This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit

Summit 2011 FAQ

Revision as of 06:09, 19 January 2011 by Sarah Baso (talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Back to main Summit 2011 page

This page contains answers to frequently asked questions about the 2011 OWASP Summit.


What is the Global Summit? Is it like AppSec or other OWASP conferences?

The OWASP Global Summit is the place where application security experts meet to discuss plans, projects and solutions for the future of application security. The Summit is not a conference - there are no talks or training seminars - this is an opportunity to do actual work to further the field of application security. Participants will stay in shared accommodations and collaborate to produce tangible progress towards influencing standards, establishing roadmaps, and setting the tone for OWASP and application security for the coming years. The Summit will consist of working sessions across a variety of topics set by our community. Participants are free to attend any working session, but we encourage everyone to select working sessions for topics where they have the most to contribute.

Anyone can attend the Summit! OWASP community members, application security experts, industry players, and developers are all welcome at the Summit. If you would like to receive a personalized invitation for yourself or another person, see the promotional materials page or contact either Sarah Baso or Kate Hartmann.

When is the Summit?

The Summit will be held February 8th-11th (Tuesday-Friday), 2011.

Where is the Summit being held?

See the Summit venue page. Please note that as of 10 January, 2011 reservations for accommodations must be made through the RegOnline System. OWASP sponsored attendees will need to contact Sarah Baso for a coupon code before using the RegOnline system to get their Summit Ticket and reserve accommodations. Attendees should not contact Campo Real directly.

What if I want to arrive early/stay later at the Summit venue?

If you would like to arrive at Campo Real before February 7 or stay at Campo Real after February 11, you will have to move to a private room (unless you had requested type of accommodation for your entire stay) and the cost will be €67 EUR/night with breakfast included for a single and €127 EUR/night for a couple. If you are interested in arriving early at Campo Real or staying after the Summit is over, you will have an opportunity to book this during the RegOnline System booking process. Please contact Sarah Baso or Kate Hartmann with any questions or concerns.

How do I get to the venue?

Transportation to/from the airport to Campo Real is included in the accommodations price. Please send your flight itinerary to Lorna Alamri, Sarah Baso, or Jason Li if you did not book your flight through Diplomata Tours so that we can arrange for your transportation.

Otherwise, please visit Campo Real's location page to get details or directions.

Who do I contact for help?

For general assistance in all matters related to the Summit, contact Lorna Alamri, Sarah Baso, or Jason Li.

For help with travel and accommodations, contact Sarah Baso or Kate Hartmann.

How do buy my Summit ticket?

Please use the RegOnline System to purchase your Summit Ticket and book accommodations. OWASP sponsored attendees must contact Sarah Baso prior to booking through RegOnline in order to get a coupon code. See also the Summit 2011 reservation process.


How much will it cost to attend the Summit?

The short answer is €590 for a Summit Attendee Ticket, 4 nights shared accommodations, transportation to and from the airport, and food. Note that this does NOT include the flight costs. Please visit the Summit Reservations page to view a detailed cost table. We also have put together a PDF version of pricing table on OWASP Global Summit Letterhead if you or your employer needs a formatted version of the costs and booking process.

What is included in the price (meals, etc.)?

  • The Summit Participant Ticket (€260 EUR) includes most (2 meals and 2 coffee breaks for each of the 4 days)
  • There are different price points depending on the type and number of nights accommodation you require: 3 or 4 nights, shared or private accommodations, and individual or with a companion. Visit the Summit Reservations page to see the costs associated with each.
  • All accommodation packages include transportation to and from the airport.
  • All accommodation packages include meals and coffee breaks each day (for both the attendee and companion if applicable), with the following caveats:
    • All 3-night stay packages include: 3 breakfasts, 3 dinners, 6 coffee breaks (2 each day), and 4 lunches. (The reasoning behind this is that if you are staying 3 nights because you are arriving Tuesday morning, you will want lunch and dinner Tuesday + breakfast, lunch, dinner and coffee Wednesday + breakfast, lunch, dinner and coffee Thursday + breakfast, lunch, and coffee Friday. If you arrive Monday, but are leaving Thursday, this same meal rationale will apply shifted one day earlier.)
    • All 4-night stay packages include: 4 breakfasts, 4 lunches, 4 dinners, 8 coffee breaks (for bother attendee and companion if applicable).

What are the estimated expenses per day (beer, wine, snacks)?

