Difference between revisions of "Summit 2011"

From OWASP
Jump to: navigation, search
Line 16: Line 16:
 
<br> [http://www.twitter.com/OWASPSummit http://twitter-badges.s3.amazonaws.com/twitter-a.png]<br>
 
<br> [http://www.twitter.com/OWASPSummit http://twitter-badges.s3.amazonaws.com/twitter-a.png]<br>
 
[[Image:REGISTER_NOW_244.jpg|link=http://www.regonline.com/owasp_global_summit_2011]]
 
[[Image:REGISTER_NOW_244.jpg|link=http://www.regonline.com/owasp_global_summit_2011]]
 +
<br>if you can't attend in person:<br/> [https://spreadsheets.google.com/viewform?formkey=dEptc1BoTVJSQkxBSDhhNHdSaEN1Y3c6MQ click here to register for remote participation]
 
|}
 
|}
 
 
==== About  ====
 
==== About  ====
 
{{:Summit_2011_About}}
 
{{:Summit_2011_About}}

Revision as of 00:52, 2 February 2011

Final summit logo.jpg

See more details about the 2011 Summit Logo

Emails to Attendees
Press Releases & Media Mentions
What do I need to do to attend?
Where is the venue?
Who is going?
How can I become a corporate sponsor?
Other Frequently Asked Questions


twitter-a.png
REGISTER NOW 244.jpg
if you can't attend in person:
click here to register for remote participation

About

The OWASP Global Summit is the place where application security experts meet to discuss plans, projects and solutions for the future of application security. The Summit is not a conference - there are no talks or training seminars - this is an opportunity to do actual work to further the field of application security. Participants will stay in shared accommodations and collaborate to produce tangible progress towards influencing standards, establishing roadmaps, and setting the tone for OWASP and application security for the coming years.

The Summit will consist of working sessions across a variety of topics set by our community. Participants are free to attend any working session, but we encourage everyone to select working sessions for topics where they have the most to contribute.

Anyone can attend the Summit! OWASP community members, application security experts, industry players, and developers are all welcome at the Summit. If you would like to receive a personalized invitation for yourself or another person, see the promotional materials page.

Last Summit

This OWASP Global Summit is following the same model used at the OWASP EU Summit 08 which also took place in Portugal and gathered over 80 application security experts from over 20 countries. A smaller Summit 2009 was organized together with the AppSec US conference.

Creating OWASP 4.0!

Call to action by Jeff Williams / OWASP Board Chair

Hi everyone,

In my mind, OWASP 1.0 was pre-wiki with lots of great work and a less great infrastructure. OWASP 2.0 was establishing the 501c3, putting in the wiki, and getting lots of great projects started. OWASP 3.0 started with the Summit in Portugal when we created the new committees and has focused on creating thriving projects instead of standalone tools. Thank you for all of your efforts growing a fun, civil, productive community.

I reach out to you now to ask you to take some time and think about what OWASP should become. The time has come to measure our success not by the number of members, projects, and conferences, but by whether we are succeeding at making the world’s software more secure. It’s time to get our message and strategy to the next level.

Help design OWASP in Portugal at the Summit!

If you consider yourself an OWASP Leader, won’t you take a few minutes of quiet time and propose a few ideas for how OWASP can retool, reorganize, refocus, and revamp itself to really achieve our mission? We will rip, mix, and burn these ideas into a new strategy for OWASP at the Portugal Summit. I encourage you to check out the resort and all the plans happening right now at https://www.owasp.org/index.php/Summit_2011.

Here are some ideas to get you started.

  • We bootstrap several application security ecosystems around key technologies like mobile, cloud, REST
  • We reach out to governments around the world to help them push for application security
  • We raise money to fund real security enhancements to tools, browsers, protocols (e.g. OpenSSL)
  • We make the OWASP materials more usable by providing a “user” site and keep the wiki for development
  • We invest in marketing AppSec – How do we scale David Rice and the “greening” of AppSec
  • We continue our education initiative – academies, college chapters, videos, curriculum
  • We continue our browser initiative and do whatever it takes to get the browsers and frameworks talking
  • We invest in getting in front of new technologies like HTML5
  • We launch a no-holds barred XSS eradication campaign
  • We create a set of objective AppSec *market* metrics that quantify the state of our art
  • We continue to push on creating standards
  •  ???


