[Global_education_committee] Global_education_committee Digest, Vol 11, Issue 5

fabio.e.cerullo at aib.ie fabio.e.cerullo at aib.ie
Tue Sep 22 12:11:14 EDT 2009

ok. Seba... I will set an agenda and share it among us...


global_education_committee-request at lists.owasp.org
Sent by: global_education_committee-bounces at lists.owasp.org
22/09/2009 17:00
Please respond to global_education_committee
        To:     global_education_committee at lists.owasp.org
        Subject:        Global_education_committee Digest, Vol 11, Issue 5

Send Global_education_committee mailing list submissions to
                 global_education_committee at lists.owasp.org

To subscribe or unsubscribe via the World Wide Web, visit
or, via email, send a message with subject or body 'help' to
                 global_education_committee-request at lists.owasp.org

You can reach the person managing the list at
                 global_education_committee-owner at lists.owasp.org

When replying, please edit your Subject line so it is more specific
than "Re: Contents of Global_education_committee digest..."

Today's Topics:

   1. Re: [GPC] Online Committee member          questionaire (dinis cruz)
   2. Re: Fw: Training Fees (Seba)


Message: 1
Date: Mon, 21 Sep 2009 18:51:08 +0100
From: dinis cruz <dinis.cruz at owasp.org>
Subject: Re: [Global_education_committee] [GPC] Online Committee
                 member          questionaire
To: global_education_committee at lists.owasp.org,
                 global_industry_committee at lists.owasp.org,
                 global_chapter_committee at lists.owasp.org, Global Projects 
                 <global-projects-committee at lists.owasp.org>,
                 global_membership_committee at lists.owasp.org,
                 global_conference_committee at lists.owasp.org
Cc: OWASP Foundation Board List <owasp-board at lists.owasp.org>, Matt
                 Tesauro <matt.tesauro at owasp.org>
 <60235a7b0909211051p5cc4eb75l449ff23af9309dce at mail.gmail.com>
Content-Type: text/plain; charset="iso-8859-1"

Hi Committees (Education, Industry, Chapter, Projects, Membership,
Conferences )
Since I already sent the email below (by mistake) to the Eduction 
I might as well also send it to you guys :)

Probably it would had been nicer for this to be done directly to you, but
hey, one might as well take this opportunity to make sure you all are 
of what we are trying to do.

Btw, if this is the first time you (Committee member) heard about this, 
sure you beat up your OWASP Board representative since we have talked
several times about this over there, and voted to move forward with this
idea :)

Check out the email thread below, which (I think) has a good view of what
the objectives of what we (the OWASP Board) are trying to do.

And making sure that I address Jason's worries*, this is not a GPC 
but it is an OWASP Board activity.* The only reason we are doing this via
the GPC is because, the GPC is the Committee that I am mainly involved 
and because Matt and Paulo 'volunteered' to handle this :)

The current version of the questionnaire is here:

please DON'T fill it in yet.

If you have any comments about this, please send them to ME (dinis) or 
(CCed) or your favorite OWASP Board member, i.e. don't send feedback to
Paulo :) (since he is already swamped with the conversion of OWASP 
into the WIKI template).

A final point I would like to make, is that although these processes of
public evaluations can be (a little bit) painful, they also represent a
great opportunity to show the world the great world we are doing at the
multiple OWASP Committees (and where necessary, to identify the areas were 
particular Committee needs help (which should encourage new Committee
members to come forward)

Looking forward to your comments, or your (silent) approval of this idea 

Dinis Cruz

2009/9/21 dinis cruz <dinis.cruz at owasp.org>

> Jason, I understand your worries, but this questionnaire and the 'public
> review of OWASP leadership' performance is also very important to build 
> strong OWASP community.
> Remember that as the value of being associated with OWASP (as a project
> leader, chapter leader, committee member or board member) grows, the 
more we
> have to make sure that the people who can claim such leadership tag DO
> deserve that tag. And if we DON'T do that, the value of OWASP leadership
> gets diluted to the average of the lowest-common-denominator of those
> leaders.
> We (OWASP) need to do this type of review for all leadership positions. 
> reason we are starting with the Committee members is because it is the
> 'easier' of them all (i.e. when compared to chapters, projects and 
> Once we get this review right, the next in line is the review of the
> Chapter's leadership. Remember that if there are any problems raised by 
> review, those problems WERE ALREADY THERE, and are time-bombs that WILL
> explode in the future (by raising the problems earlier (via the
> questionnaire), we hopefully defuse some of those issues and will be 
able to
> handle them in a professional, independent and transparent way).
> What I like about this 'public review' is that it allows for a 
> analysis of what is going on, and allows OWASP to promote the great work
> done by the (in this case) selected Committee individuals (one of the
> outcomes that I would like to see at the end of this questionnaire is a 
> of '*Outstanding work performed by Committee'* members, so that we 
> *c**an publicly thank them** (and their employers)* for their time,
> effort, energy and deliverables (Jason, I expect to see you on this list 
> )
> We can talk about this tonight, but I really don't want to cover the WHY
> and prefer to focus on the HOW.
> One point I would like to stress, is that when Matt (who volunteered to
> take this task) and Paulo execute this, they will do it as 
> of the 'OWASP Board' and not as GPC members.
> Dinis
> 2009/9/21 Jason Li <jason.li at owasp.org>
> Before we dive into this, I think we need to start playing the PR game 
>> our committee.
>> We're already getting flack on the leaders list based on the project
>> assessments.
>> This committee member evaluation doesn't really come under the
>> responsibility of the GPC and given the current perception, I don't 
>> it's in our interests to associate ourselves as the managers or 
>> of this evaluation The committee member evaluation proposal, while
>> necessary, is going up the same line of adding overhead and bureaucracy 
>> The GPC should not be seen as a committee that just sits around and 
>> things more complicated for everyone without adding any value.
>> Of course I know that's not what we do - but what we're perceived to do 
>> almost as important as what we actually do when it comes to fostering a
>> strong OWASP community.
>> -Jason
>> On Mon, Sep 21, 2009 at 1:02 PM, dinis cruz <dinis.cruz at owasp.org> 
>>> Matt and Paulo
>>> On the topic of
need to beta test this before we send it to all Committee members.
>>> Btw, Paulo (or Matt), you have the emails of all current Committee
>>> members?
>>> Note: We must make sure Kate is involved in this, since managing the
>>> Committee members is part of her world :)
>>> Dinis
>>> _______________________________________________
>>> Global-projects-committee mailing list
>>> Global-projects-committee at lists.owasp.org
>>> https://lists.owasp.org/mailman/listinfo/global-projects-committee
-------------- next part --------------
An HTML attachment was scrubbed...


