This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "OWASP 2013 Project Summit Appendix"

From OWASP
Jump to: navigation, search
Line 282: Line 282:
 
Dr. Kostas Papapanagiotou  
 
Dr. Kostas Papapanagiotou  
 
Martin Knobloch
 
Martin Knobloch
 +
 +
===MARKETING MATERIAL: OWASP REVIEW CRITERIA AND 2013 PROJECT ASSESSMENTS===
 +
I am happy to report that the Technical Project Advisors team has completed the final version of the our project assessment criteria. This criteria grades our project quality based on the overall project health and the overall quality of the product each project is producing. The aim of developing this criteria was to help guide OWASP Project Leaders toward the successful completion and development of their overall project deliverable. Moreover, this criteria will be used to establish the appropriate stage the reviewed project is in, basing the decision on overall project health and product quality. I encourage all Project Leaders to please take a bit of time and review the 2013 Project Assessment Criteria.
 +
 +
'''2013 PROJECT SUMMIT REVIEWS'''
 +
 +
As many of you know, attendees will be able to participate in the review of the entire inventory of OWASP Projects using the new assessment criteria developed by our team of Technical Project Advisors, during the OWASP Projects Review working session at AppSec USA. The aim of this session is to establish a more accurate representation of OWASP project health and product quality.
 +
 +
Leaders are encouraged to review the 2013 Project Assessment Criteria, and make certain that their project fulfills all of the guidelines outlined in the criteria. Please note, that it is not mandatory to work towards fulfilling all of the criteria for this round of reviews. However, passing the assessment is a requirement if you wish to graduate from an Incubator to a Lab and Lab to a Flagship Project. We do encourage all current Lab and Flagship project leaders to ensure that they are in alignment with the new 2013 project assessment criteria.
 +
 +
'''NEW OWASP PROJECT WIKI TEMPLATES'''
 +
 +
The new project wiki templates were created to make adding content to a project wiki page, a much easier task for Leaders. A big thank you to Colin Watson for creating these for us. We are encouraging all Leaders to switch over to these templates starting in 2014. Please note that Leaders are not required to use these templates, but the use of this wiki template is a requirement for graduation for Incubator projects starting in 2014. Below you will see an example of what we would like to see from an OWASP Project in regard to their wiki content and links.
 +
 +
If you have any questions about any of the topics above, or if you want to be involved, please reach out to me at [email protected]. See you all at the Project Summit in New York City!
 +
 +
===MARKETING MATERIAL: 2013 PROJECT SUMMIT IS ONLY 2 WEEKS AWAY: SIGN UP NOW!===
 +
The Project Summit taking place in tandem with this year's AppSec USA in New York City, is only two weeks away! Unfortunately, we were not able to raise enough funds to facilitate remote participation for the 2013 Project Summit. It is certainly an aspect of our summits that we find incredibly important, and we will work hard to make sure remote participation is an option our contributors have in 2014. As a result, we recommend attending the summit in person, and signing up for the sessions you are interested in. We now have 18 sessions scheduled. The list includes:
 +
 +
'''Monday: Nov 18th'''
 +
#OWASP Project Review Session
 +
#ESAPI Hackathon Session
 +
#OWASP Media Project
 +
#OWASP PHP Security and RBAC Projects: An Introduction
 +
#AppSensor 2.0 Hackathon
 +
#Bug Bounty Hack Session
 +
 +
'''Tuesday: Nov. 19th'''
 +
#OWASP Training Development Session
 +
#OWASP Academies Development Session
 +
#Mobile Security Session
 +
#ESAPI Hackathon Session
 +
#Bug Bounty Hack Session
 +
 +
'''Wednesday: Nov. 20th'''
 +
#Writing and Documentation Review Session
 +
#ESAPI Hackathon Session
 +
#Bug Bounty Hack Session
 +
 +
'''Thursday: Nov. 21st'''
 +
#ZAP Hackathon Session
 +
#Open SAMM Session
 +
#ESAPI Hackathon Session
 +
#Bug Bounty Hack Session
 +
 +
For more information on the 2013 Project Summit, please contact Samantha Groves
 +
([email protected]), or visit the Project Summit wiki page.
 +
 +
===MARKETING MATERIAL: INDIVIDUAL SUMMIT TWEETS BY KAIT DISNEY-LEUGERS===
 +
#hose OWASP Projects are not going to review themselves, maybe you should help. https://www.owasp.org/index.php/Projects_Summit_2013/Working_Sessions/003
 +
#The ESAPI Hackathon is going on throughout the four days of the Projects Summit. Sign up to participate here: https://www.owasp.org/index.php/Projects_Summit_2013/Working_Sessions/001
 +
#A 'live-hacking' event in a controlled environment. Get your hack on at the Bug Bounty Session, sign up here:https://www.owasp.org/index.php/Projects_Summit_2013/Working_Sessions/0013
 +
#Help to define the standards and guidelines on training material. Sign up for the Training Development Session here: https://www.owasp.org/index.php/Projects_Summit_2013/Working_Sessions/008
 +
#OWASP is going back to school to get the youth involved. Help create the guidelines for the Academies Initiatives:https://www.owasp.org/index.php/Projects_Summit_2013/Working_Sessions/009
 +
#Build and maintain secure mobile applications at the Mobile Security Session. Sign up here: https://www.owasp.org/index.php/Projects_Summit_2013/Working_Sessions/0012
 +
#Release your inner wordsmith at the Project Guide Review Writing Session. https://www.owasp.org/index.php/Projects_Summit_2013/Working_Sessions/005
 +
#Wrap up your week at the OWASP Projects Summit by participating in the ZAP Hackathon. Sign up here: https://www.owasp.org/index.php/Projects_Summit_2013/Working_Sessions/007
 +

