[Owasp-board] OWASP/WASC working together moving forward

Dinis Cruz dinis at ddplus.net
Fri Aug 10 14:39:34 UTC 2007


Ok, following your previous comments, I think we should reply to WASC (&
Jeremiah) with the following points:

1. We can add a 'in conjunction with WASC' to the Conference name and
organize a similar 'joint party' event during the show. In exchange WASC
will help with local logistics, marketing and maybe even on some organizing
during the event
2. The conference will continue to be organized by OWASP who will be
covering all costs and recouping all profits generated (which are used to
sponsor OWASP projects, etc...)
3. WASC members to participate with members from the OWASP board on a panel
at the conference (or maybe a close session (if doing it live would be too
much)) on 'what is the point of OWASP and WASC and should we merge'. This
would help to clarify where things stand and what would happen next time we
organize a conference (Jeff you really should be there for this)

Dinis



On 8/8/07, Jeff Williams <jeff.williams at owasp.org> wrote:
>
> I like that.
>
> --Jeff
>
> Jeff Williams, Chair
> The OWASP Foundation
> Work: 410-707-1487
> Main: 301-604-4882
> "Dedicated to finding and fighting the causes of insecure software"
>
>
> -----Original Message-----
> From: Dave Wichers [mailto:dave.wichers at owasp.org]
> Sent: Wednesday, August 08, 2007 9:08 AM
> To: 'Andrew van der Stock'; 'Jeff Williams'; 'OWASP Board'
> Subject: RE: [Owasp-board] OWASP/WASC working together moving forward
>
> I think OWASP should handle all expenses and receive all the income.
>
> As to co-branding. I think something like 'in conjunction with WASC' or in
> partnership with WASC or something would be a reasonable way of
> cobranding.
> And to get that, I think they should help with the local details and some
> of
> the conference activities.
>
> -Dave
>
> -----Original Message-----
> From: owasp-board-bounces at lists.owasp.org
> [mailto:owasp-board-bounces at lists.owasp.org] On Behalf Of Andrew van der
> Stock
> Sent: Tuesday, August 07, 2007 6:32 PM
> To: Jeff Williams; 'OWASP Board'
> Subject: Re: [Owasp-board] OWASP/WASC working together moving forward
>
> I definitely think a social event would definitely work, but I'd also like
> to try doing a conference as that's a baby step towards long term
> re-unification of the two - folding WASC into OWASP. We can only do that
> by
> building up trust over a long period. I see the conference as one of these
> baby steps.
>
> I think it would be a good idea to do it in several stages:
>
> 1. Yes - to talk with them officially and see what they want to do.
>
> 2. Yes - to a social event. This is a total no-brainer considering how
> successful last Wednesday night was. Just need to find a sponsor.
>
> 3. No - to a lipstick job where they put their logo on our conference.
> That's not a win-win situation for OWASP, and in fact doesn't help us at
> all.
>
> 4. Once we have the details from (1), I am likely to vote YES to a joint
> conference as long as they have some skin in the event, such as looking
> after the local organization details, organizing social events, helping
> select hotels, etc. This makes sense considering that the OWASP board is
> mostly on the east coast and the WASC guys are local to the event.
>
> We'd really need to look at how we'd split expenses and proceeds if it is
> a
> true 50/50 effort as we rely on the conferences to fund OWASP activities
> such as the summer of code, interns, OWASP on the move, the next
> conference,
> etc, etc. I do not want to see OWASP footing the entire pre-conference
> bill
> and then paying WASC 50% of the proceeds. That does not work for me.
>
> But let's do (1) and (2) right now and see what happens. Baby steps first.
> Let's help them move along the path towards coming into our fold as long
> as
> it makes sense to do so.
>
> Thanks,
> Andrew
>
>
> On 8/7/07 1:43 PM, "Jeff Williams" <jeff.williams at owasp.org> wrote:
>
> > PLEASE VOTE!
> >
> > Okay, so do we want to cobrand the conference?  I'm thinking that we
> should
> > just do another cobranded meetup like what we did at BlackHat.  Or
> perhaps
> > we use this to work a deal where we would help them redo their threat
> > taxonomy and cobrand that in return for cobranding the conference.  Or
> > cobrand the mailing list.
> >
> > I'm a bit worried that cobranding will stick forever, and we'll be some
> > weird Lockheed-Grumman-Martin thing.  Ultimately I think we want to have
> one
> > brand... OWASP.
> >
> > --Jeff
> >
> > -----Original Message-----
> > From: Jeremiah Grossman [mailto:jeremiah at whitehatsec.com]
> > Sent: Monday, August 06, 2007 1:54 AM
> > To: Jeff Williams; Dave Wichers; Tom Brennan; Dinis Cruz
> > Cc: Robert Auger; Anurag Agarwal; Brian Bertacini; Andrew van der Stock
> > Subject: OWASP/WASC working together moving forward
> >
> > Gentlemen,
> >
> >              Our black hat party was a wild success, no question
> > about it. The turn out and level of excitement among the crowd
> > surpassed any expectations I had. A job well done by all involved and
> > I appreciate you guys from OWASP willingness to work with us and make
> > it a success. Judging from conversations that took place during, I
> > also think its safe to say we should look for more occasions where
> > OWASP and WASC can work together. The most obvious opportunity being
> > the San Jose conference in November.  Perhaps you'd be open co-
> > branding the event as we did with the party and allow WASC the
> > opportunity throw our weight behind it.
> >
> > I want to be careful here since we do not wish to step on anyone
> > toes. We know you guys probably have a lot of time already invested
> > in the project already and we're not looking to piggy back on your
> > work for free. All us WASC guys listed are local to the Bay Area, we
> > know the people/companies on the ground very well, and have deep
> > contacts in the community. Our pull in the area should be
> > considerable if we could advertise an event with a solid line up and
> > had the appropriate market messaging and collateral. I've also shared
> > several more of my ideas previously, but first things first.
> >
> > If this is something you'd like to do or discuss further, please let
> > us know.
> >
> > Regards,
> >
> > Jeremiah
> >
> >
> >
> >
> >
> >
> >
> >
> > _______________________________________________
> > Owasp-board mailing list
> > Owasp-board at lists.owasp.org
> > https://lists.owasp.org/mailman/listinfo/owasp-board
>
>
> _______________________________________________
> Owasp-board mailing list
> Owasp-board at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-board
>
> _______________________________________________
> Owasp-board mailing list
> Owasp-board at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-board
>



-- 
Dinis Cruz
Chief OWASP Evangelist
http://www.owasp.org
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20070810/579a29fc/attachment-0002.html>


More information about the Owasp-board mailing list