We need your ideas NOW. Get yourself on the Attendee list!

In one week of thinking, arguing, coding, hacking, and writing we are going to accomplish more than the rest of the world’s appsec efforts combined. We’ll see you in Portugal ready to rock. Thanks!

--Jeff

OWASP Foundation Board Chair

Summit 2011 About

The OWASP Global Summit is the place where application security experts meet to discuss plans, projects and solutions for the future of application security. The Summit is not a conference - there are no talks or training seminars - this is an opportunity to do actual work to further the field of application security. Participants will stay in shared accommodations and collaborate to produce tangible progress towards influencing standards, establishing roadmaps, and setting the tone for OWASP and application security for the coming years.

The Summit will consist of working sessions across a variety of topics set by our community. Participants are free to attend any working session, but we encourage everyone to select working sessions for topics where they have the most to contribute.

Anyone can attend the Summit! OWASP community members, application security experts, industry players, and developers are all welcome at the Summit. If you would like to receive a personalized invitation for yourself or another person, see the promotional materials page.

Last Summit

This OWASP Global Summit is following the same model used at the OWASP EU Summit 08 which also took place in Portugal and gathered over 80 application security experts from over 20 countries. A smaller Summit 2009 was organized together with the AppSec US conference.



Tickets / Accommodations

[edit]

PERSON(S) TICKET COMBINATION COST IN EUROS COST IN USD
Individual Summit Participant Ticket
(includes meals, no accommodation)
€260 EUR $350 USD
Individual Summit Participant Ticket
+ 4 Nights Shared Accommodation
€590 EUR $800 USD

The total cost for most attendees will be €590 EUR or $800 USD (Summit Participant Ticket + 4 Nights Shared Accommodation). Shared accommodations will be contained in multi-room villas which hold between four and six persons. You should expect to share a room in these villas - in fact, the shared experience has been cited as the most fun and beneficial part of the previous Summit.

A more detailed price chart with variations based on how many nights you will be staying, whether you want shared or private accommodations, and whether you have a companion is available below.

Summit Participant Tickets are tickets for individual participants and include the meals listed below during each day of the Summit. Individual participants should also select their preferred accommodations (shared or private).

Individual participants may also bring companions who are not participating in the Summit. Participants with companions must reserve private accommodations and purchase the Summit Companion Ticket. The Summit Companion Ticket covers the meals each day for the companion and the additional fees for an appropriate private room for both the participant and companion.

*NOTE CHANGE* As of 10 January 2011, all Summit Tickets must be purchased through the RegOnline System. OWASP Sponsored attendees must contact Sarah Baso for a coupon code before going to RegOnline to get their Summit Ticket and book their accommodations. For help regarding the RegOnline System, contact Kate Hartmann. Please note if you previously booked your Summit Ticket, accommodations, or flight through Diplomata Tours, we still have your reservation and you 'DO NOT' need to re-register.

REGISTER NOW 244.jpg

Included Meals

The following meals are included each day of the Summit for Summit Participant and Companion Tickets:

  • Morning Coffee Break
  • Lunch (consisting of pack of a sandwich, bag of chips, yogurt, fruit, cake, and soft drink or mineral water)
  • Afternoon Coffee Break
  • Dinner (buffet style with beverages)

If you are staying at Campo Real, 3 meals per day as well as 2 coffee breaks will be provided (Tuesday through Friday) If you are not staying at Campo Real and purchased only a Summit Participant Ticket, only 2 meals per day (lunch and dinner) and 2 coffee breaks will be provided.

Shared Accommodations will be villa-style suites each containing two or three bedrooms. The bedrooms will contain multiple beds and attendees will be expected to share rooms with other attendees. Each villa has a common area living room and kitchenette which can be used to socialize and collaborate. Private Accommodations will be a single hotel room containing one bed.

In addition, breakfast is included with all accommodation packages.

If you wish to arrive early at Campo Real or stay after the Summit is over, you are more than welcome. The extra night rates are €67 EUR for a single (with breakfast) and €127 EUR for a couple (with breakfast).