  • The price of just lunch, dinner, and 2 coffee breaks is €65 EUR/day. This is included in all package prices listed on the Summit Reservations page. Additionally, if you are staying at Camo Real breakfast is included in the price of accommodations.
  • The amount for "extra" expenses per day - beer/wine/sight-seeing/etc. is more or less up to you! Each villa (shared accommodations) includes a common living room and kitchenette, so evening socializing and collaboration could theoretically take place there to cut back on costs.

Where do I stay?

See the Summit venue page. Please note that reservations for accommodations must be made through the RegOnline System. Attendees should not contact Campo Real directly.

Who is going to the Summit?

Please visit the the expected attendee page to see the most up to date list on who is attending the Summit.

Can you help me get a visa (letter of invitation, etc.)?

Depending on the type of documentation you need, we can try to help you. Contact Lorna Alamri, Sarah Baso, or Jason Li and let us know what you need.

OWASP Summit Sponsorship

I don't have enough money to pay for my trip. How can I still go?

See the attendee funding page.

I'm an OWASP leader - why isn't this free for me?

See the section on Attendee Funding - Background.

During the previous Summit, OWASP was fortunate enough to be able to fund all OWASP leaders to attend the Summit. Unfortunately, the budget for the 2011 Summit is not as large as the previous budget. Moreover, due to the success of OWASP, the organization has grown on a world-wide level resulting in even more OWASP leaders that want to attend the summit (and who need funding). As a result, we are making the following compromise with our attendees: OWASP will provide the venue meeting rooms, the A/V equipment, and the venue supporting staff in order to enable attendees to work effectively; attendees just have to pay for travel and accommodations for themselves.

But OWASP paid for everything at the last Summit! Why did it change?

See the section on Attendee Funding - Background.

So who is being funded?

The first round of funded/sponsored attendees included OWASP Staff and the Summit Planning Committee as well as active Global Committee Members. See also the funding priority list. The remainder of the budget was used by the Board to fund as many attendees as possible. The Board has decided to use a ranking system to select the individuals who will receive the funds currently available, as well as any funds that the Summit may receive through corporate sponsorships or other budget allocations. To learn more about the ranking system, see Dinis Cruz's email to Summit sponsorship applicants on 5 January 2011. The first round of sponsorships using the ranking system was decided and awarded on 10 January 2011. The second round of sponsorships using the ranking system was decided and awarded on 18 January 2011.

Regardless, of the decision on the next round of sponsored attendees, the budget for the Summit is not broad enough to cover the costs for all of the chapter leaders and committee members. We are depending on the local chapters to provide the financial support for their leaders. We would really love to be able to fund the summit for everyone, but the number of Qualified participants far exceeds the foundation's ability to provide funding.

*NOTE CHANGE* As of 18 January, 2011 we have maxed out all the funds we have available for attendees (from OWASP foundation funds and from the chapters themselves), if more funding is received via corporate or individual donations from now until the time of the Summit we will contact those listed on the Summit attendees seeking funds list.

What is an "Active" Committee Member?

The Global Committees were started two years ago at the previous OWASP Summit. Since that time, original members have stopped participating and new members have joined. This natural evolution has not been carefully tracked. Recognizing the need identify the core contributors to each committee in order to properly prioritize funding, the Board arranged for a survey of all committee mailing lists, to which committee members are subscribed and should be monitoring. This survey, along with multiple other communications from the Summit committee, was sent to committee members (via committee mailing lists). While the Board received some responses, these communications were mostly ignored, even by committee members the Board knew were active. As a result, in their December 2010 Board meeting, the Board decided to contact committees directly to identify the status of members. The Board, in consultation with the elected Committee Chair, determined members to be:

  • Active (member for more than 6 months, involved in committee activities, attends committee meetings/discussions on a regular basis, follows through with responsibilities/deliverable, etc)
  • New (joined within the last 6 months)
  • Re-committed (members for more than 6 months but not recently active that gave a personal attestation to re-commit themselves to the Committee)
  • Voluntarily Resigned
  • Unresponsive

Active members were the only committee members funded under the first round of Summit sponsorship. New members will be considered in the second round of Summit sponsorship, along with other OWASP leaders and re-committed members. Committee members that were unresponsive have been deemed inactive and removed from their committees; they will not be funded based on their committee membership.

What does it mean to be a "sponsored" Summit attendee?

See the section on Logistical Guidelines and Expectations for OWASP-Sponsored Attendees, which outlines what costs will be covered for sponsored attendees as well as what will be asked from them in exchange for the sponsorship.

When will I know if I can get funding from the OWASP Summit Sponsorship Fund?

The Board has taken responsibility for determining which of the attendee applicants will be sponsored by OWASP. If you have asked for funding to attend the Summit, please make sure to check your email regularly and watch for notice of your sponsorship status as we cannot hold your spot indefinitely.

