Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
(Chapter) Leaders Workshop
Part 1: People and Capital – The Fire & Fuel for Chapter Activities
Part 2: I’m a Leader. Now W...
(Chapter) Leaders Workshop
This workshop is intended for All OWASP Leaders who are
responsible for managing volunteers, bu...
Chapter Leaders Workshop
People and Capital –
The Fire & Fuel for Chapter
Activities
Meet the OWASP Staff
• Paul Ritchie, Executive Director – California, USA
• Kate Hartmann, Operations Director – Maryland,...
OWASP Staff Services
• Setting up new projects and chapters
• Setting up new leaders with tools and account access
• Acces...
Community Management
• Noreen Whysel, Community Manager
• Chapter Development
• New Leaders
• Chapter Activity and Promoti...
Chapter Development
Chapter Development
• 28 new chapters started in 2015
• 8 chapters restarted
• 26 chapters inactivated
• some are in the p...
Chapter Activity: Meetings
OWASP Sheffield, UK OWASP NYC Meeting
Chapter Activity: Trainings
OWASP AppSecUSA 2015 OWASP Hyderabad ZAP Training
Chapter Activity: Outreach
OWASP Philippines, Community
Growth, Awareness and Education
OWASP Noida, Cyber Awareness at
Mi...
Project Management
• Claudia Aviles-Casanovas
• New Project evaluation process
E-Merchandise
• Kate Hartmann
• E-Merchandise process demo
• OCMS submission and approval process, auto-messaging features...
E-Merchandise
• Kelly Santalucia
• OWASP Conference Management System
• Contracts
Funding Chapter Activities
Typically Approved Use of Funds
• Catering expenses
• Venue expenses
• Speaker travel to your events
• Outreach, travel/me...
Funding Rules
• All funding requests MUST be pre-approved.
• Funding is deducted from the local chapter budget first.
• A ...
Funding Limitations
• Standard funding thresholds are based on the type of activity, typically
• $500 per event for local ...
Funding Procedures
1. Leader or speaker submits a funding request.
https://www.owasp.org/index.php/contact-U.S.
2. OWASP S...
Things to Keep in Mind
• Funds are drawn from the chapter allocation first, then from the Community
Engagement fund.
• Be ...
Other Funding Resources
• Membership allocation
• Corporate allocation, sponsorship
• Individual donation (Donate button)
...
Conference Planning
• How to Host a Conference
https://www.owasp.org/index/How_to_Host_a_Conference
• Fundraising
• 90/10 ...
Other Ideas?
•
Chapter Leaders Workshop
I’m a Leader. Now What? –
Basic Information for Jump Starting
a Chapter
I’m a Leader. Now What?
• Meeting Formats
• Tips for Successful Meetings
• Conference Planning
• Chapter Leader Handbook
•...
Meeting Formats
• Introduction to OWASP | Overview Slides: https://docs.google.
com/presentation/d/10wi1EWFCPZwCpkB6qZaBNN...
Chapter Activity: Meetings
OWASP Sheffield, UK OWASP NYC Meeting
Chapter Activity: Trainings
OWASP AppSecUSA 2015 OWASP Hyderabad ZAP Training
Chapter Activity: Outreach
OWASP Philippines, Community
Growth, Awareness and Education
OWASP Noida, Cyber Awareness at
Mi...
Tips for Successful Meetings
1. They hold regular monthly meetings with decent speakers
2. They have more than one leader ...
Conference Planning
• How to Host a Conference: https://www.owasp.
org/index/How_to_Host_a_Conference
• Fundraising
• 90/1...
