This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Women In AppSec"

From OWASP
Jump to: navigation, search
m
 
(182 intermediate revisions by 13 users not shown)
Line 1: Line 1:
 
=WELCOME=
 
=WELCOME=
===Women in Application Security Program===
 
  
The purpose of the Women in AppSec Program is to increase the participation of women in the field of application security. The program was successfully launched in 2011 at AppSec USA, and the aim is to run the program at every OWASP Global AppSec in 2014. The Women in AppSec program is for female undergraduate and graduate students, instructors, and professionals who are dedicated to information security or application development. Applicants are encouraged to submit their details to the program running in conjunction with the conference nearest to their area of residence.
+
==Women in Application Security (WIA) Committee==
  
Regional conferences are encouraged to host the Women in AppSec program, as well. You will find detailed planning instructions here, and you can find templates used in previous years to help you get started with program organization. To continue to improve the Women in AppSec program, it is especially important to get feedback from previous winners. This allows the OWASP community to see the benefits of the program and what the next conference can do to improve upon the program.  
+
The purpose of Women in AppSec (WIA) Committee is to develop leadership, promote active membership and participation, and contributions by women in application security professional communities, globally and locally. You are welcome to join our global WIA Meetup: https://www.meetup.com/womeninappsec/
  
{|
+
The Women in AppSec program is for anyone who believes that diversity is important to the success of the organization, as well as for women looking to learn more about AppSec or who want to make career connections with like-minded colleagues.  This includes female undergraduate and graduate students, instructors, and professionals who are dedicated to information security or application development.
|-
+
 
! width="400" align="left" |
+
== Current WIA Activities ==
! width="400" align="left" |
+
Register for WIA @ AppSecUSA Activities: [https://www.appsecusa.org AppSecUSA]
|-
+
 
| align="left" | [[Image:Owasp_summit.jpg|left|250px]]  <br/>
+
WIA Meetings are held regularly on gotomeeting, invitations are posted to the WIA email list and also on the OWASP Calendar. Contact [email protected] for additional information about how you can volunteer, support and participate.
| align="left" | [[Image:WIAS01.JPG|left|300px]]  
+
 
| align="left" | [[Image:IMG_5579.JPG|left|325px]]  
+
=FIND US=
 +
 
 +
==Email List==
 +
 
 +
[https://lists.owasp.org/mailman/listinfo/owasp-women-in-appsec WIA List and Archive]
 +
 
 +
==Twitter==
 +
 
 +
[https://twitter.com/owaspwia @OWASPWIA]
 +
 
 +
==Slack Channel==
 +
 
 +
[https://owasp.slack.com/messages/C2NUH1J5B/ WIA Slack Channel]
 +
 
 +
You can get an OWASP Slack invite here: [https://owasp.herokuapp.com/ OWASP Slack Invite]
 +
 
 +
= WIA PURPOSE AND SCOPE =
 +
 
 +
==Purpose==
 +
 
 +
The purpose of Women in AppSec (WIA) Committee is to develop leadership, promote active membership and participation, and contributions by women in application security professional communities, globally and locally.
 +
 
 +
==Scope==
 +
 
 +
The scope for OWASP WIA Committee falls into the following areas:
 +
 
 +
# Attract women to OWASP, as active members, contributors and leaders.
 +
# Offer opportunities for women to become engaged in AppSec and related professional communities.
 +
# Provide inclusive targeted application security programs for all women learners.
 +
# Provide inclusive training and mentorship for all interested OWASP women.
 +
# Provide financial support to OWASP women members through scholarships, sponsorships, and grant making.
 +
# Pursue fundraising, advancement and development to secure financial support for OWASP WIA activities..
 +
# Integrate WIA track and related activities into OWASP events at all levels.
 +
# Cultivate women for community leadership, speakers for conferences, thought leadership, learning leaders, and local chapter events.
 +
# Collaborate with other committees and initiatives as needs present.
 +
# Collaborate with local OWASP Chapters and Global OWASP leadership, including but not limited to offering advisory support to local and global OWASP leadership for WIA advancement and collaboratively building pro-WIA OWASP communities.
 +
# Develop other special projects and events designed to further the purpose of WIA.
 +
 
 +
=MEMBERSHIP=
 +
 
 +
==Membership Types==
 +
 
 +
===Voting===
 +
 
 +
Voting Members are members of OWASP who have formally joined the WIA Committee.  Voting Members are allowed to vote on Committee business and are allowed to serve in one of the five officer positions of the Committee.
 +
 
 +
In order to become a Voting Member, you must first become a Participating Member and participate for three months, become an OWASP member in good standing, and obtain a written endorsement from a current Voting Member or an OWASP Board of Director.  Once all three criteria are met, you must formally request to join as a Voting Member to the WIA List.  The Voting Members then vote via the WIA list, and if you receive a majority affirmative vote, you are then made a Voting Member.
 +
 
 +
Voting Members have an obligation to maintain participation and to reaffirm their commitment every six months (the Secretary will send an email every six months to affirm commitment, replying "no" or not replying will result in removal).
 +
 
 +
===Participating===
 +
 
 +
Participating Members are anyone that is interested in volunteering time to the WIA Committee or sub-committees.  Participating Members are able to participate in all activities, with the exception of voting and serving in one of the five Committee officer roles.
 +
 
 +
In order to become a Participating member, you must express your volunteering commitment to the Secretary, who will then add you to the Membership List.  Participating Members can withdraw their commitment at any time by notifying the Secretary.  Participating Members do not need to be OWASP members.
 +
 
 +
=GOVERNANCE=
 +
 
 +
==Operating Model==
 +
 
 +
WIA is a formal Committee of OWASP.  WIA is governed by the rules set forth in the [https://www.owasp.org/index.php/Governance/OWASP_Committees OWASP Committees 2.0 Operational Model].
 +
 
