Tuesday, June 30, 2015





Monday, June 29, 2015




Friday, June 26, 2015

June 2015 Community News Flash

Greetings OWASP Community,

It seems that Fabio Cerullo's guest article last month on creative uses for chapter money made a big impact on at least one project. Due to an outpouring of support, the ASVS project is now fully funded. We will be in touch with leaders who offered to make donations about alternative projects and initiatives that need support.

Please review last month's article to find more ideas for using your funds to support our mission to keep application security visible. There are many more projects, events, and underfunded chapters that could use support. You can use the donation form to make a direct donation to the projects or submit a request to donate some of your chapter allocation to another chapter or project.

A few deadlines: 
  • The 2015 Summer Code Sprint is accepting applications through July 3. This is a great opportunity for a student to get hands on skills as an "intern" on an OWASP project.
  • The WASPY Awards, recognizing unsung heroes of Web Application Security, is now seeking nominations through July 20.
So, read on for this month's News Flash and as always let me know if there is anything I can help with.


Noreen Whysel
Community Manager
OWASP Foundation

In This Issue:
  • FEATURE: Making Chapter Leadership Changes
  • Recent Chapter Activity
  • New OWASP.org Email Policy
  • Open Hours on Slack
  • AppSecUSA
  • Resources

FEATURE: Making Chapter Leadership Changes

Leadership Transitions

Chapter leaders serve as the main point of contact for the local chapter, and are responsible for ensuring that the local chapter fulfills its requirements. When it is time to make a change, we want to help ensure a smooth transition so the new leaders have all the information and resources they need to continue the mission.

When adding a new leader, this can be as simple as contacting us and telling us that you want to add a new leader. We will make sure the new leader gets an OWASP.org email account and is signed up for the leaders' mailing lists and that the chapter and member record indicates the new status.

Sometimes finding a new leader can be a challenge. While some chapters hold elections, others may struggle to find someone to step forward. Use your chapter mailing list or social media to announce open positions.The OWASP-Community mailing list is also a good way to reach a broader group for ideas on developing your leadership team. We are happy to help with ideas.

Social Media Accounts

Transitioning to a new leadership involves more than just opening an email account and subscribing to a mailing list. Leaders hold administrative passwords to social media accounts, events management systems, Github accounts and other resources that Foundation staff may not have access to. Remember to pass on login details to new leaders!

We have seen chapters that appear to have more than one Twitter and Facebook accounts. If a password is lost or a new leader has no access to the account, social media groups can end up abandoned or encourage spammers. Abandoned accounts can seem like ghost towns to potential new members and adding a new account is just confusing. Our options in this case are to try to reach the account holders to transfer admin rights or request that the provider shut down the account, which is a shame since we risk losing an important archive of chapter activities.

If you are aware of a legacy account on social media that you do not have access to, please let us know. We can try to reach past leaders by looking up alternate contact information in our member directory. Merging accounts may be possible on some platforms. As a last resort, we can attempt to get the provider to shut the account down. As owners of the OWASP Brand, we all have an interest in ensuring that all online OWASP presences are a vibrant and current reflection our ongoing mission.

NEW: OWASP.org Email Policy

The board has released an updated policy document regarding the use of owasp.org email accounts, including terms of use and a suggested signature format for highlighting projects. As before, owasp.org emails are a benefit of paid and honorary OWASP members. Chapter and project leaders may also request an account.

Please review the policy:


OWASP Morocco is curating a security track at DEVOXX Maroc 2015 on 16th-18th November 2015 (www.devoxx.ma). Devoxx Morocco is a rendezvous for learning, networking and sharing developer experiences about java and related technologies, software craftsmanship, technology trends and more! If would like to present, the call for presentations is open. Visit http://cfp.devoxx.ma for details.

Developer conferences such as DEVOXX Maroc 2015 are great ways to get the OWASP message out beyond our community. If you have information about a developer conference that OWASP members should present at or partner with, let us know!

New Chapters

Bhopal, India: Leader, Akshay Sharma, akshay.sharma@owasp.org

New Academic Supporters:

Universiti Tecknologi Malaysia, Kuala Lumpur

Academic Activities: Summer Code Sprint 2015

As part of our 2015 Summer Code Sprint, which just launched, I have completed an audit of the contacts at nearly 60 academic institutions that have been or currently are serving as Academic Supporters. We are reaching out to these institutions to help promote the visibility of application security in computer science curricula worldwide. If you know of a professor or teacher who might be interested in becoming an Academic Supporter, please forward a link to our application and program details.

If you know of any academic program or students who might be interested in teh Summer Code Sprint, please let them know about it. The deadline for Summer Code Sprint proposals is July 3. All students who complete the program will receive a grant of $1,500. Apply today!

