This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit

Summit 2011 Working Sessions/Session078

Revision as of 06:26, 1 February 2011 by Dinis.cruz (talk | contribs)

Jump to: navigation, search

Global Summit 2011 Home Page
Global Summit 2011 Tracks

WS. owasp.jpg Less preaching to the choir, engage more with the outsiders
Please see/use the 'discussion' page for more details about this Working Session
Working Sessions Operational Rules - Please see here the general frame of rules.
Short Work Session Description Historically OWASP has been very inward focused, it is time to reach out and engage the multiple players that can make a difference in the Web Application Security world.

Jeremiah Grossman in his 'Open letter to OWASP' blog post:
"...3) Less preaching to the choir, engage more with the outsiders:
Everyone in the community recognizes the echo chamber issue. We know the vast majority of who we need to reach, those who do not voluntarily come to us, the application security industry. So of course they have no way of knowing why the work we do is important, how it affects the safety and privacy in their lives, and the viability of online business. Without addressing this issue, the summit runs the risk of perpetuation the problem. I’ve been as guilty as anyone. Therefore instead of continuing to expect people to come to us over the last several years I’ve been transitioning to going to where they are, and with much success! OWASP should do the same to spread the word and take itself to the next level.

For example, OWASP representatives could attend, sponsor, and present at every possible non-security conference such as JavaOne, F8, Google I/O, any O'Reilly event, Star East/Web and so on where thousands of developers gather. In my experience at these events, when in their own element, developers are eager to learn about the state-of-the-art in application security, especially when presented in a way where they can derive value immediately when they get back to work. These attendees also represent a segment of developers who really care about their software. OWASP should proactively reach out to conference organizers with menu of official up-to-date topics and facilitate the CFP process on behalf of qualified representatives. Or, better still, offer to establish and manage an entire security track! Done right with a call to action, this alone would drive much needed membership..."

Related Projects (if any)

Email Contacts & Roles Chair

Operational Manager
Mailing list

Venue/Date&Time/Model Venue/Room
OWASP Global Summit Portugal 2011
Date & Time

Discussion Model
participants and attendees

Projector, whiteboards, markers, Internet connectivity, power

Proposed by Working Group Approved by OWASP Board

After the Board Meeting - fill in here.

After the Board Meeting - fill in here.

After the Board Meeting - fill in here.

After the Board Meeting - fill in here.

After the Board Meeting - fill in here.

After the Board Meeting - fill in here.

After the Board Meeting - fill in here.

After the Board Meeting - fill in here.

Working Session Participants

(Add you name by clicking "edit" on the tab on the upper left side of this page)

Name Company Notes & reason for participating, issues to be discussed/addressed
Matthew Chalmers @

Doug Wilson @
I believe this should be a part of the Outreach working groups