<br />
Neill is passionate about bringing more structured experimentation to product development, portfolio and innovation strategy in corporates and to early stage startup entrepreneurs. He co-designed the methodology of lean prototyping [http://neillgernon.wordpress.com/2014/02/27/what-is-lean-prototyping/] which he now teaches and facilitates in workshops through HustleHack.com [http://www.hustlehack.com/].<br />
<br />
Currently founder of digital innovation business Atrovate [http://www.atrovate.com/] and leading the Cyber Security Startup Global Initiative [https://www.owasp.org/index.php/Global_Initiatives/Cyber_Security_Pre-accelerator_Initiative] with Owasp.</div>Neill Gernonhttps://wiki.owasp.org/index.php?title=User:Neill_Gernon&diff=175626User:Neill Gernon2014-05-23T11:11:07Z<p>Neill Gernon: </p>
<hr />
<div>Neill is a business innovation and growth strategist with a background in enterprise business development. He has spent the last 3 years in London and Dublin startup clusters working and advising startups on growth/business model strategy and has talked at university startup incubators like the launchbox accelerator [http://launchbox.ie/] located in Trinity College Dublin.<br />
<br />
A startup community advocate and a co organisor of the community growth event Silicon drinkabout Dublin [http://silicondrinkabout.com/dublin].<br />
<br />
Neill is passionate about bringing more structured experimentation to product development, portfolio and innovation strategy in corporates and to early stage startup entrepreneurs. He co-designed the methodology of lean prototyping [http://neillgernon.wordpress.com/2014/02/27/what-is-lean-prototyping/] which he now teaches and facilitates in workshops through HustleHack.com [http://www.hustlehack.com/].<br />
<br />
Currently founder of digital innovation business Atrovate [http://www.atrovate.com/] and leading the Cyber Security Startup Global Initiative [https://www.owasp.org/index.php/Global_Initiatives/Cyber_Security_Pre-accelerator_Initiative] with Owasp.</div>Neill Gernonhttps://wiki.owasp.org/index.php?title=User:Neill_Gernon&diff=175625User:Neill Gernon2014-05-23T11:05:54Z<p>Neill Gernon: </p>
<hr />
<div>Neill is a business innovation and growth strategist with a background in enterprise business development. He has spent the last 3 years in London and Dublin startup clusters working and advising startups on growth/business model strategy and has talked at university startup incubators like [the launchbox accelerator] [http://launchbox.ie/] located in Trinity College Dublin.<br />
<br />
A startup community advocate and a co organisor of the community growth event Silicon drinkabout Dublin [http://silicondrinkabout.com/dublin].<br />
<br />
Neill is passionate about bringing more structured experimentation to product development, portfolio and innovation strategy in corporates and to early stage startup entrepreneurs. He co-designed the methodology of lean prototyping [http://neillgernon.wordpress.com/2014/02/27/what-is-lean-prototyping/] which he now teaches and facilitates in workshops through HustleHack.com [http://www.hustlehack.com/].<br />
<br />
Currently founder of digital innovation business Atrovate [http://www.atrovate.com/] and leading the Cyber Security Startup Global Initiative [https://www.owasp.org/index.php/Global_Initiatives/Cyber_Security_Pre-accelerator_Initiative] with Owasp.</div>Neill Gernonhttps://wiki.owasp.org/index.php?title=Global_Initiatives/Cyber_Security_Pre-accelerator_Initiative&diff=175483Global Initiatives/Cyber Security Pre-accelerator Initiative2014-05-22T16:29:03Z<p>Neill Gernon: </p>
<hr />
<div>=Main=<br />
<br />
<div style="width:100%;height:160px;border:0,margin:0;overflow: hidden;">[[File:Initiatives_banner_large.jpg|link=]]</div><br />
<br />
{| style="padding: 0;margin:0;margin-top:10px;text-align:left;" |-<br />
| valign="top" style="border-right: 1px dotted gray;padding-right:25px;" |<br />
<br />
==OWASP Cyber Security Startup Initiative==<br />
<br />
The focus of this initiative is to create open source material such as documentation manuals, wiki page resources and piloting data that can be used by the application security community for the management of a security pre-startup accelerator program. The goal of this pre-accelerator program is to catalyse innovation in application security by promoting the use of OWASP resources (e.g. security testing tools, technical documentation, training modules) within the start-up/academic community and in a roadmap of a creation of possible startups whose business plan could includes the use of these OWASP resources. The pre-incubator phase is the preliminary phase that leads to incubation of a possible startup. This is the phase where talent is nurtured and ideas are developed, validated and tested in order to get to a Proof of Concepts PoCs stage with working software tools/prototypes. These PoCs might go on to be funded by non-profit (e.g. academics) and for profit entities (e.g. vendors) and validated by the open source community. At a later stage some of these validated PoC might help the pre-incubator teams to seek funding for a security start up can create an opportunity for employment in the application security industry.<br />
<br />
==Goals==<br />
<br />
The goal of the pre-incubator is to create opportunities to transform ideas into validated concepts and onto POC (proof of concept) prototypes. To pursuit innovative ideas and development of (PoCs) Proof of Concepts of web and mobile applications that use both OWASP open source tools as well as commercial APIs. The pre-incubator will offer a structured place to work to pre-incubate ideas into working prototypes using OWASP funded<br />
projects with backing of corporate sponsorship also provided through OWASP. These POCs will be released to the open source community for validation and use as a free resource.<br />
<br />
==Benefits to OWASP==<br />
The OWASP pre-incubator security start-up project empowers OWASP to leverage academic institutions and corporate sponsors to promote projects for the development of open source tools, improve visibility to application security and foster the creation of team of software developers interested in experimenting with OWASP open source tools for the creation of new software products. By spearheading the incubation of new software prototypes OWASP will create the opportunity for software developers, software and application security testers and consultants to become self-sufficient in supporting the further development of software and services as a security start-up. These security start-ups will have the opportunity to leverage OWASP resources for their security consulting, application security training and secure software development services in full respect of legal agreements for the use of open source licenses when these are used in their commercial services or products.<br />
<br />
OWASP won’t be involved in the creation of the start-up but in the funding and mentoring support of the creation of open source projects that are delivered by the teams enrolled in the pre-incubator start-up program. OWASP through his local chapters will provide in-person mentoring to help mature the PoC from pre-incubation phase to incubation based by providing connections to seek funds for incubate start-ups whose business plan include either the use of open source for their consulting services or further development of products that use open source libraries<br />
<br />
| valign="top" style="padding-left:25px;width:200px;border-right: 1px dotted gray;padding-right:25px;" |<br />
<br />
<br />
== Presentation Materials ==<br />
<br />
Presentation<br />
<br />
<br />
<br />
== Initiative Leader ==<br />
<br />
Neill Gernon<br />
Marco Morana <br />
<br />
<br />
== Mailing List ==<br />
<br />
* [https://lists.owasp.org/mailman/listinfo/owasp_cyber_security_pre-accelerator_initiative Mailing List]<br />
<br />
|}<br />
<br />
= News and Events =<br />
<br />
'''Starting point/To date'''<br />
Neill Gernon and Marco Morana have worked up to this point on:<br />
-Startup community engagement> Meetings with London startup hubs including Level39 (Europes largest accelerator space), IDEALondon and universitys like Kings University where Marco spoke about the programme with thier security leaders. Also had meetings inside Google Campus London, Tech Hub and Central Working.<br />
-Programme planning> Designing the programme which has taken inspiration from lean prototyping workshops that Neill Gernon runs in London and Dublin startup clusters. Planning stages also included engaging with owasp staff including Samantha Groves, Kelly Santalucia and GK Southwick to conclude that this should be submitted and structured as an initiative.<br />
-Coordinating owasp meetings: Meetings with owasp chapter leaders including Tobias Gondrom, Justin Clarke and Marco Morana.<br />
<br />
'''Thursday, 24th April - Meeting.'''<br />
Meeting (conference call) between Neill Gernon & Marco Morana concluded the following:<br />
-Speakers/Mentors> <br />
(a) Will will be looking to confirm speakers for the first kick off event (mid May). At this kick off event Neill Gernon & Marco Morana will talk on the programme format and the benifits to participants - this is an overview of the programme and a chance for all interested to come together and connect pre- initiative launch. Also to answer any questions attendees have before beginning. <br />
(b) Will be looking to confirm mentors for the pre-accelerator programme. These mentors will commit to specific calander dates to give team advisory, product validation, people mentorship and guidance through out the initiative.<br />
