This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Global Initiatives/Cyber Security Pre-accelerator Initiative

From OWASP
Revision as of 20:56, 24 April 2014 by Neill Gernon (talk | contribs)

Jump to: navigation, search
Initiatives banner large.jpg

OWASP Cyber Security Pre-accelerator Initiative

The focus of this initiative is to create open source material such as documentation manuals, wiki page resources and piloting data that can be used by the application security community for the management of a security pre-accelerator program. The goal of this pre-accelerator program is to catalyse innovation in application security by promoting the use of OWASP resources (e.g. security testing tools, technical documentation, training modules) within the start-up community and in a roadmap of a creation of possible start-up whose business plan includes the use of these OWASP resources. The pre-incubator phase is the preliminary phase that leads to incubation of a possible start-up. This is the phase where ideas brainstorm and are validated with a Proof of Concepts PoCs and working software tools and prototypes. These PoCs might be funded by non-profit (e.g. academics) and for profit entities (e.g. vendors) and validated by the open source community. At a later stage some of these validated PoC might help the pre-incubator teams to seek funding for a security start up can create an opportunity for employment in the application security industry.

Goals

The goal of the pre-incubator is to create opportunities to transform ideas into validated concepts and onto POC (proof of concept) prototypes. To pursuit innovative ideas and development of (PoCs) Proof of Concepts of web and mobile applications that use both OWASP open source tools as well as commercial APIs. The pre-incubator will offer a structured place to work to pre-incubate ideas into working prototypes using OWASP funded projects with backing of corporate sponsorship also provided through OWASP. These POCs will be released to the open source community for validation and use as a free resource.

Benefits to OWASP

The OWASP pre-incubator security start-up project empowers OWASP to leverage academic institutions and corporate sponsors to promote projects for the development of open source tools, improve visibility to application security and foster the creation of team of software developers interested in experimenting with OWASP open source tools for the creation of new software products. By spearheading the incubation of new software prototypes OWASP will create the opportunity for software developers, software and application security testers and consultants to become self-sufficient in supporting the further development of software and services as a security start-up. These security start-ups will have the opportunity to leverage OWASP resources for their security consulting, application security training and secure software development services in full respect of legal agreements for the use of open source licenses when these are used in their commercial services or products.

OWASP won’t be involved in the creation of the start-up but in the funding and mentoring support of the creation of open source projects that are delivered by the teams enrolled in the pre-incubator start-up program. OWASP through his local chapters will provide in-person mentoring to help mature the PoC from pre-incubation phase to incubation based by providing connections to seek funds for incubate start-ups whose business plan include either the use of open source for their consulting services or further development of products that use open source libraries


Presentation Materials

Presentation


Initiative Leader

Neill Gernon Marco Morana


Mailing List


Milestones and Goals

The OWASP pre-incubator security start-up project includes the following milestones;

1) OWASP Security start-up pre-incubator process guide that document the process the WHAT that is a guide that can be followed by a non-profit entity such as OWASP, University, and Government Agency to run a security start-up pre-incubator program. We will document all steps of the process that can be followed to create pre seed funding security start-ups which can be replicated by following this program including the different stages that lead from opportunity to idea concept to creation of the open source prototype to the start-ups itself. The guide provide guidance on the goals of the various activities such as events, prototyping workshops and hackathons (e.g. goal is to experiment with OWASP open source tools, templates for the development of working prototypes) create and sign legal contract agreements, creation and validation of PoCs Proof of Concepts.

2) OWASP Security start-up pre-incubator process manual that teaches the HOW that is how to engage with the start-up community locally (start), organize events, workshops, hackathons, mentoring and prepare business plans for participation to security incubators start-ups (end);

3) OWASP Security start-up pre-incubator wiki site to manage the steps of the startup security pre accelerator process and document the proof of concept prototypes that can go on to be fully incubated start-ups; This wiki site will be created as OWASP pre-accelerator web site and will help it to be taken forward and used by OWASP chapters in different areas/countries.

4) Documented results of piloting with a start-up pre-incubator real case that includes using the process guide the manual the wiki site to run a real case of pre-incubator program by running it at one of the established start up campuses in London pending on availability and agreements.

5) OWASP open source working software prototype/PoCof an open source application security software/technology. This prototype/PoC is produced by following theseveral steps of the pre-accelerator security incubator program and is produced by the initiative participants as residents in the pre-accelerator working space and validated by the open source community. The scope of the prototype is to validate a proof of concept of a new idea that makes either web or mobile applications more secure. This prototype is released as open source to the community.

Signup to our mailing list, updates coming soon! Mail list> https://lists.owasp.org/mailman/listinfo/owasp_cyber_security_pre-accelerator_initiative