Women In AppSec

=WELCOME=

Women in Application Security Program
The purpose of the Women in AppSec Program is to increase the visibility and participation of women in application security. The program was successfully launched in 2011 at AppSec USA, and the aim is to run the program at every OWASP Global AppSec going forward. Most recently, at AppSec EU in Amsterndam in May 2015, a program with the theme "Women in AppSec - Making it Happen" was launched and both a panel and a workshop were included at the event.

The Women in AppSec program is for any OWASP member who believes that diversity is important to the success of the organization, as well as for women looking to learn more about AppSec or who want to make career connections with like-minded colleagues. This includes female undergraduate and graduate students, instructors, and professionals who are dedicated to information security or application development.

AppSec USA 2015 Currently, there is an effort to plan activities for AppSec USA 2015. Volunteers are eagerly sought to support the program at AppSec USA! We are especially excited to invite the founders of the InfoSec Girls initiative to the AppSec USA 2015 conference. To bring InfoSec Girls to AppSec USA, we need to raise $7500. We are very close to our goal and know that with the support of the OWASP community, we can easily get there! Donations above and beyond our goal will be used for future WIA programs around the world.  Donate now:

Women In AppSec

Want to find out more? Join the weekly meeting - reach out via the Contact Form or [mailto:support@owasp.org OWASP Support]. Fill out the survey to let us know how you'd like to participate! https://www.surveymonkey.com/r/SRNLD7H

Regional conferences are also encouraged to host the Women in AppSec program. Contact us via the Contact Form or [mailto:support@owasp.org OWASP Support] to discuss how to successfully run a program at your event.

Contact Us
If you are interested in another piece of OWASP design for your event or project, please let us know by using the OWASP Contact Us form.

Links

 * (ISC)²® Report Reveals Women's Perspective and Skills are Transforming the Information Security Industry October 29, 2013.


 * Women in AppSec Panel at AppSec USA 2013: Women in Information Security: Who Are We? Where Are We Going? Why? -- Joan Goodchild (Audio Only)

=ABOUT THE PROGRAM=

The OWASP Foundation, in recognition of value to both organizations and society, is working to support and enhance programs that increase the participation of women in the field of information and application security. The OWASP Foundation Women in AppSec Program provides merit-based funding for women to attend participating OWASP AppSec conferences. OWASP’s current program objective is to encourage female students at both the undergraduate and graduate levels, instructors, and professional working women who are dedicated to a career in information security and/or application development, to expand their skills and pursue application security. Interested applicants are encouraged to apply to the program running within their region of residence.

AppSec USA 2015 The Women in AppSec (WIA) program is for all OWASP members who believe that diversity is important to the success of an organization, as well as for women who want to make career connections with like-minded colleagues. We encourage you to attend our session on Thursday at 3:30pm in Room F, featuring the founders of InfoSec Girls, Apoorva Giri and Shruthi Kamath. We also invite you to join us for our networking and “Birds of a Feather” sessions on on Thursday in WIA meeting room. Stop by anytime between 10:00am and 3:30pm to meet other members and learn more about the WIA program. You can also suggest a discussion topic on the sign-up at the room entrance. Sponsorship opportunities for commercial organizations and OWASP chapters are also available.

=PREVIOUS WIA ACTIVITIES=

AppSec EU 2015
During AppSec EU there was a panel discussion and workshop supported by the Women in AppSec initiative. Through these sessions we hoped to encourage women to pursue a career in AppSec and help them realize it is an option for them. These sessions was be open to all so we can help build support for the women around us. Learn more here: http://2015.appsec.eu/women-in-application-security

Panel: "Women in AppSec - Making it Happen" During this panel session we discussed what can be done to Make it Happen for Women in AppSec going forward. What have those currently working in the field done to Make it Happen for themselves and other women; what tips and advice do they have to help you do to make a career for yourself or encourage those around you (sister, friend, daughter, etc…) to pursue a career in AppSec? What can we as professionals can do to help encourage girls to go for a career in AppSec?

Workshop During the workshop we introduced female attendees of the conference to what a career in App Sec can involve. We discussed application security and the many career paths available. We hope to build relationships that may lead to a mentoring program for these women.