-Calander> Now we have a chosen starting point (kick off event by the 22nd May in London), we will be outlining the calander timeline of events, workshops and hackathon dates/times. *This initiative schedule will be updated to the wiki soon*<br />
-Sponsor details: Waiting to get confirmation from sponsors on how they wish to support initiative and owasp<br />
-How to continuously update the wiki for future updates and initiative news.<br />
<br />
Kick off event date, sponsor details, speakers and mentor confirmation will be following this meeting.<br />
<br />
<br />
'''Friday 9th May - Update on sponsor signup'''<br />
Created a quick "google form" along with a new presentation to get sponsors signed up to the initiative. Confirmation of dates and venue pending and subject to sponsor commitment due to venue expenses. <br />
Potential sponsors have been two options: <br />
1. join owasp membership and a % goes toward the initiative<br />
2. sponsor initiative direct<br />
Google form found [here> https://docs.google.com/forms/d/1hg3xqM3fHKDda0WshTEC7UTzK4nwcr1j6H79mHXSBoQ/viewform .]<br />
<br />
Additional updates> <br />
1. Wednesday meeting with Marco Moran confirmed to discuss initiative progress, venue, dates and sponsor confirmation.<br />
2. Monday - Meeting with IDEALondon to discuss venue and initiative start dates<br />
3. Monday - Meeting with a London university to propose initiative sponsorship<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
= Milestones =<br />
<br />
'''Milestones and Goals'''<br />
<br />
The OWASP pre-incubator security start-up project includes the following milestones;<br />
<br />
1) OWASP Security start-up pre-incubator process guide that document the process the WHAT that is a guide that can be followed by a non-profit entity such as OWASP, University, and Government Agency to run a security start-up pre-incubator program. We will document all steps of the process that can be followed to create pre seed funding security start-ups which can be replicated by following this program including<br />
the different stages that lead from opportunity to idea concept to creation of the open source prototype to the start-ups itself. The guide provide guidance on the goals of the various activities such as events, prototyping workshops and hackathons (e.g. goal is to experiment with OWASP open source tools, templates for the development of working prototypes) create and sign legal contract agreements, creation and validation of PoCs Proof of Concepts.<br />
<br />
2) OWASP Security start-up pre-incubator process manual that teaches the HOW that is how to engage with the start-up community locally (start), organize events, workshops, hackathons, mentoring and prepare business plans for participation to security incubators start-ups (end);<br />
<br />
3) OWASP Security start-up pre-incubator wiki site to manage the steps of the startup security pre accelerator process and document the proof of concept prototypes that can go on to be fully incubated start-ups; This wiki site will be created as OWASP pre-accelerator web site and will help it to be taken forward and used by OWASP chapters in different areas/countries.<br />
<br />
4) Documented results of piloting with a start-up pre-incubator real case that includes using the process guide the manual the wiki site to run a real case of pre-incubator program by running it at one of the established start up campuses in London pending on availability and agreements.<br />
<br />
5) OWASP open source working software prototype/PoCof an open source application security software/technology. This prototype/PoC is produced by following theseveral steps of the pre-accelerator security incubator program and is produced by the initiative participants as residents in the pre-accelerator working space and validated by the open source community. The scope of the prototype is to validate a proof of concept of a new idea that makes either web or mobile applications more secure. This prototype is released as open source to the community.<br />
<br />
=How to Get involved=<br />
<br />
Signup to our mailing list, updates coming soon!<br />
Mail list> https://lists.owasp.org/mailman/listinfo/owasp_cyber_security_pre-accelerator_initiative <br />
<br />
__NOTOC__ <headertabs /> <br />
<br />
[[Category:OWASP Global_Initiatives]] <br />
<br />
<br />
<br />
<br />
<br />
<br />
<headertabs/> <br />
__NOTOC__</div>Neill Gernonhttps://wiki.owasp.org/index.php?title=Global_Initiatives/Cyber_Security_Pre-accelerator_Initiative&diff=175481Global Initiatives/Cyber Security Pre-accelerator Initiative2014-05-22T16:22:26Z<p>Neill Gernon: </p>
<hr />
<div>=Main=<br />
<br />
<div style="width:100%;height:160px;border:0,margin:0;overflow: hidden;">[[File:Initiatives_banner_large.jpg|link=]]</div><br />
<br />
{| style="padding: 0;margin:0;margin-top:10px;text-align:left;" |-<br />
| valign="top" style="border-right: 1px dotted gray;padding-right:25px;" |<br />
<br />
==OWASP Cyber Security Startup Initiative==<br />
<br />
The focus of this initiative is to create open source material such as documentation manuals, wiki page resources and piloting data that can be used by the application security community for the management of a security pre startup-accelerator program. The goal of this pre-accelerator program is to catalyse innovation in application security by promoting the use of OWASP resources (e.g. security testing tools, technical documentation, training modules) within the start-up/academic community and in a roadmap of a creation of possible start-up whose business plan includes the use of these OWASP resources. The pre-incubator phase is the preliminary phase that leads to incubation of a possible start-up. This is the phase where ideas brainstorm and are validated with a Proof of Concepts PoCs and working software tools and prototypes. These PoCs might be funded by non-profit (e.g. academics) and for profit entities (e.g. vendors) and validated by the open source community. At a later stage some of these validated PoC might help the pre-incubator teams to seek funding for a security start up can create an opportunity for employment in the application security industry.<br />
<br />
==Goals==<br />
<br />
The goal of the pre-incubator is to create opportunities to transform ideas into validated concepts and onto POC (proof of concept) prototypes. To pursuit innovative ideas and development of (PoCs) Proof of Concepts of web and mobile applications that use both OWASP open source tools as well as commercial APIs. The pre-incubator will offer a structured place to work to pre-incubate ideas into working prototypes using OWASP funded<br />
projects with backing of corporate sponsorship also provided through OWASP. These POCs will be released to the open source community for validation and use as a free resource.<br />
<br />
==Benefits to OWASP==<br />
The OWASP pre-incubator security start-up project empowers OWASP to leverage academic institutions and corporate sponsors to promote projects for the development of open source tools, improve visibility to application security and foster the creation of team of software developers interested in experimenting with OWASP open source tools for the creation of new software products. By spearheading the incubation of new software prototypes OWASP will create the opportunity for software developers, software and application security testers and consultants to become self-sufficient in supporting the further development of software and services as a security start-up. These security start-ups will have the opportunity to leverage OWASP resources for their security consulting, application security training and secure software development services in full respect of legal agreements for the use of open source licenses when these are used in their commercial services or products.<br />
<br />
OWASP won’t be involved in the creation of the start-up but in the funding and mentoring support of the creation of open source projects that are delivered by the teams enrolled in the pre-incubator start-up program. OWASP through his local chapters will provide in-person mentoring to help mature the PoC from pre-incubation phase to incubation based by providing connections to seek funds for incubate start-ups whose business plan include either the use of open source for their consulting services or further development of products that use open source libraries<br />
<br />
| valign="top" style="padding-left:25px;width:200px;border-right: 1px dotted gray;padding-right:25px;" |<br />
<br />
<br />
== Presentation Materials ==<br />
<br />
Presentation<br />
<br />
<br />
<br />
== Initiative Leader ==<br />
<br />
Neill Gernon<br />
Marco Morana <br />
<br />
<br />
== Mailing List ==<br />
<br />
* [https://lists.owasp.org/mailman/listinfo/owasp_cyber_security_pre-accelerator_initiative Mailing List]<br />
<br />
|}<br />
<br />
= News and Events =<br />
<br />
'''Starting point/To date'''<br />
Neill Gernon and Marco Morana have worked up to this point on:<br />
-Startup community engagement> Meetings with London startup hubs including Level39 (Europes largest accelerator space), IDEALondon and universitys like Kings University where Marco spoke about the programme with thier security leaders. Also had meetings inside Google Campus London, Tech Hub and Central Working.<br />