Revision as of 05:57, 24 February 2014

Appendix

In this section, you will find various reports, tables, slides, forms, and other materials produced for and at the summit. You will also find historical summit information such as previous summit budgets and funds spent. Finally, you will find a list of primary summit contributors with a short bio for each individual. Please contact Samantha Groves ([email protected]) if you have any questions about anything in the report or the Appendix section specifically

2009 SUMMIT FINANCIAL DETAILS

Category Cost Notes
Travel - Diplomata Tours $54,325.84 Includes Flights for 65 attendees
Other Travel Costs $12,563.72 Flights and other expenses submitted for reimbursement
Grande Real Santa Eulalia Hotel $58,018.12 Includes accommodations for 74 and food for 76 attendees
AV Expenses - Euroligistix $5,222.61
Advertising - Generator $1,261.50
Summit Personnel $960.00
FedEx $3,080.37
Miscellaneous $6,337.91
Banking & Currency Corrections $498.90
SUBTOTAL $142,268.97
Income - Reimbursements/ Donations -$6,290.04
TOTAL $135,978.93


Almost all OWASP participants (OWASP Project Leaders, Reviewers, and Contributors) at the 2008. Summit had their trip sponsored, at least in part, by the OWASP Foundation. To be considered a relevant. OWASP participant, and, consequently, to qualify to have the Summit attendance expenses partially paid, attendees needed to fall into of the following categories:

  1. OWASP Summer of Code 2008 project leaders & reviewers,
  2. OWASP Summer of Code 2008 special project contributors,
  3. OWASP Spring of Code 2007 project leaders & reviewers,
  4. OWASP Autumn of Code 2006 project leaders & reviewers,
  5. Active Project Leaders (not currently participating on SoC 08),
  6. Active Chapter Leaders
  7. Member with significant past OWASP Contribution.


A list of OWASP sponsored attendees to the 2008 Summit as well as the reason for the sponsorship (i.e. the category from the above list that they fall into) can be found at: http://spreadsheets.google.com/pub? key=pAX6n7m2zaTVLrPtR07riBA Additionally, the following rules were established by the 2008 Summit planning committee to clarify which expenses and how much would be paid for by the OWASP Foundation:

  1. With exceptions noted below, all accommodation and meals during the four-day event will be paid.
  2. As we are still seeking out financial sponsorship support, until further notice, none of the dinners will be paid.
  3. The meals consist of a pre-negotiated menu and only this menu will be paid.
  4. The accommodation will consist in a place in a shared T1 (3 people) or T2 (5 people) apartment. Therefore, even though one can choose an individual room, OWASP will pay only for the cost associated with a shared stay. At the cost of +/- 60 Euros per night, there is the option to stay in an individual room (or in a double-room, in the cases where the partner - wife / husband - is also present).
  5. Please note that the nights of 3 and 7 of Nov will be included in the paid accommodation for those individuals attending the whole event.
  6. Regarding the flight expenses, OWASP will pay a maximum of 1000 US dollars for all non-European attendees and 600 US dollars for the European ones.

