Call for Trainings

The Call for Trainers has now closed. Thank you for your excellent submissions!

Important Dates

• CfT Closes: Saturday 16th February 2019, end of the day.
• Notification to submitters: End of February 2019
• Program announced: Mid March 2019

Introduction

OWASP’s Global AppSec conferences bring together security professionals, engineers, developers and leaders to share and gain knowledge, in order to make the digital world a safer place for everyone. The Global AppSec Tel Aviv conference will take place by the sunny beach of Tel Aviv, and its main theme will be “AppSec: The Community of Innovation”. After all, you are visiting the start-up nation.

As well as the conference, we will be offering 3 days of training 26th - 28th May prior to the main conference days.

Trainers can apply to give 1, 2, or 3 day classes. Trainers are allowed to make multiple applications; one application per class. The training audience will include developers interested in security as well as security professionals.

Content

We are looking for training courses at all levels from someone new to the application security field to advanced topics for experienced professionals. However, all training submissions should have a focus on practical skills which are immediately applicable to an attendees job and have a significant hands-on element with tasks and exercises for attendees to attempt during the training.

As with previous Global AppSec events, we would like to run a number of different training courses of varying lengths over these three days.

Examples of classes include, but are not limited to:

• Secure development: frameworks, best practices, secure coding, methods, processes, SDLC
• Integrating Security into DevOps
• Vulnerability analysis: code review, pentest, static analysis
• Threat modelling
• Mobile security
• Cloud security
• OWASP tools or projects in practice
• New technologies, paradigms, tools
• Operations and software security
• Other topics but with an emphasis on Application Security:
  • Business Risks
  • Outsourcing/Offshoring
  • Awareness Programs
  • Project Management
  • Managing SDLC

Review Committee and Policies

• Josh Grossman and Yossi Oren – Committee Chairs
• Other committee members: Ori Troyna, Erlend Oftedal, Adrian Winckles, Ksenia Peguero, Katy Anton, Roberto Martelloni and Ethan Schorer.

Review Policies

OWASP seeks to be an inclusive organization for practitioners from all cultural, gender, language, educational, ability, religious, and career backgrounds. OWASP actively encourages speakers, trainers, and leaders of all genders, sexual orientations, ages, religions, and ethnicity. Our formal efforts in this vein include blind evaluations of talk proposals for our Global AppSec Conferences and active recruiting of a diverse group of invited speakers and trainers.

The programme committee will review your submission based on a descriptive abstract and detailed outline of your class. Including additional classroom materials will be helpful in our evaluation. Please review your proposal thoroughly as accepted abstracts and bios will be published on our site as submitted.

The programme committee will be looking for the following:

• Aimed at a specific audience - OWASP has a diverse audience that consists of novice to advanced level practitioners. Your content should be developed to clearly connect with a specific audience.
• Clearly written abstract - Your Abstract is the only long-form marketing for your specific talk to our audience. It should be written so that attendees can clearly understand what you will be discussing and what they will get out of your talk.
• Detailed Outline - Your detailed outline is your chance to sway our judges. Write this as thoroughly as possible so that the committee understands all you bring to the table.
• Clearly Applicable - Classes which prioritize content that attendees will be able to immediately implement preferred.
• Hands-on training - Hands on labs which allow attendees to connect meaningfully with content are preferred.
• Not a marketing pitch - Submissions which double as marketing talks or including sales pitches within the training will not be successful.
• Expertise of trainer(s) - The submission should highlight the experience of the trainer(s) in the subject of training and in delivering professional training.

Note: Training which is focussed on a specific, product, technology or service which is not available for free may still be considered if it is widely applicable enough and the attendee is not required to purchase to take part in the training.

Terms

The following conditions apply for those that want to provide training at the OWASP Global AppSec Tel Aviv conference.

Responsibilities of the trainer:

• Required to submit a Training Instructor Agreement.
• Should provide class syllabus / training materials.
• Cover travel and accommodations for the instructor(s)
• Cover all course materials for students.
• Can brand training materials to increase their exposure.
• Should promote training on all available media eg. Twitter, Linkedin

OWASP will provide the venue, marketing, registration logistics and basic wireless internet access. If you need additional technical arrangements, it is important to let us know.

OWASP will reserve up to two training slots at no cost and the trainer may reserve up to one slot at no cost. Please note that for data privacy reasons OWASP cannot provide trainers with contact information of the attendees.

Split

Price per attendee:

• 1 Day Class 850 USD
• 2 Day Class 1,650 USD
• 3-Day Class 2,400 USD

Revenue will be split 60/40 (OWASP/Trainer) for the training class.