 +
==Committee Officers==
 +
 
 +
#Chair
 +
##Zoe Braiterman
 +
##Duties
 +
###Open/run the meetings
 +
###Put items to vote and announce the result
 +
###Oversee progress of committee activities
 +
###Participates in fundraising activities/sponsorship acquisition
 +
###Oversee committee elections
 +
#Vice-Chair
 +
##Loredana Mancini
 +
##Duties
 +
###Serve in place of the chair when the chair is not available
 +
###Confirm and validate results of votes
 +
###Help the chair oversee progress of committee activities
 +
###Participates in fundraising activities/sponsorship acquisition
 +
###Run doodles for upcoming meetings
 +
###Send out meeting invites
 +
#Secretary
 +
##Vandana Verma
 +
##Duties
 +
###Maintain the WIA membership list and associated bookkeeping
 +
###Take attendance/minutes at meetings
 +
###Create an agenda for each meeting, put out a call to members for agenda items
 +
###Post agendas and meetings
 +
###Edit/update committee Wiki page
 +
#Treasurer
 +
##Geeta Handa
 +
##Duties
 +
###Maintain budget
 +
###Track income and expenses for all committee activities
 +
###Report at each meeting the expenditures and incoming revenue for the month and the balance of the fund
 +
###Check the balance of the WIA budget with the OWASP accountant quarterly
 +
###Participates in fundraising activities/sponsorship acquisition
 +
 
 +
Note: Only Voting Members may serve as Committee Officers
 +
 
 +
==Sub-Committee Coordinators==
 +
 
 +
#Volunteer Coordinator
 +
##Vandana Verma (Asia), Loredana Mancini (Europe), Jessica Robinson (North America)
 +
##Duties
 +
###Recruit new members for WIA/volunteers for specific events
 +
###Schedule/train volunteers as needed
 +
###Provides direction and coordination for volunteers
 +
###Plan for retention and replacement
 +
###Support in fundraising activities/sponsorship acquisition
 +
###Connect with other local  active groups in security to create volunteer networking
 +
###Maintain lessons learned in the volunteer recruiting for the different events to improve the recruiting process
 +
###Keep informal/formal contacts with all the volunteer to be able to reach them in case of new needs
 +
#Media Relations Coordinator
 +
##Katherine Cancelado
 +
##Duties
 +
###Maintain list of media contacts
 +
###Maintain list of media articles mentioning WIA
 +
###Promote WIA to media
 +
###Prepare talking points, messaging strategy
 +
###Work with OWASP Global to issue press releases
 +
 
 +
Note: All Committee Members may serve as Sub-Committee Coordinators
 +
 
 +
=2018 ELECTIONS=
 +
 
 +
==Timeline==
 +
* TBA January 2020 - Call for Candidates closes
 +
* TBA January 2020 - Election email ballots send to voting members
 +
* TBA January 2020 - Election closes
 +
* TBA January 2020 - Election results announced on WIA list
  
|}
+
==Candidates==
 +
===Committee Officers===
  
==Contact Us==
+
''Positions can only be filled by Voting Members.''
  
If you are interested in running the Women in AppSec Program for your event, please contact OWASP Project Manager, Samantha Groves ([email protected]).
+
====Chair====
 +
* Zoe Braiterman
  
 +
====Vice Chair====
 +
* Loredana Mancini
  
=ABOUT THE PROGRAM=
+
====Secretary====
==Women in AppSec==
+
* Vandana Verma
[[Image:IMG_5579.JPG|thumb|right|400x160px]]
 
  
The OWASP Foundation, in recognition of value to both organizations and society, is working to support and enhance programs that increase the participation of women in the field of application security. The OWASP Foundation Women in AppSec Program provides merit-based funding for women to attend participating OWASP AppSec conferences. OWASP’s current program objective is to encourage female students at both the undergraduate and graduate levels, instructors, and professional working women who are dedicated to a career in information security and/or application development, to expand their skills and pursue application security.
+
====Treasurer====
 +
* Geeta Handa
  
 +
===Sub-Committee Coordinators===
  
====Eligibility====
+
''Positions can be filled by Voting and Participating Members.''
  
Each applicant must be a woman that meets our eligibility criteria below:
+
====Volunteer Coordinator - Asia====
 +
* Vandana Verma
  
    Is a part- or full-time student at an accredited four-year college or university or graduate program.
+
====Volunteer Coordinator - Europe====
::::::::::::::::::::::::::Or
+
* Loredana Mancini
    Is involved in information security and/or application development in a professional role.
 
::::::::::::::::::::::::::And/Or
 
 
 
    Has an interest in exploring application security in an information security and/or application development role.
 
  
====Global Conferences====
+
====Volunteer Coordinator - North America====
 +
* Jessica Robinson
  
Women in AppSec currently takes place at the four global conferences:
+
====Media Relations Coordinator====
 +
* Katherine Cancelado
  
*AppSec USA
+
==Ballot==
*AppSec EU
+
The next election for WIA Committee will be sent to Voting Members by email ballot in January 2020:
*AppSec APAC
 
*AppSec Latam
 
  
 +
Submit your nominations to: [email protected] December 31, 2019
  
'''''Note:''''' '''The applicant must be from the region that the conference is taking place in to apply for the Women in AppSec opportunity.'''
+
Chair
  
=GLOBAL CONFERENCES=
+
Vice Chair
==AppSec==
 
  
[[Image:Appsec_APAC.jpg|thumb|right|x375px]]
+
Secretary
OWASP AppSec conferences bring together industry, government, security researchers, and practitioners to discuss the state of the art in application security. This series was launched in the United States in 2004 and Europe in 2005. Global AppSec conferences are held annually in North America, Latin America, Europe, and Asia Pacific. Additionally, regional events are held in locations such as Brazil, China, India, Ireland, Israel, and Washington D.C.
 
