OWASP Connector Newsletter - October 28, 2015

October 28, 2015 || www.owasp.org | Contact Us | Brought to you by the OWASP Foundation

2015 Global Board Election Results OWASP in the News 2015 WASPY Award Winners OWASP Translations: ASVS Women in AppSec: Diversity Leads to Success NEW Tool: Trello	Project Summit at AppSecUSA Latest Releases ZAP Scripting Competition Results OWASP Code Review Guide Survey NEW Initiative: OWASP Research	Global AppSec Events Local and Regional Events Partner and Promotional Events
New OWASP Chapters Chapter Transitions New Student Chapters New Academic Supporters Chapter Activities	Premier Corporate Members Contributing Corporate Members	OWASP Foundation Social Media

---

---

	OWASP Communications
2015 Global Board Election Results https://www.owasp.org/index.php/2015_Global_Board_of_Directors_Election Turnout 855 (33.0%) of 2587 electors voted in this ballot As a % of 855 Tobias Gondrom 459 53.7% Michael Coates 414 48.4% Tom Brennan 312 36.5% Josh Sokol 304 35.6% Jonathan Carter 226 26.4% Abbas Naderi Afooshteh 178 20.8% Bil Corry 175 20.5% Milton Smith 172 20.1% Nigel Phair 125 14.6% VOTER SUMMARY Total 855 Abstain 36 4.2%
OWASP in the NEWS! OWASP Projects and activities are often the subject of webcasts and podcasts. Sit back and relax as you watch and listen to these recent episodes. Simon Bennetts - OWASP ZAP Q&A session ZAP, Xenotix XSS Exploit Framework, O-Saft and OWTF - 2015 BOSSIE Awards OWASP Top 10 - "Don't Let Your SMB Get Caught With Its Pants Down," Huffington Post Mark Miller - OWASP 24/7 Podcast Series
WASPY Award Winners The results of the OWASP WASPY Awards have been announced and posted to our website. Thanks to all who made a nomination and congratulations to the winners. Open/Leading Category European Region: Eoin Keary United States Region: Jeremiah Grossman Latin American Region: Mateo Martinez Caribbean Region: Johanna Curiel Integrity/Learning Category European Region: Antonis Manaras & Mateo Martinez (OWASP Student Chapters Program Leaders) United States Region: Pedro Peralta Asia/Pacific/Middle East Region: John Patrick Lita Caribbean Region: Johanna Curiel Innovation/Sharing Category African Region: Munir Njiru European Region: Fiona Collins Latin American Region: Diego Ademir United States Region: Jeremy Long Global/Growing African Region: Munir Njiru Asia/Pacific/Middle East Region: John Patrick Lita European Region: Jason Alexander Latin American Region: John Vargas United States Region: Jerry Hoff View the complete results and vote counts at https://www.owasp.org/index.php/WASPY_Awards_2015#Results.
OWASP Translations: ASVS OWASP ASVS — Translation Project has been added to Crowdin. Crowd In is a community translation platform. If you speak another language other than English, we would really appreciate it if you could join Crowd In, and become a member of the ASVS project page and commit some time to developing a translation into your local language.Help us translate OWASP ASVS and bring it to the world! https://crowdin.com/project/owasp-asvs.
Women in AppSec: Diversity Leads to Success Study after study has shown that diverse teams are more successful. Forbes reports that diversity is key driver of internal innovation and business growth. McKinsey & Company study showed that diverse organizations are more likely to have financial returns above their respective national industry medians. The OWASP Women in AppSec (WIA) diversity initiative aims to increase the participation and visibility of women in the applications security field. WIA is seeking volunteers to help with projects in 2016 now! Fill out the WIA planning survey at https://www.surveymonkey.com/r/SRNLD7H and get involved today. Increasing diversity is an effort that relies on all of us to be successful, so all genders are welcome and encouraged to participate.
NEW Tool: Trello Trello is a collaboration tool that organizes your projects into boards. In one glance, Trello tells you what's being worked on, who's working on what, and where something is in a process. The OWASP Foundation has obtained a free premium Trello account for our community. If you are interested in having your own board for your project or chapter, please ping Fabio Cerullo at fcerullo@owasp.org. Some of the projects and chapters using the Trello board are Campinas/Sao Paulo, Delhi, CSRFGuard, ZAP as well as the global Board and the AppSecUSA Chapter Leader Workshop. Visit these boards for ideas on how to use them for collaboration in your group: https://trello.com/owaspfoundation

