User talk:Jmanico

Jump to: navigation, search

Jim's Suggestions for 2015 Strategic Plans

Build a scalable OWASP training program that spreads security training around the world

  • Focus on building free and open source training materials for all to use
  • Take existing wiki, powerpoint from talks, powerpoints from trainers who have open sourced content, key OWASP training-centric projects (webgoat, security Shepard, etc) and merge, clean up and professionalize the content into an OWASP branded series of trainings.
  • Produce professional OWASP branded training videos and CBT
  • Focus conference training program on using open source as opposed to proprietary/commercial content
  • As a commercial ILT trainer I have a big conflict of interest over this topic

Strengthen OWASP chapters and increase Chapter’s abilities to spread message of OWASP through locally organized and run events.

  • Even something as simple as a chapter meeting is an "event" so anything to help make even chapter meetings better serves this goal
  • Better plan to help chapters use funds
  • Alert all chapters of existing chapter funds, on a monthly basis, on their public lists. Link to "How to use it to spread the message"
  • Help pollenate cross-chapter meetings (Jerry Hoff)

Mature the OWASP Projects Platform: Provide the OWASP projects community a mature project platform to encourage senior developers to participate in the various and many OWASP projects.

  • Consider hiring senior developer/developers to mature code centric OWASP programs like ESAPI, OWASP Java Encoder, etc.
  • Consider funding security initiatives reviewing various open source projects and software frameworks in common use
  • Connect leads of popular open source frameworks to OWASP community members willing to provide free appsec services, products, etc.
  • Build a new website that is developer centric, pointing to key developers/secure coding projects and materials and other resources