  
'''Currently the Women in AppSec program is held at the Global Conferences, however, regional events are encouraged to take advantage of the program as well.'''
+
Treasurer
  
===AppSec APAC===
+
Volunteer Coordinator - Asia
  
AppSec APAC comprises the Asian-Pacific region. The Global AppSec APAC Conference is a reunion of Information Security Asia-Pacific leaders, and presents cutting-edge ideas. OWASP events attract a worldwide audience interested in “what’s next”. The conference is expected to draw 200-250 technologists each year from Government, Financial Services, Media, Pharmaceuticals, Healthcare, Technology, and many other verticals.
+
Volunteer Coordinator - Europe
  
===AppSec EU===
+
Volunteer Coordinator - North America
  
AppSec EU comprises the European region. Executives from Fortune 500 firms along with technical thought leaders such as security architects and lead developers travel to hear the cutting-edge ideas presented by Information Security’s top talent. OWASP events attract a worldwide audience interested in “what’s next”. The conference is expected to draw 400-500 technologists each year from various verticals.
+
Media Relations Coordinator
  
===AppSec Latam===
+
==Special 2017 Election Results==
 +
===Committee Officers===
  
AppSec Latam comprises the Latin American region. The Global AppSec Latin America Conference is a reunion of Information Security Latin American leaders, and presents cutting-edge ideas. OWASP events attract a worldwide audience interested in “what’s next”. The conference is expected to draw 200-250 technologists from various verticals.
+
''Positions can only be filled by Voting Members.''
  
===AppSec USA===
+
====Chair====
 +
* Zoe Braiterman
  
AppSec USA comprises the North American region. AppSec USA is a world-class software security conference for technologists, auditors, risk managers, and entrepreneurs, gathering the world's top practitioner, to share the latest research and practices. The first AppSec Conference was held in 2004 in New York City.
+
====Vice Chair====
 +
* Loredana Mancini
  
=PLANNING=
+
====Secretary====
==Pre-Conference==
+
* Vandana Verma
  
 +
====Treasurer====
 +
* Geeta Handa
  
====Step 1:====
+
===Sub-Committee Coordinators===
  
Put together a selection committee of about 5-6 people. The selection committee will then be broken down into several sub-committees of one to two people who will then work on sponsorship, marketing, the grading process and the call for entries.  
+
''Positions can be filled by Voting and Participating Members.''
  
====Step 2:====
+
====Volunteer Coordinator - Asia====
Decide on the details of the awards, such as if the winners will be provided travel and accommodations.
+
* Vandana Verma
  
====Step 3:====
+
====Volunteer Coordinator - Europe====
Come up with a budget to allocate for the award based on the expense of travel for each winner, the accommodations provided and conference pass.
+
* Loredana Mancini
  
====Step 4:====
+
====Volunteer Coordinator - North America====
Develop a Sponsorship Strategy and put together a sponsorship flyer outlining the program, what you are seeking and the benefits of sponsorship. Give incentive for sponsorship and details about the program to get potential sponsors interested. Included the successes of past Women in AppSec conference events.
+
* Jessica Robinson
  
[http://appsecusa.org/2013/wp-content/uploads/2013/06/women-in-appsec-sponsorship.pdf Sample of 2013 Sponsorship Flyer]
+
====Media Relations Coordinator====
 +
* Katherine Cancelado
  
====Step 5:====
 
Seek out sponsor for the program.
 
  
====Step 6:====
+
=PREVIOUS WIA ACTIVITIES=
Develop the application timeline with deadlines for each stage. Deadlines are critically important, and there has to be a cut off point. Create a deadline for when submissions should be in, for when letters of recommendation should be received, the timeline for the grading process, the date the top 5 will be announced and the date the winners will be announced.
 
  
====Step 7:====
 
Create the selection criteria and send out a call for entries. Be specific on the criteria you are looking for in candidates. Especially note that only women in the region that the conference is being held can submitted for consideration.
 
  
[https://docs.google.com/a/owasp.org/document/d/1iZDNogemeAoHBnrfn2dVe212Bct4ZJiXeVNj3j5JsWg/edit Sample Selection Criteria]
+
== AppSec EU 2017 ==
 +
Women in AppSec is kicking it up a notch at AppSec EU 2017 and we want YOU to join us! Make sure you stop by during the week to check out our events and to learn more about the group.
  
====Step 8:====
+
Events are free to attend and do not require a conference ticket.
Make the final selection on candidates and announce the winners.
 
  
====Step 9:====
+
Monday, May 8, 2017 6:00-9:00 pm Networking Session
Help the winners arrange travel, accommodations and other logistics. Upon their arrival at the conference center insure they are taken care of by an OWASP volunteer, someone who will get them settled and that they make it to panels and trainings without issue. The bigger the conference, the more important it is to make sure the winners are not lost in the crowd.
 