TOOLS: OWASP-Community Open Hours on Slack

As you know, we have launched a Slack as a resource to discuss project and chapter activity. We recently added an owasp-community channel that will serve as a virtual Open Hours. I have selected Tuesdays from 10am-11am Eastern time as a weekly open hours slot. You can also suggest a time. Sign up at http://owasp.herokuapp.com.


The full agenda for speakers and lightning training sessions is now available for AppSecUSA to he held in San Francisco from September 22-25, 2015. View a recently released Highlights Video from last year's conference. We will also have a career fair and a fabulous dinner cruise on Thursday for all registered attendees. Register soon! http://www.appsecusa.org.

Plans are being made for a panel and workshop on Women in AppSec with a goal to introduce application security as a career option for women. For details, visit https://www.owasp.org/index.php/Women_In_AppSec and join the OWASP Women in AppSec Community Group, at https://myowasp.force.com.


Funding Resources:

Donation Scoreboard - Current Chapter Funding Amounts:

OWASP-Community Slack Channel:


Women in AppSec:

Chapter Leader Handbook: 


Feel free to contact me at any time if you have a question or suggestion. To create a trackable case (Customer service request),please use the contact us form at http://www.tfaforms.com/308703.

Nominate your WASPY Candidates today!

2015 WASPY Awards

Everyone knows of at least one person who goes unrecognized for their contributions to the OWASP Foundation.  By nominating them for the 2015 WASPY Awards, is your chance to try and give them the recognition they deserve.  

For the Rules, Categories and Timeline of the Awards please visit our 2015 WASPY page and nominate some individuals today!

Tuesday, June 30 is the last day to submit your request for Honorary Membership


This Tuesday, June 30 is the LAST DAY to submit your request for Honorary Membership

If you would like to apply for a Honorary Membership and you meet the requirements, please submit your request here.

In order to vote in this years election, you need to be a current paid individual member with your membership on file prior to September 30, 2015 -OR- have a current Honorary Membership -OR- be a current Corporate Member of OWASP.

Tuesday, June 23, 2015

2015 WASPY Award Nominations

It’s that time of year again to start thinking about those individuals who go the extra mile, yet they never seem to receive the recognition they deserve. 

This year’s categories incorporate both our core values and our annual report theme. Hoping to identify more people within our community who “fly under the radar” individuals may nominate 1 person per category from each of our 7 regions.  Although you may, you do not have to nominate a person for each category or region. 

To learn more about the 2015 WASPY Awards including the timeline and rules, please visit https://www.owasp.org/index.php/WASPY_Awards_2015

Categories for WASPY Awards
1. Open/Leading -  This award goes to a member of the OWASP community who has supported the OWASP mission of transparency through their influence, management, and leadership in the community. This might be a chapter or project leader or may be someone who has worked within the community.
2. Integrity/Learning - OWASP is an honest and truthful, vendor neutral, global community. This award goes to an individual who recognizes the benefits of the power of the collective community within OWASP, who challenges the status quo, and generates an excitement in the learning community.

3. Innovation/Sharing - OWASP encourages and supports innovation and experiments for solutions to software security challenges. This award goes to an individual who has inspired and encouraged others in the arena of software security with innovative and cutting edge solutions to software security challenges.

4. Global/Growing - Around the world, OWASP encourages and supports innovation and experiments for solutions to software security challenges. This award goes to an individual who truly represents the OWASP Global scope and recognizes the importance of growth. The nominee reaches out beyond the OWASP circle to raise awareness of software security in locations outside of the OWASP comfort zone. 

Does that sound like someone you know? Nominate them now!

Thursday, June 18, 2015

OWASP Chapter & Project Leaders

Dear Leaders,

Please take a few moments and share the information below about the upcoming election on all of your chapters or projects preferred social media channels. 

Dear OWASP Community Members,

The 2015 Election is coming quick! I wanted to share some important information and deadline dates with you.  Please take the time to read this email and use the links provided.

  • Honorary Membership DEADLINE is June 30, 2015
To vote in this years election, you must have a membership that is in good standing on file with the Foundation prior to September 30, 2015.  You can purchase a membership or you can learn more about Honorary Membership and the qualifications here.  Not sure if you are a member? 

  • Call for Candidates is open until July 31, 2015
There are 4 seats up for this election.  To learn more about what it means to be a Global Board Member, please visit the Global Board of Directors Primary Responsibilities and be sure to check the Eligibility Requirements.

  • JUST OPENED! Call of Questions from the Community is open until July 31, 2015
Each year our candidates are interviewed and the recordings are posted to the election page. They are asked a series of questions that have been submitted by our community members.  We are NOW accepting these questions! You have the option to submit as many questions as you would like. You can also "vote up" an existing.  By checking a box on the form, your question can be submitted anonymously, so go ahead and ask! The top 4-5 questions will be used in this years candidate interviews. 

​Have a question about the election?
Please contact us