As of 10 January 2011, accommodations must be booked through the RegOnline System instead of Diplomata Tours. Also, do not book directly with the Campo Real Resort.

*NOTE CHANGE* Attendees should purchase Summit Tickets and reserve accommodations through the RegOnline System. All OWASP Sponsored attendees must contact Sarah Baso for a coupon code before going to RegOnline to get their Summit Ticket and book their accommodations. For help regarding the RegOnline System, contact Kate Hartmann.

Attendees should arrange for their own airfare, unless they are being funded by OWASP, in which case the attendee must book their airfare through Sarah Baso. Attendees arranging their own air travel should send their flight itinerary to Lorna, Sarah or Jason so that we can arrange airport transfers to the Summit venue.

REGISTER NOW 244.jpg

While we encourage all participants to stay in shared accommodations, we recognize that not all participants will be comfortable sharing accommodations. Individual hotel rooms with single beds are available at an additional cost. The typical total cost for single attendees desiring these private accommodations will be €664 EUR (Summit Participant Ticket + 4 Nights Private Accommodation).

Participants that wish to bring a companion must stay in private accommodations and the companion will cost an additional €404 EUR for a typical grand total of €1068 EUR (Summit Participant Ticket + Summit Companion Ticket + 4-Nights Private Accommodation).

PERSON(S) TICKET COMBINATION COST IN EUROS APPROXIMATE COST IN USD
Individual Summit Participant Ticket
(includes meals, no accommodation)
€260 EUR ≈$350 USD
Individual Summit Participant Ticket
+ 3 Nights Shared Accommodation
€515 EUR ≈$700 USD
Individual Summit Participant Ticket
+ 3 Nights Private Accommodation
€590 EUR ≈$800 USD
Individual Summit Participant Ticket
+ 4 Nights Shared Accommodation
€590 EUR ≈$800 USD
Individual Summit Participant Ticket
+ 4 Nights Private Accommodation
€664 EUR ≈$900 USD
Couple Summit Participant Ticket + Summit Companion Ticket
+ 3 Nights Private Accommodation
*Attendees with companions must stay in Private Accommodations
€920 EUR ≈$1250 USD
Couple Summit Participant Ticket + Summit Companion Ticket
+ 4 Nights Private Accommodation
€1068 EUR ≈$1450 USD
Individual Extra Night of Private Accommodation (includes breakfast) €67 EUR ≈$90 USD
Couple Extra Night of Private Accommodation with Companion (includes breakfast) €127 EUR ≈$170 USD

PDF or Google Docs version of pricing table on OWASP Global Summit Letterhead.


Working Sessions

Click on the working session name to see the home page for that particular session. During the Summit those working session home pages will be used to document discussions and outcomes.

If you're interested in adding a Working Session for the 2011 Summit, there still is time to start a session! Please review the Working Session methodology for Working Session rules.


See Track Details

Promotional Materials

These presentations provide more information about the Summit:

These documents are templates for Summit invitation letters that attendees can use to submit to their employers to support their attendance at the Summit:

If you would like a paper copy of any one of these letters signed by the OWASP Foundation, please contact Sarah Baso or Kate Hartmann. These letters can be sent to you or directly to your employer. Be sure to indicate which letter you need and where the letter should be sent!

These documents are templates that OWASP community members can use to send an invitation directly to an individual, organization, university, or government entity that they feel should participate in the Summit:

If you would like a paper copy of any one of these letters signed by the OWASP Foundation, please contact Sarah Baso or Kate Hartmann. These letters can be sent to you or directly to your employer. Be sure to indicate which letter you need and where the letter should be sent!


Corporate Sponsorship

The OWASP Global Summit Feb 8th - 11th, is when industry and application security practitioners from around the world will assemble, collaborate and set the agenda for the forthcoming advancements of the mission.

What option will you choose to show your support?

All sponsorships will be handled via online payment - click here. We can also provide a invoice for payment if you need one, please email your request to accounting(@)owasp.org with your selection listed below. For more information simply contact Tom Brennan via telephone 973-202-0122 or contact us


width20pxSize

Sponsor a meeting room! Attendees will be participating in working sessions located in one of several meeting rooms. Organizations that sponsor a villa will have their name and logo posted on the entrance to the meeting room and in the central venue location. The organization may also select the official name for the meeting room to be used in all Summit documentation and communications. In addition, the organization's name and logo along with a link to their website published in the official Corporate Sponsor's list.

Cost: $6,000 per room x3
Sponsor 1:
Sponsor 2:
Sponsor 3:

width20pxSize

Sponsor the A/V equipment! Each meeting room will have its own projector for presentations and collaboration. Organizations that sponsor the A/V setup in a meeting room will have their name and logo along with a link to their website published in the official Corporate Sponsor's list.

Cost: $2,000 per projector/room x3
Sponsor 1:
Sponsor 2:
Sponsor 3:

width20pxSize

Sponsor a lunch! Attendees will have a working lunch every day of the Summit. Organizations that sponsor a lunch will have their name and logo prominently displayed during the lunch event. The organization may select the official name for the lunch hour to be used in all Summit documentation and communications. In addition, the organization's name and logo along with a link to their website will be published in the official Corporate Sponsor's list.

Cost: $2,000 USD x4
Sponsor 1: Sponsor-isc2.gif
Sponsor 2:
Sponsor 3:
Sponsor 4:

width20pxSize

Sponsor a happy hour! Attendees will be looking for a way to unwind after working long in working sessions. Organizations that sponsor an attendee happy hour will have their name and logo prominently displayed during the happy hour event. The organization may select the official name for the happy hour to be used in all Summit documentation and communications. In addition, the organization's name and logo along with a link to their website will be published in the official Corporate Sponsor's list.

Cost: $2,000 USD x3 Monday, Tuesday, Wednesday, Thursday, Friday

Sponsor 1 Monday:
Sponsor 2 Tuesday:
Sponsor 3 Wednesday:
Sponsor 4 Thursday:
Sponsor 5 Friday:

width20pxSize

Sponsor a dinner! Attendees will have a dinner to conclude every day of the Summit. Organizations that sponsor a dinner will have their name and logo prominently displayed during the dinner event. The organization may select the official name for the dinner to be used in all Summit documentation and communications. In addition, the organization's name and logo along with a link to their website will be published in the official Corporate Sponsor's list.

Cost: $4,000 USD x3
Sponsor 1 Tuesday:
Sponsor 2 Wednesday:
Sponsor 3 Thursday:


Sponsor the Summit's internet attendees will be making heavy use of venue wifi throughout the Summit. Organizations that sponsor wifi will have their company name and logo along with a link to their website published in the official Corporate Sponsor's list.

Sponsor: Trustwave 2010 Logo.jpg



The following companies helped make the Summit possible with their annual support of OWASP Foundation.

2010-support.png


width20pxSize


Summit Sponsorship Fund

During the previous Summit, OWASP was fortunate enough to be able to fund all OWASP leaders to attend the Summit. Unfortunately, the budget for the 2011 Summit is not as large as the previous budget. As a result, the Summit Committee is making the following compromise with our attendees: we will provide the venue meeting rooms, the A/V equipment, and the venue supporting staff in order to enable attendees to work effectively; attendees just have to pay for travel and accommodations for themselves.

We have aggressively negotiated with multiple venues in order to find the best possible pricing for attendee accommodations. As you know, the Summit is not a conference - it is an opportunity to bring together the community to "get stuff done". OWASP is not making any revenue from the Summit - we are charging essentially at cost prices for the accommodations and food. There is only a small deviation simply due to villa room configuration, as we expect to have some villas that are not filled to capacity.

The Summit Operational Budget is $50k. The venue costs currently account for 40% of the Summit budget, with the possibility of an additional 10% increase in order to procure another meeting room should it become necessary. Another 20% of the Summit budget is being held as a cash flow reserve to cover things like exchange/wire fees, unexpected venue expenses, incidentals, and other miscellaneous expenses. The final 20% of the Summit budget will be used for operational expenses.

funds to OWASP earmarked for Summit.

The Summit Sponsorship Fund is estimated to have $50k of funding available. This fund is administered by the OWASP Board. As one of the primary goals of the Summit is for OWASP leadership to meet to set the agenda for 2011, the Board prioritized funding for the following parties:

  1. OWASP Staff
  2. Board Members
  3. Active Global Committee Members (as determined by the Board in consultation with the respective elected Committee Chairs)

The remainder of the budget will be used by the Board to fund as many attendees as possible. The Board has decided to use a ranking system to select the individuals who will receive the funds currently available, as well as any funds that the Summit may receive through corporate sponsorships or other budget allocations. To learn more about the ranking system, see Dinis Cruz's email to Summit sponsorship applicants on 5 January 2011.

The first round of sponsorships using the ranking system was decided and awarded on 10 January 2011.

The second round of sponsorships using the ranking system was decided and awarded on 18 January 2011.

Unfortunately, the Board will not be able to fund everyone that wants to attend. If you are able to obtain funding through your employer, please do so. The Summit Committee has prepared a number of letters that you can give your employer - we can even mail signed copies of the letter directly to your employer on request!

Please remember that funding for attendees is extremely limited this year. If you are able to obtain funding through your employer, please do so. We have prepared a number of letters that you can give your employer - we can even mail signed copies of the letter directly to your employer on request!

If you need funding to support your attendance to the Summit, please take the following steps:

  1. Add your name to the list of attendees that need funding support by entering your name on the Attendee page. To add your name to the Attendee page, go to the page and find the first blank line without a name. Click on the "Edit" link as show below and add your details. Make sure to include your email address in the Attendee form or we won't be able to contact you!
    Summit-funding.png
    .
  2. Contact Sarah Baso or Dinis Cruz to find out the current status of funds available as well as if (and when) the Board will be selecting the next round of sponsorships for the Summit.
  3. Fill out this application to ask for sponsorship by your local Chapter or a Project that you contribute to or lead and send it to Sarah Baso

You must follow these directions to be considered for funding. Funding is extremely limited and preference will be given to people that follow instructions.

*NOTE CHANGE* As of 18 January, 2011 we have maxed out all the funds we have available for attendees (from OWASP foundation funds and from the chapters themselves), if more funding is received via corporate or individual donations from now until the time of the Summit we will contact those listed on the Summit attendees seeking funds list.

Logistical Guidelines and Expectations for OWASP-Sponsored Attendees

  • OWASP funded attendees are assumed to be arriving either Monday, February 7th or Tuesday, February 8th and departing on Friday, February 11th. Note that based on availability of flights, this may result in the attendee missing part of the Summit on Tuesday or Friday.
  • OWASP funded attendees can expect to have the following items included in their sponsorship:
  1. Flights to/from the Summit (see restrictions on ticketing below),
  2. Transportation to/from the airport,
  3. Shared Accommodations for 3 or 4 nights in Villa-style suites each containing two or three bedrooms. The bedrooms will contain multiple beds and attendees will be expected to share rooms with other attendees. One of the bedrooms may have one double bed, in which case one of the two people assigned to that room will be asked to sleep on the sofa. Each villa has a common area living room and kitchenette which can be used to socialize and collaborate.
  4. Breakfast, Lunch, Dinner, and Coffee Breaks during the days of the Summit (Tuesday, February 7th through Friday, February 11th)
  • OWASP's Expectations for Sponsored Attendees:
    • Will be asked to participate in OWASP outreach activities with JavaRanch
    • Will be expected to act as a leader or secretary of one or more working sessions
    • Since some of the villas will require an occupant to sleep on the sofa, we expect that sponsored attendees will volunteer for this "duty" so that no attendees that pay their own way have to sleep on the sofa.
  • Due to the limited funds we have available this year for sponsoring attendees, OWASP will only pay the amount of the cheapest flights to/from the Summit. Therefore, while it may be somewhat inconvenient to attendee to have a non-direct flight, fly on a non-preferred airline, or come a day early/stay a day late, we are asking you to be respectful of this guideline when booking your flight. If you prefer a different (more expensive flight), we ask that you cover the cost difference yourself. See details below.

Ticket Combination Guidelines

Depending on how long the sponsored attendee is staying, OWASP will pay for the appropriate ticket combination.

  • For an attendee staying 3 nights, OWASP will sponsor the Participant Ticket + 3-Nights Shared Accommodation.
  • For an attendee staying 4 nights, OWASP will sponsor the Participant Ticket + 4-Nights Shared Accommodation.
  • Any remaining amount based on the chosen ticket combination, including costs of companions, will be charged to the attendee.

REGISTER NOW 244.jpg

Airfare Guidelines

*NOTE CHANGE*

  • As of 10 January, 2011 responsibility for booking flights to the Summit has migrated from Diplomata to Sarah Baso. All OWASP sponsored attendees need to contact Sarah Baso for flight arrangements.
  • Sarah will search for the cheapest flight from the attendee’s home airport to Lisbon arriving Monday (February 7th) or Tuesday (February 8th) and departing Friday (February 11th). The cheapest available flight serves as the baseline for the attendee’s airfare.
  • Sarah will then search for flights that depart on Saturday or Sunday. If flights available on Saturday or Sunday are significantly cheaper than the baseline airfare, the attendee may be asked to stay additional nights based on the Friday/Saturday Night Guidelines. If the attendee would like to choose a different flight, the attendee must pay the difference.

Friday Night Guidelines

If the difference in cost between the Saturday flight and the baseline flight is significantly greater than the cost of one night’s accommodation at Campo Real, then the attendee will be asked to depart on Saturday’s flight. In these instances, Friday night’s accommodations at Campo Real will be paid for by OWASP for the sponsored attendee. If the sponsored attendee has a companion, the extra charge for the companion will be €50 EUR (which the attendee or companion will have to pay for themselves). If the attendee would prefer to depart on Friday, the attendee must pay the difference in airfare.

Saturday Night Guidelines

If the difference in cost between the Sunday flight and the baseline flight is significantly greater than the cost of two night’s accommodation at Campo Real, then the attendee will be asked to depart on Sunday’s flight. In these instances, Friday and Saturday night’s accommodations at Campo Real will be paid for by OWASP for the sponsored attendee. If the sponsored attendee has a companion, the extra charge for the companion will be €100 EUR (which the attendee or companion will have to pay themselves). If the attendee would prefer to depart on Friday, the attendee must pay the difference in airfare.

Early Arrival Guidelines

The same rules/guidelines used for booking and paying for flights departing on Saturday or Sunday should be used for flights arriving a day or two early. If the cost difference to arrive on either Saturday or Sunday (instead of the baseline flight), is significantly greater than the cost of one or two nights accommodation at Campo Real, then the attendee will be asked to arrive on Saturday or Sunday. In these instances, Saturday and Sunday nights’ accommodations for the sponsored attendee will be paid for by OWASP. If the sponsored attendee has a companion, the extra charge for the companion will be €50 EUR per night (which the attendee or companion will have to pay themselves). If the attendee would prefer to depart on Friday, the attendee must pay the difference in airfare. If the attendee would prefer to arrive on a different day, the attendee must pay the difference in airfare.

Summit Committee

Paulo Coimbra@ Wiki, Working Sessions

Arrive Thursday, February 3, Depart Friday, February 11

Sandra Paiva@ Wiki, Working Sessions

Arrive Thursday, February 3, Depart Friday, February 11

Sarah Baso Attendee Travel and Accomodations; registration, volunteer coordinator

Arrive Saturday, February 5, Depart Sunday, February 13

Sarah Cruz graphics and printed material, speaks Portuguese, OWASP store, meals, happy hour

Arrive Sunday, February 6, Depart Friday, February 11

Deb Brewer graphics, activity organizer, crisis manager

Arrive Saturday, February 5, Depart, Friday, February 11

Linda Potjes Video Supervisor (manage video and broadcast)

Arrive Saturday, February 5, Depart, Sunday, February 13

Kate Hartmann OWASP information, financials, golf cart crisis

Arrive Thursday February 3, Depart Saturday, February 12

If you want to help with the Summit organization (or want to take a look at what is happening behind the scenes), the Summit 2011 Internals page contains the latest information and links


Questions? Contact Lorna Alamri, Sarah Baso, or Jason Li.