Why do they get funded and not me?

Please understand that we have very limited funds available. If you were not chosen to be funded, please do not take it personally. We simply do not have enough funds to sponsor all the great members of OWASP to attend. The Board is choosing applicants using a ranking system in a manner that they deem to be fair and consistent with OWASP values. To learn more about the ranking system, see Dinis Cruz's email to Summit sponsorship applicants on 5 January 2011. Please contact the Board if you have any questions regarding the selection process.

Are there any requirements or expectations for sponsored Summit attendees?

Yes! See sections entitled "Award Claim" and "Logistical Guidelines and Expectations for OWASP-Sponsored Attendees" on the Summit Attendee Funding tab.

I thought the Summit ended on Friday (Feb. 11)? Why am I being asked to stay until Saturday or Sunday?

Due to the limited funding we have to sponsor attendees, we want to be able to book the trip with the lowest overall cost. Therefore, if it ends up being substantially cheaper to have you stay over Friday or Saturday night and fly out later in the weekend, you may be asked to stay longer. Note that if you are asked to stay longer, the cost of accommodations these extra nights at Campo Real would be covered by OWASP. See also the Friday Night Guidelines .

Why is the process to obtain OWASP funding for the Summit taking so long?

Please understand that there are a number of logistical challenges. We know the process has been difficult and confusing. Please bear with the Board as they determine the best way to distribute the available funds.

Someone from OWASP said that I would be sponsored. What gives?

Unfortunately there has been a great deal of inconsistent information spread around about the Summit, even from people highest levels of OWASP leadership. The reality is that the budget for the Summit is not nearly as large as it needs to be to sponsor all deserving attendees. If you were told by someone in OWASP that you would be sponsored, we apologize for the confusion. The official list of attendees sponsored by the OWASP Summit fund can be found under Confirmed and Funded Attendees .

I'm the leader for OWASP _____ . You should be giving me money to attend the Summit as a reward for all the work I’ve done!

The goal of the sponsorship model is to ensure that as many OWASP leaders as possible can attend the Summit. We know that there are many OWASP leaders have contributed a lot of time and hard work to OWASP and want to come to the Summit. In an ideal world, we would be able to fund everyone but that is simply not the case. As a result, we are not providing sponsorships based on what leaders have contributed in the past - we are focusing on trying to help people who are unable to get funding from their employer or local chapter.

We have many attendees that have obtained funding through their employer. We have many more that have obtained funding through their chapter. Remember that every dollar that is used to fund a member that could find alternative funding is a dollar that we cannot spend to send another person to the Summit. We humbly ask that if you can obtain funding through other means, please do so! We want to make sure that we sponsor as many OWASP leaders as possible to get everyone participating at the Summit. Please help us to make this possible! Don’t ask for sponsorship funds unless you’ve exhausted all other alternatives!

I heard the Board gave you more money. Shouldn't that be enough to fund everyone now?

Initially the Summit Team was allocated $50k to plan and execute the Summit, as well as pay the travel expenses for the Board, OWASP Staff, and the Global/Summit Committees, and other OWASP leaders. Clearly, that initial funding went quickly.

The Board recently announced the addition of more funds to the Summit budge. However, the Board’s resolution was more complicated than just giving more money to the Summit Sponsorship Fund. We received more money through a series of shifts in budgets and reallocation.

The budget reallocation entails the following:

  • The original 50k Summit budget will instead be re-allocated to Summit operational expenses only (e.g. venue costs, logistical support, administrative costs, travel agency fees, etc). None of this budget will be used for sponsoring attendee costs.
  • The attendee sponsorship budget will instead be made from the reallocation of all unused 2010 OWASP funds. Based on preliminary projections, the Board expects this amount to be about $50k. We are waiting for final figures once the OWASP budget is reconciled.

Our projections for the travel expenses of active committee members (who have already received notification of sponsorship and been invited to book their trips) is that they will total about $30k. The remaining $20k will be used to sponsor some of the remaining OWASP members who have requested funding based on the Board's Selection Process.

Note that we expect attendee costs to be about $2k on average, so the additional budget is only expected to allow us to sponsor 10 additional attendees.

OWASP Chapter/Project Sponsorship

What is the process for requesting funds from my local OWASP chapter or project to pay for my trip?

See Funding Request Application Process. You must fill out this form and submit it to your local OWASP chapter/project leader. Please visit Funding Priority.

My chapter leader is not responding so I don't know if I can get chapter funding. Can you help me?

