Events Form


As part of the OWASP website migration, we will creating a new Events form that will use Stripe as a back end. This should be a simple form that is hosted on the website and will EVENUTALLY serve as the prmiary e-commerce path for all OWASP Global and Regional events replacing Eventbrite for (1) hosting secure forms on github, (2) presenting and then selecting multiple SKUs from a single Product ID as in Training Class A for Event X and Early Bird ticket for Event X, (3) 2-3 aggregate online reports, (4) validate Stripe can manage inventory of SKUs, and (5) integrating Stripe form activities with light integrations with other key data in the OWASP ecosystem.


  1. Securely host a form on our public github instance and collect event registrations
  2. Designed and built for re-use on up to 15 events per calendar year (Event ID/Product ID/SKU)
  3. Stripe is the single authoritive source of pricing, inventory, and discount code truth
  4. Put form into production as of January 24, 2020
  5. Move data from successful Sripe tranactions into Mailchimp
  6. Light reporting on attendance metrics
  7. Develop Slack bot so that common queries can be done through Slack




  1. Product and SKUs listings created in Stripe
    1. Set prices in foreign currencies
    2. Deal with VAT issues
  2. Discount codes created in Stripe
    1. Can we set limits for number of uses of a particular Discount Code.
    2. need to determine how we handle Member Discounts
      1. Preference is for member to enter address, and MailGun send discount code if they are member
      2. Need to include link on Event Form for “Need Member Discount Code?”
  3. Visitor clicks on a event link someplace in OWASP Universe
    1. Page on website
    2. Link from an email
    3. Link from a partner
  4. Event page has:
    1. Popup to capture email for shopping cart abandomment and returning to form (Nice to have)
      1. If returning it woudl restate the cart in the previous state
    2. Collect money in foreign currencies
    3. Introductory copy about the Event
    4. Listing of Products for the Event
      1. If a Produect has an inventory, show quantity remaining or SOLD OUT
      2. Use checkboxes to select Products/SKUs ( v1.0 will not allow multiple units purchased)
    5. Text field for DISCOUNT CODE
    6. Drop down for Security Industry Experience [Beginner/Intermediate/Advanced]
    7. Drop down for Persona [Defender/Builder/Breaker]
    8. Check box for “Agree to Terms of Purchase”
      1. Registration fees are non-refundable and non-transferable. Additionally, lost or stolen badges will not be replaced.
      2. While attending event, if you allow vendor to scan badge they will get x, y, z.
      3. Follow Code of Conduct can be expelled.
      4. Agree to being photographed
    9. Text field to indicate dietary restrictions
    10. Check box to “Join the OWASP Mailing List”
    11. Link to “Invoice me instead of paying online” that goes to (New) WuFoo Form
  5. Click “Purchase” and given Stripe transaction form
  6. All form data and transaction stored into Stripe
  7. Light Integrations move data
    1. Registrant email address will be added to Mailchimp adding the ProductID tag to the contact
      1. Stripe will handle sending a receipt
      2. Mailchimp will handle sending Registrant Curriculum
  8. Online Reports
    1. Google Sheet updated from Stripe in real-time
    2. [Nice to have] Live link with Boomset for badge


Discount Codes for v1.0

Slack Bot Requirements

  1. /event-lookup
    1. Responds with a list of events from now-30 days through “end of time” that include Name (as URL to online report from above), total-number-of-registrants
  2. /event-history
    1. Same as event-lookup but responds with ALL historical events
  3. /event-comp-attendee [ will be handled with a discount code]
  4. /event-create-discount {Event Identifer} {number of uses} {Code Name}
    1. Creates a discount code with name of Code Name with a set number of uses. It will be important to log the slack username in Stripe for this bot command.
    2. Bot returns, “Discount Code: Code with x uses created for EventName
    3. Need to manage name collisions - maybe when a code is requested through this process, it is assigned a random string generated by the bot instead of what is submitted by the user.

(slash) event-create-discount {eventid} number description


  1. Group discounts will be handled with an invoice - not online
  2. Need an easy to quickly add lots of Complimentary Registrations (like for Sponors, Booth, staff, etc)