AppSec USA 2013
Learn more about the program here: http://2013.appsecusa.org/2013/activities/owasp-women-in-application-security-appsec-program/index.html

WIA Attendee Sponsorship
In the past, when we have offered sponsorships, we have typically had two winners selected for the sponsorship award; however, the number of winners depends on how much you can afford to sponsor. We recommend that you raise $3000 USD for each winner, at least. In the past, we have given each winner a free conference pass, one free training, and free travel and accommodation to attend the event. Below is the list of eligibility criteria used to select WIA sponsorship winners at AppSec USA 2013.


 * Has provided 2 responsive contacts as reference, and both references are familiar with the candidate, application security, and OWASP.
 * Both references have provided letters of recommendation.
 * Has relevant/appropriate achievement goals for attending the conference.
 * Is the applicant from the region that the conference is taking place in.
 * Has background in volunteering for OWASP or similar organizations.
 * Has participated in one of OWASP's programs or activities?
 * Is either studying, wishing to study, working in AppSec, or interested in working in AppSec.
 * Has financial need.
 * Is a paid OWASP member, and/or employer/school is an OWASP sponsor.
 * Has an interest in exploring application security

We encourage you to create your own set of criteria that will fit the Women In AppSec that you are planning within your region. The criteria above is meant to be a guideline of what has been used in the past.

=PLANNING A WIA EVENT=

Planning a WIA Event
The majority of the planning involved in running the Women in AppSec Program occurs before the conference or regional event. Below, you will find a brief outline of the tasks your team will have to take on.

Planning & Selection Team

The first step you will need to take care of is the selection of your planning and selection team. These are the individuals that will be helping you manage the pre-event planning process and the selection of the sessions during the event. You will typically need a team of 5-6 people. The selection committee will then be broken down into several sub-teams of one to two people who will then work on sponsorship, marketing, the grading process, and the call for entries.

Sub-Team Roles

Sponsorship

Two people should be responsible for developing the materials and seeking out sponsorships for the program. They will be in charge of creating the sponsorship packages, flyers, and seeking      out sponsorship from other chapters and organizations.

Marketing

At least two people should be responsible for marketing the event. Their job will consist of putting together press releases, keeping the event planners updated on progress, and communicating progress to the overall community. They will also be responsible for getting the message out when the team is ready to start accepting applicants.

Budget As mentioned above, it is up to your team to decide what it is you wish to do during the event - that will determine the budget.

Sponsorship It is very important to start reaching out to the overall OWASP community and their corporate contacts as potential sponsorship leads. Develop a Sponsorship Strategy and put together a sponsorship flyer outlining the program, what you are seeking, and the benefits of sponsorship. Give incentive for sponsorship and details about the program to get potential sponsors interested. Make sure to include the successes of past Women in AppSec conference events. Once you have your materials and sponsorship packages sorted, you can get started with sponsorship seeking activities.

During the conference
Be sure the engage the women attending the conference in the sessions you have organized: encourage them to not only attend but to be active participants. It's not all about the women try and encourage some men to get involved and attend also, for this initiative to be successful it must be inclusive.

Post-Conference
After the conference, it is very important to gather feedback from the participants to make sure they enjoyed the experience. Ask them for a brief description about their experience, with a picture attached for the website. Then write up a review and lessons learned page to document the experience with the program. Make sure to include what can be improved upon in the future.

Global AppSec Conferences
OWASP AppSec conferences bring together industry, government, security researchers, and practitioners to discuss the state of the art in software security. This series was launched in the United States in 2004 and Europe in 2005. Global AppSec conferences are held annually in North America, Latin America, Europe, and Asia Pacific. Additionally, regional events are held in locations such as Brazil, China, India, Ireland, Israel, and Washington D.C just to name a few. The aim of the foundation is to bring the Women in AppSec Program to all of our regional and global events.

AppSec APAC

The AppSec APAC global conference takes place in the Asian-Pacific region. This conference is a reunion of local software security leaders, and aims to present cutting-edge ideas to attendees. OWASP events attract a worldwide audience interested in “what’s next”, and this global conference is no different. The conference is expected to draw 200-250 technologists each year from Government, Financial Services, Media, Pharmaceuticals, Healthcare, Technology, and many more. Women from the Asia-Pacific region are encouraged to apply to the program taking place during AppSec APAC.