---

OWASP Projects

Project Summit at AppSecUSA Several OWASP Projects participated in the AppSecUSA Project Summit. A lot of good feedback, Github updates and new documentation served to level up all participating projects. Visit the project pages for updates or contact the leaders to find out how you can get involved: OWASP Security Shepherd Project Mark Denihan, Pol McCana, Philip Payne, Ryan Foushee Updated Github Wiki Created new levels New Specifications made in version 3 Created new level templates Project up for review to Flagship phase Eliminated issues that were blocking the progress of the docker file. OWASP Code Review Gary Robinson, Larry Coklin Editing doc for Release Gained a new contributor Prepared Community Survey: “OWASP is interested in the ownership perception of security controls effectiveness”. Results will be posted on the next board meeting. OWASP Cheatsheet Series & Proactive Controls Jim Manico & Andrew Van Der Stock Open Discussion and collaboration Great discusssions and was much needed OWASP Python Security Enrico Branca Received Feedback from the other project leaders and attendees. Found how to share technical documents and how to organize issues by using ASVS/SKF. Gained valuable information to move the project forward. OWASP Security Knowledge Framework Glenn Tate Cate Shared knowledge, got some some feedback. Helping review ASVS Project Checking with Python Security Project OWASP WAFEC Tony Turner, Rafael Chiles Restart the Project Updating the wiki content and Github Great was a great experience as this was my first Project Summit OWASP O2 Platform Michael Hidalgo Restart the Project Updating the wiki content and Github Great was a great experience and enjoyed the open forum OWASP PodCasts created by Mark Miller offer a great forum for getting an update on projects. Listen to interviews with project leaders at https://soundcloud.com/owasp-podcast. Latest Releases OWASP Security Shepherd Project Mark Denihan Download: https://github.com/OWASP/SecurityShepherd/releases/tag/v3.0 Project Page: https://www.owasp.org/index.php/OWASP_Security_Shepherd Just a heads up that the Security Shepherd Team have dotted the i's and crossed the t's on our latest version. Please share, tweet, blog, smoke signal the milestone and check out the latest release yourself. OWASP Application Security Verification Standard Jim Manico, Andrew Van der Stock, Daniel Cutbert Project Page: https://www.owasp.org/index.php/Category:OWASP_Application_Security_Verification_Standard_Project#Version_3_.282015.29 I'm really proud to announce that the latest Application Security Verification Standard (ASVS) 3.0 is ready. OWASP Mobile Security Project Milan Singh Thakur, Jonathan Carter Project Page: https://www.owasp.org/index.php/OWASP_Mobile_Security_Project#tab=Guide_Development_Project Download: https://drive.google.com/file/d/0BxOPagp1jPHWczhwYjRQNzZIekU/view?usp=sharing The APPSEC Approach - Download OWASP-Mobile Security Testing Guide BETA OWASP Seraphimdroid v.2 Nikola Milosevec Download: https://play.google.com/store/apps/details?id=org.owasp.seraphimdroid Project Page: https://www.owasp.org/index.php/OWASP_SeraphimDroid_Project OWASP Seraphimdroid V2 has been released as a result of OWASP Summer Code Sprint. The mission of OWASP Seraphimdroid is to create, as a community, an open platform for education and protection of Android users against privacy and security threats. OWASP Searaphimdroid is an Android privacy and security protection application with secondary aim to make mobile security, threats and risks visible to users. ZAP Scripting Competition Results ZAP Scripting Competition results are now available at https://www.owasp.org/index.php/2015-08-ZAP-ScriptingCompetition. For more information about OWASP Projects, please visit the Project Wiki Page OWASP Code Review Guide Survey The OWASP Code Review Guide team surveyed attendees at AppSec USA to find out how attendees rated the effectiveness of various security tools/reviews at finding issues, such as business logic problems, or each of the OWASP Top 10. Our intention was to evaluate if Secure Code Review (the topic of our guide) is seen as an effective security process in an organizations SDLC. The Survey results will be included in the next version of the guide. New Initiative: OWASP Research OWASP Research is an initiative to start developing OWASP projects in the field of innovative research,specifically new ways to protect web applications by applying out of the box concepts and technological developments. Contact Johanna Curiel for details or visit http://www.owasp.org/index.php/Global Initiatives#Research.