Please Note: The 2008 Summit financial details information was taken from the 2011 Project Summit Report prepared by Sarah Baso.


2011 SUMMIT FINANCIAL DETAILS

EXPENSES: SUMMIT VENUE

Category Cost Notes
Alentejo Room $2,502.00 450€/day x 4 days = 1,800€
Campo Real 1 $3,614.00 650€/day x 4 days = 2,600€
Campo Real 2, 3 & 4 $3,614.00 650€/day x 4 days = 2,600€
Catering Supplement - dinner served in villas $1,056.40 1.50€/person/day = 760€
Catering Supplement $354.45 85€/day x 3 days = 255€
ASDL $1,997.75 €1,437.23
Printer $2,085.00 €1,500
Suite $1,390.00 200€day x 5 days = 1,000€
AV Equipment $16,853.75 €12,125
Drink Tickets $2,636.83 7€/drink x 271 tickets = 1,897€
Cocktail Hour $708.90 €510
Nuno Marco $7,717.38 5,066.10€ (Optimus, Projector, PCs, Labor)
Food & Beverage Extras $7,717.38 For Summit Team/Early Arrival 5,552.07€
Campo Real Total $51,572.34 €37,107.40


EXPENSES: SUMMIT GIVEAWAYS

Category Cost Notes
Podcast CD & Book $1,800.00
Attendee Misc. $5,254.17 Stickers, Passports & Compasses


EXPENSES: SUMMIT EQUIPMENT & SERVICES

Category Cost Notes
Operational Expenses $1,384.22 Disposable cell phones, SIM cards, Netgear hub, baggage fees, ipad
OWASP Band Equipment Rental $1,500.00 €1,100
Apparel - LX Studios & Polo Shirts $2,858.96


EXPENSES: SUMMIT EQUIPMENT & SERVICES

Category Cost Notes
Marketing - Hackers News Network $250.00
PR - Generator Beyond the Brand $2,760.00 €2,000
SAPO (Additional Internet Connectivity) $2,175.00 €1,577
Baltazar Martins (Summit Design/Marketing) $3,210.00 €2,327


EXPENSES:SUMMIT SUPPORT STAFF

Category Cost Notes
Sarah Baso (Summit Logistical Support) $4,000.00
Marta Pergorelli (Brazilian Delegation) $5,000.00
Sarah Cruz (Design) $2,100.00
Sandra Paiva (Working Session Editor) $2,000.00
Deb Brewer (Summit – On-site Event Planner) $3,915.77


EXPENSES: TOTALS

Category Cost Notes
Summit Expenses Subtotal $89,780.46
Summit Travel Subtotal $152,855.58 http://sl.owasp.org/summit2011_travelcosts
TOTAL EXPENSES $243,636.04


INCOME: OWASP BUDGET ALLOCATION - BOARD APPROVED

Category Cost Notes
OWASP Funds for Operational Expenses $50,000 $50,000 allocated by Board – Aug 2010
Summit Attendee Travel Budget $50,000 $50,000 approved by Board in Dec 2010
$15,000 for Operational Costs and $25,000 for Summit Travel Expenses $40,000 Approved by Board 23-Jan-2011


INCOME: EXTERNAL SPONSORSHIPS

Category Cost Notes
Local Chapter Sponsorships $44,095.65 Direct chapter donations & OSTR funds
Project Sponsorship $2,000.00 Funds donated from project budgets