AppSec EU

The AppSec EU global conference take place in the European region. Executives from Fortune 500 firms along with technical thought leaders such as security architects and lead developers, travel to hear the cutting-edge ideas presented by the software security industry's top talent. This conference is expected to draw 400-500 attendees each year from various regions within the Europe and beyond. Women from the European region are encouraged to apply to the program taking place during AppSec EU Research

AppSec Latam

The AppSec LATAM global conference takes place in the Latin American region. AppSec LATAM is a reunion of Latin American, software security leaders, providing a platform to discuss, participate in, and innovate within the software security industry. The conference is expected to draw 200-250 attendees from the Latin American region and beyond. Women in the Latin American region are encouraged to apply to the program taking place during AppSec LATAM.

AppSec USA

The AppSec USA global conference takes place in the North American region. AppSec USA is a world-class software security conference for technologists, auditors, risk managers, and entrepreneurs, gathering the world's top practitioner, to share the latest research and practices. This conference is expected to draw over 300 attendees within the North American region. AppSec USA is typically OWASP's biggest conference of the year so women are encouraged to apply to the program taking place during AppSec USA if they live or will be traveling from within North America.

=APPSEC USA 2015= The Women in AppSec (WIA) program is for all OWASP members who believe that diversity is important to the success of an organization, as well as for women who want to make career connections with like-minded colleagues. We encourage you to attend our session on Thursday at 3:30pm in Room F, featuring the founders of InfoSec Girls, Apoorva Giri and Shruthi Kamath.

We also invite you to join us for our networking and “Birds of a Feather” sessions on on Thursday in WIA meeting room. Stop by anytime between 10:00am and 3:30pm to meet other members and learn more about the WIA program. You can also suggest a discussion topic on the sign-up at the room entrance. Interested in getting involved? Contact Form or [mailto:support@owasp.org OWASP Support].

About InfoSec Girls Based in India, InfoSec Girls educates women about information security both at the community level and as a career option. Their kickoff event at C0c0n 2014 in Kochi, Kerala attracted 130 women and was the first event of it’s kind in the region.

Founders Apoorva Giri and Shruthi Kamath have spoken extensively on cybersecurity and women’s issues in India. Their efforts to bring awareness of cybersecurity to a wider audience has empowered women and girls to consider security careers as well as protect themselves online. They are also members of OWASP WIA.

At AppSec USA in September, they will inspire and inform your organization’s diversity and education programs, as well as give individual OWASP members ideas on how they can contribute to the application security education effort.

Sponsorship opportunities Sponsorship opportunities for commercial organizations and OWASP chapters are available. Please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information about sponsorship packages.

=PAST WINNERS=

Previous Women in AppSec Winners
Following their experience at AppSec, winners are encouraged to write a short piece about their experience at the conference and their participation in the Women in AppSec program. Here, they outline their experience with the Women in AppSec Program in their own words.

Carrie Schaper, 2013 Winner

Nancy Lornston, 2013 Winner

Tara Wilson, 2011 Winner

Chandni Bhowmik, 2011 Winner

=WIA SPONSORS= We'd like to offer a warm thanks to the individuals and organizations that have sponsored the OWASP Women in Technology project.

Silver Sponsors
OWASP BOSTON ‎ OWASP CHICAGO ‎ OWASP DENVER ‎ OWASP Dublin-Ireland OWASP GERMANY ‎ OWASP MINNEAPOLIS ST. PAUL OWASP NETHERLANDS OWASP NYC OWASP NORWAY

=SPONSOR WIA=

Sponsor WIA
We'd like to offer a warm thanks to the individuals and organizations that have sponsored the OWASP Women in Technology project. If your organization would like to discuss sponsorship, please email Lisa Ly and Kerry Jo Richards (lisal@sabey.com; kerry.richards@aspectsecurity.com) for more information.

Sponsorship Packages for AppSec USA 2015: Silver: Donate $500 or more, get your company name and logo on the WIA Wiki Sponsorship Tab from now until June 2016. (10 sponsorships available) Gold: Donate $1500 or more, get your company name and logo on the WIA Wiki Sponsorship Tab from now until June 2016 and put your literature on the table in the WIA meeting room at AppSec USA (8 sponsorships available). Platinum: Donate $2500 or more, all of the above place a banner stand in the WIA meeting room at AppSec USA and have your company logo/social handle on the screen at the WIA session. (5 Sponsorships available). Diamond: Donate $3500 or more, all of the above plus introduce the WIA speakers at the AppSec USA WIA session. (1 Sponsorship available).

=CONTACT US=

Contact Us
If you are interested in another piece of OWASP design for your event or project, please let us know by using the OWASP Contact Us form.