---

	OWASP Events
Global AppSec Events
	Mark your Calendar! AppSECEU 2016 is coming to Rome, Italy on 27 June to 1 July 2016! The Call for Trainings is Now Available! Deadline for proposals: 31 December, 2015. The Call For Papers is open until January 15, 2016. Submit yours soon.
Regional and Local Events AppSec Rio de la Plata 2015, December 1, 2015 - December 3, 2015, Montevideo, Uruguay German OWASP Day, December 1, 2015 - December 3, 2015 OWASP Gothenburg Day, December 8, 2015, Gothenburg, Sweden AppSec Cali 2016, Jan. 25, 2016 - Jan. 27, 2016, Santa Monica, CA New Zealand Day 2016, February 3, 2016 - February 4, 2016, Auckland, New Zealand Conference Videos AppSecUSA Videos from 21 of our sessions and keynotes are now available on YouTube. Look for more uploads to come featuring keynotes, special panels and talks. Videos from our OWASP Eastern European Conference are also available on YouTube. Stay tuned for videos from last week's LASCON (Lonestar Application Security Conference) event in Austin, TX, USA. Partner and Promotional Events OSCON Amsterdam, October 26 - October 28, 2015 Amsterdam, The Netherlands SecureWorld Expo - Bay Area, November 4, 2015, San Jose Marriott, CA, USA 4th Annual CISO ASIA Summit & Roundtable, November 2, 2015 - November 4, 2015 Harbour Grand Kowloon, Hong Kong Blackhat Europe 2015, November 10, 2015 - November 13, 2015 Amsterdam, The Netherlands SC Congress Boston, November 12, 2015 Metro Metting Centers Boston, MA, USA SC Congress Chicago, November 17, 2015 Revel @ Fulton Market Chicago, IL, USA SANS CyberTalent Fair, November 19, 2015, Virtual On-line CyberSecure December 15 - 16, 2015 The Sheraton Times Square New York, NY, USA CodeMash January 5 - 8, 2016 Sandusky, Ohio, USA BSides Lagos January 22, 2016 Nigeria SC Congress London, February 10, 2016 ILEC Conference Centre London, UK SC Congress Toronto, June 1, 2016 - June 2, 2016 Metro Convention Center Toronto, CN

---

Ads are not endorsements and reflect the messages of the advertiser only.They represent co-marketing arrangements with other organizations in support of the OWASP Community.   CLICK HERE for more information on advertising.

