OWASP Event Definitions

From OWASP
Jump to: navigation, search

All OWASP events will fall into one of the following categories. If you are unsure as to what types of event you would like to plan contact us and for further clarification or to help define the scope of your event. Please also note that various types of events have some requirements set for them, see the policies/requirements tab for details

OWASP Global AppSec Conference

These conferences are the flagship of the OWASP outreach effort. This will be an international conference sponsored by OWASP and approved by the OWASP Staff along with a small group of community event reviewers. AppSec Conferences include multiple days of multi-track plenary sessions in addition to pre-conference training offerings. AppSec Conferences, schedules, and trainings must be reviewed by the OWASP Staff and will receive the full support of the OWASP Foundation. In any calendar year, there will be no more than 4 AppSec Conferences of this size. Locations will be determined the prior year and planning must begin at a minimum of 12 months in advance. The talent and services of volunteers are crucial to OWASP AppSec Conference success. That is the reason why it is important to establish standards and guidelines for volunteer so that both the volunteer and OWASP staff understand the parameters of the relationship up front. Volunteers that cancel at the last minute and produce limited results encumber OWASP mission, costing it money and preventing it from fulfilling its fundraising goals. A reliable volunteer with a strong work ethic can go a long way towards helping OWASP meet its goals. Before getting the approval to organize an OWASP AppSec Conference the Conference Organizers should: First, make a personal commitment to be there for OWASP. And second, read and fill out and sign the volunteer agreement.


OWASP Regional/Theme Conference

Regional/Theme conferences typically have lower attendance than AppSec conferences and typically include multiple days of single track plenary sessions. Training may or may not be offered at the discretion of the regional conference planning team. Regional conferences are not subject to the same rigor as AppSec conferences in terms of planning and only require the local planning team enter the event into the OWASP Conference Management System for review and approval by OWASP Staff and a small group of community reviewers. Regional conferences are encouraged to have a unique theme (development, Research, PHP, Government, Browsers...) to help differentiate them, although this is not required. Regional teams are free to brand their conference as they wish, as long as the OWASP affiliation is maintained, with the exception of the moniker "OWASP Global AppSec" which is reserved only for Global AppSec conferences.

OWASP Local Event

Events are typically single day or "OWASP Day" type events that are generally local in nature. Events typically have only one track and span anywhere from a half to a full day. Planning for these events is at the sole discretion of the event team and may be branded in any manner so long as the OWASP affiliation is maintained. In general, significant OWASP Foundation support will not be available for these events.

Project Summit

The purpose of our Project Summits is to focus dedicated time on collaboration & innovation of specific technical topics to help improve the quality and usefulness of our OWASP project tools. A Project Summit may be a standalone event or co-located with our Global AppSec conferences. Project Summits are classified as local or regional events and are eligible for the same level of support.

Partner/Promotional/Co-Marketing Events

Partner events are events of any type where OWASP partners with another non-profit organization to co-host an event. These events sometimes require close examination as the terms of the partnering agreement need to be reviewed to ensure OWASP integrity and reduce liability. These events also frequently will require both OWASP Staff and community review and may take many forms.

Many of our partnership & co-marketing agreements have the same standard deliverables, which may include but are not limited to:

  • Include the event under our Partner & Promotional section
  • Include the event in our monthly Connector up until the conclusion of the event
  • One (1) dedicated email invitation to the chapter leaders within the region of the event, asking them share the details and discounts with their community and chapter members. Email to be provided to OWASP for review/release by the partnering organization. Each chapter is run independently, so it is up to each chapter leaders discretion to promote the event.
  • Logo posted on our Supporting Partners page
  • Social Media - usually no more than 1x a month up until the start of the event.



Promotional Events are where OWASP has paid or in-kind sponsorship in a conference that is hosted by another organization. This sponsorship may take the shape of a booth, hosted competition, lanyards, bags, fliers and other promotional items and may or may not be a strictly financial transaction. These events require additional scrutiny as OWASP has a very limited marketing budget, however it is important for community members to have the support to "get the word out" at other events. These events will often provide OWASP with conference passes that can be distributed to volunteers who agree to represent OWASP at the OWASP booth.