  
==Post-Conference==
+
On Monday 8th May at 6:00 pm in the Waterfront Conference Centre, we will have a group of mentors each give a brief talk about their experience followed by an "unconference" event. During the "unconference" event, we will break into groups to discuss popular technical topics. This will be a fantastic opportunity to engage in mentoring relationships and hear from women in the field. You can sign up for this free event on Meetup.com here:  <nowiki>https://www.meetup.com/OWASP-Belfast/events/238434511/</nowiki>
  
====Step 1:====
+
Thursday, May 11, 2017 7:30-8:45 a.m. Mentoring Breakfast
  
Gather feedback from the winners. Ask the winners for a brief blurb about their experience, with a picture attached for the website. Then write up a review and lessons learned page to document the experience with the program and what can be improved upon in the future.  
+
Join us at our pre-conference WiA breakfast in the Waterfront Conference Centre at 7.30 am on Thursday 11th May. A light breakfast will be provided for table discussions on various topics. This will also be a second opportunity to chat with anyone you didn't get to during the Monday evening event. Details to register for this event will be available soon, it will also be free to attend.
=LOGISTICS=
 
==The Program Committee==
 
  
The Program Committee should consist of around 5-6 people. The committee should then be broken down into subcommittees of one to two people who will work on various parts of the program, including sponsorship, marketing the program, the grading process, and the call for entries.
+
=== Wondering what to expect? ===
 +
Organisers Michelle and Claire discuss what you can expect here:
  
====Sponsorship====
+
<nowiki>https://drive.google.com/open?id=0B3mw0mZ4CcgtbG5FUDJxbzVqX28</nowiki>
  
Two people will be responsible for sponsorship. They will be in charge of creating the sponsorship packages, flyers and seeking out sponsorship from other chapters and organizations.
+
=== Interested in being a Mentor? ===
 +
We’re looking for mentors to participate in both events. Both men and women are invited to contribute as mentors. This is the commitment we’re asking for:
 +
* A picture and bio for the website
 +
* A time commitment of two hours between the two events
 +
** 30+ minutes at the networking event
 +
** 1½ hours at the mentoring breakfast
 +
Let us know if you’re interested in joining us!
  
====Marketing====
+
<nowiki>https://docs.google.com/forms/d/e/1FAIpQLSfy0qx9hnkJiCiceeUDmaq78i9aYXeGsHNv9B95Z_ZeN5Z_KA/viewform</nowiki>
  
One person will be responsible for marketing the event. Their job will consist of putting together press releases, keeping the event planners updated on progress and
+
Not sure if you’re interested yet? Provide your email address for updates as they become available.
communicating progress to the overall community.
 
  
====Grading Process====
+
<nowiki>https://docs.google.com/forms/d/e/1FAIpQLSc2DYBKcGzESX6U8-Syohqvm_g7bLLyTBPaw5E7sUj5KO3O4A/viewform</nowiki>
  
While everyone on the committee will be involved in grading, one person will be in charge of the grading process. They will create spreadsheets similar to those originally created for the selection committee, and for making sure everyone has what they need for the grading process.
+
'''We look forward to seeing you at AppSec EU 2017!'''
  
====Call for Entries====
+
=== Meet the EU WIA planning team ===
 +
=== Michelle Simpson === Security Consultant at NCC Group
 +
*  === Claire Burn === Field Applications Engineer at Titan-IC
 +
*  === Cathy Hall === Principal Consultant at Sila Solutions Group
 +
*  === Owen Pendelbury === Manager Cyber Risk Services - Penetration Testing @ Deloitte
 +
*  === Zoe Braiterman === Business Studies graduate from Drew University
 +
*  === Wendy Istvanick === Object Tactician at ThoughtWorks
 +
*  === Fiona Collins === IT Security Engineer, Staff at Qualcomm
 +
*  === Bev Corwin === Director of Technology at DDC
 +
*  === Loredana Mancini === Chief Operation Officer at ITWAY
 +
*  === Vandana Verma === Manager Information Security
  
Finally, one to two people will be in charge of the call for entries. Depending on the amount of entries, this might work better with two people as it requires collecting entries, arranging them and sorting them out to the other graders.
+
*  === Emily Verwee === Online Project Manager at The Arc of the United States
=ON THE DAY=
+
=== Tiffany Long === Community Manager at OWASP
==Training Days==
 
Prior to the conference, the winners will arrive during the training workshops. Upon their arrival an OWASP volunteer will be around to greet them, sort out their hotel arrangements and take them to trainings. This is to ensure that the winners are taken care of and that they feel welcome and comfortable. The two training days prior to the conference should give the winners a chance to get to know local chapter volunteers and early attendees. Winners are encouraged to attend trainings that interest them and to mingle with fellow trainees. If there is a welcome event, winners should be encouraged to attend as well.
 
  
==Conference Days==
+
== AppSec USA 2015 ==
During the two days of the conference an OWASP volunteer will be available to show the winners around, introduce them to staff members and get them acquainted with conference goers. The volunteer will also be responsible for getting the winners to the Women in AppSec panel. The volunteers should be made available if the winners have any questions or need help with anything. It is important that the winners get a full AppSec experience. This includes attending sessions of interests and encourage winners to participate in the various activities provided at AppSec.
 
=PAST WINNERS=
 
==Previous Women in AppSec Winners==
 
Following their experience at AppSec, winners are encouraged to write a short piece about their experience at the conference and their participation in the Women in AppSec program.
 
  
----
+
'''AppSec USA 2015'''<br>
 +
The Women in AppSec (WIA) program is for all OWASP members who believe that diversity is important to the success of an organization, as well as for women who want to make career connections with like-minded colleagues. We encourage you to attend our session on Thursday at 3:30pm in Room F, featuring the founders of InfoSec Girls, Apoorva Giri and Shruthi Kamath.<br><br>
 +
We also invite you to join us for our networking and “Birds of a Feather” sessions on on Thursday in WIA meeting room . Stop by anytime between 10:00am and 3:30pm to meet other members and learn more about the WIA program. You can also suggest a discussion topic on the sign-up at the room entrance.  <br><br>
 +
Sponsorship opportunities for commercial organizations and OWASP chapters are also available.
  
