Current Program
← Older revision
Revision as of 21:22, 21 April 2015
(9 intermediate revisions by the same user not shown)
Line 34:
Line 34:
The OWASP Foundation, in recognition of value to both organizations and society, is working to support and enhance programs that increase the participation of women in the field of information and application security. The OWASP Foundation Women in AppSec Program provides merit-based funding for women to attend participating OWASP AppSec conferences. OWASP’s current program objective is to encourage female students at both the undergraduate and graduate levels, instructors, and professional working women who are dedicated to a career in information security and/or application development, to expand their skills and pursue application security. Interested applicants are encouraged to apply to the program running within their region of residence.
The OWASP Foundation, in recognition of value to both organizations and society, is working to support and enhance programs that increase the participation of women in the field of information and application security. The OWASP Foundation Women in AppSec Program provides merit-based funding for women to attend participating OWASP AppSec conferences. OWASP’s current program objective is to encourage female students at both the undergraduate and graduate levels, instructors, and professional working women who are dedicated to a career in information security and/or application development, to expand their skills and pursue application security. Interested applicants are encouraged to apply to the program running within their region of residence.
−
== Past Eligibility Criteria==
+
==Current Program==
+
The program us currently being re-launched for AppSec EU 2015<br>
+
'''There is still work to be done - what can we do to Make it Happen?'''<br>
+
During AppSec EU there will be a panel discussion and workshop supported by the Women in AppSec initiative. Through these sessions we hope to encourage women to pursue a career in AppSec and help them realize it is an option for them. These sessions will be open to all so we can help build support for the women around us.
+
+
===Panel: "Women in AppSec - Making it Happen"===
+
During this panel session we will discuss what can be done to Make it Happen for Women in AppSec going forward. What have those currently working in the field done to Make it Happen for themselves and other women; what tips and advice do they have to help you do to make a career for yourself or encourage those around you (sister, friend, daughter, etc…) to pursue a career in AppSec? What can we as professionals can do to help encourage girls to go for a career in AppSec?
+
+
===Workshop===
+
During the workshop we hope to introduce female attendees of the conference to what a career in App Sec can involve. We will teach them about application security and the many career paths available. We will be there to share our experiences and answer their questions to hopefully get them started on a career in AppSec. We hope to build relationships that may lead to a mentoring program for these women.
+
+
==
== Past Eligibility Criteria
==
==
[[Image:IMG_5746.JPG|right|500x260px]]
[[Image:IMG_5746.JPG|right|500x260px]]
Below is the list of eligibility criteria used to select the winners in 2013.
Below is the list of eligibility criteria used to select the winners in 2013.
Line 86:
Line 97:
====Planning & Selection Team====
====Planning & Selection Team====
−
The first step you will need to take care of is the selection of your planning and selection team. These are the individuals that will be helping you manage the pre-event planning process and the selection of the
candidates
. You will typically need a team of 5-6 people. The selection committee will then be broken down into several sub-teams of one to two people who will then work on sponsorship, marketing, the grading process, and the call for entries.
+
The first step you will need to take care of is the selection of your planning and selection team. These are the individuals that will be helping you manage the pre-event planning process and the selection of the
sessions during the event
. You will typically need a team of 5-6 people. The selection committee will then be broken down into several sub-teams of one to two people who will then work on sponsorship, marketing, the grading process, and the call for entries.
==== Sub-Team Roles ====
==== Sub-Team Roles ====
Line 98:
Line 109:
At least two people should be responsible for marketing the event. Their job will consist of putting together press releases, keeping the event planners updated on progress, and
At least two people should be responsible for marketing the event. Their job will consist of putting together press releases, keeping the event planners updated on progress, and
communicating progress to the overall community. They will also be responsible for getting the message out when the team is ready to start accepting applicants.
communicating progress to the overall community. They will also be responsible for getting the message out when the team is ready to start accepting applicants.
−
−
'''Grading Proces'''
−
−
While everyone on the committee will be involved in grading, one person will be in charge of the grading process. They will create spreadsheets similar to those originally created for the selection committee, and for making sure everyone has what they need for the grading process. This team will also be responsible for making sure the grading is complete on schedule, and that the announcement of the winners is made before the event.
−
−
'''Call for Entries'''
−
−
Finally, one to two people will be in charge of the call for entries. Depending on the amount of entries, this might work better with two people as it requires collecting entries, arranging them, and sorting them out to the other graders. The call for entries team is responsible for making the forms, and for developing at least the first draft of the selection criteria.
−
−
====Award Details====
−
−
This is the fun bit. You and your team will need to decide on the details of the awards. This involves making decisions such as if the winners will be provided travel and accommodation, or free training and conference attendance. Typically, we have covered both travel and accommodation for the two winners as well as one training class. We also provided the winners with a free conference pass; however, the award you choose to sponsor depends on the funds you are able to raise. It is also dependent on what your team decides is the best award package to give away based on your resources.
====Budget====
====Budget====
−
As mentioned above, it is up to your team to decide what it is you wish to
award each winner. I recommend raising at least $6,000 USD to cover
the
expenses for each winner if you are going to cover travel and accommodation as well as conference passes and a free training class
.