-Programme planning> Designing the programme which has taken inspiration from lean prototyping workshops that Neill Gernon runs in London and Dublin startup clusters. Planning stages also included engaging with owasp staff including Samantha Groves, Kelly Santalucia and GK Southwick to conclude that this should be submitted and structured as an initiative.<br />
-Coordinating owasp meetings: Meetings with owasp chapter leaders including Tobias Gondrom, Justin Clarke and Marco Morana.<br />
<br />
'''Thursday, 24th April - Meeting.'''<br />
Meeting (conference call) between Neill Gernon & Marco Morana concluded the following:<br />
-Speakers/Mentors> <br />
(a) Will will be looking to confirm speakers for the first kick off event (mid May). At this kick off event Neill Gernon & Marco Morana will talk on the programme format and the benifits to participants - this is an overview of the programme and a chance for all interested to come together and connect pre- initiative launch. Also to answer any questions attendees have before beginning. <br />
(b) Will be looking to confirm mentors for the pre-accelerator programme. These mentors will commit to specific calander dates to give team advisory, product validation, people mentorship and guidance through out the initiative.<br />
-Calander> Now we have a chosen starting point (kick off event by the 22nd May in London), we will be outlining the calander timeline of events, workshops and hackathon dates/times. *This initiative schedule will be updated to the wiki soon*<br />
-Sponsor details: Waiting to get confirmation from sponsors on how they wish to support initiative and owasp<br />
-How to continuously update the wiki for future updates and initiative news.<br />
<br />
Kick off event date, sponsor details, speakers and mentor confirmation will be following this meeting.<br />
<br />
<br />
'''Friday 9th May - Update on sponsor signup'''<br />
Created a quick "google form" along with a new presentation to get sponsors signed up to the initiative. Confirmation of dates and venue pending and subject to sponsor commitment due to venue expenses. <br />
Potential sponsors have been two options: <br />
1. join owasp membership and a % goes toward the initiative<br />
2. sponsor initiative direct<br />
Google form found [here> https://docs.google.com/forms/d/1hg3xqM3fHKDda0WshTEC7UTzK4nwcr1j6H79mHXSBoQ/viewform .]<br />
<br />
Additional updates> <br />
1. Wednesday meeting with Marco Moran confirmed to discuss initiative progress, venue, dates and sponsor confirmation.<br />
2. Monday - Meeting with IDEALondon to discuss venue and initiative start dates<br />
3. Monday - Meeting with a London university to propose initiative sponsorship<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
= Milestones =<br />
<br />
'''Milestones and Goals'''<br />
<br />
The OWASP pre-incubator security start-up project includes the following milestones;<br />
<br />
1) OWASP Security start-up pre-incubator process guide that document the process the WHAT that is a guide that can be followed by a non-profit entity such as OWASP, University, and Government Agency to run a security start-up pre-incubator program. We will document all steps of the process that can be followed to create pre seed funding security start-ups which can be replicated by following this program including<br />
the different stages that lead from opportunity to idea concept to creation of the open source prototype to the start-ups itself. The guide provide guidance on the goals of the various activities such as events, prototyping workshops and hackathons (e.g. goal is to experiment with OWASP open source tools, templates for the development of working prototypes) create and sign legal contract agreements, creation and validation of PoCs Proof of Concepts.<br />
<br />
2) OWASP Security start-up pre-incubator process manual that teaches the HOW that is how to engage with the start-up community locally (start), organize events, workshops, hackathons, mentoring and prepare business plans for participation to security incubators start-ups (end);<br />
<br />
3) OWASP Security start-up pre-incubator wiki site to manage the steps of the startup security pre accelerator process and document the proof of concept prototypes that can go on to be fully incubated start-ups; This wiki site will be created as OWASP pre-accelerator web site and will help it to be taken forward and used by OWASP chapters in different areas/countries.<br />
<br />
4) Documented results of piloting with a start-up pre-incubator real case that includes using the process guide the manual the wiki site to run a real case of pre-incubator program by running it at one of the established start up campuses in London pending on availability and agreements.<br />
<br />
5) OWASP open source working software prototype/PoCof an open source application security software/technology. This prototype/PoC is produced by following theseveral steps of the pre-accelerator security incubator program and is produced by the initiative participants as residents in the pre-accelerator working space and validated by the open source community. The scope of the prototype is to validate a proof of concept of a new idea that makes either web or mobile applications more secure. This prototype is released as open source to the community.<br />
<br />
=How to Get involved=<br />
<br />
Signup to our mailing list, updates coming soon!<br />
Mail list> https://lists.owasp.org/mailman/listinfo/owasp_cyber_security_pre-accelerator_initiative <br />
<br />
__NOTOC__ <headertabs /> <br />
<br />
[[Category:OWASP Global_Initiatives]] <br />
<br />
<br />
<br />
<br />
<br />
<br />
<headertabs/> <br />
__NOTOC__</div>Neill Gernonhttps://wiki.owasp.org/index.php?title=Global_Initiatives/Cyber_Security_Pre-accelerator_Initiative&diff=175300Global Initiatives/Cyber Security Pre-accelerator Initiative2014-05-19T15:59:03Z<p>Neill Gernon: </p>
<hr />
<div>=Main=<br />
<br />
<div style="width:100%;height:160px;border:0,margin:0;overflow: hidden;">[[File:Initiatives_banner_large.jpg|link=]]</div><br />
<br />
{| style="padding: 0;margin:0;margin-top:10px;text-align:left;" |-<br />
| valign="top" style="border-right: 1px dotted gray;padding-right:25px;" |<br />
<br />
==OWASP Cyber Security Startup Initiative==<br />
<br />
The focus of this initiative is to create open source material such as documentation manuals, wiki page resources and piloting data that can be used by the application security community for the management of a security pre-accelerator program. The goal of this pre-accelerator program is to catalyse innovation in application security by promoting the use of OWASP resources (e.g. security testing tools, technical documentation, training modules) within the start-up community and in a roadmap of a creation of possible start-up whose business plan includes the use of these OWASP resources. The pre-incubator phase is the preliminary phase that leads to incubation of a possible start-up. This is the phase where ideas brainstorm and are validated with a Proof of Concepts PoCs and working software tools and prototypes. These PoCs might be funded by non-profit (e.g. academics) and for profit entities (e.g. vendors) and validated by the open source community. At a later stage some of these validated PoC might help the pre-incubator teams to seek funding for a security start up can create an opportunity for employment in the application security industry.<br />
<br />
==Goals==<br />
<br />
The goal of the pre-incubator is to create opportunities to transform ideas into validated concepts and onto POC (proof of concept) prototypes. To pursuit innovative ideas and development of (PoCs) Proof of Concepts of web and mobile applications that use both OWASP open source tools as well as commercial APIs. The pre-incubator will offer a structured place to work to pre-incubate ideas into working prototypes using OWASP funded<br />
projects with backing of corporate sponsorship also provided through OWASP. These POCs will be released to the open source community for validation and use as a free resource.<br />
<br />
==Benefits to OWASP==<br />
The OWASP pre-incubator security start-up project empowers OWASP to leverage academic institutions and corporate sponsors to promote projects for the development of open source tools, improve visibility to application security and foster the creation of team of software developers interested in experimenting with OWASP open source tools for the creation of new software products. By spearheading the incubation of new software prototypes OWASP will create the opportunity for software developers, software and application security testers and consultants to become self-sufficient in supporting the further development of software and services as a security start-up. These security start-ups will have the opportunity to leverage OWASP resources for their security consulting, application security training and secure software development services in full respect of legal agreements for the use of open source licenses when these are used in their commercial services or products.<br />
<br />
OWASP won’t be involved in the creation of the start-up but in the funding and mentoring support of the creation of open source projects that are delivered by the teams enrolled in the pre-incubator start-up program. OWASP through his local chapters will provide in-person mentoring to help mature the PoC from pre-incubation phase to incubation based by providing connections to seek funds for incubate start-ups whose business plan include either the use of open source for their consulting services or further development of products that use open source libraries<br />
<br />
