See the overall CASP FAQ for questions about CASP, or cybersecurity automation, overall.
The event is open to all if they agree to register and they agree to abide by the Code of Conduct which TL;DR is "don't be a jerk".
There is no cost for attending.
Anyone may attend virtually and no sweat equity is required.
Because of limited space (unless someone volunteers to pay for a larger space), physical attendance may be limited. See how-will-physical-attendance-be-determined for process on determining physical attendance if we do need to limit. At the moment, looks like everyone will fit.
See logistics - no sweat equity required!
See logistics
Assuming space limitations prevent everyone from fitting, attendance will be determined by highest priority to amount of relevant sweat equity. If space is limited, it would be preferred to limit organizations to one person per organization. Notable exceptions might be if an organization had different SME's for different demoable technologies (e.g. one for STIX Shifter and one for Kestrel).
Governance will be via CASP governance procedures.
Sweat equity in this context (ie for determining physical attendance) is mainly just a willingness to participate and not just be an observer. How much "sweat" is a function of how much effort is being provided.
Obviously it is a lot of effort to have working software as part of demoable CASP use cases that interface with other organizations using CASP standard interfaces (i.e. the "technologies"). So those organizations have the most sweat equity.
Consideration will also be given to working software as part of demoable CASP use cases that people from other organizations can interface with. E.g. a person at the plugfest can use a demo copy of a vendor product even though the product doesn't have CASP standard interfaces. This assumes the vendor makes at least hand-waving, non-binding comments about the potential of having CASP standard interfaces in the future.
Consideration will also be given to a combination of:
- attendance at CASP meetings
- contributions via CASP mailing list
- contributions to CASP github (ie this repo)
- attendance at previous plugfests
- keynote speakers
- contributions to CASP-related projects (Kestrel, PACE, IoB, OpenC2, STIX, CSAF/VEX, ... ).
And last, and most important, is sweat equity includes contributing to use cases. I.e. what are your problems you'd like cybersecurity automation to solve?
Yes, it is encouraged. See videos.
Ideally with a github pull request against https://github.com/opencybersecurityalliance/casp/tree/main/Plugfests/NextPlugfest/2023-06-13-USC/SweatEquity to:
- create a subdirectory with your organization name
- create a readme in that subdir:
- explaining your contributions,
- adding/linking other files as required.
- Please include whether you will attend physically or virtual-only
- Please include what country participants are from (for purpose of making fancy x people from y countries on z continents pic like 7countries)
- explaining your contributions,
If you are github-challenged, you can send email to the CASP mailing list and others will assist you.