Chapter Leader Handbook
• https://www.owasp.org/index.php/Chapter_Leader_Handbook
• Chapter 1: Handbook Overview
• Chapter...
Mandatory Rules
https://www.owasp.org/index.php/Chapter_Handbook/Chapter_2:
_Mandatory_Chapter_Rules
Funding and Donations
• Donation Scoreboard: https://docs.google.com/spreadsheet/pub?
hl=en_US&hl=en_US&key=0Atu4kyR3ljftd...
Other Ideas?
Chapter Leaders Workshop
What’s in Your Toolbox? –
Resources for Engagement
Resources for Engagement
• OWASP Resources
• Social Media
• Collaboration Tools
• Meeting Management
• Newsletters
OWASP Resources
● Chapter Leader Handbook
● Reimbursement Request form
● Donation Scoreboard --- This is Listing of Availa...
OWASP Resources
● Mailing Lists
https://lists.owasp.org/mailman/listinfo/owasp-chapters
https://lists.owasp.org/mailman/li...
OWASP Resources
● OWASP Chapter presentations
● OWASP News Item template
● OWASP Chapter promotion tips
● OWASP Branded Ch...
OWASP Project Resources
How to Run a Successful Open Source Project:
http://www2.econ.iastate.edu/tesfatsi/ProducingOSS.Ka...
Social Media
• Twitter (as of 8/31/2015)
• 4014 tweets
• 325 following
• 56,819 followers
• Facebook
• 9,062 Page Likes
• ...
Resources for Engagement
Social Media
Using Social Media
• Advantages and traps of social media?
• How can we ensure they are open, inviting and secure?
• How t...
Hootsuite
Collaboration Tools: Slack
Collaboration Tools: Trello
Meeting Management: Meetup
Community News Flash
• First issue April 2015
• Sent to owasp-leaders and owasp-community lists
• Switched to Vertical Res...
OWASP Connector
• Latest issue April 2015
• Sent to entire community
• March 2015
• Sent to: 39,244
• Opens (6,322): 16.11...
Other ideas?
Post to Trello!
Chapter Leaders Workshop
If You Build It, They Will Come –
The OWASP Wiki Edit-a-Thon
OWASP.org Wiki
• OWASP Foundation information
• How to Join, How to Donate
• Resources and Tutorials
• News and Media
• Ch...
Wiki Tutorial
• How to Create an Account
• Style and Content Guidelines
• Formatting Tips
• Discussion Pages
• Links, Imag...
Chapter Template
https://www.owasp.org/index.php/Template:Chapter_Template
Project Templates
https://www.owasp.org/index.php/OWASP_Code_Project_Template (there are
others)
Wiki Editing
Wiki Cleanup Initiative: https://www.owasp.org/index.php/Wiki_Cleanup
Wiki Editors Mailing ist: http://lists....
Wiki Editing
Once pages are fixed, updated or redirected, we remove the FIXME tag.
We do not delete any content.
• Redirec...
Exercise
OWASP in Wikipedia
Join WikiProjects to Make AppSec Visible https:
//docs.google.com/a/owasp.
org/presentation/d/10UiKKz9z...
OWASP in Wikipedia
OWASP Community Etherpad
https://owasp-community.etherpad.mozilla.org/1
Guide to Contributing to Wikipe...
OWASP in Wikipedia
WikiProject: Computer Security
https://en.wikipedia.org/wiki/Wikipedia:WikiProject_Computer_Security
Re...
Other Ideas?
See OWASP’s Trello board for a summary of Chapter Leader
Workshop ideas submitted by participants:
https://tr...
Session Recordings
Session 1 & 2: People & Capital and I’m a Leader, Now What?
https://drive.google.com/open?id=0ByZ3H0-PM...
Thanks!
Noreen Whysel
Community Manager
OWASP Foundation
noreen.whysel@owasp.org
Nwhysel on Skype, Slack, Twitter, LinkedI...
Upcoming SlideShare
Loading in …5
×