| valign="top" style="padding-left:25px;width:200px;border-right: 1px dotted gray;padding-right:25px;" |<br />
<br />
<br />
== Presentation Materials ==<br />
<br />
Presentation<br />
<br />
<br />
<br />
== Initiative Leader ==<br />
<br />
Neill Gernon<br />
Marco Morana <br />
<br />
<br />
== Mailing List ==<br />
<br />
* [https://lists.owasp.org/mailman/listinfo/owasp_cyber_security_pre-accelerator_initiative Mailing List]<br />
<br />
|}<br />
<br />
= News and Events =<br />
<br />
'''Starting point/To date'''<br />
Neill Gernon and Marco Morana have worked up to this point on:<br />
-Startup community engagement> Meetings with London startup hubs including Level39 (Europes largest accelerator space), IDEALondon and universitys like Kings University where Marco spoke about the programme with thier security leaders. Also had meetings inside Google Campus London, Tech Hub and Central Working.<br />
-Programme planning> Designing the programme which has taken inspiration from lean prototyping workshops that Neill Gernon runs in London and Dublin startup clusters. Planning stages also included engaging with owasp staff including Samantha Groves, Kelly Santalucia and GK Southwick to conclude that this should be submitted and structured as an initiative.<br />
-Coordinating owasp meetings: Meetings with owasp chapter leaders including Tobias Gondrom, Justin Clarke and Marco Morana.<br />
<br />
'''Thursday, 24th April - Meeting.'''<br />
Meeting (conference call) between Neill Gernon & Marco Morana concluded the following:<br />
-Speakers/Mentors> <br />
(a) Will will be looking to confirm speakers for the first kick off event (mid May). At this kick off event Neill Gernon & Marco Morana will talk on the programme format and the benifits to participants - this is an overview of the programme and a chance for all interested to come together and connect pre- initiative launch. Also to answer any questions attendees have before beginning. <br />
(b) Will be looking to confirm mentors for the pre-accelerator programme. These mentors will commit to specific calander dates to give team advisory, product validation, people mentorship and guidance through out the initiative.<br />
-Calander> Now we have a chosen starting point (kick off event by the 22nd May in London), we will be outlining the calander timeline of events, workshops and hackathon dates/times. *This initiative schedule will be updated to the wiki soon*<br />
-Sponsor details: Waiting to get confirmation from sponsors on how they wish to support initiative and owasp<br />
-How to continuously update the wiki for future updates and initiative news.<br />
<br />
Kick off event date, sponsor details, speakers and mentor confirmation will be following this meeting.<br />
<br />
<br />
'''Friday 9th May - Update on sponsor signup'''<br />
Created a quick "google form" along with a new presentation to get sponsors signed up to the initiative. Confirmation of dates and venue pending and subject to sponsor commitment due to venue expenses. <br />
Potential sponsors have been two options: <br />
1. join owasp membership and a % goes toward the initiative<br />
2. sponsor initiative direct<br />
Google form found [here> https://docs.google.com/forms/d/1hg3xqM3fHKDda0WshTEC7UTzK4nwcr1j6H79mHXSBoQ/viewform .]<br />
<br />
Additional updates> <br />
1. Wednesday meeting with Marco Moran confirmed to discuss initiative progress, venue, dates and sponsor confirmation.<br />
2. Monday - Meeting with IDEALondon to discuss venue and initiative start dates<br />
3. Monday - Meeting with a London university to propose initiative sponsorship<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
= Milestones =<br />
<br />
'''Milestones and Goals'''<br />
<br />
The OWASP pre-incubator security start-up project includes the following milestones;<br />
<br />
1) OWASP Security start-up pre-incubator process guide that document the process the WHAT that is a guide that can be followed by a non-profit entity such as OWASP, University, and Government Agency to run a security start-up pre-incubator program. We will document all steps of the process that can be followed to create pre seed funding security start-ups which can be replicated by following this program including<br />
the different stages that lead from opportunity to idea concept to creation of the open source prototype to the start-ups itself. The guide provide guidance on the goals of the various activities such as events, prototyping workshops and hackathons (e.g. goal is to experiment with OWASP open source tools, templates for the development of working prototypes) create and sign legal contract agreements, creation and validation of PoCs Proof of Concepts.<br />
<br />
2) OWASP Security start-up pre-incubator process manual that teaches the HOW that is how to engage with the start-up community locally (start), organize events, workshops, hackathons, mentoring and prepare business plans for participation to security incubators start-ups (end);<br />
<br />
3) OWASP Security start-up pre-incubator wiki site to manage the steps of the startup security pre accelerator process and document the proof of concept prototypes that can go on to be fully incubated start-ups; This wiki site will be created as OWASP pre-accelerator web site and will help it to be taken forward and used by OWASP chapters in different areas/countries.<br />
<br />
4) Documented results of piloting with a start-up pre-incubator real case that includes using the process guide the manual the wiki site to run a real case of pre-incubator program by running it at one of the established start up campuses in London pending on availability and agreements.<br />
<br />
5) OWASP open source working software prototype/PoCof an open source application security software/technology. This prototype/PoC is produced by following theseveral steps of the pre-accelerator security incubator program and is produced by the initiative participants as residents in the pre-accelerator working space and validated by the open source community. The scope of the prototype is to validate a proof of concept of a new idea that makes either web or mobile applications more secure. This prototype is released as open source to the community.<br />
<br />
=How to Get involved=<br />
<br />
Signup to our mailing list, updates coming soon!<br />
Mail list> https://lists.owasp.org/mailman/listinfo/owasp_cyber_security_pre-accelerator_initiative <br />
<br />
__NOTOC__ <headertabs /> <br />
<br />
[[Category:OWASP Global_Initiatives]] <br />
<br />
<br />
<br />
<br />
<br />
<br />
<headertabs/> <br />
__NOTOC__</div>Neill Gernonhttps://wiki.owasp.org/index.php?title=Global_Initiatives/Cyber_Security_Pre-accelerator_Initiative&diff=174702Global Initiatives/Cyber Security Pre-accelerator Initiative2014-05-10T13:38:17Z<p>Neill Gernon: </p>
<hr />
<div>=Main=<br />
<br />
<div style="width:100%;height:160px;border:0,margin:0;overflow: hidden;">[[File:Initiatives_banner_large.jpg|link=]]</div><br />
<br />
{| style="padding: 0;margin:0;margin-top:10px;text-align:left;" |-<br />
| valign="top" style="border-right: 1px dotted gray;padding-right:25px;" |<br />
<br />
==OWASP Cyber Security Pre-accelerator Initiative==<br />
<br />
The focus of this initiative is to create open source material such as documentation manuals, wiki page resources and piloting data that can be used by the application security community for the management of a security pre-accelerator program. The goal of this pre-accelerator program is to catalyse innovation in application security by promoting the use of OWASP resources (e.g. security testing tools, technical documentation, training modules) within the start-up community and in a roadmap of a creation of possible start-up whose business plan includes the use of these OWASP resources. The pre-incubator phase is the preliminary phase that leads to incubation of a possible start-up. This is the phase where ideas brainstorm and are validated with a Proof of Concepts PoCs and working software tools and prototypes. These PoCs might be funded by non-profit (e.g. academics) and for profit entities (e.g. vendors) and validated by the open source community. At a later stage some of these validated PoC might help the pre-incubator teams to seek funding for a security start up can create an opportunity for employment in the application security industry.<br />
<br />
==Goals==<br />
<br />
The goal of the pre-incubator is to create opportunities to transform ideas into validated concepts and onto POC (proof of concept) prototypes. To pursuit innovative ideas and development of (PoCs) Proof of Concepts of web and mobile applications that use both OWASP open source tools as well as commercial APIs. The pre-incubator will offer a structured place to work to pre-incubate ideas into working prototypes using OWASP funded<br />
projects with backing of corporate sponsorship also provided through OWASP. These POCs will be released to the open source community for validation and use as a free resource.<br />
<br />
==Benefits to OWASP==<br />
The OWASP pre-incubator security start-up project empowers OWASP to leverage academic institutions and corporate sponsors to promote projects for the development of open source tools, improve visibility to application security and foster the creation of team of software developers interested in experimenting with OWASP open source tools for the creation of new software products. By spearheading the incubation of new software prototypes OWASP will create the opportunity for software developers, software and application security testers and consultants to become self-sufficient in supporting the further development of software and services as a security start-up. These security start-ups will have the opportunity to leverage OWASP resources for their security consulting, application security training and secure software development services in full respect of legal agreements for the use of open source licenses when these are used in their commercial services or products.<br />
