Tuesday, March 12, 2019


Check out the training program at OWASP Global AppSec Tel Aviv 2019

Friday, March 8, 2019

Thursday, March 7, 2019

Retiring Mailman

Greetings. I am Mike McCamon the new Interim Executive Director for OWASP. For the past eight weeks I've been getting up to speed and learning about the culture and potential of OWASP and our extended community.

Last month I approved a project to move forward with the retirement of mailman. I myself have been a longtime fan of this open source mail list manager, however it is creating a good number of challenges for our community. Several notable points include:

  1. mailman sends password requests in plain-text email,
  2. requires additional spam filtering services to manage inbound unwanted email,
  3. requires knowledgeable sysadmin expertise to manage,
  4. and there are free alternatives that provide near identical user story functionality.

As I've been told, this retirement/migration has been discussed on/off since October 2016 when it was first suggested to the OWASP Board. It was a topic at the Leaders Meetings of 2018 and more recently in our blog, Connector, and emails to list owners and other members of the community. There is likely no volume of communication that will satisfy every community members' thirst for notice on these types of decisions.

While staff has been getting some negative feedback about this decision, it is also noteworthy we have also been getting a great number of praise and thanks from others - and on balance the positives outweigh the negatives. I take full responsibility for the decision and see this as a unexpected opportunity to learn about decision-making culture of the OWASP community. I am sorry if I have frustrated you. Our staff is already brainstorming ways we can make future policy/process changes more open and predictable. One first step is that we now host Staff Project Plans on the wiki. This project can be reviewed at https://www.owasp.org/index.php/Staff-Projects/Mailman-EOL

In a perfect world we would have extended this migration out over several months time ensuring better community awareness and more opportunities for feedback along the way. Unfortunately recent licensing changes with a service provider, and the impending cancellation of that service on March 22nd, we believe would have rendered our mailing lists on mailman unusable and therefore warranted swift action on a very accelerated timeline. I'm sure in your own work you have faced similar challenging decisions.

Together we are in an enviable position - our community is growing, our work is more relevant than ever, and we have thousands of passionate volunteers working for our cause. However, we cannot sit still. We must look to continuously improve and change to fit our times. It is my most sincere commitment that I, our staff, and the Board does everything in our power to enable the mission of OWASP and showcase your hard work. Thank you for your ongoing commitment toward that endeavor.

Tuesday, February 26, 2019

February 2019 Connector

February 2019


Letter from the Chairman:

Dear OWASP Community,

It’s a proud moment when I see our community so passionate about OWASP. There would not be an OWASP if it was not for the participation of its members. To that end, I would like to thank those of you who took the effort to participate in the community survey. The results can be found here: https://www.owasp.org/index.php/Community_Surveys

We have used the results of this survey to form the basis of our strategic plans for 2019. For those who missed it, we started the new year with the new board and voted on roles. For a more detailed update and more information about the strategic goals please see here: https://owasp.blogspot.com/2019/02/hi-all-happy-new-year.html?_sm_au_=iHVpVnWSHT5Q6r4j

Something our community has been passionate about in the past is the formation of committees within OWASP. We would like to appeal to the community to take part in shaping the future of OWASP through re-establishing a committee. For more information  on the governance and how to get started in creating a committee, please see here@ https://www.owasp.org/index.php/Governance/OWASP_Committees

Last but not least, the call for papers and call for trainers for the Global AppSec Tel Aviv will close soon. Don't miss the chance to submit your paper or training: https://telaviv.appsecglobal.org/

Kind regards,
Martin Knobloch
Chairman of the Board

The OWASP 2019 Global Board 
Martin Knobloch: Chairman
Owen Pendlebury: Vice Chairman
Sherif Mansour: Treasurer
Ofer Maor: Secretary
Richard Greenberg: Member at Large
Gary Robinson: Member at Large 
Chenxi Wang: Member at Large
Community Survey Results
Starting in 2019, the OWASP Foundation began a program to regularly take the pulse of both the paid membership and the broader OWASP community. The first survey was sent out on January 9th to both the paid membership and broader global community. These will be repeated on a regular basis going forward.

Now Open 
Call for Papers
Call for 

Global AppSec Tel Aviv 2019  
May 26-30, 2019  

*Registration Coming Soon*

Save the Date for 2 more Global AppSec Conferences
Global AppSec DC Sept 9-13, 2019
Global AppSec Amsterdam Sept 23-27, 2019


You may also be interested in one of our other affiliated events:


Event Date Location
OWASP Seasides February 27-28, 2019 GOA, India
Snow FROC 2019 March 14, 2019 Cable Center Denver, CO
LASCON X March 14, 2019 Austin, TX


Event Date Location
Blackhat Asia 2019 March 26-29, 2019 Singapore
Cyber Security for Critical Assets USA 2019 February 26-27, 2019 Houston, TX
QuBit Conference Prague April 10-11, 2019 Prague
Cyber Security and Cloud Expo Global April 25-26, 2019 London
IoT Tech Expo Global April 25-26, 2019 London
Hack in Paris 2019 June 16-20, 2019 Paris
Cyber Security and Cloud Expo Europe June 19-20, 2019 Amsterdam
IoT Tech Expo Europe June 19-20, 2019 Amsterdam


Google Summer of Code 2019:
OWASP has completed an application to be a mentor organization for 2019.  
2019 Mentor Organizations will be announced on February 26th, 2019.
Community members helping administer GSoC this year, assuming we are selected, will be Konstantinos Papapanagiotou and Spyros Gasteratos.

Global AppSec Tel Aviv 2019 Project Showcase:
The project showcase at Global AppSec Tel Aviv will be held on the last two days of the conference.  If you are a project leader interested in showcasing your project, please send an email to project-showcase@owasp.org with the name of your project and the names of the presenter(s).  Project leaders presenting at the showcase will be provided free admission to the conference.

The following new projects achieved Incubator status:
OWASP Python Honeypot
OWASP Maryam Project
OWASP Security Pins Project

Community and Chapter ALERTS:

Mailman will be RETIRED SOON! 

January 1st OWASP moved to ZOOM for video conferencing,  if you are currently a user of the Foundation's GoToMeeting and/or GoToWebinar accounts, please fill out this form so we can make sure the migration is smooth for you: https://goo.gl/forms/DLLsX1qn7iJHFN052


Let's welcome our New Chapters to the OWASP Community

Warwick, United Kingdom 
Copenhagen, Denmark
Sacramento, CA
Biloxi- Gulfport, MS
Quito, Ecuador
Houston TX
Las Vegas, NV
Vina Del Mar, Chile


We welcome the following Contributor Corporate Members

Contributor Corporate Members

Join us
Our mailing address is:
OWASP Foundation 
1200-C Agora Drive, # 232
Bel Air, MD 21014  
Fax: 1-443-283-4021
Contact Us  

This email was sent to *|EMAIL|*
why did I get this?    unsubscribe from this list    update subscription preferences