INCOME: EXTERNAL SPONSORSHIPS

Category Cost Notes
Wiki Donations $1,310.11
Praetorian $1,942.14 $5000 Corporate membership with 40% ($2000 less fees) allocated to sponsor summit attendee
Security Innovation $1,942.14 $5000 Corporate membership with 40% ($2000 less fees) allocated to sponsor summit attendee
(ISC)2 $1,947.09 Lunch Sponsorship ($2,000 less fees)
Trustwave $1,975.00 Wireless Sponsorship ($2,000 less fees)


INCOME: ACCOMMODATION CREDIT

Category Cost Notes
Accommodation Credit $8,860.36 Credit from Diplomata Tours


EXPENSES: TOTALS

Subtotal Internal Income $186,095.65
Subtotal External Income $16,029.75
'TOTAL INCOME $202,125.40
'PROFIT/LOSS $40,510.64 style="background: #A9BA9D; color: black" |Total amount "over budget"
Total amount spent by OWASP $226,606.29


The above details on the 2011 Summit Expenses and Income can be found at: http://sl.owasp.org/ summit2011_finalbudget More details on Summit Travel and Accommodation costs, broken down by attendee can be found at: http:// sl.owasp.org/summit2011_travelcosts Please Note: The 2011 Summit financial details information was taken from the 2011 Project Summit Report prepared by Sarah Baso.


MARKETING MATERIALS: ACADEMIES AND TRAINING INVITATION TO THE COMMUNITY

Education and training is an important part of OWASP's mission as it helps not only in increasing the awareness around application security but also in actually improving the security of applications.

The OWASP Academies program aims to bring together academic institutions from all over the world in order to collaborate towards increasing awareness on application security. The OWASP Academy Portal is the actual deliverable of this process: a portal that will provide various types of content (presentations, labs, etc.) to students and faculty who wish to learn or teach application security.

We would like to invite you to join us in the OWASP 2013 Projects Summit which is organized during OWASP AppSec USA 2013, in New York City from November 18th to November 21st.

During the Projects Summit we intend to kick start the Academy Portal, complete the initial design and add some actual content. The OWASP Academy Portal will then serve as the meeting point for application security in academia. Moreover, we will discuss various training models and the experience we have gained over the past years in order to build a model that will be subsequently used to train developers and anyone involved in securing applications.

The OWASP 2013 Projects Summit will serve as a meeting point for several members of the educational and academic community and a unique opportunity to network, collaborate, exchange ideas and experience. The OWASP Project Summit is a smaller version of the much larger OWASP Summits. This year’s summit aims to give our project leaders the opportunity to have attendees sit down and work on project related activities during AppSec USA. It is an excellent opportunity to engage with active OWASP Project Leaders, and it gives project leaders the chance to move forward on their project milestones while meeting new potential volunteers that can assist with future milestones.

To participate in the Projects Summit Register for FREE for the “Expo and Career Fair Only Pass” and use the following discount code at checkout: NYC13_SUMMIT.Looking forward to working with you during the OWASP 2013 Projects Summit,


Dr. Kostas Papapanagiotou Martin Knobloch

MARKETING MATERIAL: OWASP REVIEW CRITERIA AND 2013 PROJECT ASSESSMENTS

I am happy to report that the Technical Project Advisors team has completed the final version of the our project assessment criteria. This criteria grades our project quality based on the overall project health and the overall quality of the product each project is producing. The aim of developing this criteria was to help guide OWASP Project Leaders toward the successful completion and development of their overall project deliverable. Moreover, this criteria will be used to establish the appropriate stage the reviewed project is in, basing the decision on overall project health and product quality. I encourage all Project Leaders to please take a bit of time and review the 2013 Project Assessment Criteria.

2013 PROJECT SUMMIT REVIEWS

As many of you know, attendees will be able to participate in the review of the entire inventory of OWASP Projects using the new assessment criteria developed by our team of Technical Project Advisors, during the OWASP Projects Review working session at AppSec USA. The aim of this session is to establish a more accurate representation of OWASP project health and product quality.

