August 13, 2012 SB Report

Sarah Baso - Report of Conference Activity for July 2012 (Prepared for August 13, 2012 Board Meeting)
To view report of employee activity for July 11 to August 13, 2012: click here

Conferences Committee

General Committee Info

• Committee Membership: no changes, currently 8 members: Mark Bristow, Ralph Durkee, Richard Greenberg, Lucas Ferreira, John Wilander, Mohd Fazli Azran, Lorna Alamri, and Benny Ketelslegers.
• Committee Chair: Mark Bristow

• July Committee Meeting Minutes:
  • July 18

• Recurring meeting time: the third Wednesday of the month at 3pm GMT/UTC. 'Next Meetings scheduled for:
  • Wednesday, August 15, 2012 at 3:00 PM (15:00) UTC/GMT
  • Wednesday, Septembeer 19, 2012 at 3:00 PM (15:00) UTC/GMT

• Global Conferences Committee Budget - $27,389.22 of $40,000 remaining ($12,610.78 spent).

Major Activities/Projects (in addition to attending monthly committee meetings, taking & posting meeting minutes):

• Working with committee on setting goals for 2013, drafting committee budget for 2012, and drafting proposed revenue goals for 2013 Global AppSec Events
• Currently looking for proposals for the 2013 AppSec USA event - no submissions received yet
• Requested comments from committee on conference planning documents drafted by Sarah Baso:
  • Conference Planning Timeline/Overview
  • Detailed Conference Planning Checklist
  • Conference Planning - Project Plan with Deadlines
• Ongoing - Updated and monitored google form for tracking schwag requests and monitor OCMS for events that have requested schwag but not entered request into google form.
• Ongoing - Work with Konik, Kate, Rocksport, Zazzle, Lulu, and other misc. vendors to fulfull merchandise and conference requests.

OWASP Events

AppSec Europe Research - Global

• Estimated event profit: $14,000 USD (Payments/income still being finalized)
• Post Event Report from Konstantinos Papapanagiotou (Local Planning Chair) and John Wilander (GCC Liaison) pending
• Total Sponsorship - 19,425 Euros: Imperva, F5, Cigital, Trustwave(Global), Gotham Digital, Watson Hall, Census (Greek Company), BCC Risk, University of Athens.
• Training enrollment update:
  • Colin Watson (1 day) and Dan Cornell (2 Day) Training courses cancelled due to low enrollment.
  • Eoin Keary & Jim Manico (1 Day) - 6
  • Dave Wichers (2 Days) - 11 (1 OWASP Leader)
  • Justin Searle (2 Days)- 17 (1 OWASP Leader)
• Charles Henderson & David Byrne (2 Days)- 13 (1 OWASP Leader)
• Conference Enrollment - 275
• Pending items:
  • Certificates for volunteers, training & conference attendees (Sarah created certificate templates, waiting on signature from Kostas before sending out)
  • Payments to trainers (Sarah sent reminders last week asking for them to submit invoices to process payment)
  • Submit double taxation forms to Greek or Belgian Govt.
  • Kostas to provide slides and video to post on website
  • Post-event reports

AppSec India 2012 - Regional

• Schedule for conference talks and training posted
• Registration open, with 100 people currently registered (as of August 7)
• No details have been received from local team on budget or status as legal entity in India
• Sarah will be attending event - giving short welcome talk (10 min) and planning meet up for chapter leaders

AppSec Ireland 2012 - Regional

• Registration currently open in cvent - 19 people registered
• Conference Schedule ( Trainings and Talks) posted to website
• Sponsors: F5, WhiteHat Security, BCC Risk Advisory
• Other orgs/supporters: (ISC)2, irishdev, Pentest Magazine, Google Developer Group Dublin, Irish Internet Association, Irish Computer Society, British Computer Society, Irish Reporting and Information Security Service

OWASP Israel 2012 - Regional

• Set up registration in cvent, waiting on ok from Ofer Maor to open registration.

AppSec USA 2012 - Global

• Current conference profit estimate: $25,000 (Budget)
• Sponsorships = $118,150 - new sponsorships include: Adobe (Diamond), Veracode (Gold), Symplified (Silver), Whitehat Security (Silver), and Blueinfy Silver)
• Call For Papers ended on Saturday, August 11, 2012. Speaker Selection Committee will review over 130 submissions received and we expect to begin contacting speakers on or before Monday, August 27, 2012.
• CFT deadline was July 6 & Trainings are posted:
  • No Crack Required: Cryptanalysis in Real-World Applications (Timothy D. Morgan)
  • Elite Web Application Secure Defensive Coding Bootcamp (Jim Manico and Eoin Keary)
  • CISO Training: Managing Web & Application Security – OWASP for Senior Managers (Tobias Gondrom)
  • The Art of Exploiting SQL Injection (Sumit Siddharth)
  • Tactical Defense with ModSecurity (Josh Amishav-Zlatin)
  • Building a Software Security Program On Open Source Tools (Dan Cornell)
  • Android/iOS Hacking and Securing (Patrick Szeto)
  • Advanced Threat Tactics (Raphael Mudge)
  • Hands on Web Application Testing: Assessing Web Apps the OWASP Way (Matt Tesauro)
  • Writing Secure J2EE Code (Sherif Koussa)
  • .NET Secure Coding (Erez Metula)

• Registration (through Cvent) open and early early registration push (discounts to past attendee from Lascon and LY AppSec USA who registered before June 30 & early bird discount ending July 15) - 175 currently registered

AppSec Brazil 2012 - Regional

• Event cancelled - was to be hosted by OWASP Paraíba Chapter but Chapter Leader (who was the main person driving the event) had to drop out due to personal reasons.
• It was suggested that the Florianopolis Chapter turn their OWASP Floripa Day 2012 into the AppSec Brasil event, but due to the short time until the event (1 month away) - it was decided that no changes would be made.

AppSec Latam 2012 - Global

• http://appseclatam.org
• Fabio Cerullo is serving as their GCC liaison
• Event logistics (location and date) finalized:
  • Hosted at Antel National Telco Building in Montevideo, Uruguay
  • 2 days of training: Nov. 18-19
  • 2 days of conference talks: Nov. 20-21 (2 Tracks)
• 4 Keynotes confirmed: Jerry Hoff, Pravir Chandra, Cristian Borghello, and Hernan M. Racciatti
• CFP and CFT opened
• Completed revised sponsorship document

AppSec APAC 2013 - Global

• Sarah working with local team to set up status calls

AppSec EU/Research 2013 - Global

• Hamburg, Germany (related documents)
• Local team working to finalize dates within the next week
• Conference/Project management set up in Redmine, local team & Sarah had meeting last Friday (August 10) to give overview on how Redmine will work and next steps to move forward.

Outreach Events

• BlackHat USA (Post-event report pending)

Upcoming:

• ISC2 - Secure Brazil
• Hacker Halted USA
• BSidesDFW

In negotiation/under review:

• RSA Europe 2012 and RSA USA 2013
• MN Cyber Security Summit 2012
• AISA National Conference
• (ISC)2 Security Congress
• Hacker Halted Asia Pacific 2012
• Malaysia Open Source Conference 2012
• HITBSecConf2012

Other Activities

• Marketing:
  • Global Membership Handout (Template created by PR with Brains for NY Chapter, and modified for use at BlackHat Booth)
  • Kate had in-person meeting with Patrick Calder at Design Foundry last Thursday and we have call this afternoon with Patrick and his business partner to discuss next steps.
• Worked with Kate to consolidate Q3 goals [1].

Resource Pages

• Event Contracts
• Event Budgets
• Event Sponsorship Documents