Chapter Handbook: FAQ
- 1 How to Start a Chapter
- 2 Getting Started
- 3 Basic Meeting Rules
- 3.1 How many meetings per year do we need to host?
- 3.2 So after our 4 meetings can we charge to raise money for funds?
- 3.3 Why do I need to post information on my wiki?
- 3.4 What do you mean by "Free and Open?"
- 3.5 What is Vendor Neutrality?
- 3.6 My chapter would like to sign this contract/accept this donation, how do I do it?
- 4 Social Media for Chapters
- 5 Funding
- 5.1 What is this Seed Money I learned of?
- 5.2 I heard that I could get grants?
- 5.3 How do memberships work for Chapters?
- 5.4 I saw some Chapters use sponsorships, what is this?
- 5.5 Who writes the sponsorship document?
- 5.6 What can I offer in return for sponsorships?
- 5.7 Wait, I thought I could not send my own contracts?
- 5.8 Who do I send Sponsorship contracts to?
- 6 The Reimbursement Process
- 7 Basics of the Wiki
How to Start a Chapter
Finding an OWASP Chapter
Before applying go an OWASP Chapter, please check the OWASP Chapter page.
How do you choose where to start another Chapter?
OWASP Chapters are started by volunteers passionate about helping to develop a security inclusive culture within their geographic area. When a potential Leader asks to start a new chapter, we first evaluate the location to make sure that it is not too close to an existing Chapter.
The evaluation takes the size of the local tech scene and travel time to existing Chapters into account. While what is considered reasonable travel times changes with each local area, a handy basic understanding is that anything under 2 hours travel time between areas will result in us looking closer and contacting the existing local Chapter Leaders to ensure that we will not strangle existing Chapters by spreading their membership too thin.
Okay, There are no Chapters near me, how do I get started?
The next step is that you will be invited to an orientation to help you plan your Chapter's beginning.
I was told my proposed Chapter was too close to an existing Chapter?
If your proposed Chapter is too close to an existing chapter, we will not be able to create it. However, you will be introduced to all of the nearest Chapter Leaders so that you can work to volunteer in the most applicable chapter.
I want a nation/regional/state/province wide Chapter
OWASP had a history of giving the first chapter in a nation the same of that country, however, as we are growing rapidly we have discontinued this and now name Chapters after the local city.
OWASP also maintains a policy of allowing Chapters to start small and grow or combine to cover larger areas. This means that Chapters cannot start by covering larger areas unless they show stable growth for their existing Chapter and show a plan to cover the different areas in their expanded geographic territory.
Choosing your Chapter's Audience
Most chapters choose to aim their content at a combination of security professionals and developers. Some choose to aim specifically at one or the other. Some chapters reach out to new AppSec Departments and managers to offer training to their teams. Many chapters work with their local universities to train students in AppSec with the aim of either bringing students directly into AppSec or to ensure the next generation includes security throughout the entire SDLC and encouraging DevSecOps mentality.
It is important to note that when starting a chapter it is best tailor your content to the audience that exists and grow that audience in the direction that is both best for the Chapter and most interesting to you.
Your Chapter's wiki page
Your Chapter's wiki is the record of all chapter activities. If you host a meeting or event that is not on the Chapter it never happened. If your Chapter grows large enough to need self governance, you must develop those rules in concert with your membership and post them on the Chapter wiki page. If this information is not on the Chapter wiki page it cannot be taken into account should a complaint be made.
What types of meetings should my Chapter have?
Common meeting types include:
- Having 1-3 speakers with slide decks, Q&A, and light networking afterwards. This is the most common type of meeting and often considered the best for frequent use.
Supplementary meeting types include:
- Often used to supplement other meetings during months when another type of meeting is not happening, during a celebration, or in conjunction with other meetings
- Capture the flag and other competitive events
- Mentoring programs or sessions
- Hackathon (you can look at helping local not-for-profits or OWASP projects)
- Study groups
- Panels No matter what type of meetings you host they must be free unless special arrangements are made ahead of time with the foundation staff. Many chapters find it helpful to encourage new people by inviting them to report interesting news bites or seek help from a committee to perfect presentations.
My Chapter wants to host an event. How do we get started?
The purpose of chapters is to create a local community that can support and evangelize Application Security. We suggest that the best way to do this is to focus on growing a thriving community rather than focusing on hosting a large event in the first year.
That said, you can find all of the information you need about hosting an event on the How to Host a Conference page.
I want to grow my Chapter larger, do you have ideas that can help me?