The concept of OWASP Academies
The OWASP Board has decided to start off the process of designing and building a new concept that will be closely linked to the training activities promoted by OWASP and that intends to take this area one step further.
The idea is to create the OWASP Academies – a frame under which work should be done with Universities, Polytechnic Institutes, IT Schools and other Academic institutions with a view to establish solid relationships and develop with these organisms ways to collaborate and participate in the design of courses focused on web application security.
OWASP has the knowledge and critical mass to give an invaluable input to any Academy focusing on this area by:
- contributing with its expertise in the definition of curricula and course contents that explore and study the web security field;
- making available to the Academy its pool of interested and willing security experts as trainers.
As mentioned above, this concept is just at its beginning and we do not have, as of yet, a clear methodology or set of rules to implement what hopefully will be a new area of work for OWASP.
What is clear, however, is that to make this happen we will need your input and ideas, your energy and your initiative! Moreover, as we are planning to include this discussion in one of the Working Sessions to be held in the upcoming OWASP Summit 2011, this would be the perfect timing to gather your input and contributions.
Being so, if you have contacts within your local academic communities and would like to be involved in the design and development of this concept, please do get back to me with your thoughts!
I am looking forward to hearing from you!
OWASP Training Manager
OWASP Academies meeting - 5th, 6th January
Preparatory meeting for the Summit'11
Following the email sent in October regarding the OWASP Academies and the work OWASP is developing to implement and operationalize this concept, multiple feedback and contributions for the discussion have been received.
We thought that one way to turn the feedback and interest received into something positive and constructive would be to sit the people involved at a table and discuss experiences, views and ideas for the OWASP Academies' operational model. Knowing, for example, how the already established connections with Universities were started and how they are working, what would seem to these partners the most reasonable “next step” in terms of formalization or knowing what, from the Universities’ point of view, would be an interesting model of relationship, could be of great use for our own definition and consolidation of the OWASP Academies concept.
In this context, a meeting will be held on the 5th and 6th of January, in Lisbon, with the following format:
- Two days (5th and 6th January) of working sessions focused on the OWASP Academies where the operational model will be discussed with the intent to prepare a draft that can be presented and debated in the Summit'11 to happen in February;
- Main objectives should be:
- Definition of the concept behind the OWASP Academy model;
- Discussion of Certification;
- Identification of a "to do" list for the Summit'11.
The meetings will take place at ISCTE, Lisbon University Institute, in Lisbon. Address is Av.ª das Forças Armadas, 1649-026 LISBOA.
Unfortunately, due to budgetary constraints, it will not be possible for us to invite all who have contributed for the discussion and pay for their traveling and accommodation. We have therefore devised a criteria of selection for paid invitations that takes into account both the level of engagement in the discussion and the amount of work already done within the Academic community.
Having said that, if you find sponsorship to fund your trip and stay in Lisbon, you will be very welcome to join us – just drop me a line to let me know you are coming!
- Martin Knobloch – Netherlands Local Chapter and Global Education Committee, Netherlands
- Konstantinos Papapanagiotou - Greece Local Chapter, Information Security Services Manager at Syntax IT Inc, Visiting Lecturer at the University of Piraeus, Greece
- Vasileos Vlachos - Greece Local Chapter, Lecturer at the Technological Educational Institute of Larissa, Greece
- Jim Burkman - Assistant Professor, at the Oklahoma State University, US
- Andreas Fuchsberger – Information Security Group, Royal Holloway University, UK
- Ed Adams - President & CEO of Security Innovation, US
- Jason Taylor - CTO of Security Innovation, US
- Francisco Rente - Researcher at the Universidade de Coimbra, Portugal
- Ricardo Melo - DRI, IT Consultants Ltd
- Carlos Serrão - OWASP Portuguese Chapter Leader, Assistant Professor at ISCTE - Lisbon University Institute, Portugal
- Dinis Cruz - OWASP Board
- Paulo Coimbra - OWASP Project Manager, Portugal
- Sandra Paiva - OWASP Training Manager, Portugal
|Room XXX, ISCTE - Lisbon University Institute, January 5th, 2011|
|10h00-10h30||Reception of participants|
|10h30-11h30|| Presentation of the OWASP Academies concept
|11h45-13h30|| Certification Project – content, technology, proposed model
(Ed Adams and Jason Taylor, Security Innovation)
|14h30-16h00|| Open discussion on what the OWASP Academies model should be:
|16h15-17h30|| Open discussion (Cont.)
(Jim Burkman, Oklahoma State University; Carlos Serrão, ISCTE)
|Room XXX, ISCTE - Lisbon University Institute, January 6th, 2011|
|10h00-11h00||Discussion / Definition of model|
|11h45-13h00||Discussion / Definition of model (Cont.)|
|14h00-16h00|| Certification Project – Integration with the OWASP Academies model
(Ed Adams, Jason Taylor (Security Innovation) and Dinis Cruz)
|16h15-17h30|| Wrap up and draft of the model