OWASP Training Manager Report

I have assumed, in October 2010, the position of OWASP Training Manager with the responsibility of managing the OWASP ‘Chapter-lead’ Training activities and operationalising the concept of 'OWASP Academies'. Throughout this process, I have been managed by Dinis Cruz and reported directly to the OWASP Board.

Report of Activities
OWASP Training


 * Systematization of the OWASP Training Concept and collation of all related info on a dedicated wiki page;


 * Consolidation of the methodology in what relates to the concept and tools;


 * Call for Trainers with the objective of building a pool of potential OWASP Trainers to be involved on these initiatives worldwide;


 * Encouragement of Local Chapters to replicate Training events according to the OWASP Training model;


 * Organization and support of training events driven by local chapters:
 * London Training Day, May, 28th, 2010, London, UK
 * BeNeLux Training Day, December, 1st, 2010, Leuven, Belgium &#124; Part of the BeNeLux OWASP Day 2010
 * IBWAS'10 Training Day, December, 16th, 2010, Lisbon, Portugal &#124; Part of the 2nd OWASP Ibero-American Web Application Security Conference (IBWAS'10)


 * Ireland Training Day, March, 11, 2011, Dublin, Ireland
 * France Training Day, 1st Semester 2011 (date tbc), Paris, France
 * NYNJ Training Day, 1st Semester 2011 (date tbc), NY, US


 * Collation of existing Training Modules and creation of new ones according to the needs of initiatives being organized, namely:
 * OWASP AppSensor Project
 * OWASP Code Crawler Project
 * OWASP Secure Coding Practices - Quick Reference Guide
 * Threat Risk Modeling
 * OWASP Webslayer Project
 * Implementation of Enigform for Wordpress

OWASP Academies


 * Collation of the necessary information to present the idea to the wider OWASP community and creation of a dedicated wiki page;


 * Launching of the discussion among the OWASP Leaders and establishment of contact with representatives of Academic institutions and industry players inviting them to participate in the discussion and challenging them to contribute to the definition of what the OWASP Academies model would be;


 * Collation and organization of all the materials and contributions added to the OWASP Academies mailing list;


 * Organization of a wide meeting in ISCTE - Instituto Universitário with representatives from several Universities (Oklahoma State University, Royal Holloway, University of Athens, University of Piraeus, Technological Educational Institute of Larissa, ISCTE), local chapters and industry players (Security Innovation, Syntax, DRI - IT Consultants Ltd, Lusolabs). The meeting has been recorded through a live blog that is now online on the OWASP Academies page.


 * Drafting of the conclusions that derived from the OWASP Academies meeting, publishing on the respective wiki page, and communication to the OWASP Leaders.