OWASP WIA, Diversity and Inclusion Committee

Mailing List | Meetup | YouTube | Twitter


Purpose

The purpose of the Women in AppSec (WIA), Diversity and Inclusion Committee is to develop leadership, promote active membership and participation, and contributions by women in application security professional communities, globally and locally.

Our mission is to invite people from all backgrounds and identities to join OWASP and ensure retention by making sure they continue to participate in OWASP events, activities and projects and feel welcome throughout their application security / information security journeys, through learning, mentorship and networking opportunities in building their careers.

The value of diversity and inclusion also provides the OWASP community and application security / information security industry with an opportunity to gain from all that diversity has to offer.

Scope

The scope for OWASP WIA Committee falls into the following areas:

  • Build upon opportunities for and participating of underrepresented groups, including gender, sexual orientation, neurodiversity, physical limitations and racial minorities.

  • Attract women and underrepresented groups to OWASP, as active members, contributors and leaders.

  • Offer opportunities for women and underrepresented groups to become engaged in AppSec and related professional communities.

  • Provide inclusive targeted application security programs for all women learners.

  • Provide inclusive training and mentorship for all interested OWASP women and underrepresented groups.

  • Provide financial support to OWASP women and underrepresented groups through scholarships, sponsorships, and grant making.

  • Pursue fundraising, advancement and development to secure financial support for OWASP WIA, diversity and inclusion activities.

  • Integrate WIA track and related activities into OWASP events at all levels. Cultivate women for community leadership, speakers for conferences, thought leadership, learning leaders, and local chapter events.

  • Collaborate with other committees and initiatives as needs present. Collaborate with local OWASP Chapters and Global OWASP leadership, including but not limited to offering advisory support to local and global OWASP leadership for WIA advancement and collaboratively building pro WIA and diversity OWASP communities.

  • Develop other special projects and events designed to further the purpose of WIA, diversity and inclusion.


Secure Social Media Platform Hackathon

Secure Transaction Hackathon

led by Zoe Braiterman @zbraiterman

Cybersecurity Awareness Month 2020 Hackathon

led by Zoe Braiterman @zbraiterman, Maria Possobom and Li-Ann Wong Teleconference Systems Best Practices, by Li-Ann Wong

  • Teleconference systems are not considered secure, and the following minimum security controls should be considered to prevent unauthorized disclosure of sensitive Company information:
  • Require passwords for access
  • Announce arrival and departure of participants
  • Monitor or record the conference
  • Organization should ensure an evaluated firewall in a gateway environment should use an evaluated video or voice-aware firewall of at least the same level of assurance to secure the information shared via video conferencing or IP telephony.
  • Organization must separate the video conference traffic from other data traffic either physically or logically
  • Organization should ensure an encrypted and non-replayable two-way authentication scheme should be used for call authentication and authorisation.
  • Organization personnel must not connect workstations to video conferencing units unless the workstation or the device uses VLANs or similar mechanisms to maintain separation between video conferencing and other data traffic.
  • Ensure all participants have a need to know
  • System should be configured to provide an explicit indication of current participants and attendance list should be maintained and checked.
  • Obtain non-disclosure forms as necessary
  • Distribute minutes securely

Solution by Dwaipayan Gupta @baps_55 and Suvidha Pankar

DefCon 2020

Keep posted for details, in collaboration with the OWASP Outreach Committee Twitter

AppSec California 2020

  • Conference Organizers: @haral @RAGreenberg @act1vand0 @jonathanmarcil

Diversity by Design Panel

Panelists Zoe Braiterman: @zbraiterman Vandana Verma: @InfosecVandana Richard Greenberg: @RAGreenberg Kavya Pearlman: @KavyaPearlman Chris Kubecka: @SecEvangelism Lisa Jiggetts: @lisajiggetts Malia Mason

Breakfast

  • Sponsors: Detectify, Sqreen

[Global AppSec DC 2019]

  • Welcomed diversity scholarship recipients from @DefConOwasp

DefCon 2019

  • Twitter handles: @thejonmccoy @zbraiterman @Onenerdylady @ALL_Sec_Geek
  • 25 diversity scholarships for Global AppSec D.C. 2019

AppSec California 2019

  • Twitter handles: @InfosecVandana @zbraiterman

AppSec USA 2018

  • WIA training, led by Vandana Verma (@InfosecVandana)
  • WIA luncheon, led by @InfosecVandana and @zbraiterman

AppSec EU 2018

  • Vandana Verma (@InfosecVandana) and Jessica Robinson (@jessrobin96)

Contributors
Aastha Sahni - New York
Heba Farahat - Egypt
Liza Roberts - San Francisco, CA
Maria Mora - San Francisco, CA
Saman Fatima - New Delhi, India
Shrutirupa Banerjiee - Pune, Maharashtra, India
Vandana Verma - India
Ruchira Pokhriya
Jessica Gottsleben
Sal Kimmich


Individuals

Join our ongoing global team discussion. We’re always looking for new ideas.

Attend a virtual global or in-person local meetup

Submit to speak at an upcoming webinar

OWASP Chapter Leaders / Members:

Collaborate on meetups Please direct co-hosting requests to Zoe Braiterman

Community-Driven Learning Resources

Blog Posts


Webinars

In Person Events


Videos

Blog Posts

Diversity Content