Message: 2
Date: Tue, 22 Sep 2009 14:46:22 +0200
From: Seba <seba at owasp.org>
Subject: Re: [Global_education_committee] Fw: Training Fees
To: kuai hinojosa <kuai.hinojosa at owasp.org>
Cc: "fabio.e.cerullo at aib.ie" <fabio.e.cerullo at aib.ie>,
                 "global_education_committee at lists.owasp.org"
                 <global_education_committee at lists.owasp.org>
 <cc88ce390909220546w33d59ceem53f2db6060bb917c at mail.gmail.com>
Content-Type: text/plain; charset="iso-8859-1"

Something to discuss next Thurday at the GEC conf call?Somebody wants to
take a stab at puttting together an agenda?
I would also like to talk about preparing the Summit09 at DC


On Tue, Sep 8, 2009 at 1:31 PM, kuai hinojosa 
<kuai.hinojosa at owasp.org>wrote:

> I think if we can effectively cover the cost of delivering the trainning
> and the cost needed to be covered by the foundation, it is a good idea. 
> always thouhght we should work on the benefits gained by the 5k 
> sponsorship but again it is a dontation after all.
> Kuai Hinojosa
> On Sep 8, 2009, at 4:52 AM, fabio.e.cerullo at aib.ie wrote:
> Thanks for the reply Seba. I absolutely agree that this is not an easy
> discussion and I'm sharing it with the rest of the GEC 'gang' :)
> here is an idea:
> companies pay usd 5000 to become OWASP supporters, however the benefits 
> not 'very tangible' in my opinion... even worse in a recession period.
> so, we could offer them an amount of 'X' trainings per year to their
> developers which could be provided by 'endorsed OWASP trainers'
> what do you think guys?
> Fabio
> ----- Forwarded by Fabio E Cerullo/IR/AIB on 08/09/2009 09:45 -----
>   *Seba <seba at owasp.org>*
> Sent by: <sebastien.deleersnyder at gmail.com>
> sebastien.deleersnyder at gmail.com
> 07/09/2009 22:46
>         To:         <fabio.e.cerullo at aib.ie>fabio.e.cerullo at aib.ie
>         cc:         <kate.hartmann at owasp.org>kate.hartmann at owasp.org
>         Subject:        Re: Training Fees
> Fabio,
> Sorry - for late reply.
> Not the first time this question pops up.
> Before setting up OWASP trainings towards external organisations, I 
> we need to discuss this in the GEC.
> I think we should come to a list of 'endorsed OWASP trainers' with a 
> reputation that re-invest their training experience in OWASP education
> projects.
> We should also find a way to have organisation that receive OWASP 
> from endorsed trainers to become OWASP supporter, without becoming a
> 'commercial' training institute.
> not an easy discussion, but if you want we can put this on the GEC 
> list?
> regards
> Seba
> On Tue, Sep 1, 2009 at 4:03 PM, 
<*fabio.e.cerullo at aib.ie*<fabio.e.cerullo at aib.ie>>
> wrote:
> Hi Kate/Seba,
> I've been asked to provide some web app training (eg. Webgoat/Webscarab)
> externally however I came across two different issues:
> 1) Fees: I don't think we could charge fees to company 'X' for providing 
> 1-day OWASP related training, right ? However I think we could ask for a
> contribution in terms of traveling/expenses. Would this be appropiate?
> 2) Invoices: I don't have any invoices I could provide to this 
> however I was thinking if it would be possible for OWASP to provide an
> invoice and we split this 'contribution' between OWASP and myself in 
case I
> decide to go ahead?
> Any comments/thoughts are more than welcome.
> Thank you,
> Fabio Cerullo
> Divisional Information Security
> Bankcentre D1,
> Ballsbridge,
> Dublin 4,
> Ireland.
> Tel: +353 1 772 6309
> Email: *fabio.e.cerullo at aib.ie* <fabio.e.cerullo at aib.ie>
> _______________________________________________
> Global_education_committee mailing list
> Global_education_committee at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/global_education_committee
-------------- next part --------------
An HTML attachment was scrubbed...


Global_education_committee mailing list
Global_education_committee at lists.owasp.org

End of Global_education_committee Digest, Vol 11, Issue 5

-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/global_education_committee/attachments/20090922/181e95fb/attachment-0001.html 

More information about the Global_education_committee mailing list