Leaders are encouraged to review the 2013 Project Assessment Criteria, and make certain that their project fulfills all of the guidelines outlined in the criteria. Please note, that it is not mandatory to work towards fulfilling all of the criteria for this round of reviews. However, passing the assessment is a requirement if you wish to graduate from an Incubator to a Lab and Lab to a Flagship Project. We do encourage all current Lab and Flagship project leaders to ensure that they are in alignment with the new 2013 project assessment criteria.

NEW OWASP PROJECT WIKI TEMPLATES

The new project wiki templates were created to make adding content to a project wiki page, a much easier task for Leaders. A big thank you to Colin Watson for creating these for us. We are encouraging all Leaders to switch over to these templates starting in 2014. Please note that Leaders are not required to use these templates, but the use of this wiki template is a requirement for graduation for Incubator projects starting in 2014. Below you will see an example of what we would like to see from an OWASP Project in regard to their wiki content and links.

If you have any questions about any of the topics above, or if you want to be involved, please reach out to me at [email protected]. See you all at the Project Summit in New York City!

MARKETING MATERIAL: 2013 PROJECT SUMMIT IS ONLY 2 WEEKS AWAY: SIGN UP NOW!

The Project Summit taking place in tandem with this year's AppSec USA in New York City, is only two weeks away! Unfortunately, we were not able to raise enough funds to facilitate remote participation for the 2013 Project Summit. It is certainly an aspect of our summits that we find incredibly important, and we will work hard to make sure remote participation is an option our contributors have in 2014. As a result, we recommend attending the summit in person, and signing up for the sessions you are interested in. We now have 18 sessions scheduled. The list includes: 

Monday: Nov 18th
  1. OWASP Project Review Session
  2. ESAPI Hackathon Session
  3. OWASP Media Project
  4. OWASP PHP Security and RBAC Projects: An Introduction
  5. AppSensor 2.0 Hackathon
  6. Bug Bounty Hack Session

Tuesday: Nov. 19th

  1. OWASP Training Development Session
  2. OWASP Academies Development Session
  3. Mobile Security Session
  4. ESAPI Hackathon Session
  5. Bug Bounty Hack Session

Wednesday: Nov. 20th

  1. Writing and Documentation Review Session
  2. ESAPI Hackathon Session
  3. Bug Bounty Hack Session

Thursday: Nov. 21st

  1. ZAP Hackathon Session
  2. Open SAMM Session
  3. ESAPI Hackathon Session
  4. Bug Bounty Hack Session

For more information on the 2013 Project Summit, please contact Samantha Groves ([email protected]), or visit the Project Summit wiki page.

MARKETING MATERIAL: INDIVIDUAL SUMMIT TWEETS BY KAIT DISNEY-LEUGERS

  1. hose OWASP Projects are not going to review themselves, maybe you should help. https://www.owasp.org/index.php/Projects_Summit_2013/Working_Sessions/003
  2. The ESAPI Hackathon is going on throughout the four days of the Projects Summit. Sign up to participate here: https://www.owasp.org/index.php/Projects_Summit_2013/Working_Sessions/001
  3. A 'live-hacking' event in a controlled environment. Get your hack on at the Bug Bounty Session, sign up here:https://www.owasp.org/index.php/Projects_Summit_2013/Working_Sessions/0013
  4. Help to define the standards and guidelines on training material. Sign up for the Training Development Session here: https://www.owasp.org/index.php/Projects_Summit_2013/Working_Sessions/008
  5. OWASP is going back to school to get the youth involved. Help create the guidelines for the Academies Initiatives:https://www.owasp.org/index.php/Projects_Summit_2013/Working_Sessions/009
  6. Build and maintain secure mobile applications at the Mobile Security Session. Sign up here: https://www.owasp.org/index.php/Projects_Summit_2013/Working_Sessions/0012
  7. Release your inner wordsmith at the Project Guide Review Writing Session. https://www.owasp.org/index.php/Projects_Summit_2013/Working_Sessions/005
  8. Wrap up your week at the OWASP Projects Summit by participating in the ZAP Hackathon. Sign up here: https://www.owasp.org/index.php/Projects_Summit_2013/Working_Sessions/007

Retrieved from "https://wiki.owasp.org/index.php?title=OWASP_2013_Project_Summit_Appendix&oldid=168839"