[Global_industry_committee] CISO Survey @ AppSecEU

Eoin eoin.keary at owasp.org
Fri Jun 10 09:21:04 EDT 2011


Agree with tom on this. we discussed this yesterday. if branded ala top 10
there is no issue.


On 10 June 2011 09:51, Tom Brennan <tomb at owasp.org> wrote:

> The published book of OWASP Top 10 (copies available at the information
> booth here at AppSec EU) would be a good example of a end result that OWASP
> is interested in as a published document project without any sort of
> contractual terms associated with corporate supporter membership.
>
> On Jun 10, 2011, at 2:01 AM, Rex Booth wrote:
>
>  Thanks for asking for clarification.
>
> Nobody will have exclusive rights to the results.  As with everything in
> OWASP, everything will be open.
>
> The only "exclusivity" being discussed is the co-branding of the final
> report.  My firm has volunteered to take responsibility for the survey
> execution, analysis and production (although we will certainly welcome
> assistance from others within OWASP).  Because we're doing the heavy
> lifting, we want to co-brand the survey with our logo.  This is the same
> kind of agreement that we have with numerous other non-profits for whom we
> perform such surveys and is similar to Aspect's co-branding of some ESAPI
> products.
>
> The results and report will be open and free, as always.
>
> Rex
>
> On 6/9/2011 8:22 PM, Jason Li wrote:
>
> Hey guys,
>
>  I know that the GIC has been planning to gather feedback about a CISO
> survey at AppSecEU.
>
>  I've heard some buzz at the conference that the company sponsoring the
> survey is going to have exclusive rights to results?! I'd be extremely
> concerned about a survey executed by OWASP where we don't retain the rights
> of distribution. It goes against the open principles of OWASP and has
> borderline potential for brand abuse.
>
>  I know this kind of buzz typically get blown out of proportion when word
> travels through the grapevine, so I wanted to get the full scoop directly
> from you guys.
>
>  What's the real story?
>
>  -Jason
>
>
> _______________________________________________
> Global_industry_committee mailing listGlobal_industry_committee at lists.owasp.orghttps://lists.owasp.org/mailman/listinfo/global_industry_committee
>
>
>  _______________________________________________
> Global_industry_committee mailing list
> Global_industry_committee at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/global_industry_committee
>
>
>
> _______________________________________________
> Global_industry_committee mailing list
> Global_industry_committee at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/global_industry_committee
>
>


-- 
Eoin Keary
OWASP Global Board Member
OWASP Code Review Guide Lead Author

Sent from my i-Transmogrifier
http://asg.ie/
https://twitter.com/EoinKeary
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/global_industry_committee/attachments/20110610/bc0d2246/attachment-0001.html 


More information about the Global_industry_committee mailing list