OWASP 2013 Project Summit Operational Details

Pre-Summit Planning
The pre-summit planning phase involved quite a bit of logistic, resource management, and team building work that had to be accomplished at a very fast pace. There were no prior plans to put together a project based summit until it was recommended by the AppSec USA 2013 planning team. Below is a more detailed account of what steps were taken to put together the 2013 summit. Please note that this is not a step-by-step account of what occurred. It is simply a summary of key events that took place, and a list of key tasks that were managed during the pre-planning of the summit.

Initial Recommendation
Originally, the plan was to have a series of project talks and a Project Leader Workshop at AppSec USA 2013 during the conference days. Tom Brennan suggested, during one of the planning calls with the rest of the team, that there should be a project based summit during the event. Samantha Groves agreed that this would be a challenging, but rewarding idea to pursue. She then began speaking to past summit participants/planners, and researching the logistics of past summits.

Gathering Background
Gathering background documentation and tacit knowledge before the event proved to be a little challenging. The documentation was not difficult to find, but it did take some time to digest all of the information in the reports from past Summits. Additionally, Samantha sought out the advice of past Summit planners and participants with the aim of acquiring some ‘lessons learned’ information from them. Dinis Cruz was a tremendous help during this phase of the planning process. He and Samantha had many conversations about how it was done in the past, what needed to be adapted, and what needed to be done before the event to make it successful.

Location and Space
The location and space were going to be a challenge to acquire from what was learned during the research phase. Past summits were much larger, had much bigger budgets, and the space required to hold all of the attendees and sessions was very large. The summit team was working with many constraints as the venue and space that was acquired for the AppSec USA conference had already been decided on. The summit would certainly be taking place at the same time as the AppSec USA conference, but a separate space large enough to accommodate all of the summit sessions and attendees would need to be found. One of the attendees on the planning calls suggested the Sky Lounge as it is a very big space that had not been allocated to anything in particular for the conference. Samantha agreed that this would be an appropriate space for the summit and proceeded to make arrangements to save the room for the summit sessions. The summit team originally had only planned to hold sessions during the conference days, but Dinis quickly let Samantha know that the sessions would need to be spread out to four days. Samantha agreed and took on the task of extending the schedule. The team ended up acquiring the Sky Lounge for the entirety of the conference.

Gathering the Team
There were many people involved in the pre-summit planning that played different roles and helped out in many different ways. Kait Disney-Leugers, OWASP’s Grants and Fundraising Intern, worked on many of the wiki pages, marketing materials, promotion, page edits, and administration for the summit. Dinis Cruz was a great help as he was able to share his tacit knowledge of summit planning with Samantha. Gathering the session leaders was also a challenge. The summit team had a few sessions that were a must, but they still had to develop more sessions as they only started out with a handful of ideas. Slowly, Leaders began suggesting sessions that could be added to the summit schedule, and slowly the summit team began to grow.

Marketing
Kait and Samantha quickly put together quite a bit of marketing and graphic content to promote the summit once the room was sorted out. Kait was immensely helpful as she put together several brilliant pieces of marketing communications material. She wrote quite a few pieces for different social media channels and several stories for the OWASP blog. Samantha created the 2013 Summit logo and other summit graphics based on the artwork created by New Way Designs as the aim was to keep visual consistency with the AppSec USA 2013 identity. She also created the wiki pages and content with Kait’s assistance. Dinis Cruz helped with the wiki templates.

Working Sessions: Fixed and Dynamic
During the session development process, the summit team realized that they would need space to facilitate a fixed and dynamic schedule of sessions for the summit. Fixed sessions would be decided upon before the conference, but the team would have to foster an environment that enabled dynamic sessions to serendipitously take place during the summit.

OWASP Summit Funding
Samantha started out with zero budget resources to plan the summit with. Originally, the summit team relied on the OWASP Track budget to facilitate Leader participation as this budget is meant to be used to help pay for travel and accommodation for Leaders giving project talks at Global AppSec conferences. Since there was no budget, the summit team had to rely on the AppSec USA 2013 planning team to help them acquire the resources they would need to pull the summit together. Additionally, the summit team attempted to have a cross-collaboration between the Leaders giving project talks, and the summit session Leaders. The team asked the project talk Leaders if they would mind leading summit sessions, and they gave preference to sessions lead by Leaders who would have their travel covered by the OWASP Track budget, their individual project budgets, or their own company. A month or so before the conference, Sarah Baso let Samantha know that the AppSec USA team could give them $5,000 to cover summit expenses. That funding was quickly spent on Leader travel and room expenses. Samantha asked for an additional $5,000 as the summit team was in need of more resources, but the AppSec USA team was not able to accommodate the request when asked. However, on the first day of the conference, Tom Brennan agreed to give the summit team the additional $5,000 that was asked for which helped cover printing, shipping, office supplies, catering, and other additional expenses incurred during the event.

Travel and Accommodation for Leaders
Travel and accommodation expenses were covered by the remaining OWASP Track fund, and the additional $5K given to the summit team by the AppSec USA planning team. As mentioned above, the OWASP Track fund is used to assist Leaders speaking on behalf of an OWASP project at Global AppSec conferences, with travel and accommodation expenses. Samantha manages this budget, and she divides the fund evenly by quarter as OWASP typically hosts a Global AppSec conference on each quarter of the year. If any part of the fund is not used, then the remaining budget is migrated to the next quarter. In 2013, there was approximately $6500 USD left to help with project leader travel and accommodation. This budget was used to assist key summit leaders and volunteers with their travel expenses. Every Leader shared a room unless they were coming to the conference with their spouse. In this case, these Leaders reimbursed OWASP for half of the total room cost.

