[Global_chapter_committee] [Committees-chairs] [Global_conference_committee] [owasp-board] Re: 2012 Speaker Agreement Update

Jim Manico jim.manico at owasp.org
Wed Mar 28 23:08:05 UTC 2012

Personally, I think we need to enforce, strictly, only 2 points on speakers:

1) All presentations must be creative commons.
2) No vendor pitches.

Number 1 is easy to enforce. Number 2 is very difficult to enforce.

WhiteHat Security is very kindly sponsoring me to fly all over the
country/world to give vendor-neutral secure-coding creative-commons talks.
They asked me, very politely, to brand my PowerPoints as WhiteHat Security. At
first, I was really against this. But a few things changed my mind today.

1) WhiteHat is paying my salary, which helps support my ability to deliver
these talks
2) I would not be able to do this if it was  not for their support giving
me massive chunks of time to do this
3) WhiteHat is also a OWASP corporate sponsor and supports various OWASP
4) They are not trying to control ANY of my content; they are even helping
me clean up my creative-commons slide decks.

My integrity matters to me. But I am starting to think that a company who
supports me giving a whole lot of vendor-neutral creative-commons secure
coding talks deserves some recognition.

Thoughts, community? Am I off base here?

Jim Manico
(808) 652-3805

On Mar 29, 2012, at 12:40 AM, Thomas Brennan <tomb at owasp.org> wrote:

We want to make a agreement that is acceptable to the goals and mission of
the association in raising application security.

We don't want to have a paper-tiger agreement that is disregarded as to
complex and not enforced do we?

Revise and alert the speakers for AppSecDC AppSecUSA EMEA, LATAM etc etc..
If OWASP can't do this with our employees and volenteers then call it what
Seba noted best practice.

Content is content it's either valuable or it's not, I personally don't
care about a logo -- in many cases they paid the airfare, lodging and
salary of the speaker (this includes Goverment and other submitters) hence
if the preso sucks... It still sucks.

The agreement is what I am changellging and asking the committes chapters
and conferences trot a health check - and the rest of the leaders for there
input as its their organization and they speak for the 160 chapters and
running conferences.

On Mar 28, 2012, at 6:22 PM, Jim Manico <jim.manico at owasp.org> wrote:

 The speaker agreement is already very clear on the topic of presentation

" Speakers are encouraged to include their contact information when
introducing themselves, but may NOT include their logo on any visual and
handout materials. Speakers are to avoid any appearance of commercialism in
their session and presentations are to be of a technical or solutions

At least 50% of all speakers I have seen violate this, including board

The question is, do we want to enforce this policy (from Nov 2011)?

- Jim

 A general remark from my side: only use the speaker agreement when in
We use this agreement very pragmatically in Belgium and have only pointed
to it upfront to speakers when we thought a certain speaker/topic could
become a commercial talk.

 Otherwise: minimize the red tape :-)


On Wed, Mar 28, 2012 at 8:22 PM, Teresa Stevens <
teresa-ann-stevens at comcast.net> wrote:

>   I agree with Josh. Thanks,
>   Teresa Stevens, CISSP, MSIA, PMMC
> Information Security Specialist – Team Leader
> San Francisco Bay Area
> 510-842-8868 (home), 510-872-2187 (cell)
>   From: Josh Sokol <josh.sokol at owasp.org>
> Date: Wed, 28 Mar 2012 11:13:22 -0500
> To: Mark Bristow <mark.bristow at owasp.org>
> Cc: "owasp-board at owasp.org" <owasp-board at owasp.org>, "
> committees-chairs at lists.owasp.org" <committees-chairs at lists.owasp.org>,
> global_conference_committee <global_conference_committee at lists.owasp.org>,
> global_chapter_committee Committee <
> global_chapter_committee at lists.owasp.org>, Eoin <eoin.keary at owasp.org>
> Subject: Re: [Global_chapter_committee] [Global_conference_committee]
> [owasp-board] Re: [Committees-chairs] 2012 Speaker Agreement Update
>  I agree with what Jason said.  I see no reason why a person should not be
> able to include a company logo in a slide deck regardless of whether they
> are a corporate member or not.  My $0.02:
> * If the event has a presentation template, then corporate logos should be
> limited to only the "About Me" page of the presentation.
> ~josh
> On Wed, Mar 28, 2012 at 9:20 AM, Mark Bristow <mark.bristow at owasp.org>wrote:
>> I think these are reasonable changes except the no-logo on the "about me"
>> slide.  I think that's fine if we put a boundry on the size.  The GCC is in
>> the final process of selecting a new presentation template, so this will be
>> easy to add.
>>  On Tue, Mar 27, 2012 at 12:29 PM, Eoin <eoin.keary at owasp.org> wrote:
>>>   I am happy with vendor logo as long as content isn't a vendor pitch
>>> or vendor bespoke (ip) and covers off an issue which is in the open  body
>>> of knowledge.
>>> Eoin Keary
>>> BCC Risk Advisory
>>> Owasp Global Board
>>> +353 87 977 2988
>>> On 27 Mar 2012, at 16:13, Jason Li <jason.li at owasp.org> wrote:
>>>  Agreed on the use of the template.
>>>  What's the purpose of the restriction on the company logo?
>>>  Is it an attempt to spur corporate membership? Is it meant to remove
>>> the "vendor"-ness of a talk?
>>>  If the former, I think it actually comes across as off-putting and
>>> might have the opposite effect... If the latter, then the inclusion of the
>>> company logo if and only if they are an OWASP supporter seems overly
>>> restrictive IMHO in comparison to the goal.
>>>  What about updating the template to include a specific place and
>>> limited small size for a logo and mandating the use of the template? That
>>> would limit how much a presenter could plaster their logo across a
>>> presentation.
>>>  -Jason
>>> On Tue, Mar 27, 2012 at 9:35 AM, Tom Brennan <tomb at owasp.org> wrote:
>>>> Committee(s);
>>>> Today OWASP utilizes a Speaker Agreement that outlines the rules for
>>>> compensation of speakers, required templates, audio/visual, vulnerabilities
>>>> disclosure and a laundry list of other terms.
>>>> The Document:  https://www.owasp.org/index.php/Speaker_Agreement
>>>> With the upcoming long list of AppSec<Regional>, AppSec<Global> and
>>>> chapter events  globally happening weekly enforcement of this policy or
>>>> event policing of this policy is difficult however the spirit of the
>>>> speaker agreement in keeping OWASP pure to technical,
>>> _______________________________________________
Committees-chairs mailing list
Committees-chairs at lists.owasp.org
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/global_chapter_committee/attachments/20120329/80bfb37a/attachment-0001.html>

More information about the Global_chapter_committee mailing list