Difference between revisions of "Women In AppSec"

Women in AppSec

The OWASP Foundation, in recognition of value to both organizations and society, is working to support and enhance programs that increase the participation of women in the field of application security. The OWASP Foundation Women in AppSec Program provides merit-based funding for women to attend participating OWASP AppSec conferences. OWASP’s current program objective is to encourage female students at both the undergraduate and graduate levels, instructors, and professional working women who are dedicated to a career in information security and/or application development, to expand their skills and pursue application security.

Eligibility

Each applicant must be a woman that meets our eligibility criteria below:

   Is a part- or full-time student at an accredited four-year college or university or graduate program.

Or

   Is involved in information security and/or application development in a professional role.

And/Or

   Has an interest in exploring application security in an information security and/or application development role.

Global Conferences

Women in AppSec currently takes place at the four global conferences:

• AppSec USA
• AppSec EU
• AppSec APAC
• AppSec Latam

Note: The applicant must be from the region that the conference is taking place in to apply for the Women in AppSec opportunity.

AppSec

OWASP AppSec conferences bring together industry, government, security researchers, and practitioners to discuss the state of the art in application security. This series was launched in the United States in 2004 and Europe in 2005. Global AppSec conferences are held annually in North America, Latin America, Europe, and Asia Pacific. Additionally, regional events are held in locations such as Brazil, China, India, Ireland, Israel, and Washington D.C.

Currently the Women in AppSec program is held at the Global Conferences, however, regional events are encouraged to take advantage of the program as well.

AppSec APAC

AppSec APAC comprises the Asian-Pacific region. This year AppSec APAC was held February 19-20 in Jeju, South Korea and was hosted by the OWASP South Korea Chapter.

AppSec EU

AppSec EU comprises the European region. This year AppSec EU was in Hamburg, Germany from August 22-23, and was hosted by the OWASP German Chapter.

AppSec Latam

AppSec Latam comprises the Latin American region. It is being held October 3-4 in Lima, Peru and is hosted by the OWASP Peru Chapter.

AppSec USA

AppSec USA comprises the North American region. This year it is being held November 20-21 in New York City, NY and is hosted by the OWASP New York City Chapter.

Pre-Conference

• Step 1:Put together a selection committee of about 4-5 people.
• Step 2:Decide on the details of the awards.
• Step 3:Come up with a budget to allocate for the award.
• Step 4:Develop a Sponsorship Strategy.
  • Put together a sponsorship flyer outlining the program, what you are seeking and the benefits of sponsorship.
• Step 5:Seek out sponsor for the program.
• Step 6:Develop the application timeline with deadlines for each stage.
• Step 7:Create the selection criteria and send out a call for entries.
• 'Step 8:Make the final selection on candidates and announce the winners.
• Step 9:Help the winners arrange travel, accommodations and other logistics.

Post-Conference

• Step 1: Gather feedback from the winners.
  • As the winners for a brief blurb about their experience, with a picture attached for the website.
  • Write up a review and lessons learned page to document the experience with the program and what can be improved upon in the future.

The Program Committee

The Program Committee should consist of around 5-6 people.

• Two people will be responsible for sponsorship. They will be in charge of creating the sponsorship packages, flyers and seeking out sponsorship from other chapters and organizations.
• One person will be responsible for marketing the event. Their job will consist of putting together press releases, keeping the event planners updated on progress and communicating progress to the overall community.
• While everyone on the committee will be involved in grading, one person will be in charge of the grading process. They will create spreadsheets similar to those originally created for the selection committee, and for making sure everyone has what they need for the grading process.
• Finally, one to two people will be in charge of the call for entries.

Training Days

Prior to the conference, the winners will arrive during the training workshops. Upon their arrival an OWASP volunteer will be around to greet them, sort out their hotel arrangements and take them to trainings. This is to ensure that the winners are taken care of and that they feel welcome and comfortable.

Conference Days

During the two days of the conference an OWASP volunteer will be available to show the winners around, introduce them to staff members and get them acquainted with conference goers. The volunteer will also be responsible for getting the winners to the Women in AppSec panel. The volunteers should be made available if the winners have any questions or need help with anything.

Previous Women in AppSec Winners

Following their experience at AppSec, winners are encouraged to write a short piece about their experience at the conference and their participation in the Women in AppSec program.

Tara Wilson, 2011 Winner

“Being fortunate enough to receive the Women in AppSec grant is a unique and valuable experience. It is a great opportunity for women to have a chance to bolster their skills and dive deep into the world of application security. I found that attending the conference was not only a great way to experience what the OWASP community has to offer, but it also gives students a chance to network with a great group of people who are passionate about their field and willing to share a wealth of information.”

If you have questions, or if you wish to contribute to the program, please e-mail Samantha Groves at: [email protected]

or intern Kait Disney-Leugers at: [email protected]