---

OWASP Chapters

We had a lot of activity in our chapters since our April 21 Connector: 18 New Chapters (red), 13 Leadership Transitions (pink), two New Student Chapters (blue) and six new Academic Supporters (light blue). Click on the map to see our newest chapters. New Chapters Atlantic Canada: Leader, Scott Deveaux, scott.deveaux@owasp.org Bhopal, India: Leader, Akshay Sharma, akshay.sharma@owasp.org Bulawayo, Zimbabwe: Trevor Sibanda leader, trevor.sibanda@owasp.org Cagayan Valley, Philippines: Leader, Charmagne Cumigad,charmagne.cumigad@owasp.org Cape Town, South Africa: Leader, Timo Goosen, timo.goosen@owasp.org Colorado Springs: Leader, Mike Forgione, mike.forgione@owasp.org Cotonou, Benin: Leader, Apollin Moyo, apollin.moyo@owasp.org Columbia, SC, USA: Leader, Frank Catucci, frank.catucci@owasp.org El Salvador: Leader, Nelson Chacon, nelson.chacon@owasp.org Gwalior, India: Sumit Ojha leader,sumit.ojha@owasp.org Kern County, CA, USA: John Stampfli leader, john.stampfli@owasp.org Madurai, India: Leader, M.S. Siva Kumar Odessa, Ukraine: Leader, Vladimir Garbuz, vladimir.garbuz@owasp.org Panay, Philippines: Francis AI Victoriano leader,francis.victoriano@owasp.org Southern New Hampshire, USA: Leaders, James Burroughs, Edmond Holohan and Garrett Klok Spotsylvania, VA, USA: Leader Arnold Webster arnold.webster@owasp.org Stamford, CT, USA: Maria Sette leader,maria.sette@owasp.org Taguig, Philippines: Gil Tario II leader, gil.tario@owasp.org Trinidad and Tobago: Laura Bigram leader, laura.bigram@owasp.org Chapter Transitions Bhopal, India: New Leader added Nandan Yadav, Nandan.Yadav@owasp.org Bristol, UK: Katy Anton and Sash Rigby, katy.anton@owasp.org,sash.rigby@owasp.org Brooklyn, NY, USA: Added leaders Emily Wicki and Nicole Becher,emily.wicki@owasp.org,nicole.becher@owasp.org; Loren Davie is stepping down. Charlotte, NC, USA: New leader Rob Taylor rob.taylor@owasp.org Cyprus: New leaders, Christos Papadopoulos,christos.papadopoulos@owasp.org and Yiannis Ioannides,yiannis.ioannides@owasp.org Iceland: New Leaders, Þröstur Spörri Jónasson, Sigmundur Jónsson, Thorlaug Agustsdóttir, Sverrir Davíðsson, Theodor Gíslason,throstur.sporri.jonasson@owasp.org,sigmundur.jonsson@owasp.org,thorlaug.agustsdottir@owasp.org, ,sverrir.davidsson@owasp.org,theodor.gislason@owasp.org Khartoum, Sudan: New leaders added, Ahmed Abbas ahmed.abbas@owasp.org, Asim Jaweesh asim.jaweesh@owasp.org, and Obay Albadri obay.albadri@owasp.org Kenya/Nairobi: The inactive Nairobi chapter will merge with Kenya. Kenya team is incorporating historical info on past Nairobi meetings on their page. Nairobi leaders have been invited to join Kenya leadership team. Kolkata, India: Added leader Dibyendu Sikdar, dibyendu.sikdar@owasp.org Manila, Philippines: Jan Jancosin (jan.jancosin@owasp.org) added to leadership team Orange County, CA, USA: New leader, Haral Tsitsivas, haral.tsitsivas@owasp.org Pune, India: New leader, Ashwini Paranjpe, ashwini.paranjpe@owasp.org New Zealand: New leader added in Wellington, Kirk Jacksonkirk.jackson@owasp.org New Student Chapters IIT Kanpur Student Chapter, Kanpur, India University Lucian Blaga of Sitiu, Romania New Academic Supporters Anglia Ruskin University, Cambridge, UK De La Salle University, Philippines Masinde Muliro University of Science and Technology, Kenya Philippine Institute of Cyber Security Professionals, Manila, Philippines Rotterdam University of Applied Sciences, Rottterdam, Netherlands Universiti Tecknologi Malaysia, Kuala Lumpur, Malaysia Chapter Activities On October 12 2015, OWASP Panay chapter leader Francis Victoriano presented OWASP Top 10 at Aklan State University and at Filamer Christian University, a future academic supporter, on October 21. Almost 300 students attended the latter event, and they are planning to invite OWASP Panay next year. On October 7, OWASP Kerala hosted sessions at PRS College with an amazing turn out of more than 150 students from various semesters of Computer Science and Electronics Department - organized in multiple sessions throughout the day with back to back non stop sessions. It was a great event and was so exciting to interact with the students. The engineering schools in Kerala, India under the Kerala State University system have signed on as OWASP Academic Supporters. We at the OWASP Global Foundation are looking forward to hearing about more such events in future. Share your chapter's successes! Submit your stories here

---

	OWASP Membership
Premier Corporate Members Salesforce Qualys Contributing Corporate Members Autodesk Veracode Sonatpe Checkmarx Protiviti HERE North America Thoughtworks UPS Rapid 7 Brocade SMARTRAC TECHNOLOGY GMBH CD Networks Information Builders Security Compass Synopsys NE GoSecure AsTech Consulting Imperva Johnson Controls ClassDojo