AppSecUSA 2015 Chapter Leader Workshops

360 views

Published on

Presentation to chapter and project leaders at the OWASP Foundation's 2015 AppSecUSA conference in San Francisco. Covers building and motivating volunteer teams, planning engaging events, mentoring, funding and how to use the tools available to leaders at the OWASP Foundation.

Part 1: People and Capital – The Fire & Fuel for Chapter Activities
Part 2: I’m a Leader. Now What? – Basic Information for Jump Starting a Chapter
https://drive.google.com/open?id=0ByZ3H0-PMUGuZDNYYVFWbDNXcnc (Part 1 and 2 are combined, 71MB MP4 audio only)

Part 3: What’s in Your Toolbox? – Resources for Engagement
https://drive.google.com/open?id=0ByZ3H0-PMUGud29mM0hxMEl1YU0 (167MB MP4 audio and video)

Part 4: If You Build It, They Will Come – The OWASP Wiki Edit-a-Thon
https://drive.google.com/open?id=0ByZ3H0-PMUGuUE54OU5kS3RCTW8 (265MB MP4 audio and video)

Published in: Leadership & Management
  • Be the first to comment

  • Be the first to like this

AppSecUSA 2015 Chapter Leader Workshops

  1. 1. (Chapter) Leaders Workshop Part 1: People and Capital – The Fire & Fuel for Chapter Activities Part 2: I’m a Leader. Now What? – Basic Information for Jump Starting a Chapter Part 3: What’s in Your Toolbox? – Resources for Engagement Part 4: If You Build It, They Will Come – The OWASP Wiki Edit-a-Thon
  2. 2. (Chapter) Leaders Workshop This workshop is intended for All OWASP Leaders who are responsible for managing volunteers, budget and promotion of a chapter, project or initiative. While the focus is Chapters, you do not need to be a chapter leader to benefit from the information in these sessions. Future leadership workshops will be marketed to be more inclusive of all OWASP leaders.
  3. 3. Chapter Leaders Workshop People and Capital – The Fire & Fuel for Chapter Activities
  4. 4. Meet the OWASP Staff • Paul Ritchie, Executive Director – California, USA • Kate Hartmann, Operations Director – Maryland, USA • Kelly Santalucia, Membership Business Liaison – New Jersey, USA • Alison Shrader, Accounting – Maryland, USA • Laura Grau, Event Manager – Bay Area, California, USA • Noreen Whysel, Community Manager – New York City, USA • Claudia Aviles-Casanovas, Projects Coordinator – New Jersey, USA • Matt Tesauro IT Admin (Contractor) – Texas, USA • Hugo Costa, Graphic Design, (Contractor) – Portugal
  5. 5. OWASP Staff Services • Setting up new projects and chapters • Setting up new leaders with tools and account access • Access to funding, information about funding processes, ways to raise funds • Contracts, co-marketing agreements, event partnerships • Branding, logos, merchandise • Event planning and coordination • Technical support, IT platforms and services • Communications, promotion
  6. 6. Community Management • Noreen Whysel, Community Manager • Chapter Development • New Leaders • Chapter Activity and Promotion • Funding Access and Ideas • Communications
  7. 7. Chapter Development
  8. 8. Chapter Development • 28 new chapters started in 2015 • 8 chapters restarted • 26 chapters inactivated • some are in the process of restarting • 1 merged chapter (Kenya/Nairobi) • 3 chapter splits (Spain, Argentina, Sweden) • 53 new added, including restarts • 120+ cases and conversations with chapter leaders worldwide Chapter Statistics: https://docs.google. com/spreadsheets/d/1nb9ybMv3mKL59DLsUiEtUtU3YYWYTAQnsZfCbrFTUbw/edit#gid=1009313527
  9. 9. Chapter Activity: Meetings OWASP Sheffield, UK OWASP NYC Meeting
  10. 10. Chapter Activity: Trainings OWASP AppSecUSA 2015 OWASP Hyderabad ZAP Training
  11. 11. Chapter Activity: Outreach OWASP Philippines, Community Growth, Awareness and Education OWASP Noida, Cyber Awareness at Middle and High Schools
  12. 12. Project Management • Claudia Aviles-Casanovas • New Project evaluation process
  13. 13. E-Merchandise • Kate Hartmann • E-Merchandise process demo • OCMS submission and approval process, auto-messaging features, reminders on the role/responsibility/resources available from Staff by event type.
