This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Global Education Committee"

From OWASP
Jump to: navigation, search
(Committee Members)
Line 16: Line 16:
  
 
== Committee Members ==
 
== Committee Members ==
Chairs: [mailto:[email protected] Martin Knobloch] (Netherlands) and [mailto:[email protected] Kuai Hinjosa] (U.S.)
+
Chairs: [mailto:[email protected] Martin Knobloch] (Netherlands) and (U.S.)
  
 
* [mailto:[email protected] Eduardo Neves] (Brazil)
 
* [mailto:[email protected] Eduardo Neves] (Brazil)
 
* [mailto:[email protected] Cecil Su] (Singapore)
 
* [mailto:[email protected] Cecil Su] (Singapore)
 
* [mailto:[email protected] Fabio Cerullo] (Ireland)
 
* [mailto:[email protected] Fabio Cerullo] (Ireland)
* [mailto:[email protected] Nishi Kumar] (U.S.)
 
 
* [mailto:[email protected] Anthony Gottlieb] (U.S.)
 
* [mailto:[email protected] Anthony Gottlieb] (U.S.)
 
* [mailto:[email protected] Sebastien Gioria] (France)
 
* [mailto:[email protected] Sebastien Gioria] (France)
 
* [mailto:[email protected] Carlos Serrão] (Prortugal)
 
* [mailto:[email protected] Carlos Serrão] (Prortugal)
 +
* [mailto:[email protected] Kuai Hinjosa]
  
 
== '''[[OWASP Training|OWASP Training]]''' and '''[[OWASP Academies|OWASP Academies]]''' ==
 
== '''[[OWASP Training|OWASP Training]]''' and '''[[OWASP Academies|OWASP Academies]]''' ==

Revision as of 22:53, 30 August 2011


About the Global Education Committee

The Global Education Committee was created during the OWASP EU Summit in Portugal 2008. The primary purpose of the Global Education Committee is: to work with the OWASP Education Project to provide educational materials for both internal and external users, develop liaisons with educational institutions worldwide.

Mission

Provide awareness, training and educational services to corporate, government and educational institutions on application security.

Vision

Make OWASP educational material globally available as a well known resource in easily consumable form mapped to a framework tied specifically to user roles and responsibilities

Committee Members

Chairs: Martin Knobloch (Netherlands) and (U.S.)

OWASP Training and OWASP Academies

OWASP Training - OWASP Projects and Resources you can use TODAY!

The main goal of OWASP Training is to support Local Chapters' training activities in a way that allows OWASP to use a model that, despite specific and punctual adjustments, can be easily replicated and become the main frame for all Chapter-led training events.

To know more about the OWASP Training concept, please see the OWASP Training page.

OWASP Academies

The idea of the OWASP Academies is to conceive a frame under which work should be done with Universities, Polytechnic Institutes, IT Schools and other Academic institutions with a view to establish solid relationships and develop with these organisms ways to collaborate and participate in the design of courses focused on web application security.

OWASP has the knowledge and critical mass to give an invaluable input to any Academy focusing on this area by:

  • contributing with its expertise in the definition of curricula and course contents that explore and study the web security field;
  • making available to the Academy its pool of interested and willing security experts as trainers.

To know more about the OWASP Academies and the activities developed, please see the OWASP Academies page.

Monthly Report Format

Date of last update: Updated by:

Accomplishments for this Month

  • Agreed on GEC Governance

Planned for Next Month

  • Goals and budget for 2011

Issues/Risks/Challenges

How to join this committee

Join our mailing list

<paypal>Global Education Committee</paypal>

Scheduled Meetings

Scheduling meetings: Global Meeting Time Planner - Click Here The next scheduled meeting is Tuesday, May 31st Meeting time: 10 to 12 pm GMT Please email martin.knobloch 'at' owasp.org for any questions.

Joining the GEC conference call

  • The Dial in number: ++1-866-534-4754 (this number is free to call from the US, Canada and via Skype!
  • Guest Code: 891237


For the next and previous meetings, see: GEC Meetings

Targets (DRAFT)

Below you can find the timeline, what has to be achieved by when. All tasks must be SMART!

Update July 2010 Task Deadline Type Status Description Who
Finished Categorize (Organization) of educational materials N/A Documentation Done Categorize / Organization of the educational materials for audience by roles and responsibilities/technologies and use the summit workshop notes. Martin
Package has been created for the OWASP London Training Train the trainers (Teach the teachers) Q1/Q2/Q3/Q4 2009 Delivery in progress Develop a train the trainer program that will train trainers to deliver training on OWASP related material. Fabio / Nishi
Launch Create an "official" GEC course for universityl Q1/Q2 2011 Delivery Planning Develop an official OWASP course based on the OWASP projects and other donate/sponsors course to help university/faculty adopt OWASP in their diploma. Sébastien
Died Create an online assessment and training portal Q2/Q3/Q4 2009 Delivery Planning Develop an OWASP assessment and training portal that end users can use to gauge their knowledge on OWASP concepts and training providers can use to promote their training offerings. Mano/Fabio
on hold OWASP Boot Camp Project Proposal: February 2009 Final: Oktober 2009 at OWASP AppSec US 2009 Delivery wainting on project content OWASP Boot Camp about the OWASP projects, to deliver a Boot Camp presentation should be one of the criteria to get an alpha status as project Martin
active, CTF hold at OWASP AppSec-EU OWASP CTF event OWASP AppSec Conferences Delivery Done Develop an OWASP Capture the Flag contest that could be easy use for OWASP conferences. Martin
on hold Speakers Bureau Project TBD Delivery started List of speakers, Name, Bio, Topics, History