---

	OWASP Social Media
OWASP Social Media Site OWASP YouTube Channel LinkedIn Twitter Google + Facebook Ning StackOverflow GitHub Trello Slack

OWASP Code Review Guide Survey

As some of you may know the OWASP Code Review Guide did a survey of the attendees at AppSec USA.  We wanted to find out how attendees rated the effectiveness of various security tools/reviews at finding issues, such as business logic problems, or each of the OWASP Top 10.  Our intention was to evaluate if Secure Code Review (the topic of our guide) is seen as an effective security process in an organizations SDLC.  These results (below) will be included in the next version of the guide.

We want to thank all of those who took part, and communicate the results of the survey (it is Security Awareness Month after all).  In the first part of our survey we asked attendees to rate which of the following security tools/reviews were the most effective in finding:

1) General security vulnerabilities

2) Privacy issues

3) Business logic bugs

4) Compliance issues (such as HIPPA, PCI, etc.)

5) Availability issues

The results are as follows:

Next we concentrated on the OWASP Top 10 issues, this time the results were as follows:

Please feel free to make use of this survey in whatever way you want.  Also feel free to discuss any of the outcomes, for example:

a) A high percentage of people prefer manual pen testing as a way of detecting availability/traffic load issues.  Is this specific to any tool, or is it simply because 'load' or 'DoS' testing was not an option?

b) For A1, Injection, source code scanning was three times more popular than manual pen testing, does that match your experience?

c) For A9, Using Components with Known Vulnerabilities, automated vulnerability scans were far more popular than the rest.

Just to note, this type of activity was a great outcome of the Project Summit which took place before the conference.  This survey is just one of the many valuable things to come from that summit.  Thanks to Larry for digitizing this info.

Best of luck,

Gary Robinson

Larry Conklin

2015 Global BoD Election

The 2015 Global BoD Election is underway!  Check your inbox for a link to your ballot.  Voting will remain open until October 23, 2015.

To learn more visit https://www.owasp.org/index.php/2015_Global_Board_of_Directors_Election

Any questions or concerns can be submitted using our Contact Us form.

October 2015 Community News Flash

October 2015 Community News Flash

In this Issue:

• FEATURE: Leadership Workshops
• ANNUAL REPORT: The 2014 Annual Report Has Been Released
• ELECTION: Voting Opens October 7 for the Global Board of Directors!
• NEW INITIATIVE: Research Initiative
• PROJECT UPDATES: New Projects, Announcements
• CHAPTER ACTIVITY: New Chapters, Leader Transitions
• EVENTS: Upcoming Local and Regional Events
• RESOURCES: List of Resources in this Issue

FEATURE: Leadership Workshops

We had an excellent and productive turnout for our Chapter Leader Workshop last month at AppSecUSA. Community Manager, Noreen Whysel, presented four one-hour workshops covering topics on community engagement, successful meeting formats, available tools and a tutorial on the OWASP wiki. Attendance ranged from ten to 15 people per session, predominantly chapter leaders with a few project leaders representing.

Some suggestions for chapter level activities included hosting Hackathons to encourage attendance by developers, organized study groups like the Austin Study Group on Ning, "Adopt-a-Project" and project workshops, as well as partnering on events with related professional associations.

SUGGESTED CHAPTER ACTIVITY:

October is National Cyber Security Awareness Month in the U.S. Activities aligned with public awareness and online safety would make a great theme for chapter events.

We organized our discussion on a Chapter Leader Workshop Trello board. Feel free to add or comment on items posted to the board. Session recordings are available for download at the OWASP Google Drive. Thursday sessions were audio only. Friday sessions include slides and sound.

Thursday Sessions (combined MP4 file):

People & Capital - The Fire & Fuel for Chapter Activities
I'm a Leader. Now What? - Basic Information for Jump Starting a Chapter (70.5MB .MP4)

Friday Sessions:

What's in Your Toolbox? - Resources for Engagement (167MB .MP4)
If You Build It, They Will Come - The OWASP Wiki Edit-a-Thon (265MB .MP4)

While we didn't get deep into wiki training beyond the OWASP.org, we do have a informational MoPad at OWASP: Application Security in Wikipedia, if you are interested in making application security visible on Wikipedia.