Remote Participation
Unfortunately, the summit team were not able to raise enough funds to facilitate remote participation for the 2013 Project Summit. It is certainly an aspect of the summits that OWASP finds incredibly important, and the summit team will work hard to make sure remote participation is an option contributors have at summits in the future. Having remote participation was made more difficult due to the need for additional AV equipment, a camera crew, and a session moderator for each event. Moreover, the shared room environment was simply not the best venue to film individual sessions as there were a handful of sessions taking place at the same time at adjacent tables.

Summit Logistics
The logistics during the summit were quite challenging. Samantha arrived at the venue two days before the conference was meant to start. She wanted to make sure everything was in order as the team still had quite a bit of pre-planning to work on before the event. She was joined by Dennis Groves, Dinis Cruz, Colin Watson, Jonathan Marcil, and Martin Knobloch. They all pooled together and realized that the rooms they were given were on floors separate from the Sky Lounge, which is where the summit sessions would be taking place. Dinis suggested they move the rooms to make sure they had an operational center for the planning team, and so they could have a separate filming area for Mark Miller and Jonathan that was close to the Sky Lounge. Samantha agreed as it did not make sense to have the filming room on a separate floor. Martin was able to fix the room issue for the team, and after the rooms were sorted out, they proceeded with planning the session and room logistics.

On-Site Planning Team
The original on-site planning team was made up of: Samantha Groves, Dennis Groves, Dinis Cruz, Jonathan Marcil, and Martin Knobloch. On Saturday, Samantha scoped out potential catering venues for the summit as it was agreed beforehand that lunch would be acquired from outside of the hotel for the first two days of the conference. Moreover, she had the last two books printed, Code Review Guide and Testing Guide, at the local print shop. On Sunday, the summit team met and began focusing on equipment set up and session organization. Dinis and Samantha worked on creating a large printed schedule, room organization, equipment inventory, equipment needs lists, and the Project Review Session logistics. Jonathan began working on getting all of the wifi and equipment set up for his media session. Setting up the wifi proved to be quite a challenge, but Jonathan managed to work his magic and had it working fairly quickly. Dennis and Colin Watson actually started discussing and working on the AppSensor project, and Martin helped manage the room changes. Additionally, Martin scoped out where the rest of the conference and comfort areas would be for the summit attendees. They were later joined by Fabio Cerullo who helped put together the summit floor plan.

Schedule
The schedule was fixed before the conference, but the space allocations and printed timetable were not. The summit team began developing this information by first creating a schedule of summit sessions on the wall of the room. They separated the sessions by day and time of the day as each session was scheduled either in the morning or the afternoon. There were some sessions that were taking place on multiple days, and some that lasted the full day. That was taken into account on the schedule. Once they had a real representation of the session schedule, the summit team began to map out where the sessions would take place. They figured out how many tables were needed, where they would go, how many room dividers would be needed, and what sessions would be in what areas. This was based on the floor plan Fabio created on Sunday.

Supplies
During the Sunday pre-planning activities, Samantha and Dinis took inventory of the supplies the summit team had on hand for the event. They realized that that they were in need of quite a few supplies. Inventory was taken of what was available, and what was going to arrive. This made them both aware of the supply surplus and deficit the summit team was working with. They had three printers donated to them from HP, but they would not arrive until Monday. Additionally, there were no basic office supplies such as notepads, pens, paper, staples, etc. Later that afternoon, Kate Hartmann joined the summit team in the Sky Lounge. Kate, Dinis, and Samantha then headed out to the local Office Max to purchase the supplies they would need for the summit and other event activities. It was great to source a local office supply store nearby the hotel as it proved to be very useful as supplies ran out during the event. All in all, it was a good thing Dinis suggested the purchase of a printer even if the donated HP printers were on the way. The printers did not end up arriving until Tuesday which would have put the summit team in quite a difficult position had they not purchased the printer. Well done, Dinis! Great insight.

Catering
The catering proved to be a bit tricky. The original plan was to order lunch and have it delivered, but it turned out that the most in-expensive and healthy alternative was a bit more difficult to order from than was originally anticipated. Pret A Manger was the choice and they specialize in creating healthy sandwiches, soups, and salads. They had an online ordering system, but it seems customers have to put in their catering order 5 days in advance. This put the summit team in quite a bit of a dilemma after this was found out. Samantha visited the nearest Pret A Manger shop, which was only 3 blocks away, and talked with the staff about the predicament. She asked them if it would be ok to have her visit their shop and purchase a large bulk order of their sandwiches and drinks all at once on both Monday and Tuesday. They did not have an issue with this, and they were ready to anticipate her order for the next two days. Now, Samantha just had to figure out who would help her carry the load of sandwiches back to the conference venue. The summit team actually ended up having to order from Pret A Manger for all four days of the conference, and various volunteers helped Samantha carry the sandwiches and water bottles back to the hotel. Samantha ended up ordering water bottles from the hotel as they were far too heavy to carry, and it did not make sense to catch a cab to drive them three blocks up the road.

Overall Summit Operational Costs
he table below summarizes the 2013 OWASP Summit operational costs. The costs were either covered by the OWASP Projects Track budget or by the OWASP AppSec USA operating budget.