Speakers in conferences (OOTM ask for funds on this)/summit

Martin
Died Marketing efforts Q4 2009 Awareness Services Started Select material. Eduardo
Hibernating, update requested Internationalization of the training materials Q4 2009 Awareness Services Startes Select material for translation services for highly spoken languages Eduardo
busy, just al darn long lasting task Education material TBD Training & Educational Services started All projects should be summoned to create educational material (training service)

1) Each Projects --> Documents (help), Tool, Training; Live CD (Portable)

Martin/Nishi
We continue to add universities to our list of OWASP Supporters see [1] for a list of university logos representing universities who have joined. Educational Academic Services TBD Training & Educational Services

3 Universities already in contact with and planning OWASP events to participate in.

Incorporate OWASP into the following top 5 Universities, within the next 12 months by introducing OWASP training and education resources at University's events.

1) New York University 2) Cornell University 3) Princeton University 4) University of Minnesota 5) Columbia University

As a result of these initiative we would hope to see:

1) Confirming participation at arranged events 2) Asking Universities to recognize they are using our resources by allowing us to place their names in wiki pages such as http://www.owasp.org/index.php/OWASP_Top_Ten_Project 3) University faculty, staff and students participate in local and international events/meetings 4) University faculty, staff and students contribute to OWASP projects

Kuai Hinojosa, Andrzej

Proposal (DRAFT)

Categorize (Organization) of educational materials

Objective: Categorize / Organize educational material, estyle the Education Project website.

Activities/Deadline:

  • Categorize education material according to the CLASP roles
  • Group material into management-ish, student-ish, technical-ish

Benefits
Target specific demographic (managers, students...) Provide easy access to education material. Efficient categorization of education materials.

Train the trainers (Teach the teachers)

Objective: Develop a train the trainer program that will train trainers to deliver training on OWASP related material.

Activities/Deadline:

  1. Develop a criteria to identify and approve trainers / Q1 2009
  2. Identify pertinent OWASP related material that will be included in the training kit / Q2 2009. This is dependent on the education project organizing material.
  3. Create a training toolkit with pre-built presentation and training materials, assessments etc. / Q3 2009
  4. Conduct train the trainer sessions (remote or in-person) / Q4 2009

Benefits: The training kit and trained trainers will be available resources promoting OWASP in local events worldwide.

Create an online assessment and training portal

Objective: Develop an OWASP assessment and training portal that end users can use to gauge their knowledge on OWASP concepts and training providers can use to promote their training offerings.

Activities/Deadline:

  1. Generate OWASP assessment items (can use the testing guide and other sources) / Q2-Q3 2009
  2. Develop an assessment portal to deliver taking of assessments with robust reporting by knowledge area / Q4 2009
  3. Develop a training portal to allow training providers to publish and promote their training offerings / Q4 2009

This can be developed as a summer of code project but is not a requirement.

Benefits: Assessments that can be offered in OWASP events and other conferences to users will increase OWASP awareness. The portal can become the link between trainers and trainees and will eventually help in increasing the awareness and knowledge of application security in the industry.

OWASP Boot Camp Project

Objective
To deliver a Boot Camp session which would lead to be one of the main criteria to produce alpha status projects

Activities/Deadline:

Benefits

OWASP CTF event

Objective Generate a Capture The Flag framework to be offered at OWASP events

Activities/Deadline:

  • Andrzej will contact the organizers of the CTF from the Denver OWASP Conference and work in using same model

Benefits Capture The Flag events are very popular in conferences, creating and OWASP specific CTF will offer entertainment at events, generate attendants participation etc.

Speakers Bureau Project

Objective
OWASP Boot Camp about the OWASP projects, to deliver a Boot Camp presentation should be one of the criteria to get an alpha status as project

Activities/Deadline:

Benefits
List of speakers, Name, Bio, Topics, History Speakers in conferences (OOTM ask for funds on this)/summit

Speakers Agreement - https://www.owasp.org/index.php/Speaker_Agreement

Marketing efforts

Objective: To promote OWASP projects, events, education material and OWASP mission.

Activities/Deadline:

  • Gather flyers, Brochures of OWASP Top 10, Testing Guide

Benefits
Group promotional material which can be hand out at events

Internationalization of the training materials

Objective
Translate training materials

Activities/Deadline:
Identify point of contacts places for translation efforts and setup a deadline Translate material in French, Portuguese, Spanish, Malay, Italian, Indonesian, Chinese

Benefits
To reach international audiences

Education material

Objective: Consolidate all projects (Tools, Help Documents, Presentations, LiveCD) create educational material (training service)

Activities/Deadline:

Benefits

Academic Educational Services

Objectives
Promote and encourage OWASP resources at accredited Universities around the world within the next 12 months by introducing OWASP training and education material at University's events.

Activities/Deadline:

  • Build a list of at least 5 Universities with computer science or risk management programs that can be targeted /Q1 2009
  • Establish communication with targeted universities, generate key contacts and establish relationships /Q1 - Q4 2009
  • Develop a list of possible academic events in which to participate /Q1 - Q2 2009
  • Participate in at least 1 Academic event, present case studies or OWASP education materials /Q1 - Q4

Benefits
OWASP will gain exposure in the academic industry, starting with accredited universities around the world. Universities will become members of OWASP, provide meeting space, students will apply to OWASP grants, and provide support and structure