<br />
OWASP won’t be involved in the creation of the start-up but in the funding and mentoring support of the creation of open source projects that are delivered by the teams enrolled in the pre-incubator start-up program. OWASP through his local chapters will provide in-person mentoring to help mature the PoC from pre-incubation phase to incubation based by providing connections to seek funds for incubate start-ups whose business plan include either the use of open source for their consulting services or further development of products that use open source libraries<br />
<br />
| valign="top" style="padding-left:25px;width:200px;border-right: 1px dotted gray;padding-right:25px;" |<br />
<br />
<br />
== Presentation Materials ==<br />
<br />
Presentation<br />
<br />
<br />
<br />
== Initiative Leader ==<br />
<br />
Neill Gernon<br />
Marco Morana <br />
<br />
<br />
== Mailing List ==<br />
<br />
* [https://lists.owasp.org/mailman/listinfo/owasp_cyber_security_pre-accelerator_initiative Mailing List]<br />
<br />
|}<br />
<br />
= News and Events =<br />
<br />
'''Starting point/To date'''<br />
Neill Gernon and Marco Morana have worked up to this point on:<br />
-Startup community engagement> Meetings with London startup hubs including Level39 (Europes largest accelerator space), IDEALondon and universitys like Kings University where Marco spoke about the programme with thier security leaders. Also had meetings inside Google Campus London, Tech Hub and Central Working.<br />
-Programme planning> Designing the programme which has taken inspiration from lean prototyping workshops that Neill Gernon runs in London and Dublin startup clusters. Planning stages also included engaging with owasp staff including Samantha Groves, Kelly Santalucia and GK Southwick to conclude that this should be submitted and structured as an initiative.<br />
-Coordinating owasp meetings: Meetings with owasp chapter leaders including Tobias Gondrom, Justin Clarke and Marco Morana.<br />
<br />
'''Thursday, 24th April - Meeting.'''<br />
Meeting (conference call) between Neill Gernon & Marco Morana concluded the following:<br />
-Speakers/Mentors> <br />
(a) Will will be looking to confirm speakers for the first kick off event (mid May). At this kick off event Neill Gernon & Marco Morana will talk on the programme format and the benifits to participants - this is an overview of the programme and a chance for all interested to come together and connect pre- initiative launch. Also to answer any questions attendees have before beginning. <br />
(b) Will be looking to confirm mentors for the pre-accelerator programme. These mentors will commit to specific calander dates to give team advisory, product validation, people mentorship and guidance through out the initiative.<br />
-Calander> Now we have a chosen starting point (kick off event by the 22nd May in London), we will be outlining the calander timeline of events, workshops and hackathon dates/times. *This initiative schedule will be updated to the wiki soon*<br />
-Sponsor details: Waiting to get confirmation from sponsors on how they wish to support initiative and owasp<br />
-How to continuously update the wiki for future updates and initiative news.<br />
<br />
Kick off event date, sponsor details, speakers and mentor confirmation will be following this meeting.<br />
<br />
<br />
'''Friday 9th May - Update on sponsor signup'''<br />
Created a quick "google form" along with a new presentation to get sponsors signed up to the initiative. Confirmation of dates and venue pending and subject to sponsor commitment due to venue expenses. <br />
Potential sponsors have been two options: <br />
1. join owasp membership and a % goes toward the initiative<br />
2. sponsor initiative direct<br />
Google form found [here> https://docs.google.com/forms/d/1hg3xqM3fHKDda0WshTEC7UTzK4nwcr1j6H79mHXSBoQ/viewform .]<br />
<br />
Additional updates> <br />
1. Wednesday meeting with Marco Moran confirmed to discuss initiative progress, venue, dates and sponsor confirmation.<br />
2. Monday - Meeting with IDEALondon to discuss venue and initiative start dates<br />
3. Monday - Meeting with a London university to propose initiative sponsorship<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
= Milestones =<br />
<br />
'''Milestones and Goals'''<br />
<br />
The OWASP pre-incubator security start-up project includes the following milestones;<br />
<br />
1) OWASP Security start-up pre-incubator process guide that document the process the WHAT that is a guide that can be followed by a non-profit entity such as OWASP, University, and Government Agency to run a security start-up pre-incubator program. We will document all steps of the process that can be followed to create pre seed funding security start-ups which can be replicated by following this program including<br />
the different stages that lead from opportunity to idea concept to creation of the open source prototype to the start-ups itself. The guide provide guidance on the goals of the various activities such as events, prototyping workshops and hackathons (e.g. goal is to experiment with OWASP open source tools, templates for the development of working prototypes) create and sign legal contract agreements, creation and validation of PoCs Proof of Concepts.<br />
<br />
2) OWASP Security start-up pre-incubator process manual that teaches the HOW that is how to engage with the start-up community locally (start), organize events, workshops, hackathons, mentoring and prepare business plans for participation to security incubators start-ups (end);<br />
<br />
3) OWASP Security start-up pre-incubator wiki site to manage the steps of the startup security pre accelerator process and document the proof of concept prototypes that can go on to be fully incubated start-ups; This wiki site will be created as OWASP pre-accelerator web site and will help it to be taken forward and used by OWASP chapters in different areas/countries.<br />
<br />
4) Documented results of piloting with a start-up pre-incubator real case that includes using the process guide the manual the wiki site to run a real case of pre-incubator program by running it at one of the established start up campuses in London pending on availability and agreements.<br />
<br />
5) OWASP open source working software prototype/PoCof an open source application security software/technology. This prototype/PoC is produced by following theseveral steps of the pre-accelerator security incubator program and is produced by the initiative participants as residents in the pre-accelerator working space and validated by the open source community. The scope of the prototype is to validate a proof of concept of a new idea that makes either web or mobile applications more secure. This prototype is released as open source to the community.<br />
<br />
=How to Get involved=<br />
<br />
Signup to our mailing list, updates coming soon!<br />
Mail list> https://lists.owasp.org/mailman/listinfo/owasp_cyber_security_pre-accelerator_initiative <br />
<br />
__NOTOC__ <headertabs /> <br />
<br />
[[Category:OWASP Global_Initiatives]] <br />
<br />
<br />
<br />
<br />
<br />
<br />
<headertabs/> <br />
__NOTOC__</div>Neill Gernonhttps://wiki.owasp.org/index.php?title=Global_Initiatives/Cyber_Security_Pre-accelerator_Initiative&diff=174701Global Initiatives/Cyber Security Pre-accelerator Initiative2014-05-10T13:35:28Z<p>Neill Gernon: </p>
<hr />
<div>=Main=<br />
<br />
<div style="width:100%;height:160px;border:0,margin:0;overflow: hidden;">[[File:Initiatives_banner_large.jpg|link=]]</div><br />
<br />
{| style="padding: 0;margin:0;margin-top:10px;text-align:left;" |-<br />
| valign="top" style="border-right: 1px dotted gray;padding-right:25px;" |<br />
<br />
==OWASP Cyber Security Pre-accelerator Initiative==<br />
<br />
The focus of this initiative is to create open source material such as documentation manuals, wiki page resources and piloting data that can be used by the application security community for the management of a security pre-accelerator program. The goal of this pre-accelerator program is to catalyse innovation in application security by promoting the use of OWASP resources (e.g. security testing tools, technical documentation, training modules) within the start-up community and in a roadmap of a creation of possible start-up whose business plan includes the use of these OWASP resources. The pre-incubator phase is the preliminary phase that leads to incubation of a possible start-up. This is the phase where ideas brainstorm and are validated with a Proof of Concepts PoCs and working software tools and prototypes. These PoCs might be funded by non-profit (e.g. academics) and for profit entities (e.g. vendors) and validated by the open source community. At a later stage some of these validated PoC might help the pre-incubator teams to seek funding for a security start up can create an opportunity for employment in the application security industry.<br />
<br />
==Goals==<br />
<br />