  14. 14. E-Merchandise • Kelly Santalucia • OWASP Conference Management System • Contracts
  15. 15. Funding Chapter Activities
  16. 16. Typically Approved Use of Funds • Catering expenses • Venue expenses • Speaker travel to your events • Outreach, travel/merchandise at external events • OWASP Merchandise, printing • Marketing, graphic design, web hosting, etc. • Hardware and collaborative tools, like Github, to support project activity • Member engagement platforms, like Meetup
  17. 17. Funding Rules • All funding requests MUST be pre-approved. • Funding is deducted from the local chapter budget first. • A chapter or project without sufficient funds may request funding from the foundation "Community Engagement" fund. • If you exceed available funding, we can help you locate sponsors or develop fundraising ideas.
  18. 18. Funding Limitations • Standard funding thresholds are based on the type of activity, typically • $500 per event for local chapter events or • $1000 for multi-chapter events • Limit of $2000 USD per year to any individual or chapter. • A chapter/initiative can use the sponsorship 4 times a year, with a maximum of 2 speakers sponsored by the Community Engagement Fund for one single event. • Additional funding may be approved in special cases. • Community Engagement funds are not to be used by speakers to attend OWASP conferences.
  19. 19. Funding Procedures 1. Leader or speaker submits a funding request. https://www.owasp.org/index.php/contact-U.S. 2. OWASP Staff reviews the request. If the request complies with funding rules, it will be approved. 3. The speaker who made the travel/lodging expenses, or the chapter leader who paid for meeting space, food or supplies, submits a reimbursement request, including receipts, typically after the presentation is performed. https://www.owasp.org/Reimbursement_Request_Form 4. The Reimbursement is approved and processed.
  20. 20. Things to Keep in Mind • Funds are drawn from the chapter allocation first, then from the Community Engagement fund. • Be sure to submit an estimate of expenses and get approval BEFORE requesting reimbursement. • Chapter leaders may use the Reimbursement Request Form to request direct payment to vendors (with prior approval) by supplying a copy of the invoice and payee details. • Travel can also be booked through the Foundation's travel management system.
  21. 21. Other Funding Resources • Membership allocation • Corporate allocation, sponsorship • Individual donation (Donate button) • Sponsorship of a chapter event or project by another chapter • Local supporter program • Sponsorship drives, call for funding • In-Kind arrangements for event promotion, conference booths • OWASP Day conference registration and trainings
  22. 22. Conference Planning • How to Host a Conference https://www.owasp.org/index/How_to_Host_a_Conference • Fundraising • 90/10 profit sharing with Foundation • 40/60 revenue share with speakers • Outreach • Spreads application security awareness • Builds membership • Partner with local sponsors and schools • Types of Events • Trainings • OWASP Days • AppSec Conference • AppSec Tours
  23. 23. Other Ideas? •
  24. 24. Chapter Leaders Workshop I’m a Leader. Now What? – Basic Information for Jump Starting a Chapter
  25. 25. I’m a Leader. Now What? • Meeting Formats • Tips for Successful Meetings • Conference Planning • Chapter Leader Handbook • Funding and Donations
  26. 26. Meeting Formats • Introduction to OWASP | Overview Slides: https://docs.google. com/presentation/d/10wi1EWFCPZwCpkB6qZaBNN8mR2XfQs8sLxcj9SCsP6c/edit? usp=sharing • Trainings and Videos • Guest speakers, project leaders • AppSec Conference redux • Student mentoring projects, university/hackademic challenges, CTF • Outreach: Community cyber-awareness campaigns • Game night: Cornucopia, Jeopardy • Start a project
  27. 27. Chapter Activity: Meetings OWASP Sheffield, UK OWASP NYC Meeting
  28. 28. Chapter Activity: Trainings OWASP AppSecUSA 2015 OWASP Hyderabad ZAP Training
