This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Owasp Italy Appsec agenda"

From OWASP
Jump to: navigation, search
(Build a local meetup network)
(Build a local meetup network)
Line 30: Line 30:
 
We feel the need of creating informal meetups were appsec guys gather each other java people, php people, ruby people, .Net people, UX people, entrepreneurs in order to build strong security basements for people make the real web.
 
We feel the need of creating informal meetups were appsec guys gather each other java people, php people, ruby people, .Net people, UX people, entrepreneurs in order to build strong security basements for people make the real web.
  
 +
We hope to start meetups up in Spring 2015 (around April 2015).
 +
Meetup will be monthly based.
 +
 
==== Local meetup leader ====
 
==== Local meetup leader ====
  

Revision as of 11:02, 28 January 2015

This is the Application Security Agenda for Owasp Italian chapter. Please note, this is not a page for an appsec conference, this page is about an application security strategy for the Italian chapter in order to give a boost for activities and to be used year by year to measure how things went in our Country.

2015

Goals for 2015

  • Date an opensource project
  • Build a local meetup network
  • Communication boost

Date an opensource project

In order to build a culture of security, filling the gap with developers we want to adopt opensource projects, doing code review and penetration tests over it, providing developers security feedbacks to raise the bar for attackers.

Stuff to be done

Luca Carettoni @_ikki proposes a formal engagement process to adopt an opensource project, making assessments and giving feedbacks. We are evaluating how to procede, creating a framework to #fillthegap. We are also wondering about creating some whitepapers to help development team introducing appsec.

Popular projects that are candidate to be adopted are:

Build a local meetup network

In Italy, application security specialists don't meet each other and, more important, they don't meet developers and stakeholders in informal meetups to spread the #appsec credo. There are some focused security events (Infosecurity, Security Summit) but they are organized by security guys for other security guys and there are more formal state-of-art event in the Italian panorama.

We feel the need of creating informal meetups were appsec guys gather each other java people, php people, ruby people, .Net people, UX people, entrepreneurs in order to build strong security basements for people make the real web.

We hope to start meetups up in Spring 2015 (around April 2015). Meetup will be monthly based.

Local meetup leader

Local meetup leader is a person in charge of plan, organise and keep #appsec hype high on his neighborhood/city. For big cities like Milano, Torino, Roma, Napoli, ... there will be of course more leaders that must collaborate each other.

Stuff to be done

We must create a whitepaper document describing some general rules about how to organize a local meetup. Where to organize, who to invite, how to document the event (photo, talks recording), how to do media coverage, how to advertise the event, where to put infos, slidedecks, ...

Communication boost

People who wants to use IRC to chat with Owasp Italy members can use irc server chat.freenode.net on channel #owasp-italy