The goal of the pre-incubator is to create opportunities to transform ideas into validated concepts and onto POC (proof of concept) prototypes. To pursuit innovative ideas and development of (PoCs) Proof of Concepts of web and mobile applications that use both OWASP open source tools as well as commercial APIs. The pre-incubator will offer a structured place to work to pre-incubate ideas into working prototypes using OWASP funded<br />
projects with backing of corporate sponsorship also provided through OWASP. These POCs will be released to the open source community for validation and use as a free resource.<br />
<br />
==Benefits to OWASP==<br />
The OWASP pre-incubator security start-up project empowers OWASP to leverage academic institutions and corporate sponsors to promote projects for the development of open source tools, improve visibility to application security and foster the creation of team of software developers interested in experimenting with OWASP open source tools for the creation of new software products. By spearheading the incubation of new software prototypes OWASP will create the opportunity for software developers, software and application security testers and consultants to become self-sufficient in supporting the further development of software and services as a security start-up. These security start-ups will have the opportunity to leverage OWASP resources for their security consulting, application security training and secure software development services in full respect of legal agreements for the use of open source licenses when these are used in their commercial services or products.<br />
<br />
OWASP won’t be involved in the creation of the start-up but in the funding and mentoring support of the creation of open source projects that are delivered by the teams enrolled in the pre-incubator start-up program. OWASP through his local chapters will provide in-person mentoring to help mature the PoC from pre-incubation phase to incubation based by providing connections to seek funds for incubate start-ups whose business plan include either the use of open source for their consulting services or further development of products that use open source libraries<br />
<br />
| valign="top" style="padding-left:25px;width:200px;border-right: 1px dotted gray;padding-right:25px;" |<br />
<br />
<br />
== Presentation Materials ==<br />
<br />
Presentation<br />
<br />
<br />
<br />
== Initiative Leader ==<br />
<br />
Neill Gernon<br />
Marco Morana <br />
<br />
<br />
== Mailing List ==<br />
<br />
* [https://lists.owasp.org/mailman/listinfo/owasp_cyber_security_pre-accelerator_initiative Mailing List]<br />
<br />
|}<br />
<br />
= News and Events =<br />
<br />
'''Starting point/To date'''<br />
Neill Gernon and Marco Morana have worked up to this point on:<br />
-Startup community engagement> Meetings with London startup hubs including Level39 (Europes largest accelerator space), IDEALondon and universitys like Kings University where Marco spoke about the programme with thier security leaders. Also had meetings inside Google Campus London, Tech Hub and Central Working.<br />
-Programme planning> Designing the programme which has taken inspiration from lean prototyping workshops that Neill Gernon runs in London and Dublin startup clusters. Planning stages also included engaging with owasp staff including Samantha Groves, Kelly Santalucia and GK Southwick to conclude that this should be submitted and structured as an initiative.<br />
-Coordinating owasp meetings: Meetings with owasp chapter leaders including Tobias Gondrom, Justin Clarke and Marco Morana.<br />
<br />
'''Thursday, 24th April - Meeting.'''<br />
Meeting (conference call) between Neill Gernon & Marco Morana concluded the following:<br />
-Speakers/Mentors> <br />
(a) Will will be looking to confirm speakers for the first kick off event (mid May). At this kick off event Neill Gernon & Marco Morana will talk on the programme format and the benifits to participants - this is an overview of the programme and a chance for all interested to come together and connect pre- initiative launch. Also to answer any questions attendees have before beginning. <br />
(b) Will be looking to confirm mentors for the pre-accelerator programme. These mentors will commit to specific calander dates to give team advisory, product validation, people mentorship and guidance through out the initiative.<br />
-Calander> Now we have a chosen starting point (kick off event by the 22nd May in London), we will be outlining the calander timeline of events, workshops and hackathon dates/times. *This initiative schedule will be updated to the wiki soon*<br />
-Sponsor details: Waiting to get confirmation from sponsors on how they wish to support initiative and owasp<br />
-How to continuously update the wiki for future updates and initiative news.<br />
<br />
Kick off event date, sponsor details, speakers and mentor confirmation will be following this meeting.<br />
<br />
<br />
'''Friday 9th May - Update on sponsor signup'''<br />
Created a quick "google form" along with a new presentation to get sponsors signed up to the initiative. Confirmation of dates and venue pending and subject to sponsor commitment due to venue expenses. <br />
Potential sponsors have been two options: <br />
1. join owasp membership and a % goes toward the initiative<br />
2. sponsor initiative direct<br />
Google form found [here> https://docs.google.com/forms/d/1hg3xqM3fHKDda0WshTEC7UTzK4nwcr1j6H79mHXSBoQ/viewform .]<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
= Milestones =<br />
<br />
'''Milestones and Goals'''<br />
<br />
The OWASP pre-incubator security start-up project includes the following milestones;<br />
<br />
1) OWASP Security start-up pre-incubator process guide that document the process the WHAT that is a guide that can be followed by a non-profit entity such as OWASP, University, and Government Agency to run a security start-up pre-incubator program. We will document all steps of the process that can be followed to create pre seed funding security start-ups which can be replicated by following this program including<br />
the different stages that lead from opportunity to idea concept to creation of the open source prototype to the start-ups itself. The guide provide guidance on the goals of the various activities such as events, prototyping workshops and hackathons (e.g. goal is to experiment with OWASP open source tools, templates for the development of working prototypes) create and sign legal contract agreements, creation and validation of PoCs Proof of Concepts.<br />
<br />
2) OWASP Security start-up pre-incubator process manual that teaches the HOW that is how to engage with the start-up community locally (start), organize events, workshops, hackathons, mentoring and prepare business plans for participation to security incubators start-ups (end);<br />
<br />
3) OWASP Security start-up pre-incubator wiki site to manage the steps of the startup security pre accelerator process and document the proof of concept prototypes that can go on to be fully incubated start-ups; This wiki site will be created as OWASP pre-accelerator web site and will help it to be taken forward and used by OWASP chapters in different areas/countries.<br />
<br />
4) Documented results of piloting with a start-up pre-incubator real case that includes using the process guide the manual the wiki site to run a real case of pre-incubator program by running it at one of the established start up campuses in London pending on availability and agreements.<br />
<br />
5) OWASP open source working software prototype/PoCof an open source application security software/technology. This prototype/PoC is produced by following theseveral steps of the pre-accelerator security incubator program and is produced by the initiative participants as residents in the pre-accelerator working space and validated by the open source community. The scope of the prototype is to validate a proof of concept of a new idea that makes either web or mobile applications more secure. This prototype is released as open source to the community.<br />
<br />
=How to Get involved=<br />
<br />
Signup to our mailing list, updates coming soon!<br />
Mail list> https://lists.owasp.org/mailman/listinfo/owasp_cyber_security_pre-accelerator_initiative <br />
<br />
__NOTOC__ <headertabs /> <br />
<br />
[[Category:OWASP Global_Initiatives]] <br />
<br />
<br />
<br />
<br />
<br />
<br />
<headertabs/> <br />
__NOTOC__</div>Neill Gernonhttps://wiki.owasp.org/index.php?title=Global_Initiatives/Cyber_Security_Pre-accelerator_Initiative&diff=174700Global Initiatives/Cyber Security Pre-accelerator Initiative2014-05-10T13:34:46Z<p>Neill Gernon: </p>
<hr />
<div>=Main=<br />
<br />
<div style="width:100%;height:160px;border:0,margin:0;overflow: hidden;">[[File:Initiatives_banner_large.jpg|link=]]</div><br />
<br />
{| style="padding: 0;margin:0;margin-top:10px;text-align:left;" |-<br />
| valign="top" style="border-right: 1px dotted gray;padding-right:25px;" |<br />
<br />
==OWASP Cyber Security Pre-accelerator Initiative==<br />
<br />
The focus of this initiative is to create open source material such as documentation manuals, wiki page resources and piloting data that can be used by the application security community for the management of a security pre-accelerator program. The goal of this pre-accelerator program is to catalyse innovation in application security by promoting the use of OWASP resources (e.g. security testing tools, technical documentation, training modules) within the start-up community and in a roadmap of a creation of possible start-up whose business plan includes the use of these OWASP resources. The pre-incubator phase is the preliminary phase that leads to incubation of a possible start-up. This is the phase where ideas brainstorm and are validated with a Proof of Concepts PoCs and working software tools and prototypes. These PoCs might be funded by non-profit (e.g. academics) and for profit entities (e.g. vendors) and validated by the open source community. At a later stage some of these validated PoC might help the pre-incubator teams to seek funding for a security start up can create an opportunity for employment in the application security industry.<br />