  29. 29. Chapter Activity: Outreach OWASP Philippines, Community Growth, Awareness and Education OWASP Noida, Cyber Awareness at Middle and High Schools
  30. 30. Tips for Successful Meetings 1. They hold regular monthly meetings with decent speakers 2. They have more than one leader helping run the chapter 3. They communicate well and list chapter meetings on the wiki/meetings/etc well in advance 4. Many chapters have seen a big bump in membership just by using Meetup --Jim Manico OWASP Middle East Strategy Guide by Dhruv Soi, Dubai: https://docs.google. com/presentation/d/1K9JZ5-jBfWedDgjuN4QftP5UDxFS6GQ6Jr5SaVgKrCQ/edit? usp=sharing
  31. 31. Conference Planning • How to Host a Conference: https://www.owasp. org/index/How_to_Host_a_Conference • Fundraising • 90/10 profit sharing with Foundation • 40/60 revenue share with speakers • Outreach • Spreads application security awareness • Builds membership • Partner with local sponsors and schools • Types of Events • Trainings • OWASP Days • AppSec Conference • AppSec Tours
  32. 32. Chapter Leader Handbook • https://www.owasp.org/index.php/Chapter_Leader_Handbook • Chapter 1: Handbook Overview • Chapter 2: Mandatory Chapter Rules • Chapter 3: How to Start a Chapter • Chapter 4: Chapter Administration • Chapter 5: Governance • Chapter 6: Chapter Activity • Chapter 7: Organizing Chapter Meetings • Chapter 8: Organizing Local Events • Chapter 9: Growing and Promoting your Chapter • Chapter 10: International Aspects
  33. 33. Mandatory Rules https://www.owasp.org/index.php/Chapter_Handbook/Chapter_2: _Mandatory_Chapter_Rules
  34. 34. Funding and Donations • Donation Scoreboard: https://docs.google.com/spreadsheet/pub? hl=en_US&hl=en_US&key=0Atu4kyR3ljftdEdQWTczbUxoMUFnWmlTODZ2ZFZvaXc&output=h tml • Funding: https://www.owasp.org/index.php/Funding • Approved Community Engagement Allocations • Funding Report US: https://www.owasp.org/images/1/12/20150824_-_US_Chapter_Funds. pdf • Funding Report EU: https://www.owasp.org/images/8/8e/20150824_-_EU_Chapter_Funds. pdf
  35. 35. Other Ideas?
  36. 36. Chapter Leaders Workshop What’s in Your Toolbox? – Resources for Engagement
  37. 37. Resources for Engagement • OWASP Resources • Social Media • Collaboration Tools • Meeting Management • Newsletters
  38. 38. OWASP Resources ● Chapter Leader Handbook ● Reimbursement Request form ● Donation Scoreboard --- This is Listing of Available Budget by Chapter ● Chapter Transactions - US (Amounts shown in USD) ● Chapter Transactions - EU (Amounts shown in Euros) ● For OWASP Chapter resources, click here.
  39. 39. OWASP Resources ● Mailing Lists https://lists.owasp.org/mailman/listinfo/owasp-chapters https://lists.owasp.org/mailman/listinfo/owasp_project_leader_list ● Conferencing: GoToMeeting GoToWebinar
  40. 40. OWASP Resources ● OWASP Chapter presentations ● OWASP News Item template ● OWASP Chapter promotion tips ● OWASP Branded Chapter Supplies (Google Form) ● Apparel available through our 3rd party vendor ● OWASP Marketing Stuff Page
  41. 41. OWASP Project Resources How to Run a Successful Open Source Project: http://www2.econ.iastate.edu/tesfatsi/ProducingOSS.KarlFogel2005.pdf • Openhub: https://www.openhub.net/orgs/OWASP Other Free Services ● http://crowdin.net/ a translation and localization management platform ● https://scan.coverity.com/ C/C++/C# and Java static source code analysis ● https://www.mir-swamp.org/ - This web based code analysis service is 100% FREE of charge and is open to the public
  42. 42. Social Media • Twitter (as of 8/31/2015) • 4014 tweets • 325 following • 56,819 followers • Facebook • 9,062 Page Likes • 8,839 Group Members • LinkedIn • 22,730 group members • 12,800 followers • Slack • 399 members • 76 channels • Meetup • 54 “OWASP” Meetup Groups • 13,328 Members • 1,416 Expressed Interest • 50 Cities • 17 Countries
  43. 43. Resources for Engagement
  44. 44. Social Media
  45. 45. Using Social Media • Advantages and traps of social media? • How can we ensure they are open, inviting and secure? • How to ensure continuity?
