This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Summit 2011 Working Sessions/Session079"
Sarah Baso (talk | contribs) |
Dinis.cruz (talk | contribs) |
||
| Line 103: | Line 103: | ||
|- | |- | ||
| − | | summit_track_logo = | + | | summit_track_logo = [[Image:T._owasp.jpg]] |
| − | | summit_ws_logo = | + | | summit_ws_logo = [[Image:WS._owasp.jpg]] |
| − | | summit_session_name = | + | | summit_session_name = Investment justification for Web Application Security |
| − | | summit_session_url = | + | | summit_session_url = http://www.owasp.org/index.php/Summit_2011_Working_Sessions/Session079 |
|- | |- | ||
| − | | short_working_session_description= | + | | short_working_session_description=What can OWASP do to help interested parties to make solid business cases for investment in Application Security programs. |
| + | |||
| + | '''Jeremiah Grossman''' in his 'Open letter to OWASP' blog post: http://jeremiahgrossman.blogspot.com/2011/01/open-letter-to-owasp.html<br> | ||
| + | ''"...4) Investment justification''<br/> | ||
| + | ''Mountains of documentation on what organizations “should be doing,” are already available. Information security professionals are desperate for resources in how to justify to the business why an investment in application security is crucial. Effective application security programs aren’t easy or cheap to build. They require real organizational change and budget dollars to involve people, process, technology, and services. The justification cannot be because it’s “the right thing to do,” “PCI-DSS said so,” or “the APTs will get us!” That’s unconvincing and mind numbingly old. OWASP can help everyone do better.'' | ||
| + | |||
| + | ''One way is by capturing success stories from the OWASP corporate and individual membership. Real people, real companies, who are named, documented, and publicly highlighted. Ask them share how much OWASP materials helped them. What they did exactly and how it positively impacted the organization. Ask them to quantify some metrics in how much they are investing, how they are budgeting, all of which creates a watermark for others. These stories are key proof points their peers can use to follow the paths paved by early adopters.'' | ||
|- | |- | ||
| Line 175: | Line 181: | ||
|- | |- | ||
| − | | summit_session_leader_name1 = | + | | summit_session_leader_name1 = TBD |
| summit_session_leader_email1 = | | summit_session_leader_email1 = | ||
Revision as of 13:28, 12 January 2011
Global Summit 2011 Home Page
Global Summit 2011 Tracks
 Investment justification for Web Application Security
| ||||||
|---|---|---|---|---|---|---|
| Please see/use the 'discussion' page for more details about this Working Session | ||||||
| Working Sessions Operational Rules - Please see here the general frame of rules. |
| WORKING SESSION IDENTIFICATION | ||||||
|---|---|---|---|---|---|---|
| Short Work Session Description | What can OWASP do to help interested parties to make solid business cases for investment in Application Security programs.
Jeremiah Grossman in his 'Open letter to OWASP' blog post: http://jeremiahgrossman.blogspot.com/2011/01/open-letter-to-owasp.html One way is by capturing success stories from the OWASP corporate and individual membership. Real people, real companies, who are named, documented, and publicly highlighted. Ask them share how much OWASP materials helped them. What they did exactly and how it positively impacted the organization. Ask them to quantify some metrics in how much they are investing, how they are budgeting, all of which creates a watermark for others. These stories are key proof points their peers can use to follow the paths paved by early adopters. | |||||
| Related Projects (if any) |
| |||||
| Email Contacts & Roles | Chair TBD |
Operational Manager |
Mailing list {{{mailing_list}}} | |||
| WORKING SESSION SPECIFICS | ||||||
|---|---|---|---|---|---|---|
| Objectives | ||||||
| Venue/Date&Time/Model | Venue/Room OWASP Global Summit Portugal 2011 |
Date & Time
|
Discussion Model participants and attendees | |||
| |
|---|
| WORKING SESSION OPERATIONAL RESOURCES | ||||||
|---|---|---|---|---|---|---|
| Projector, whiteboards, markers, Internet connectivity, power | ||||||
| |
|---|
| WORKING SESSION ADDITIONAL DETAILS | ||||||
|---|---|---|---|---|---|---|
| WORKING SESSION OUTCOMES / DELIVERABLES | ||
|---|---|---|
| Proposed by Working Group | Approved by OWASP Board | |
| After the Board Meeting - fill in here. | ||
| After the Board Meeting - fill in here. | ||
| After the Board Meeting - fill in here. | ||
| After the Board Meeting - fill in here. | ||
| After the Board Meeting - fill in here. | ||
| After the Board Meeting - fill in here. | ||
| After the Board Meeting - fill in here. | ||
| After the Board Meeting - fill in here. | ||
Working Session Participants
(Add you name by clicking "edit" on the tab on the upper left side of this page)
| WORKING SESSION PARTICIPANTS | ||||||
|---|---|---|---|---|---|---|
| Name | Company | Notes & reason for participating, issues to be discussed/addressed | ||||
| |
|
| ||||
| |
| |||||
| |
| |||||
| |
| |||||
| |
| |||||
| |
| |||||
| |
| |||||
| |
| |||||
| |
| |||||
| |
| |||||
| |
| |||||
| |
| |||||
| |
| |||||
| |
| |||||
| |
| |||||
| |
| |||||
| |
| |||||
| |
| |||||
| |
| |||||
| |
| |||||