Download the full Chapter Leader Workshop slidedeck from Google Drive.


ANNUAL REPORT: The 2014 Annual Report Has Been Released

The OWASP 2014 Annual Report now available on the wiki at https://www.owasp.org/images/7/7e/2014_OWASP_Annual_Report_Final.pdf.

EXCERPT from the OWASP 2014 Annual Report:

2014 was an active year and our local community presence grew to more than 200 active chapters worldwide. Our Global AppSec Conferences and numerous Regional events directly engaged with over 5,000 developers and security professionals.

The technical prowess and experience in our community are demonstrated by the continued growth and publications of our 150 open source projects and technical materials. OWASP promotes innovation and learning via our projects. Our project lifecycle starts with an incubator or "startup" process, evolves through "Lab" activities and finally culminates in Flagship projects of strategic value to academia, industry, governments and security experts around the world.

Our organization is entirely funded through the generous donations of our supporters, corporate and individual members and the proceeds of our conference events. We'd like to personally thank you for your contribution and support of OWASP. Your continued support allows OWASP to grow the application security community around the world, share our knowledge freely and learn from each other. Through this community we will continue to provide tools, resources and education that are free and open in support of our mission of improving application security for everyone.


ELECTION: Voting Opens October 7 for the Global Board of Directors!

All OWASP members in good standing as of September 30, 2015 will receive a ballot for the Global Board of Directors election. Voting begins October 7 and will remain open until October 23. Four seats are open. Candidate interviews are posted to the OWASP Podcast site.


NEW INITIATIVE: OWASP Research

OWASP Research is an initiative to start developing OWASP projects in the field of innovative research,specifically new ways to protect web applications by applying out of the box concepts and technological developments. Contact Johanna Curiel for details or visit https://www.owasp.org/index.php/OWASP_Initiatives_Global_Strategic_Focus#tab=Research


PROJECT UPDATES 

Several OWASP Projects participated in the AppSecUSA Project Summit. A lot of good feedback, Github updates and new documentation served to level up all participating projects.



Visit the project pages for updates or contact the leaders to find out how you can get involved:

OWASP Security Shepherd Project
Mark Denihan, Pol McCana, Philip Payne, Ryan Foushee
https://www.owasp.org/index.php/OWASP_Security_Shepherd

OWASP Code Review
Gary Robinson, Larry Coklin
https://www.owasp.org/index.php/Code_review

OWASP Cheatsheet Series & Proactive Controls
Jim Manico & Andrew Van Der Stock
https://www.owasp.org/index.php/Cheat_Sheets
https://www.owasp.org/index.php/OWASP_Proactive_Controls

OWASP Python Security
Enrico Branca
https://www.owasp.org/index.php/OWASP_Python_Security_Project

OWASP Security Knowledge Framework
Glenn Tate Cate
https://www.owasp.org/index.php/OWASP_Security_Knowledge_Framework

OWASP WAFEC
Tony Turner, Rafael Chiles
https://www.owasp.org/index.php/WASC_OWASP_Web_Application_Firewall_Evaluation_Criteria_Project

OWASP O2 Platform
Michael Hidalgo
https://www.owasp.org/index.php/O2_Platform

OWASP PodCasts created by Mark Miller offer a great forum for getting an update on projects. Listen to interviews with project leaders at https://soundcloud.com/owasp-podcast.

