Summit 2011

About
{| width="100%" cellspacing="10" cellpadding="1" border="0" align="center"
 * align="left" |
 * align="left" |

Dear OWASP Leaders and appsec community,
The Summit will be held February 8th-11th at CampoReal Resort in central Oeste Portugal, 38 km north of Lisbon and 18 km inland from the Atlantic Ocean. This will be the place where appsec experts meet, discuss, work, socialize, and set the roadmap for OWASP in coming years.


 * align="left" |
 * align="left" |

The Summit Activates *You*
Whereas the OWASP AppSec conferences are great places to listen to interesting talks, go for training, and meet with OWASP people, the Global Summit is the place where we all sit down together and take the time to discuss and work out plans, projects and solutions for the appsec future.

Examples of topics:


 * How should we support the OWASP projects?
 * How can we work with browser vendors to enhance security (see "Browser Day" tab above)?
 * How should the community reach out to developers and education institutions?
 * How often should we publish the OWASP Top 10?
 * How can OWASP support your chapter?


 * align="left" |
 * align="left" |

Who's Invited?
As an OWASP leader you are automatically invited to the summit, but we also welcome leading experts from industry and academia. Together we can create a more secure web. Check the "How Do I Join?" tab above for more info.


 * align="left" |
 * align="left" |

Organizing Committee
Lorna Alamri, Sarah Baso, Brad Causey, Justin Clarke, Paulo Coimbra, Dinis Cruz, Martin Knobloch, Dave Wichers, John Wilander, and Jason Li.


 * }

OWASP Around the World
OWASP is a fast growing global community. How should we support and manage this growth? During this session we'll look into issues of:


 * Internationalization
 * The global job board
 * New OWASP chapters in parts of the world where we have not spread much yet

More Topics
You know how OWASP works - it's all up to you. Please edit this tab and enter topics we should cover during the Global Summit 2011! If you want you can add your name after each suggestion and we can work out the details with you.


 * Discussion on Douglas Crockford's bold statement that we should stop HTML5 development, fix XSS, and then start over. Is he right? How is OWASP active in the HTML5 development? Check this webcast, jump to 20:50 to hear the XSS part. /John Wilander
 * Better engagement/partnerships with the development community - Mark Bristow
 * Ways to recognize participation in OWASP in a tangable way - Mark Bristow
 * Foundation/Board/Committee Governance &amp; Standardization - Mark Bristow
 * OWASP Website
 * Securing
 * Re-Structuring
 * Re-Design
 * OWASP Branding
 * Can/should OWASP push for fundamental change to flawed specs?
 * OWASP Influence change - or - Is it enough to make/use bandages on poor specs?
 * HTML spec - separate data and code
 * HTTP - CSRF should be at a much lower level than the app layer
 * OpenID - transparent login is a security issue
 * SSL - long list of CAs, who delegate CAs &lt;recurse&gt; - trust? security?
 * [Your topic here]

How Do I Join? / Mailing list
As an OWASP leader you are automatically invited to the summit. Cost to attend the summit is $800 USD (shared accommodations) plus travel expenses. Please see "Applying for Chapter and Project Funding" and "Letters and Summit Materials" tabs for more information on finding funding help for expenses.

The first thing to do is to join the Summit 2011 mailing list.

On the mailing list you'll get first hand information on how to register, exact dates, updates to the agenda, funding for your trip etc.

If you are a leading appsec expert from industry or academia but not yet an OWASP leader you can just contact John.Wilander at owasp.org and we'll try to get you in.

Social Events
It goes without saying - the summit is all about meeting people. So there will be a constant mixture of workshops, dinners, beers and wine. We like to think of the summit as a very social event in itself.

Sponsoring
We will welcome a few sponsors of this very special event, typically organizations that participate in the summit.

A number of opportunities to sponsor attendees are available:


 * For organizations that are sponsoring their employees attending the summit, logo promotion and links on the Summit Attendee page
 * Organizations can sponsor an individual non-employee attendee for USD$2,000, with associated logo promotion and links on the Summit Attendee page
 * Organizations can sponsor an entire villa (5 attendees) for USD$10,000, with associated logo promotion and links on the Summit Attendee page, promotional mentions, and on-site promotion and photo opportunities (such as banner advertising on the sponsored villa)

Other sponsorship options are under discussion, and will be posted here soon.

If you are interested in supporting the global summit, please contact Lorna.Alamri at owasp.org or 651-338-0243

Attending the Summit
The summit is open to the OWASP community, and the members of the general Application Security community invited to participate and add to the summit working sessions.

Some leaders that are active within OWASP may qualify to have all or partial transportation and lodging paid for by OWASP. To be considered for qualification, you must meet one or more of the following criteria:


 * 1) Member of the OWASP Board
 * 2) Active member of a Global Committee (as determined by the OWASP Board)
 * 3) Operational personnel that are necessary for the operation of the Summit

The current OWASP sponsorship budget is $50,000 for the Summit.

If you feel you might qualify, please contact Brad Causey or Jason Li. If you do not meet these criteria, and still feel that you should be sponsored, please contact or  or apply for Chapter or Project Sponsorship. Please visit our Summit Attendee Page to see who will be joining us in Portugal or to add your name to the list!

Applying for Chapter or Project Sponsorship
Application for OWASP Chapter or Project Funding

*DATES HAVE BEEN EXTENDED!!!

Please submit forms - we will continue to process until mid-January.