Tuesday, May 16, 2017

Owasp Summit 2017

On 12-16 June Owasp will host its 2017 Global Summit in London where hundreds of participants will join forces in Working Sessions focused on solving hard Application and Cyber Security problems.

This is not a conference with unidirectional presentations. Using the same model as the past two OWASP Summits in Portugal, this 5-day event will be a high-energy experience, during which attendees get the chance to work and collaborate intensively. Every thoroughly prepared working session is geared towards a specific application security challenge and will be focused on actionable outcomes.

With participants flying from all over the world and from major security/development teams, service/product providers and research organizations, this is the place to be to learn and collaborate with industry peers (and even competitors).

The event is split over the following tracks, each focusing on a specific set of challenges:
  • Threat Modeling - This is one of the strongest tracks, with most of the core Threat Modeling talent in the world joining forces and collaborating
  • OwaspSAMM - This is another track where we have the main contributors and users of this Owasp project participating at the Summit
  • DevSecOps - This track has been generating quite a buzz among participants, since it is addressing real pain points and problems that companies face today
  • Education - Always strong in OWASP, this track ranges from University master degree to how to create the next generation of AppSec professionals
  • Mobile Security - Another track where the key Owasp leaders of Mobile-related Owasp projects are participating
  • CISO - This track reaches a wide audience of CISOs and covers a wide range of CISO-related topics
  • Research - This track covers really important and interesting research topics (it's important to look at the future and work on the next generation of Application Security)
  • Agile AppSec - This is a track driven by a couple participants who really care about Agile and want to find better ways to integrate it with AppSec practices
  • Security Crowdsourcing - This is a track that is focused on scaling AppSec activities via internal and external crowdsourcing
  • Owasp Project's Summit - Last but not least, this track has 31x Working Sessions directly related to an Owasp Project (with most having the Project Leader participating)
Each track's Working Session will be expected to deliver something tangible and usable by the Owasp community (whitepaper, documentation, play-books, code, action-plans, books, decisions, etc.) and all Participants are expected to participate actively in Working Sessions (as an organizer or contributor).

Owasp Summit's Schedules are different from normal conferences, since they are focused on maximizing the Participant's time and Working Sessions they want to be actively involved. The current Schedule is under development and will be released in the next weeks.
Here are some of the Working Sessions that will be worked on at the Summit:
In order to attract as much talent as possible to the Summit, the Summit Tickets were kept at a low price. A 5x 8h daily ticket costs £400 (i.e. without accommodation) and a 5x 24h daily ticket costs £1,200 (i.e. with 4-night accommodation), with a 10% discount (for 5 to 9 tickets) and a 20% discount (for 10+ tickets). 1x daily 8h tickets are also available at £100 and 24h tickets at £300.

A key factor of the Owasp Summit's high level productivity and collaboration is the Lodge/Villa accommodation model, where participants will stay, and be literally involved in AppSec/Security conversations and debates from morning till dusk (a number of daily and evening Working Sessions will occur in the Lodges)

Some companies are bringing larger teams to the Summit (with a dedicated Lodge/Villa) where they can double-up as team-building, strategic planning and offsite events.

The Owasp Summit is going to be the largest concentration of AppSec and Security talent focused on solving problems in 2017.

The question is: Will you be there?

No comments: