Difference between revisions of "User talk:Jmanico"

From OWASP
Jump to: navigation, search
 
(Build a scalable OWASP training program that spreads security training around the world)
 
(8 intermediate revisions by 2 users not shown)
Line 1: Line 1:
?
+
= Jim's Suggestions for 2015 Strategic Plans =
 +
__TOC__{{TOC hidden}}
 +
== Build a scalable OWASP training program that spreads security training around the world ==
 +
* Focus on building free and open source training materials for all to use
 +
* Take existing wiki, powerpoint from talks, powerpoints from trainers who have open sourced content, key OWASP training-centric projects (webgoat, security Shepard, etc) and merge, clean up and professionalize the content into an OWASP branded series of trainings.
 +
* Produce professional OWASP branded training videos and CBT
 +
* Focus conference training program on using open source as opposed to proprietary/commercial content
 +
* As a commercial ILT trainer I have a big conflict of interest over this topic
 +
 
 +
== Strengthen OWASP chapters and increase Chapter’s abilities to spread message of OWASP through locally organized and run events. ==
 +
* Even something as simple as a chapter meeting is an "event" so anything to help make even chapter meetings better serves this goal
 +
* Better plan to help chapters use funds
 +
* Alert all chapters of existing chapter funds, on a monthly basis, on their public lists. Link to "How to use it to spread the message"
 +
* FUND SMALLER CHAPTERS IN A VERY SIGNIFICANT WAY
 +
 
 +
== Mature the OWASP Projects Platform: Provide the OWASP projects community a mature project platform to encourage senior developers to participate in the various and many OWASP projects. ==
 +
* Consider hiring senior developer/developers to mature code centric OWASP programs like ESAPI, OWASP Java Encoder, etc.
 +
* Consider funding security initiatives reviewing various open source projects and software frameworks in common use
 +
* Connect leads of popular open source frameworks to OWASP community members willing to provide free appsec services, products, etc.
 +
* Build a new website that is developer centric, pointing to key developers/secure coding projects and materials and other resources

Latest revision as of 10:04, 22 May 2015

Jim's Suggestions for 2015 Strategic Plans

Build a scalable OWASP training program that spreads security training around the world

  • Focus on building free and open source training materials for all to use
  • Take existing wiki, powerpoint from talks, powerpoints from trainers who have open sourced content, key OWASP training-centric projects (webgoat, security Shepard, etc) and merge, clean up and professionalize the content into an OWASP branded series of trainings.
  • Produce professional OWASP branded training videos and CBT
  • Focus conference training program on using open source as opposed to proprietary/commercial content
  • As a commercial ILT trainer I have a big conflict of interest over this topic

Strengthen OWASP chapters and increase Chapter’s abilities to spread message of OWASP through locally organized and run events.

  • Even something as simple as a chapter meeting is an "event" so anything to help make even chapter meetings better serves this goal
  • Better plan to help chapters use funds
  • Alert all chapters of existing chapter funds, on a monthly basis, on their public lists. Link to "How to use it to spread the message"
  • FUND SMALLER CHAPTERS IN A VERY SIGNIFICANT WAY

Mature the OWASP Projects Platform: Provide the OWASP projects community a mature project platform to encourage senior developers to participate in the various and many OWASP projects.

  • Consider hiring senior developer/developers to mature code centric OWASP programs like ESAPI, OWASP Java Encoder, etc.
  • Consider funding security initiatives reviewing various open source projects and software frameworks in common use
  • Connect leads of popular open source frameworks to OWASP community members willing to provide free appsec services, products, etc.
  • Build a new website that is developer centric, pointing to key developers/secure coding projects and materials and other resources