Creation of Security Buttons

Track: Owasp Projects
When: Tue AM-1
Where: Pedley
Organizers Timo Pagel Timo Pagel
Participants David Cervigni David Cervigni , Francois Raynaud Francois Raynaud , Paul Dubourg Paul Dubourg , Pedro Laguna Pedro Laguna , Sara Davis Sara Davis , Thomas Franceschini Thomas Franceschini

Why

Oftentimes motivating security champions is a challenge. Most of the time, they’re not willing to dedicate the time and effort to the invisible part of security. The product owners themselves focus on pushing the developement of features therefore the nessecity of security is often neglected or almost completely overlooked.

That is why there is a need to visualize the investment in security, made by a champion or an entire team. One solution would be to give out corresponding buttons for every security event the champions attend. Those events could be something along the lines of a threat modeling session with OWASP Cornucopia or any other relevant topics. The buttons can be seen as a reward given to the representatives of each team, showcased in the team rooms. Preferably on a white hat or a sash. This concept could also be implemented with stickers. As an alternative to reward the attendency of a meeting, the actual implementation (e.g. using of a hardened image) might be rewarded.

Benefits:

  • A teams effort in security is visible and therefore measureable
  • Teams are able to compare each others achievements, especially with different skill levels (e.g. XSS Basics and XSS Advanced events)
  • Security Champions are able to get some kind of certification
  • This project could help engange others in the topic of security

What

We will create designs for new security buttons. Optinal, you can print the buttons and build buttons. We will make appointments to use a button machine. So you can create buttons for your project!

In case we have people who are related to law questions, we can discous how to procede with logos of projects like nginx, as there might be restrictions.

Outcomes

  • Button designs under the Creative Commons License
  • Buttons for projects
  • Buttons as reward for teams
  • Buttons to engage to participant in security trainings

Who

  • People with design backgrounds
  • People who work with picture editing software (e.g. inkscape)
  • People, who need buttons for OWASP projects

Working materials

Security Buttons

Register as participant

To register as participant add Creation of Security Buttons to either:

  1. the sessions metadata field from your participant's page (find your participant page and look for the edit link).
  2. or the participants metadata field from this git session page


Back to list of all Working Sessions