More Project News 

ZAP Scripting Competition results are now available at https://www.owasp.org/index.php/2015-08-ZAP-ScriptingCompetition. Do you have questions about @owasp ZAP? Ask Simon Bennetts (@psiinon) in the first online ZAP Q&A Session - Tuesday 13th October: http://zaproxy.blogspot.co.uk/2015/10/zap-q-session-tuesday-13th-octobr-2015.html


CHAPTER ACTIVITY 

New Chapters

Spotsylvania, VA, USA: Arnold Webster leader, arnold.webster@owasp.org
https://www.owasp.org/index.php/Spotsylvania

Chapter Restarts 

Nigeria: Leaders Abdullahi Arabo abdullahi.arabo@owasp.org and Idara Akpan idara.akpan@owasp.org
https:www.owasp.org/index.php/Nigeria 

Suffolk, UK: Leader, David Pitt, david.pitt@owasp.org
https://www.owasp.org/index.php/Suffolk 


If you are interested in starting or helping to restart a chapter that has gone inactive, please review the listings at the Volunteer Opportunities page of the wiki. If you are a current chapter leader and are having difficulty finding space, volunteers or funding to host a meeting, let me know. I can direct you to resources and funding to help you.

Also keep in mind you can view your Chapter's budget and available funds at the Donation Scoreboard:

https://docs.google.com/spreadsheets/d/11acTOmtmBGq6-5CIGsjlEByU8POSGqda0r23VNnhEGQ/pub?hl=en_US&hl=en_US&output=html


EVENTS: Upcoming Local and Regional Events

OWASP Eastern European Event

The OWASP Eastern European Event is ongoing this week at multiple locations. Livestreaming is available on YouTube. The nextOWASP EEEpresentation will be this Thursday, October 8, at OWASP Cluj (Transylvania/Romania) and will be streamed live on YouTube at: https://www.youtube.com/channel/UCzpfaWiZaT9_msL3jdY_FDw Mark your calendar!

18:45-19:15EEST (GMT+3) Ovidiu Cical - Turn SSL ON: Your Own Certificate Authority - Or simply use Let's Encrypt

More Upcoming Events

OWASP EEE, Oct. 4-10, 2015, Bucharest, Romania (Participating chapters: Austria, Armenia, Poland, Romania, Hungary, Lithuania, Russia) 

AppSec IL 2015, Oct. 13, 2015, Israel

New York Metro Joint Cyber-Security Conference 2015, Oct. 14, 2015, New York, NY, USA

LASCON 2015, Oct. 19-22, 2015, Austin, TX, USA

AppSec Rio de la Plata 2015, NEW DATE: Dec. 2-3, 2015, Montevideo, Uruguay

Devoxx Morocco Nov. 16-18, 2015, Casablanca, Morocco (OWASP Morocco is curating the "Arch. & Security" track)

AppSec Cali 2016, Jan. 25-27, 2016 Santa Monica, CA, USA

AppSecEU 2016, Jun. 27 - Jul. 1, 2016, Rome, Italy


RESOURCES
Chapter Leader Workshop Recordings:
People & Capital - The Fire & Fuel for Chapter Activities
I'm a Leader. Now What? - Basic Information for Jump Starting a Chapter (70.5MB .MP4)
What's in Your Toolbox? - Resources for Engagement (167MB .MP4)
If You Build It, They Will Come - The OWASP Wiki Edit-a-Thon (265MB .MP4)

OWASP: Application Security in Wikipedia MoPad:
OWASP: Application Security in Wikipedia

2015 Global Board of Directors Election
https://www.owasp.org/index.php/2015_Global_Board_of_Directors_Election

Chapter Leader Workshop Trello Board:
https://trello.com/b/sudN9qd2/chapter-leader-workshop-appsecusa-2015

Global Research Initiative:
https://www.owasp.org/index.php/OWASP_Initiatives_Global_Strategic_Focus#tab=Research

Chapter Leader Handbook:
https://www.owasp.org/index.php/Chapter_Leader_Handbook

Funding Resources:
https://www.owasp.org/index.php/Funding

Donation Scoreboard - Current Chapter Funding Allocation:
https://docs.google.com/spreadsheets/u/2/d/11acTOmtmBGq6-5CIGsjlEByU8POSGqda0r23VNnhEGQ/pub?hl=en_US&hl=en_US&output=html


CONTACT ME 

Feel free to contact me at any time if you have a question or suggestion. To create a trackable case, please use the contact us form at http://www.tfaforms.com/308703.

Noreen Whysel
Community Manager
OWASP Foundation

Community Manager Open Hours on Slack:
Join the #AsktheCM channel Tuesdays from 10am-Noon EDT.
https://owasp.slack.com/messages/askthecm/