This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Women In AppSec
Women in Application Security Program
The purpose of the Women in AppSec Program is to increase the participation of women in the field of application security. The program was successfully launched in 2011 at AppSec USA, and the aim is to run the program at every OWASP Global AppSec going forward. The Women in AppSec program is for any female interested in getting involved in AppSec or those already involved but looking to boost their career. This includes female undergraduate and graduate students, instructors, and professionals who are dedicated to information security or application development.
In 2015, this program is being re-launched at AppSec EU in Amsterndam, May 19 - 22 with the theme "Women in AppSec - Making it Happen".
Regional conferences are encouraged to host the Women in AppSec program, as well. We encourage you to read this page in full, and reach out to us via the Contact Form or OWASP Support if you have any questions on how to successfully run the program at your event.
|
|
Contact Us
If you are interested in another piece of OWASP design for your event or project, please let us know by using the OWASP Contact Us form.
Links
Women in AppSec
The OWASP Foundation, in recognition of value to both organizations and society, is working to support and enhance programs that increase the participation of women in the field of information and application security. The OWASP Foundation Women in AppSec Program provides merit-based funding for women to attend participating OWASP AppSec conferences. OWASP’s current program objective is to encourage female students at both the undergraduate and graduate levels, instructors, and professional working women who are dedicated to a career in information security and/or application development, to expand their skills and pursue application security. Interested applicants are encouraged to apply to the program running within their region of residence.
Current Program
The program us currently being re-launched for AppSec EU 2015
There is still work to be done - what can we do to Make it Happen?
During AppSec EU there will be a panel discussion and workshop supported by the Women in AppSec initiative. Through these sessions we hope to encourage women to pursue a career in AppSec and help them realize it is an option for them. These sessions will be open to all so we can help build support for the women around us.
Panel: "Women in AppSec - Making it Happen"
During this panel session we will discuss what can be done to Make it Happen for Women in AppSec going forward. What have those currently working in the field done to Make it Happen for themselves and other women; what tips and advice do they have to help you do to make a career for yourself or encourage those around you (sister, friend, daughter, etc…) to pursue a career in AppSec? What can we as professionals can do to help encourage girls to go for a career in AppSec?
Workshop
During the workshop we hope to introduce female attendees of the conference to what a career in App Sec can involve. We will teach them about application security and the many career paths available. We will be there to share our experiences and answer their questions to hopefully get them started on a career in AppSec. We hope to build relationships that may lead to a mentoring program for these women.
Past Eligibility Criteria
Below is the list of eligibility criteria used to select the winners in 2013.
- Has provided 2 responsive contacts as reference, and both references are familiar with the candidate, application security, and OWASP.
- Both references have provided letters of recommendation.
- Has relevant/appropriate achievement goals for attending the conference.
- Is the applicant from the region that the conference is taking place in.
- Has background in volunteering for OWASP or similar organizations.
- Has participated in one of OWASP's programs or activities?
- Is either studying, wishing to study, working in AppSec, or interested in working in AppSec.
- Has financial need.
- Is a paid OWASP member, and/or employer/school is an OWASP sponsor.
- Has an interest in exploring application security
We encourage you to create your own set of criteria that will fit the Women In AppSec that you are planning within your region. The criteria above is meant to be a guideline of what has been used in the past.
Winners
In the past, we have typically had two winners selected for the sponsorship award; however, the number of winners depends on how much you can afford to sponsor. We recommend that you raise $3000 USD for each winner, at least. In the past, we have given each winner a free conference pass, one free training, and free travel and accommodation to attend the event.
Pre-Conference
The majority of the planning involved in running the Women in AppSec Program occurs before the conference or regional event. Below, you will find a brief outline of the tasks your team will have to take on.
Planning & Selection Team
The first step you will need to take care of is the selection of your planning and selection team. These are the individuals that will be helping you manage the pre-event planning process and the selection of the sessions during the event. You will typically need a team of 5-6 people. The selection committee will then be broken down into several sub-teams of one to two people who will then work on sponsorship, marketing, the grading process, and the call for entries.
Sub-Team Roles
Sponsorship
Two people should be responsible for developing the materials and seeking out sponsorships for the program. They will be in charge of creating the sponsorship packages, flyers, and seeking out sponsorship from other chapters and organizations.
Marketing
At least two people should be responsible for marketing the event. Their job will consist of putting together press releases, keeping the event planners updated on progress, and communicating progress to the overall community. They will also be responsible for getting the message out when the team is ready to start accepting applicants.
Budget
As mentioned above, it is up to your team to decide what it is you wish to do during the event - that will determine the budget.
Sponsorship
It is very important to start reaching out to the overall OWASP community and their corporate contacts as potential sponsorship leads. Develop a Sponsorship Strategy and put together a sponsorship flyer outlining the program, what you are seeking, and the benefits of sponsorship. Give incentive for sponsorship and details about the program to get potential sponsors interested. Make sure to include the successes of past Women in AppSec conference events. Once you have your materials and sponsorship packages sorted, you can get started with sponsorship seeking activities. Below you will find an example of the Women in AppSec 2013 sponsorship flyer we sent out to potential sponsors.
Sample of 2013 Sponsorship Flyer
During the conference
Be sure the engage the women there in the sessions you have organized, encourage them to not only attend but to be active participants. Its not all about the women try and encourage some men too, for this initiative to be successful it must be inclusive.
Post-Conference
After the conference, it is very important to gather feedback from the participants to make sure they enjoyed the experience. Ask them for a brief description about their experience, with a picture attached for the website. Then write up a review and lessons learned page to document the experience with the program. Make sure to include what can be improved upon in the future.
Training Days
Prior to the conference, the winners will arrive during the training workshops. Upon their arrival an OWASP volunteer will be around to greet them and take them to the trainings. This is to ensure that the winners are taken care of, and that they feel welcome and comfortable. The two training days prior to the conference should give the winners a chance to get to know local chapter volunteers and early attendees. Winners are encouraged to attend trainings that interest them and to mingle with fellow trainees. If there is a welcome event, winners should be encouraged to attend as well.
Conference Days
During the two days of the conference an OWASP volunteer will be available to show the winners around, introduce them to staff members, and get them acquainted with conference goers. The volunteer will also be responsible for getting the winners to the Women in AppSec scheduled activities, if any are planned. The volunteers should be made available if the winners have any questions or need help with anything. It is important that the winners get the full OWASP AppSec experience. This includes attending sessions of interests and encouraging winners to participate in the various activities provided at the Global AppSecs.
Previous Women in AppSec Winners
Following their experience at AppSec, winners are encouraged to write a short piece about their experience at the conference and their participation in the Women in AppSec program. Here, they outline their experience with the Women in AppSec Program in their own words.
Carrie Schaper, 2013 Winner
Nancy Lornston, 2013 Winner
Tara Wilson, 2011 Winner
Chandni Bhowmik, 2011 Winner
Contact Us
If you are interested in another piece of OWASP design for your event or project, please let us know by using the OWASP Contact Us form.