OWASP Operating Plan 2024 - Events

Introduction

Goals

  • 2 Global AppSec Events (Lisbon, San Francisco)
  • SnowFROC, LASCON, BASC, PNW, BeNeLux, Italy Day, Panama, Singapore AppSec Days
  • Support up to four new major AppSec Days regional events all over the world
  • Form the Events Committee

Program Deliverables

  • Revised Events Policy by July 2024
  • Events Handbook by August 2024
  • Form the Events Committee by the end of Q2 2024
  • Plan for an Event Sponsor Portal on OWASP website in 2025.

Revamp Events Policy

Based upon the new Events handbook, make the events policy much shorter, removing all guidance to the Events Handbook, leaving just the essential elements of the events lifecycle for AppSec Global and AppSec Days events.

Events Handbook

The OWASP Foundation gave the draft Events in a Box to the OWASP community in 2021. During the pandemic, the Foundation discovered how much institutional knowledge has been lost in various staff transitions. Based upon the revised Events Policy, the OWASP Foundation will draft and release a new Events Handbook covering small, local, and medium-sized AppSec Days regional events and Global AppSec events.

Meet the mentor program

A new program will be held at AppSec Lisbon called “Meet the mentor,” connecting mentors and mentees together.

Improve Developer Participation in OWASP Events

The OWASP Foundation will be running a Developer Day in San Francisco on September 28, 2024.

Define the locations of Global AppSec after 2025

The Board wishes to have a finalized location for the US, EU, and Asia locations. This should be tax advantageous, profitable, and logistically able to grow to 2000 attendees by the end of 2025 and allow for further growth beyond.

Improve Event Customer Experience

Involving all key stakeholders to determine how to improve the OWASP event experience for AppSec and AppSec Days regional events. The key objective of this program deliverable is to optimize, modernize, improve productivity, and reduce the friction in hosting, attending, and supporting OWASP events, eliminating (or reducing) any painful or unnecessary activities and ensuring that all events are delivered b to our mission and are profitable.

Regional AppSec Days

As the places where AppSec Global events shrink, the number of locations for AppSec Day events should grow. The Foundation will help support any profitable AppSec Days proposal to $30k per event and $250k per year overall. AppSec Day events must be profitable and preferably funded by local sponsorship. The Foundation will provide a template for the event and help with marketing and other support.

AppSec Asia

  • 2024 ensure that the AppSec Asia event goes ahead
  • 2025 will be contingent on the success of the 2024 event

Fundraising

Global AppSec events are a significant source of income for the OWASP Foundation. We may need to situate the events in more profitable locations, and we may need to increase the ticket prices for the events. We will work with the community to develop a strategy to ensure that all events are profitable and that the Foundation can continue to support the community with the funds raised from the events.

Marketing

An events marketing data sheet will be created by the Events team, allowing easy customization of the website and various events, such as being handed out at RSA. Work with our marketing contractor to promote AppSec Global SF and AppSec Global Lisbon, with online advertising and social media campaigns.

Watch Star