<br />
==Goals==<br />
<br />
The goal of the pre-incubator is to create opportunities to transform ideas into validated concepts and onto POC (proof of concept) prototypes. To pursuit innovative ideas and development of (PoCs) Proof of Concepts of web and mobile applications that use both OWASP open source tools as well as commercial APIs. The pre-incubator will offer a structured place to work to pre-incubate ideas into working prototypes using OWASP funded<br />
projects with backing of corporate sponsorship also provided through OWASP. These POCs will be released to the open source community for validation and use as a free resource.<br />
<br />
==Benefits to OWASP==<br />
The OWASP pre-incubator security start-up project empowers OWASP to leverage academic institutions and corporate sponsors to promote projects for the development of open source tools, improve visibility to application security and foster the creation of team of software developers interested in experimenting with OWASP open source tools for the creation of new software products. By spearheading the incubation of new software prototypes OWASP will create the opportunity for software developers, software and application security testers and consultants to become self-sufficient in supporting the further development of software and services as a security start-up. These security start-ups will have the opportunity to leverage OWASP resources for their security consulting, application security training and secure software development services in full respect of legal agreements for the use of open source licenses when these are used in their commercial services or products.<br />
<br />
OWASP won’t be involved in the creation of the start-up but in the funding and mentoring support of the creation of open source projects that are delivered by the teams enrolled in the pre-incubator start-up program. OWASP through his local chapters will provide in-person mentoring to help mature the PoC from pre-incubation phase to incubation based by providing connections to seek funds for incubate start-ups whose business plan include either the use of open source for their consulting services or further development of products that use open source libraries<br />
<br />
| valign="top" style="padding-left:25px;width:200px;border-right: 1px dotted gray;padding-right:25px;" |<br />
<br />
<br />
== Presentation Materials ==<br />
<br />
Presentation<br />
<br />
<br />
<br />
== Initiative Leader ==<br />
<br />
Neill Gernon<br />
Marco Morana <br />
<br />
<br />
== Mailing List ==<br />
<br />
* [https://lists.owasp.org/mailman/listinfo/owasp_cyber_security_pre-accelerator_initiative Mailing List]<br />
<br />
|}<br />
<br />
= News and Events =<br />
<br />
'''Starting point/To date'''<br />
Neill Gernon and Marco Morana have worked up to this point on:<br />
-Startup community engagement> Meetings with London startup hubs including Level39 (Europes largest accelerator space), IDEALondon and universitys like Kings University where Marco spoke about the programme with thier security leaders. Also had meetings inside Google Campus London, Tech Hub and Central Working.<br />
-Programme planning> Designing the programme which has taken inspiration from lean prototyping workshops that Neill Gernon runs in London and Dublin startup clusters. Planning stages also included engaging with owasp staff including Samantha Groves, Kelly Santalucia and GK Southwick to conclude that this should be submitted and structured as an initiative.<br />
-Coordinating owasp meetings: Meetings with owasp chapter leaders including Tobias Gondrom, Justin Clarke and Marco Morana.<br />
<br />
'''Thursday, 24th April - Meeting.'''<br />
Meeting (conference call) between Neill Gernon & Marco Morana concluded the following:<br />
-Speakers/Mentors> <br />
(a) Will will be looking to confirm speakers for the first kick off event (mid May). At this kick off event Neill Gernon & Marco Morana will talk on the programme format and the benifits to participants - this is an overview of the programme and a chance for all interested to come together and connect pre- initiative launch. Also to answer any questions attendees have before beginning. <br />
(b) Will be looking to confirm mentors for the pre-accelerator programme. These mentors will commit to specific calander dates to give team advisory, product validation, people mentorship and guidance through out the initiative.<br />
-Calander> Now we have a chosen starting point (kick off event by the 22nd May in London), we will be outlining the calander timeline of events, workshops and hackathon dates/times. *This initiative schedule will be updated to the wiki soon*<br />
-Sponsor details: Waiting to get confirmation from sponsors on how they wish to support initiative and owasp<br />
-How to continuously update the wiki for future updates and initiative news.<br />
<br />
Kick off event date, sponsor details, speakers and mentor confirmation will be following this meeting.<br />
<br />
<br />
'''Update on sponsor signup'''<br />
Created a quick "google form" along with a new presentation to get sponsors signed up to the initiative. Confirmation of dates and venue pending and subject to sponsor commitment due to venue expenses. <br />
Potential sponsors have been two options: <br />
1. join owasp membership and a % goes toward the initiative<br />
2. sponsor initiative direct<br />
Google form found [here> https://docs.google.com/forms/d/1hg3xqM3fHKDda0WshTEC7UTzK4nwcr1j6H79mHXSBoQ/viewform .]<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
= Milestones =<br />
<br />
'''Milestones and Goals'''<br />
<br />
The OWASP pre-incubator security start-up project includes the following milestones;<br />
<br />
1) OWASP Security start-up pre-incubator process guide that document the process the WHAT that is a guide that can be followed by a non-profit entity such as OWASP, University, and Government Agency to run a security start-up pre-incubator program. We will document all steps of the process that can be followed to create pre seed funding security start-ups which can be replicated by following this program including<br />
the different stages that lead from opportunity to idea concept to creation of the open source prototype to the start-ups itself. The guide provide guidance on the goals of the various activities such as events, prototyping workshops and hackathons (e.g. goal is to experiment with OWASP open source tools, templates for the development of working prototypes) create and sign legal contract agreements, creation and validation of PoCs Proof of Concepts.<br />
<br />
2) OWASP Security start-up pre-incubator process manual that teaches the HOW that is how to engage with the start-up community locally (start), organize events, workshops, hackathons, mentoring and prepare business plans for participation to security incubators start-ups (end);<br />
<br />
3) OWASP Security start-up pre-incubator wiki site to manage the steps of the startup security pre accelerator process and document the proof of concept prototypes that can go on to be fully incubated start-ups; This wiki site will be created as OWASP pre-accelerator web site and will help it to be taken forward and used by OWASP chapters in different areas/countries.<br />
<br />
4) Documented results of piloting with a start-up pre-incubator real case that includes using the process guide the manual the wiki site to run a real case of pre-incubator program by running it at one of the established start up campuses in London pending on availability and agreements.<br />
<br />
5) OWASP open source working software prototype/PoCof an open source application security software/technology. This prototype/PoC is produced by following theseveral steps of the pre-accelerator security incubator program and is produced by the initiative participants as residents in the pre-accelerator working space and validated by the open source community. The scope of the prototype is to validate a proof of concept of a new idea that makes either web or mobile applications more secure. This prototype is released as open source to the community.<br />
<br />
=How to Get involved=<br />
<br />
Signup to our mailing list, updates coming soon!<br />
Mail list> https://lists.owasp.org/mailman/listinfo/owasp_cyber_security_pre-accelerator_initiative <br />
<br />
__NOTOC__ <headertabs /> <br />
<br />
[[Category:OWASP Global_Initiatives]] <br />
<br />
<br />
<br />
<br />
<br />
<br />
<headertabs/> <br />
__NOTOC__</div>Neill Gernonhttps://wiki.owasp.org/index.php?title=Global_Initiatives/Cyber_Security_Pre-accelerator_Initiative&diff=174699Global Initiatives/Cyber Security Pre-accelerator Initiative2014-05-10T13:32:48Z<p>Neill Gernon: </p>
<hr />
<div>=Main=<br />
<br />
<div style="width:100%;height:160px;border:0,margin:0;overflow: hidden;">[[File:Initiatives_banner_large.jpg|link=]]</div><br />
<br />
{| style="padding: 0;margin:0;margin-top:10px;text-align:left;" |-<br />
| valign="top" style="border-right: 1px dotted gray;padding-right:25px;" |<br />
<br />