'''Carrie Schaper, 2013 Winner'''
+
'''AppSec USA 2015'''<br>
 +
Currently, there is an effort to plan activities for AppSec USA 2015. Volunteers are eagerly sought to support the program at AppSec USA! We are especially excited to invite the founders of the '''InfoSec Girls''' initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We are very close to our goal and know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world. <BR><br>'''Donate now:'''<br>
  
Carrie Schaper is an Information Security Professional with over 12+ years of industry experience ranging from Penetration Testing Fortune 500 companies, the Banking Infrastructure, and Government to Incident Response and Continuous Monitoring. She has performed Threat-Mitigation against  targeted  attacks from domestic and foreign adversaries for both corporate and government environments.
+
== AppSec EU 2015 ==
 +
During AppSec EU there was a panel discussion and workshop supported by the Women in AppSec initiative. Through these sessions we hoped to encourage women to pursue a career in AppSec and help them realize it is an option for them. These sessions was be open to all so we can help build support for the women around us. Learn more here: [http://2015.appsec.eu/women-in-application-security/ http://2015.appsec.eu/women-in-application-security]<br>
  
----
+
'''Panel: "Women in AppSec - Making it Happen"'''<br>
 +
During this panel session we discussed what can be done to Make it Happen for Women in AppSec going forward. What have those currently working in the field done to Make it Happen for themselves and other women; what tips and advice do they have to help you do to make a career for yourself or encourage those around you (sister, friend, daughter, etc…) to pursue a career in AppSec? What can we as professionals can do to help encourage girls to go for a career in AppSec?
  
'''Nancy Lornston, 2013 Winner'''
+
'''Workshop'''<br>
 +
During the workshop we introduced female attendees of the conference to what a career in App Sec can involve. We discussed application security and the many career paths available. We hope to build relationships that may lead to a mentoring program for these women.
  
Nancy Lorntson is the Security Program Manager at Infinite Campus, the largest American-owned Student Information System, managing 6 million students in 43 states.  Previously, Nancy was a school district Information Services Manager and part-time trainer for Guidance Software.  In her current role, Nancy is responsible for all things security at Infinite Campus, working between the application development organization and the support, network, business operations, and hosting teams to implement, grow and improve a world class security program.
+
== AppSec USA 2013 ==
 +
Learn more about the program here: http://2013.appsecusa.org/2013/activities/owasp-women-in-application-security-appsec-program/index.html
  
----
+
==Previous Women in AppSec Winners==
 +
Following their experience at AppSec, winners are encouraged to write a short piece about their experience at the conference and their participation in the Women in AppSec program. Here, they outline their experience with the Women in AppSec Program in their own words.
  
'''Tara Wilson, 2011 Winner'''
+
'''Carrie Schaper, 2013 Winner'''
 +
{| style="background-color: transparent"
 +
|-
 +
! align="center" width="200" | <br>
 +
! align="center" width="1000" | <br>
 +
|-
 +
| align="center" | [[Image:Carrie Schaper Small.jpg|100px]]
 +
| align="justify" |"OWASP Appsec proved to be a great experience for me, uniting and interacting with friends, professionals, and colleagues from the Information Security space from across the US and Internationally whom were in attendance.  The huge space and well organized functions such as the: trainings, expert talks, panels, bug-bounty, lock-picking village and social events all enhanced the conference experience.  Participating on the Women in IT panel was a wonderful experience, as many women were in attendance and participated in collaborative discussions.  OWASP Appsec held in NY this year, was a premier NY conference not to be missed.  Thank you to OWASP, its attendees and organizers."
 +
|}
 +
<br>
  
“Being fortunate enough to receive the Women in
+
'''Nancy Lornston, 2013 Winner'''
AppSec grant is a unique and valuable experience. It
+
{| style="background-color: transparent"
is a great opportunity for women to have a chance to
+
|-
bolster their skills and dive deep into the world of application
+
! align="center" width="200" | <br>
security. I found that attending the conference was not only a great
+
! align="center" width="1000" | <br>
way to experience what the OWASP community has to offer, but it
+
|-
also gives students a chance to network with a great group of people
+
| align="center" | [[Image:Nancy Lorntson Small.jpg|100px]]
who are passionate about their field and willing to share a wealth of
+
| align="justify" |"AppSec 2013 was an awesome experience!  Nowhere in the world can you find the top security experts all in one place at one time (and participate in a marriage proposal!). The conference presentations were well organized and the speakers were prepared to share pros, cons, successes and failures of their work in order to advance the application security domain. The variety of vendors was terrific as well.
information.”
+
=CONTACT=
+
The Women in AppSec panel was an opportunity to advance women's position in the community.  Each speaker shared some very candid remarks about their personal experiences and by the end, it was clear that while more work needs to be done, there is a sincere interest by companies, universities and the industry in general to work on doing the things needed to attract more women to the profession.
 +
 +
The training course I attended (Open source tools) lived up to it's billing and I came away with several invaluable tips and strategies to improve our program.
 +
 +
A huge thank you to the Women in App Sec Panel and OWASP in general for this opportunity to attend the premier Application Security Conference in the world."
 +
|}
 +
<br>
  
