(email sent to all onsite and remote Owasp Summit Participants)
Hi Summit Participants, I hope you had a great weekend. Here in London I meet with Ante Gulam for BBQ and we had a very productive Sunday (as you can see below)
I think it represents the idea of the Summit as a place where an important historical community event will occur and that it will be an shared experience :)
Hi Summit Participants, I hope you had a great weekend. Here in London I meet with Ante Gulam for BBQ and we had a very productive Sunday (as you can see below)
Before I go into the details, I have a question for you: What do you think of this tag line for the Summit: "The Woodstock of AppSec"
Seba come up with it when we meet for lunch on Friday, when we were talking about the Summit's gravitational pull (as in 'the place to be', 'the place were the most interesting AppSec conversations will occur', 'the place where the best minds in XYZ topic will be together', 'the place where participants are trying to solve hard problems that I have today')
I think it represents the idea of the Summit as a place where an important historical community event will occur and that it will be an shared experience :)
You can see this tagline next to the logo on the http://owaspsummit.org/ homepage.
I've also posted on the Summit's site the How Working sessions will be organised text I shared with you yesterday, and asked the owasp leaders if they could Help with OWASP Summit 2017 outreach (which is a request that I also like to make to the non-owasp-leaders reading this)
On the topic of Working Sessions and Tracks, me an Ante where on fire, and created 2 Tracks and 18 Working Sessions.
The new Tracks are:
- Agile AppSec - This is a Track driven by a couple participants that really care about Agile and want to find better ways to integrate it with AppSec practices
- Security Crowdsourcing - This is a Track that is focused on scaling AppSec activities via internal and external crowdsourcing
The new Working Sessions (most related to the two new tracks) are:
- Integrating Security into a Portfolio Kanban
- Integrating Security into a Sales Channel
- Integrating Security into an Spotify Model
- Agile Practices for Security Teams
- Security Guild vs Security Champions
- Using Security Risks to Measure Agile Practices
- Scaling Agile Planning and Education (draft)
- Role of Security Certification (draft)
- Security Book Club
- Define Agile Security Practices
- Threat Modeling Cloud Migrations (draft)
- Cross-Company Hackathons (draft)
- Security Crowdsourcing the SDL Practices (draft)
- Internal Bug Bounties Programmes (draft)
- Lessons learned from public bug bounties programmes (draft)
- Hackathon Daily Sessions (draft)
- Cyber Security Economics (draft)
- Crowdsourcing Security Knowledge
(Please help with content for the ones marked with '(draft)' and review content of the rest)
I hope you agree with me that there are some very interesting topics here, which address real-world problems most of us have (including some new and innovating thinking)
With these new Working Sessions, we now have 59 which do not have an organiser (please help by taking one of these under your wing and help to make it a reality, remember the darwinian model that we are going to use to select which Working Session will be officially supported and placed on the main schedule).
Thanks for being an Summit Participant, and don't hesitate to ask for help (to me, Seba, Francois or the Summit Editor's team)
Have a great start to the week
Dinis Cruz