[Governance] OWASP and Commercial

Jim Manico jim.manico at owasp.org
Fri Feb 7 14:41:40 UTC 2014

I'm being ethically proactive Tom. My commercial activities are getting
more related to OWASP and  I am just requesting a health check.

I recently received a barrage of email from Dennis Groves about his
disapproval on my stance on free training, and while they were disturbing,
it did make me stop and think (and ask the gov list).  ;-)

Tom, you as well have called out my free training efforts and other OWASP
efforts as self serving (including this email) and have called me on my
ethics, so you're happy I'm asking the list about this topic in some way
right? :)

Hello from rain-soaked Europe where I'm (REDACTED) and (REDACTED). Hope to
see you at (REDACTED)!

Jim Manico
(808) 652-3805

On Feb 7, 2014, at 3:24 PM, Tom Brennan - OWASP <tomb at owasp.org> wrote:

Just asking for what is the problem you are seeking advice on the
governance list of the association?

Has there been a complaint? Is there a issue that needs to be managed by a
existing policy for such or is there a recommendation to create a more? Is
it a question to a public archive to resolve done identified issue?

I know I'm not the sharpest tool in the shed.. Just confused and hence the
email asking for clarity.

Btw I'm jealous that Yiannis is enjoying Casa Manico while I dig out of
11inches of snow

Sent from my mobile autocorrect typos included call 9732020122 to discuss

On Feb 7, 2014, at 9:08 AM, Jim Manico <jim.manico at owasp.org> wrote:

Ad, Tom?

This is a small list of folks I mostly know well who are especially
interested in these issues.

So your answer is that my question itself on-list is unethical?

Jim Manico
(808) 652-3805

On Feb 7, 2014, at 2:58 PM, Tom Brennan - OWASP <tomb at owasp.org> wrote:

On the choochoo this morning to NYC to give some training myself.. thought
I would catch up on some emails @owasp bucket.

In response to yours, members of the board have jobs that pay bills that
somehow are involved in software industry that would likely be true of
everyone in the association membership.

Even a few of them have books, papers, projects, talks and involved in
testimony to congress or pet alligators etc...  So what's your question?

As per the conflict of interest policy you agreed to and signed if your in
conflict with it or can not meet the bylaw duties as written everyone is
free to step down or step up to meet them or lobby to change them or
abstain when needed.

Perhaps I am confused but your email to this governance list is asking for
help on what exactly -- or simply raising visibility via your "ad" that
your offering training and writing a book? What is the defined problem? Is
there a complaint that requires "governance" as defined:

Your loved man just not clear what your asking to provide suggestions...
New business for the upcoming board meeting perhaps to clarify or discuss
face to face on the 24th?

Sent from my mobile autocorrect typos included call 9732020122 to discuss

On Feb 7, 2014, at 5:06 AM, Jim Manico <jim.manico at owasp.org> wrote:


I work as a freelancer now and make a living delivering onsite
security training. I'm also working on a book. These are both things
that OWASP monetizes as well.

I feel like my efforts at OWASP as a board member and volunteer are in
conflict with my professional work. It's a pretty clear conflict of
interest. Would you care to provide guidance or suggestions over this
matter? I try to take the ethical path but I'd like to check in with

Thank you,
Jim Manico
(808) 652-3805
Governance mailing list
Governance at lists.owasp.org
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/governance/attachments/20140207/4a6fa1cd/attachment-0001.html>

More information about the Governance mailing list