Seba

Kenneth Van Wyk and Bart De Win will be doing presentations during our upcoming chapter meeting on March 4 in Leuven, Belgium.

More details on our BeLux chapter page.

Ken will also be doing a CAcert/Thawte x.509 “signing” event.   If you’re using either of these free x.509 certificate services, and are still trying to get the 50 assurance points necessary to have your real name on your certificates, stop by with two forms of government-issued ID (and photocopies, if using Thawte — not necessary for CAcert).  Ken’ll be happy to help out with either/both 10 Thawte points or 35 CAcert points.  No charge, of course.

Warning: a personal entry on the blog. I’ll be posting some more online in the coming months. Let me know if you appreciate these or not.

I am delighted to tell that a previous colleague and personal friend has taken up the challenge to work with me again.

Joel Quinet, part of the Belgium OWASP board, has joint us at Telindus since this month.

I just send the call for presentation on a number of mailing lists and will also be sending some targetted mails around.

It is online now.

Don’t hesitate to propose your topic or forward to people you think might be interested.

Hi, 

I am doing a yearly chapter survey (see below). I encourage you to do the same: it provides us with valuable feedback in Belgium.

Next time I would love to do it online. Does anybody have experience with http://www.surveymonkey.com/ ? Are there other sites you have done this with? 

Our Survey 2007:In order to make our chapter meetings better I would like to ask you some questions, feedback and suggestions. Please fill in the 6 questions below, I will summarize the results after February 1st. 

Q1: Do you consider yourself: 

1. “New to beginner” on (Web)AppSec topics
2. “Having some knowledge-experience” on (Web)AppSec topics
3. “Advanced to expert” on (Web)AppSec topics 

Q2: How many chapter meetings would you like to attend in 2008:

1. 1
2. 2
3. 3
4. 4

Q3: Will you come to the OWASP AppSec EU conference in
Brussels on May 22-23?

1. Yes
2. No

Q4: If given some time to prepare a topic, would you consider preparing a session for a chapter meeting:

1. Yes
2. No

Q5: What is your opinion of the Owasp events in 2007?

1. A waste of time
2. Somewhat interesting, but I will not come anymore
3. I liked it, and will maybe come to some chapter meetings in 2008
4. Great! I would recommend it to everybody implicated or interested in (Web)AppSec 

Q6: What would you recommend to make our chapter meetings more interesting for you?

It’s been too long since my last post. In April I started working for Telindus
Belgium taking up the lead for application and content security. Needless to say that the last months were a bit busy. 

I have started the Education project http://www.owasp.org/index.php/Education and as this is part of the Spoc007 we need to move forward with it. I am now putting about 2 hours of work into it per week and aim to finish the Spoc007 goals be the end of July. 

In fall I will be turning the chapter resources work into an OWASP project to refocus the work of the last years put into chapter progress.

Next post will be sooner…

I am realizing that currently the OWASP chapter organization is not very democratic.

Chapter leaders are not elected. Currently you only have to apply for chapter leadership and without much control you’ll be granted OWASP chapter leadership.

This is not necessarily bad, and I have no knowledge of abuse. I do however know that in some countries there are disagreements on how the OWASP chapter activities are organized. Let me know your thoughts on that (on- or offline)?

Nevertheless, I think it would be better to have an OWASP chapter leader (re)election on a regular base. But how to organize this without creating a administrative hassle?

I have also seen that some countries have OWASP ‘boards’ that organize the chapter meetings. I think this is a good thing, it spreads the workload among different people. If an election was to be organized, board election is also something to think about?

I hope this will become part of How OWASP Works.

I am looking forward to your comments. Because of the increasing amount of blog comment spamming attempts, you will now have to be registered.

Hi,

Some weeks ago I went to the OWASP meeting in the Netherlands (http://www.owasp.org/index.php/Netherlands). I had an interesting discussion on security techniques within the development cycle with the panel and other invited people.

It was too bad the invitation came rather late and it was just scheduled after the holiday season: I think more people could have been interested in this chapter meeting.

Anyway, the reason for this post is: I helped Bert (NL chapter leader) in starting the chapter and if time permits I go to their chapter meetings as well. I think we have to support each other as much as possible in growing the chapters into active communities.

Of course the Netherlands are not far away from Belgium, but I encourage ’senior’ chapter leaders to help the newcomers with advice and support. One of the tools you can use is the Chapter Leader Handbook. Other items can also be added to the chapter resources.

But the best way to help them start and sustain is to actively give ideas on topics that were discussed during your own chapter meetings and to post your material on the chapter page and let us know!

regards,

Seba

Upon request by Diniz - good idea! - I have started the OWASP Chapter Leader Handbook. This wiki page should become the source of information for beginning and experienced Chapter Leaders.

Please share your good and bad experiences on this page with the other Chapter Leaders!

Have a good Year!

Yes, there is some time left besides OWASP.

I’ve been to a Front242 concert last Friday in a re-opened club in Leuven.

This Belgian band is the (grand)father of a lot of electronic music. If you’re into electro check them out!

Now on the OWASP time: I try to organize 4 events per year. 

Be prepared to invest up to 8 hours preparation and administration time per OWASP chapter meeting.

It starts with finding speakers / topics. Then you have to organize the place and sponsoring.

Besides posting the meeting on the OWASP web site - including the upcoming events -, I do send an invitation mail to the BE chapter mailing list and a personal mail to a broader mailing list. The best timing is about 3 weeks before the chaper meeting with a reminder one week before the chapter meeting.

After the meeting there is some administration: the CISSP attendance sheet and the meeting minutes online.

Regards,

Seba

I just realized that the results were not presented during the New Years drink, we had better things to do than that

Hereby the uploaded results of least year.

regards,

 Seba