If you have questions, or if you wish to contribute to the
+
'''Tara Wilson, 2011 Winner'''
program, please e-mail Samantha Groves at:
+
{| style="background-color: transparent"
[mailto:samantha.groves@owasp.org samantha.groves@owasp.org]
+
|-
 +
! align="center" width="200" | <br>
 +
! align="center" width="1000" | <br>
 +
|-
 +
| align="center" | [[Image:Tara wilson.jpg|100px]]
 +
| align="justify" |“Being fortunate enough to receive the Women in AppSec sponsorhsip is a unique and valuable experience. It is a great opportunity for women to have a chance to bolster their skills and dive deep into the world of application security. I found that attending the conference was not only a great way to experience what the OWASP community has to offer, but it also gives students a chance to network with a great group of people who are passionate about their field and willing to share a wealth of information.
 +
|}
 +
<br>
  
or intern Kait Disney-Leugers at: [mailto:kait.disney.leugers@owasp.org kait.disney.leugers@owasp.org]
+
'''Chandni Bhowmik, 2011 Winner'''
 +
{| style="background-color: transparent"
 +
|-
 +
! align="center" width="200" | <br>
 +
! align="center" width="1000" | <br>
 +
|-
 +
| align="center" | [[Image:Chandni_bhowmik.jpg|100px]]
 +
| align="justify" |Chandni Bhowmik is currently completing an M.S. in Computer Security and Information Assurance at the Rochester Institute of Technology (RIT). Her first introduction to OWASP was through the project WebScarab during an application security lab last spring at RIT and her interest in OWASP grew ever since. Over the summer, she started programming open source web applications using built-in security features of Django and Python. She is interested in becoming an information security researcher, and hopes to leverage learning at OWASP AppSec USA 2011 in ad-hoc architecture, mobile platforms and over-all concepts of web application security. Besides secure programming, Chandni enjoys her current research involving digital image forensics and machine learning. In addition to attending school, she has interned in IT security and compliance at Paychex, a Rochester based payroll processing company, and gained industrial experience working an assistant systems engineer for Tata Consultancy Services, a global IT firm.
 +
|}
 +
<br>
  
<headertabs />
+
<headertabs></headertabs>

Latest revision as of 09:44, 30 May 2019

Women in Application Security (WIA) Committee

The purpose of Women in AppSec (WIA) Committee is to develop leadership, promote active membership and participation, and contributions by women in application security professional communities, globally and locally. You are welcome to join our global WIA Meetup: https://www.meetup.com/womeninappsec/

The Women in AppSec program is for anyone who believes that diversity is important to the success of the organization, as well as for women looking to learn more about AppSec or who want to make career connections with like-minded colleagues. This includes female undergraduate and graduate students, instructors, and professionals who are dedicated to information security or application development.

Current WIA Activities

Register for WIA @ AppSecUSA Activities: AppSecUSA

WIA Meetings are held regularly on gotomeeting, invitations are posted to the WIA email list and also on the OWASP Calendar. Contact [email protected] for additional information about how you can volunteer, support and participate.

Email List

WIA List and Archive

Twitter

@OWASPWIA

Slack Channel

WIA Slack Channel

You can get an OWASP Slack invite here: OWASP Slack Invite

Purpose

The purpose of Women in AppSec (WIA) Committee is to develop leadership, promote active membership and participation, and contributions by women in application security professional communities, globally and locally.

Scope

The scope for OWASP WIA Committee falls into the following areas:

  1. Attract women to OWASP, as active members, contributors and leaders.
  2. Offer opportunities for women to become engaged in AppSec and related professional communities.
  3. Provide inclusive targeted application security programs for all women learners.
  4. Provide inclusive training and mentorship for all interested OWASP women.
  5. Provide financial support to OWASP women members through scholarships, sponsorships, and grant making.
  6. Pursue fundraising, advancement and development to secure financial support for OWASP WIA activities..
  7. Integrate WIA track and related activities into OWASP events at all levels.
  8. Cultivate women for community leadership, speakers for conferences, thought leadership, learning leaders, and local chapter events.
  9. Collaborate with other committees and initiatives as needs present.
  10. Collaborate with local OWASP Chapters and Global OWASP leadership, including but not limited to offering advisory support to local and global OWASP leadership for WIA advancement and collaboratively building pro-WIA OWASP communities.
  11. Develop other special projects and events designed to further the purpose of WIA.

Membership Types

Voting

Voting Members are members of OWASP who have formally joined the WIA Committee. Voting Members are allowed to vote on Committee business and are allowed to serve in one of the five officer positions of the Committee.

In order to become a Voting Member, you must first become a Participating Member and participate for three months, become an OWASP member in good standing, and obtain a written endorsement from a current Voting Member or an OWASP Board of Director. Once all three criteria are met, you must formally request to join as a Voting Member to the WIA List. The Voting Members then vote via the WIA list, and if you receive a majority affirmative vote, you are then made a Voting Member.

Voting Members have an obligation to maintain participation and to reaffirm their commitment every six months (the Secretary will send an email every six months to affirm commitment, replying "no" or not replying will result in removal).

Participating

Participating Members are anyone that is interested in volunteering time to the WIA Committee or sub-committees. Participating Members are able to participate in all activities, with the exception of voting and serving in one of the five Committee officer roles.

In order to become a Participating member, you must express your volunteering commitment to the Secretary, who will then add you to the Membership List. Participating Members can withdraw their commitment at any time by notifying the Secretary. Participating Members do not need to be OWASP members.

Operating Model

WIA is a formal Committee of OWASP. WIA is governed by the rules set forth in the OWASP Committees 2.0 Operational Model.

