Preparation for next year's conferences is underway. I had the pleasure of meeting people from our community at a recent ISACA Ireland event where I had an OWASP stand. I also had lots of swag to give away, loads left which I plan to share out amongst the community.
I was on a call recently with both WIA leadership and a number of individuals looking to broaden our diversity reach, forming DIA (diversity in AppSec). This was a positive call and I look forward to reviewing their proposal under the committee 2.0 operating model.
I'd like to thank our volunteers, chapter and project leaders for making OWASP what it is today. We wouldn't have a foundation without you. We always want to make things better, to this end, it would be great if you could fill out the following feedback form.
Owen Pendlebury, Vice-Chairman
FROM THE EXECUTIVE DIRECTOR
As we wind down 2019, we are planning lots of new opportunities to get involved with OWASP next year. The current working draft of the 2020 Operating Plan can be found on our staging site for our new website which is planned to launch next month.
Some of the highlights for 2020:
Quarterly Town Hall meetings.
Two Project Summits - the first in February 2020
Pilot single-day AppSec Days worldwide to offer local training and community.
We are also set to further increase the transparency of the daily workings of OWASP through our Staff Projects page. The pages linked there will always be a work in progress; some of which today are still only templates but still a great resource to know what's going on at OWASP.
All of this which adds to our Global and Regional Events, ongoing local chapter support, and other member activities. Our plans are ambitious and we look forward to your continued support this and every month as we look to better secure the web.
OWASP Foundation Global AppSec Event Dates for 2020
NEW OWASP Project Summit - Winter 2020 February 2020 in Cancun, Mexico
The OWASP Foundation will host a three-day working session for FIVE selected projects in Cancun, Mexico, February 2020. Arrival day will be Wednesday the 19th and departures will be the 23rd. Projects must apply and then get selected to participate. The application process will require project meeting goals, work plans, key contributors, and expected attendance. The OWASP Foundation Officers Group will make the final selection. For more information click here.
Announcing a New Opportunity to become part of a Global AppSec Program Team
Conference Program Teams are constituted for each Global AppSec event and consists of members of OWASP members and staff. The selection of team members is based on subject-matter expertise and a balanced representation of the OWASP community. For planning purposes, team members shall reside on the continent of the Global AppSec for which they serve. Teams are constituted no later than six months prior to the Global AppSec event.
To apply to become a member of the Conference Program Team click here.
We are so excited to announce that both the London OWASP and WIA community have been asked to speak at BlackHat Europe 2019 on Wednesday 4 December at the EXCEL London. Andra Lezza is leading the panel of women to "Share insights gained at different stages of their careers to help other women in the field." Thank you, Andra, for leading the initiative and also to Sonya Moisset, Bibi Sanjarani, Katy Anton and Lauren Chiesa for volunteering to be part of the panel. Also from the OWASP Community and a London Chapter Leader Sam Stepanyan and Paul Harragan. Sam and Pau will be presenting a more in-depth demo on the OWASP Nettacker. Good luck to all the speakers have a great conference.
I would like to encourage all of the OWASP community that will be attending BlackHat Europe to please make every effort to attend and support our fellow OWASP members Wednesday, 4 December 2019. (Click to view the schedule details.)
BlackHat Europe has extended an invitation to our London WIA community to lead a panel to "Share insights gained at different stages of their careers that could help other women in the field." Thank you to Andra Lezza for leading this initiative and Sonya Moisset, Bibi Sanjarani, Katy Anton and Lauren Chiesa for volunteering to be part of the panel and to contribute. Good luck I am sure your session will be a huge success.
BlackHat Europe 2019 London at EXCEL London 2019 December 2-5 The OWASP Booth 1015 Business Hall December 4 & 5 December 4, 10:30 AM - 7:00 PM December 5: 10:00 AM - 4:00 PM
You may also be interested in one of our other affiliated events:
As the foundation moves toward the migration of the OWASP web presence from the old wiki site to our new Github-hosted home, some of you may still have questions regarding what to move and how to move it. Essentially, if you have a chapter page or project page and you have not migrated it to the new website, that would be first. Steps on what to do and what is needed can be found at https://www2.owasp.org/migration There are also some minor instructions on the default project or chapter page itself. And if you are wondering where that page is located, you can go to https://github.com/OWASP and type your chapter name in the repository search bar. If your project or chapter is not there, contact me. Lastly, there are a number of excellent examples already done by other leaders (also linked on the migration page).
And, as a precaution, you should click over into the 'Settings' of your repository and then click the 'Collaborators & teams' link on the left menu and check to make sure that the usernames added to Collaborators match what you expect. Having someone you do not know edit your web page without your knowledge is no longer the expected behavior.
Some resources, mostly for projects, have been uploaded to the OWASP Site Theme Repository and can be linked to via the /assets/image/common/<file> URL.
After your chapter or project page is done, there is a www-community repository which would include any files from the wiki that are not currently in a project or chapter or board/staff policy area. For instance, there are pages there for GSoC and XSS and CSRF. A list of the top pages that need to be migrated can be found attached to one of the TODO cards on our website migration Trello board which you are invited to join if you want to help migrate loose pages and/or perform some automation work.
As part of OWASP's participation in Google's Season of Docs, the ZAP project has had Nirojan Selvanathan (@sshniro) working on API documentation. The first iteration of the documentation is now live. It includes Java, Python, and shell example snippets all presented in a responsive and accessible design which we will continue to build on in the future.
Big thanks to Nirojan for his efforts on this wonderful initiative! Congratulations and thanks to Google Open Source for helping to bring the open-source and technical writer communities together!
Welcome to our New OWASP Chapters
Colombo, Sri Lanka Des Moines, IA Harrisburg, PA Louisville, KY Monterrey, Brazil Moscow, Russia
Contributor Corporate Members
*Ads and logos are not endorsements and reflect the messages of the advertiser only. *