+
As mentioned above, it is up to your team to decide what it is you wish to
do during
the
event - that will determine the budget
.
====Sponsorship====
====Sponsorship====
Line 119:
Line 118:
[http://appsecusa.org/2013/wp-content/uploads/2013/06/women-in-appsec-sponsorship.pdf Sample of 2013 Sponsorship Flyer]
[http://appsecusa.org/2013/wp-content/uploads/2013/06/women-in-appsec-sponsorship.pdf Sample of 2013 Sponsorship Flyer]
−
====Application Process====
−
You will need to start developing the application process while the sponsorship activities are going on. Make sure to develop the application timeline with deadlines for each stage. Deadlines are critically important, and there has to be a cut off point. Create a deadline for when submissions should be in, for when letters of recommendation should be received, the timeline for the grading process, the date the top 5 will be selected, and the date the final winners will be selected and announced. You will also need to develop a set of selection criteria that the team will use to grade all of the applicants against. Be specific on the criteria you are looking for in candidates. Especially note that only women in the region that the conference is being held can submitted for consideration. After you have all of these details sorted out, you will need to start the Call for Entries. Make sure create an online form where applicants can submit their details to the team.
−
[https://docs.google.com/a/owasp.org/document/d/1iZDNogemeAoHBnrfn2dVe212Bct4ZJiXeVNj3j5JsWg/edit Sample Selection Criteria]
+
==
During the conference
==
−
+
Be sure
the
engage
the
women attending
the
conference in
the
sessions
you have
organized: encourage them
to
not only attend but to be active participants
.
It's not all about
the
women try
and
encourage some men
to
get involved
and
attend also
,
for this initiative to be successful
it
must be inclusive
.
−
====Selection Process
====
+
−
+
−
The selection of
the
winners can be a very lengthy process especially if you have received more than 30 applicants. In
the
past,
the
grading has been split between each program team member. Each member will be randomly allocated a handful of applicants which they will grade using
the
pre-determined selection criteria. Once the grading is complete,
you
can make the final selection on candidates and announce the winners as a team.
+
−
+
−
After the winners
have
been selected and announced, the team will need
to
help the winners arrange travel, accommodations, and event logistics
.
Upon their arrival at
the
conference center, insure they are taken care of by an OWASP volunteer, someone who will get them settled
and
that they make it
to
panels
and
trainings without issue. The bigger the conference
,
the more important
it
is to make sure the winners are not lost in the crowd
.
+
==Post-Conference==
==Post-Conference==
−
After the conference, it is very important to gather feedback from the
winners
to make sure they enjoyed the experience. Ask
the winners
for a brief description about their experience, with a picture attached for the website. Then write up a review and lessons learned page to document the experience with the program. Make sure to include what can be improved upon in the future.
+
After the conference, it is very important to gather feedback from the
participants
to make sure they enjoyed the experience. Ask
them
for a brief description about their experience, with a picture attached for the website. Then write up a review and lessons learned page to document the experience with the program. Make sure to include what can be improved upon in the future.
=ON THE DAY=
=ON THE DAY=
−
==Training Days==
+
We want
to
be sure to engage the women there in
the
sessions organized
,
encourage
them to
not only attend but to be active participants
.
Its not all about
the
women so try
and
encourage some men
to
participate too, for this initiative
to
be successful it must be inclusive.
−
Prior
to the
conference
,
the winners will arrive during the training workshops. Upon their arrival an OWASP volunteer will be around to greet them and take
them to
the trainings
.
This is to ensure that
the
winners are taken care of,
and
that they feel welcome and comfortable. The two training days prior
to
the conference should give the winners a chance
to
get
to
know local chapter volunteers and early attendees
.
Winners are encouraged
to
attend trainings that interest them
and to
mingle with fellow trainees. If there is
a
welcome event
,
winners should be encouraged
to
attend
as
well.
+
+
==Panel: "Women in AppSec - Making it Happen"==
+
During this panel session we will discuss what can be done
to
Make it Happen for Women in AppSec going forward
.
What have those currently working in the field done
to
Make it Happen for themselves
and
other women; what tips and advice do they have
to
help you do to make
a
career for yourself or encourage those around you (sister, friend, daughter
,
etc…)
to
pursue a career in AppSec? What can we
as
professionals can do to help encourage girls to go for a career in AppSec?
−
==
Conference Days
==
+
==
Workshop
==
−
During the
two days
of the conference
an OWASP volunteer
will
be available to show the winners around, introduce
them
to staff members,
and
get them acquainted with conference goers
.
The volunteer
will
also
be
responsible for getting the winners
to
the Women in AppSec scheduled activities, if any are planned. The volunteers should be made available if the winners have any
questions
or need help with anything. It is important that the winners
get
the full OWASP
AppSec
experience
.
This includes attending sessions of interests and encouraging winners
to
participate in the various activities provided at the Global AppSecs
.
+
During the
workshop we hope to introduce female attendees
of the conference
to what a career in App Sec can involve. We
will
teach
them
about application security
and
the many career paths available
.
We
will be
there
to
share our experiences and answer their
questions
to hopefully
get
them started on a career in
AppSec.
We hope
to
build relationships that may lead to a mentoring program for these women
.
=PAST WINNERS=
=PAST WINNERS=