Committee Officers

  1. Chair
    1. Zoe Braiterman
    2. Duties
      1. Open/run the meetings
      2. Put items to vote and announce the result
      3. Oversee progress of committee activities
      4. Participates in fundraising activities/sponsorship acquisition
      5. Oversee committee elections
  2. Vice-Chair
    1. Loredana Mancini
    2. Duties
      1. Serve in place of the chair when the chair is not available
      2. Confirm and validate results of votes
      3. Help the chair oversee progress of committee activities
      4. Participates in fundraising activities/sponsorship acquisition
      5. Run doodles for upcoming meetings
      6. Send out meeting invites
  3. Secretary
    1. Vandana Verma
    2. Duties
      1. Maintain the WIA membership list and associated bookkeeping
      2. Take attendance/minutes at meetings
      3. Create an agenda for each meeting, put out a call to members for agenda items
      4. Post agendas and meetings
      5. Edit/update committee Wiki page
  4. Treasurer
    1. Geeta Handa
    2. Duties
      1. Maintain budget
      2. Track income and expenses for all committee activities
      3. Report at each meeting the expenditures and incoming revenue for the month and the balance of the fund
      4. Check the balance of the WIA budget with the OWASP accountant quarterly
      5. Participates in fundraising activities/sponsorship acquisition

Note: Only Voting Members may serve as Committee Officers

Sub-Committee Coordinators

  1. Volunteer Coordinator
    1. Vandana Verma (Asia), Loredana Mancini (Europe), Jessica Robinson (North America)
    2. Duties
      1. Recruit new members for WIA/volunteers for specific events
      2. Schedule/train volunteers as needed
      3. Provides direction and coordination for volunteers
      4. Plan for retention and replacement
      5. Support in fundraising activities/sponsorship acquisition
      6. Connect with other local active groups in security to create volunteer networking
      7. Maintain lessons learned in the volunteer recruiting for the different events to improve the recruiting process
      8. Keep informal/formal contacts with all the volunteer to be able to reach them in case of new needs
  2. Media Relations Coordinator
    1. Katherine Cancelado
    2. Duties
      1. Maintain list of media contacts
      2. Maintain list of media articles mentioning WIA
      3. Promote WIA to media
      4. Prepare talking points, messaging strategy
      5. Work with OWASP Global to issue press releases

Note: All Committee Members may serve as Sub-Committee Coordinators

Timeline

  • TBA January 2020 - Call for Candidates closes
  • TBA January 2020 - Election email ballots send to voting members
  • TBA January 2020 - Election closes
  • TBA January 2020 - Election results announced on WIA list

Candidates

Committee Officers

Positions can only be filled by Voting Members.

Chair

  • Zoe Braiterman

Vice Chair

  • Loredana Mancini

Secretary

  • Vandana Verma

Treasurer

  • Geeta Handa

Sub-Committee Coordinators

Positions can be filled by Voting and Participating Members.

Volunteer Coordinator - Asia

  • Vandana Verma

Volunteer Coordinator - Europe

  • Loredana Mancini

Volunteer Coordinator - North America

  • Jessica Robinson

Media Relations Coordinator

  • Katherine Cancelado

Ballot

The next election for WIA Committee will be sent to Voting Members by email ballot in January 2020:

Submit your nominations to: [email protected] December 31, 2019

Chair

Vice Chair

Secretary

Treasurer

Volunteer Coordinator - Asia

Volunteer Coordinator - Europe

Volunteer Coordinator - North America

Media Relations Coordinator

Special 2017 Election Results

Committee Officers

Positions can only be filled by Voting Members.

Chair

  • Zoe Braiterman

Vice Chair

  • Loredana Mancini

Secretary

  • Vandana Verma

Treasurer

  • Geeta Handa

Sub-Committee Coordinators

Positions can be filled by Voting and Participating Members.

Volunteer Coordinator - Asia

  • Vandana Verma

Volunteer Coordinator - Europe

  • Loredana Mancini

Volunteer Coordinator - North America

  • Jessica Robinson

Media Relations Coordinator

  • Katherine Cancelado


AppSec EU 2017

Women in AppSec is kicking it up a notch at AppSec EU 2017 and we want YOU to join us! Make sure you stop by during the week to check out our events and to learn more about the group.

Events are free to attend and do not require a conference ticket.

Monday, May 8, 2017 6:00-9:00 pm Networking Session

On Monday 8th May at 6:00 pm in the Waterfront Conference Centre, we will have a group of mentors each give a brief talk about their experience followed by an "unconference" event. During the "unconference" event, we will break into groups to discuss popular technical topics. This will be a fantastic opportunity to engage in mentoring relationships and hear from women in the field. You can sign up for this free event on Meetup.com here:  https://www.meetup.com/OWASP-Belfast/events/238434511/

Thursday, May 11, 2017 7:30-8:45 a.m. Mentoring Breakfast

Join us at our pre-conference WiA breakfast in the Waterfront Conference Centre at 7.30 am on Thursday 11th May. A light breakfast will be provided for table discussions on various topics. This will also be a second opportunity to chat with anyone you didn't get to during the Monday evening event. Details to register for this event will be available soon, it will also be free to attend.

Wondering what to expect?

Organisers Michelle and Claire discuss what you can expect here:

https://drive.google.com/open?id=0B3mw0mZ4CcgtbG5FUDJxbzVqX28

Interested in being a Mentor?

We’re looking for mentors to participate in both events. Both men and women are invited to contribute as mentors. This is the commitment we’re asking for:

  • A picture and bio for the website
  • A time commitment of two hours between the two events
    • 30+ minutes at the networking event
    • 1½ hours at the mentoring breakfast

Let us know if you’re interested in joining us!

https://docs.google.com/forms/d/e/1FAIpQLSfy0qx9hnkJiCiceeUDmaq78i9aYXeGsHNv9B95Z_ZeN5Z_KA/viewform

Not sure if you’re interested yet? Provide your email address for updates as they become available.

https://docs.google.com/forms/d/e/1FAIpQLSc2DYBKcGzESX6U8-Syohqvm_g7bLLyTBPaw5E7sUj5KO3O4A/viewform

We look forward to seeing you at AppSec EU 2017!