==OWASP Cyber Security Pre-accelerator Initiative==<br />
<br />
The focus of this initiative is to create open source material such as documentation manuals, wiki page resources and piloting data that can be used by the application security community for the management of a security pre-accelerator program. The goal of this pre-accelerator program is to catalyse innovation in application security by promoting the use of OWASP resources (e.g. security testing tools, technical documentation, training modules) within the start-up community and in a roadmap of a creation of possible start-up whose business plan includes the use of these OWASP resources. The pre-incubator phase is the preliminary phase that leads to incubation of a possible start-up. This is the phase where ideas brainstorm and are validated with a Proof of Concepts PoCs and working software tools and prototypes. These PoCs might be funded by non-profit (e.g. academics) and for profit entities (e.g. vendors) and validated by the open source community. At a later stage some of these validated PoC might help the pre-incubator teams to seek funding for a security start up can create an opportunity for employment in the application security industry.<br />
<br />
==Goals==<br />
<br />
The goal of the pre-incubator is to create opportunities to transform ideas into validated concepts and onto POC (proof of concept) prototypes. To pursuit innovative ideas and development of (PoCs) Proof of Concepts of web and mobile applications that use both OWASP open source tools as well as commercial APIs. The pre-incubator will offer a structured place to work to pre-incubate ideas into working prototypes using OWASP funded<br />
projects with backing of corporate sponsorship also provided through OWASP. These POCs will be released to the open source community for validation and use as a free resource.<br />
<br />
==Benefits to OWASP==<br />
The OWASP pre-incubator security start-up project empowers OWASP to leverage academic institutions and corporate sponsors to promote projects for the development of open source tools, improve visibility to application security and foster the creation of team of software developers interested in experimenting with OWASP open source tools for the creation of new software products. By spearheading the incubation of new software prototypes OWASP will create the opportunity for software developers, software and application security testers and consultants to become self-sufficient in supporting the further development of software and services as a security start-up. These security start-ups will have the opportunity to leverage OWASP resources for their security consulting, application security training and secure software development services in full respect of legal agreements for the use of open source licenses when these are used in their commercial services or products.<br />
<br />
OWASP won’t be involved in the creation of the start-up but in the funding and mentoring support of the creation of open source projects that are delivered by the teams enrolled in the pre-incubator start-up program. OWASP through his local chapters will provide in-person mentoring to help mature the PoC from pre-incubation phase to incubation based by providing connections to seek funds for incubate start-ups whose business plan include either the use of open source for their consulting services or further development of products that use open source libraries<br />
<br />
| valign="top" style="padding-left:25px;width:200px;border-right: 1px dotted gray;padding-right:25px;" |<br />
<br />
<br />
== Presentation Materials ==<br />
<br />
Presentation<br />
<br />
<br />
<br />
== Initiative Leader ==<br />
<br />
Neill Gernon<br />
Marco Morana <br />
<br />
<br />
== Mailing List ==<br />
<br />
* [https://lists.owasp.org/mailman/listinfo/owasp_cyber_security_pre-accelerator_initiative Mailing List]<br />
<br />
|}<br />
<br />
= News and Events =<br />
<br />
'''Starting point/To date'''<br />
Neill Gernon and Marco Morana have worked up to this point on:<br />
-Startup community engagement> Meetings with London startup hubs including Level39 (Europes largest accelerator space), IDEALondon and universitys like Kings University where Marco spoke about the programme with thier security leaders. Also had meetings inside Google Campus London, Tech Hub and Central Working.<br />
-Programme planning> Designing the programme which has taken inspiration from lean prototyping workshops that Neill Gernon runs in London and Dublin startup clusters. Planning stages also included engaging with owasp staff including Samantha Groves, Kelly Santalucia and GK Southwick to conclude that this should be submitted and structured as an initiative.<br />
-Coordinating owasp meetings: Meetings with owasp chapter leaders including Tobias Gondrom, Justin Clarke and Marco Morana.<br />
<br />
'''Thursday, 24th April - Meeting.'''<br />
Meeting (conference call) between Neill Gernon & Marco Morana concluded the following:<br />
-Speakers/Mentors> <br />
(a) Will will be looking to confirm speakers for the first kick off event (mid May). At this kick off event Neill Gernon & Marco Morana will talk on the programme format and the benifits to participants - this is an overview of the programme and a chance for all interested to come together and connect pre- initiative launch. Also to answer any questions attendees have before beginning. <br />
(b) Will be looking to confirm mentors for the pre-accelerator programme. These mentors will commit to specific calander dates to give team advisory, product validation, people mentorship and guidance through out the initiative.<br />
-Calander> Now we have a chosen starting point (kick off event by the 22nd May in London), we will be outlining the calander timeline of events, workshops and hackathon dates/times. *This initiative schedule will be updated to the wiki soon*<br />
-Sponsor details: Waiting to get confirmation from sponsors on how they wish to support initiative and owasp<br />
-How to continuously update the wiki for future updates and initiative news.<br />
<br />
Kick off event date, sponsor details, speakers and mentor confirmation will be following this meeting.<br />
<br />
<br />
'''Update on sponsor signup'''<br />
Created a quick "google form" along with a new presentation to get sponsors signed up to the initiative. Confirmation of dates and venue pending and subject to sponsor commitment due to venue expenses. <br />
Google form found [here> https://docs.google.com/forms/d/1hg3xqM3fHKDda0WshTEC7UTzK4nwcr1j6H79mHXSBoQ/viewform .]<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
= Milestones =<br />
<br />
'''Milestones and Goals'''<br />
<br />
The OWASP pre-incubator security start-up project includes the following milestones;<br />
<br />
1) OWASP Security start-up pre-incubator process guide that document the process the WHAT that is a guide that can be followed by a non-profit entity such as OWASP, University, and Government Agency to run a security start-up pre-incubator program. We will document all steps of the process that can be followed to create pre seed funding security start-ups which can be replicated by following this program including<br />
the different stages that lead from opportunity to idea concept to creation of the open source prototype to the start-ups itself. The guide provide guidance on the goals of the various activities such as events, prototyping workshops and hackathons (e.g. goal is to experiment with OWASP open source tools, templates for the development of working prototypes) create and sign legal contract agreements, creation and validation of PoCs Proof of Concepts.<br />
<br />
2) OWASP Security start-up pre-incubator process manual that teaches the HOW that is how to engage with the start-up community locally (start), organize events, workshops, hackathons, mentoring and prepare business plans for participation to security incubators start-ups (end);<br />
<br />
3) OWASP Security start-up pre-incubator wiki site to manage the steps of the startup security pre accelerator process and document the proof of concept prototypes that can go on to be fully incubated start-ups; This wiki site will be created as OWASP pre-accelerator web site and will help it to be taken forward and used by OWASP chapters in different areas/countries.<br />
<br />
4) Documented results of piloting with a start-up pre-incubator real case that includes using the process guide the manual the wiki site to run a real case of pre-incubator program by running it at one of the established start up campuses in London pending on availability and agreements.<br />
<br />
5) OWASP open source working software prototype/PoCof an open source application security software/technology. This prototype/PoC is produced by following theseveral steps of the pre-accelerator security incubator program and is produced by the initiative participants as residents in the pre-accelerator working space and validated by the open source community. The scope of the prototype is to validate a proof of concept of a new idea that makes either web or mobile applications more secure. This prototype is released as open source to the community.<br />
<br />
=How to Get involved=<br />
<br />
Signup to our mailing list, updates coming soon!<br />
Mail list> https://lists.owasp.org/mailman/listinfo/owasp_cyber_security_pre-accelerator_initiative <br />
<br />
__NOTOC__ <headertabs /> <br />
<br />
[[Category:OWASP Global_Initiatives]] <br />
<br />
<br />
<br />
<br />
<br />
<br />
<headertabs/> <br />
__NOTOC__</div>Neill Gernon