  46. 46. Hootsuite
  47. 47. Collaboration Tools: Slack
  48. 48. Collaboration Tools: Trello
  49. 49. Meeting Management: Meetup
  50. 50. Community News Flash • First issue April 2015 • Sent to owasp-leaders and owasp-community lists • Switched to Vertical Response in August 2015 • August 2015 • Sent to: 1,282 • Opens (257): 20.05% • Clicks (52): 4.06% • Bounces (13): 1.01% • Unsubscribes (0): 0.00% • September 2015 • Sent to: 1,269 • Opens (255): 20.09% • Clicks (26): 2.05% • Bounces (3): .24% • Unsubscribes (1): 0.08%
  51. 51. OWASP Connector • Latest issue April 2015 • Sent to entire community • March 2015 • Sent to: 39,244 • Opens (6,322): 16.11% • Clicks (501): 1.28% • Bounces (239): 0.61% • Unsubscribes (61): 0.16% • April 2015 • Sent to: 39,076 • Opens (5,305): 13.58% • Clicks (1,518): 3.88% • Bounces (261): 0.67% • Unsubscribes (59): 0.15%
  52. 52. Other ideas? Post to Trello!
  53. 53. Chapter Leaders Workshop If You Build It, They Will Come – The OWASP Wiki Edit-a-Thon
  54. 54. OWASP.org Wiki • OWASP Foundation information • How to Join, How to Donate • Resources and Tutorials • News and Media • Chapter and Project Pages https://www.owasp.org/
  55. 55. Wiki Tutorial • How to Create an Account • Style and Content Guidelines • Formatting Tips • Discussion Pages • Links, Images and Files • Categories https://www.owasp.org/index.php/Tutorial
  56. 56. Chapter Template https://www.owasp.org/index.php/Template:Chapter_Template
  57. 57. Project Templates https://www.owasp.org/index.php/OWASP_Code_Project_Template (there are others)
  58. 58. Wiki Editing Wiki Cleanup Initiative: https://www.owasp.org/index.php/Wiki_Cleanup Wiki Editors Mailing ist: http://lists.owasp.org/pipermail/owasp-wiki-editors/ https://www.owasp.org/index.php/Template:TaggedDocument is the main tagging system for flagging wiki pages. At the bottom of this page you will see links to different categories of FIXME. https://www.owasp.org/index.php/Category:FIXME/inactiveDraft https://www.owasp.org/index.php/Category:FIXME/historical
  59. 59. Wiki Editing Once pages are fixed, updated or redirected, we remove the FIXME tag. We do not delete any content. • Redirect it to updated content (when we have duplicated content) or • Flag it as historical (which adds a link to newer content without deleting it). Changes are easily reversible through history. We also started flagging pages that are at the top of Google searches to trigger more scrutiny. https://www.owasp.org/index.php/Category:Popular
  60. 60. Exercise
  61. 61. OWASP in Wikipedia Join WikiProjects to Make AppSec Visible https: //docs.google.com/a/owasp. org/presentation/d/10UiKKz9zOB10vUtc8lBlAq 9lRbye7e9BEbJ1rS2-2mw/edit?usp=sharing
  62. 62. OWASP in Wikipedia OWASP Community Etherpad https://owasp-community.etherpad.mozilla.org/1 Guide to Contributing to Wikipedia: https://en.wikipedia.org/wiki/Wikipedia:Contributing_to_Wikipedia Cheat Sheet: http://en.wikipedia.org/wiki/File:Wiki_markup_cheatsheet_EN.pdf
  63. 63. OWASP in Wikipedia WikiProject: Computer Security https://en.wikipedia.org/wiki/Wikipedia:WikiProject_Computer_Security Requested Articles on Computer Science and Security https://en.wikipedia.org/wiki/Wikipedia: Requested_articles/Applied_arts_and_sciences/Computer_science,_computing, _and_Internet#Security
  64. 64. Other Ideas? See OWASP’s Trello board for a summary of Chapter Leader Workshop ideas submitted by participants: https://trello.com/b/sudN9qd2/chapter-leader-workshop- appsecusa-2015 Feel free to add your own ideas to the list.
  65. 65. Session Recordings Session 1 & 2: People & Capital and I’m a Leader, Now What? https://drive.google.com/open?id=0ByZ3H0-PMUGuZDNYYVFWbDNXcnc Session 3: What’s In Your Toolbox https://drive.google.com/open?id=0ByZ3H0-PMUGud29mM0hxMEl1YU0 Session 4: OWASP Wiki Edit-a-thon https://drive.google.com/open? id=0ByZ3H0-PMUGuUE54OU5kS3RCTW8
  66. 66. Thanks! Noreen Whysel Community Manager OWASP Foundation noreen.whysel@owasp.org Nwhysel on Skype, Slack, Twitter, LinkedIn, etc.

×