Meet the EU WIA planning team

  • === Michelle Simpson === Security Consultant at NCC Group
  • === Claire Burn === Field Applications Engineer at Titan-IC
  • === Cathy Hall === Principal Consultant at Sila Solutions Group
  • === Owen Pendelbury === Manager Cyber Risk Services - Penetration Testing @ Deloitte
  • === Zoe Braiterman === Business Studies graduate from Drew University
  • === Wendy Istvanick === Object Tactician at ThoughtWorks
  • === Fiona Collins === IT Security Engineer, Staff at Qualcomm
  • === Bev Corwin === Director of Technology at DDC
  • === Loredana Mancini === Chief Operation Officer at ITWAY
  • === Vandana Verma === Manager Information Security
  • === Emily Verwee === Online Project Manager at The Arc of the United States
  • === Tiffany Long === Community Manager at OWASP

AppSec USA 2015

AppSec USA 2015
The Women in AppSec (WIA) program is for all OWASP members who believe that diversity is important to the success of an organization, as well as for women who want to make career connections with like-minded colleagues. We encourage you to attend our session on Thursday at 3:30pm in Room F, featuring the founders of InfoSec Girls, Apoorva Giri and Shruthi Kamath.

We also invite you to join us for our networking and “Birds of a Feather” sessions on on Thursday in WIA meeting room . Stop by anytime between 10:00am and 3:30pm to meet other members and learn more about the WIA program. You can also suggest a discussion topic on the sign-up at the room entrance.

Sponsorship opportunities for commercial organizations and OWASP chapters are also available.

AppSec USA 2015
Currently, there is an effort to plan activities for AppSec USA 2015. Volunteers are eagerly sought to support the program at AppSec USA! We are especially excited to invite the founders of the InfoSec Girls initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We are very close to our goal and know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world.

Donate now:

AppSec EU 2015

During AppSec EU there was a panel discussion and workshop supported by the Women in AppSec initiative. Through these sessions we hoped to encourage women to pursue a career in AppSec and help them realize it is an option for them. These sessions was be open to all so we can help build support for the women around us. Learn more here: http://2015.appsec.eu/women-in-application-security

Panel: "Women in AppSec - Making it Happen"
During this panel session we discussed what can be done to Make it Happen for Women in AppSec going forward. What have those currently working in the field done to Make it Happen for themselves and other women; what tips and advice do they have to help you do to make a career for yourself or encourage those around you (sister, friend, daughter, etc…) to pursue a career in AppSec? What can we as professionals can do to help encourage girls to go for a career in AppSec?

Workshop
During the workshop we introduced female attendees of the conference to what a career in App Sec can involve. We discussed application security and the many career paths available. We hope to build relationships that may lead to a mentoring program for these women.

AppSec USA 2013

Learn more about the program here: http://2013.appsecusa.org/2013/activities/owasp-women-in-application-security-appsec-program/index.html

Previous Women in AppSec Winners

Following their experience at AppSec, winners are encouraged to write a short piece about their experience at the conference and their participation in the Women in AppSec program. Here, they outline their experience with the Women in AppSec Program in their own words.

Carrie Schaper, 2013 Winner



Carrie Schaper Small.jpg "OWASP Appsec proved to be a great experience for me, uniting and interacting with friends, professionals, and colleagues from the Information Security space from across the US and Internationally whom were in attendance. The huge space and well organized functions such as the: trainings, expert talks, panels, bug-bounty, lock-picking village and social events all enhanced the conference experience. Participating on the Women in IT panel was a wonderful experience, as many women were in attendance and participated in collaborative discussions. OWASP Appsec held in NY this year, was a premier NY conference not to be missed. Thank you to OWASP, its attendees and organizers."


Nancy Lornston, 2013 Winner



Nancy Lorntson Small.jpg "AppSec 2013 was an awesome experience! Nowhere in the world can you find the top security experts all in one place at one time (and participate in a marriage proposal!). The conference presentations were well organized and the speakers were prepared to share pros, cons, successes and failures of their work in order to advance the application security domain. The variety of vendors was terrific as well.

The Women in AppSec panel was an opportunity to advance women's position in the community. Each speaker shared some very candid remarks about their personal experiences and by the end, it was clear that while more work needs to be done, there is a sincere interest by companies, universities and the industry in general to work on doing the things needed to attract more women to the profession.

The training course I attended (Open source tools) lived up to it's billing and I came away with several invaluable tips and strategies to improve our program.

A huge thank you to the Women in App Sec Panel and OWASP in general for this opportunity to attend the premier Application Security Conference in the world."


Tara Wilson, 2011 Winner



Tara wilson.jpg “Being fortunate enough to receive the Women in AppSec sponsorhsip is a unique and valuable experience. It is a great opportunity for women to have a chance to bolster their skills and dive deep into the world of application security. I found that attending the conference was not only a great way to experience what the OWASP community has to offer, but it also gives students a chance to network with a great group of people who are passionate about their field and willing to share a wealth of information.”


Chandni Bhowmik, 2011 Winner



Chandni bhowmik.jpg Chandni Bhowmik is currently completing an M.S. in Computer Security and Information Assurance at the Rochester Institute of Technology (RIT). Her first introduction to OWASP was through the project WebScarab during an application security lab last spring at RIT and her interest in OWASP grew ever since. Over the summer, she started programming open source web applications using built-in security features of Django and Python. She is interested in becoming an information security researcher, and hopes to leverage learning at OWASP AppSec USA 2011 in ad-hoc architecture, mobile platforms and over-all concepts of web application security. Besides secure programming, Chandni enjoys her current research involving digital image forensics and machine learning. In addition to attending school, she has interned in IT security and compliance at Paychex, a Rochester based payroll processing company, and gained industrial experience working an assistant systems engineer for Tata Consultancy Services, a global IT firm.


Retrieved from "https://wiki.owasp.org/index.php?title=Women_In_AppSec&oldid=251991"