Yes. Please fill out and submit this form to Sarah Baso and CC your project or chapter leader on the email. She will get back to you about the possibility of receiving funding. See also the Funding Request Application Process.

Why is OWASP stealing my Chapter money?!?

Please do not be alarmed! As noted in | this email, the Board has asked all Chapter leaders to indicate if they would like to contribute funds towards the OWASP Summit. The Board is expecting at least some Chapters will contribute. As a result, the Board is proactively moving some funds out of Chapter accounts to pay for Summit expenses. Please note that this is merely an exercise in cash flow. OWASP will eventually restore the funds for any chapter that decides not to contribute to the Summit. From an operational perspective, we are still waiting for some accounts to clear from various conferences and we simply need to have some cash flow in order to proceed forward with Summit planning. As long as you respond to the | Chapter survey, any funds that you do not donate to the Summit fund will be returned to you as soon as other OWASP accounts clear.

I am the leader/chair of a profitable OWASP local chapter. Why should my chapter have to pay for my attendance or the attendance of members from my chapter?

Ideally, we would not have to ask the local chapters to help with funding their leaders or members to attend the Summit. Unfortunately, we cannot afford to sponsor everyone (not even close). Please don't think of us asking for your assistance in sponsorship as a "penalty." Instead, realize that the energy generated by attending the summit will be a "return on investment" that you made in sponsoring trip. Not only will the Summit be a good place to connect with other leaders to find out what they are doing to make their chapter successful (or what isn't working), the Summit will offer opportunities to Network with other key industry members from around the world and find out more about the world of application security that exists beyond your chapter.

Employer Funding/Sponsorship

My employer needs an invitation letter/documentation to sponsor me to go? Where do I get this?

There are a number of example letters and templates available on the promotional materials page. Please contact either Sarah Baso or Kate Hartmann with your request and they will work with you on creating some personalized material for your employer/sponsor.

Can my company have a logo on the wiki page if they fund me?

Yes. Please visit the expected attendee page to see where your company's logo will appear if they fund your trip.

I need help convincing my employer to fund my Summit attendance - what should I tell them?

There is text included in the example letters and templates available on the promotional materials page that can get you started.

You can use the following points in your discussion:
This year's Summit will be a worldwide gathering of OWASP leaders and key industry players to focus on a variety of important application security topics including browser security and cross-site scripting eradication. Attending the Global Summit will provide <EMPLOYEE NAME> with opportunities to:

  • Participate in the latest developments in application security and influence its trajectory
  • Gain new skills and technical knowledge for current application security projects
  • Find out where other companies are focusing their energy and resource
  • Increase visibility for <COMPANY’S NAME>

We believe that <EMPLOYEE’S NAME>’s attendance at the Global Summit is an worthwhile investment for both <COMPANY NAME> and <EMPLOYEE NAME>. Therefore, we are asking you to consider supporting <EMPLOYEE’S NAME> participation at this important event by donating <HIS/HER> time to attend the Summit.

Working Sessions

I want to plan/run a Working Session. What do I need to do?

  1. If you haven't done so already, please add your name to the Summit Attendee page.
  2. If you will need help with funding, please visit the attendee funding page for more information.
  3. After we know you plan to attend the Summit, visit the Summit working sessions page and determine if there is a working session already listed that you are interested in running/planning/leading, or if you have a new idea.
  4. If there is a session already listed without a leader, feel free to add your name as the leader and send Sarah Baso an email letting her know your intent. She can set you up with a working session page and let you know about any next steps. If a leader already is listed for the session you are interested in, add you your name as session member/attendee and email the leader to see what you can do to help.
  5. If you have a new idea, add your information to one of the blank rows under the appropriate track name, or under Track: OWASP if you don't see a good fit. Send Sarah Baso an email letting her know your intent. She can set you up with a working session page and let you know about any next steps.

I want to participate in a working session. Where do I sign up?

Visit the Summit working sessions page and click on "edit" in the left hand column next to the session(s) you want to participate in. When you get to the edit screen, scroll down to where you see:

| summit_session_attendee_name1 =
| summit_session_attendee_email1 =
| summit_session_attendee_wiki_username1 =

At a minimum, please enter your name and email address so the person leading the group can contact you to follow up.
If you don't see a session you are interested in and want to create one, or want to lead a session, see the answer under the previous question (above).

Corporate Sponsorship

My company wants to sponsor the Summit. What do I do?

Please visit the corporate sponsorship page to view current opportunities. If you are interested in supporting the global summit, please contact contact Tom Brennan by telephone at +1 973-202-0122.