[Owasp-board] Owasp mission

Jeff Williams jeff.williams at owasp.org
Wed Dec 20 15:13:58 UTC 2006


I think that's a bit strong actually, especially for a not for profit
foundation.

 

Try this. http://www.google.com/search?q=foundation+%22dedicated+to%22

 

People need a snappy little catch-phrase to help them quickly know what
OWASP does and keep their eye on the ball of what we're trying to achieve.

--Jeff

  _____  

From: Andrew van der Stock [mailto:vanderaj at owasp.org] 
Sent: Wednesday, December 20, 2006 9:10 AM
To: jeff.williams at owasp.org
Cc: owasp-board at lists.owasp.org
Subject: Re: [Owasp-board] Owasp mission

 

Mission statements are exactly like bullshit bingo. My favorite mission
statement generator is here:

 

http://www.dilbert.com/comics/dilbert/games/career/bin/ms.cgi

 

It produces mission statements at least as good as most and more meaningful.
A typical example:

 

We exist to proactively leverage other's interdependent resources

 

Unless it's short and snappy and to the point re: OWASP, I'd prefer not to
have one at all. 

 

thanks,

Andrew

 

On 19/12/2006, at 4:10 PM, Jeff Williams wrote:





I'm open to coming up with a new mission.  Can we agree that this should be
a statement of our quest at the highest level?

 

I sort of agree that the "fight" is artificial.  But just like the "war" on
drugs, and the battle to cure cancer, fight against homelessness, and even
the war on terror, the analogy helps to get people motivated.

 

But I don't agree that the concept of insecure software is too abstract for
people to understand. I think everyone gets that.

 

In my opinion, the mission statement below is:

 - too long

 - too boring

 - too cautious

 - too technical

 - yawn.

 

I like this story about vision statements. A vision is a view of the future
the way you want it to be.  Bill Gates had a vision for Microsoft, "a
computer on every desktop". And over a decade or so, that vision became
reality.  My vision is a world with software you can trust.  We're a long
way from achieving it, and I'm not entirely sure it's possible, but I want
OWASP's mission to be achieving that vision.

 

Now we need a really catchy way to say it.  This is a marketing problem, not
a technical one.  The right mission is the one that captures the imagination
of the people who might fund OWASP, join or run a chapter, or contribute to
OWASP's projects.

 

--Jeff

 

  _____  

From: owasp-board-bounces at lists.owasp.org
[mailto:owasp-board-bounces at lists.owasp.org] On Behalf Of Dinis Cruz
Sent: Monday, December 18, 2006 10:00 AM
To: owasp-board at lists.owasp.org
Subject: [Owasp-board] Owasp mission

 

A while ago we had as OWASP mission (in the home page I think) 

Enable organizations to develop, maintain, and purchase applications that
they can trust through the development of free, open, and unbiased
application security documentation, tools, chapters, and conferences.

Now we are back to 

The Open Web Application Security Project (OWASP) is dedicated to finding
and fighting the causes of insecure software. 

Which I don't realy like since it is framing what we do as a fight (which is
not) and uses the very abstract concept of 'insecure software'.

I know that 'trust' is also an subjective concept, but it is more related to
the real world which revolves around: trust, consequences and risk
mitigation. 

Can we agree on a Mission and Tag line for Owasp here? (note the page
http://www.owasp.org/index.php/About_The_Open_Web_Application_Security_Proje
ct has a variation of the first one)

Dinis Cruz
Chief OWASP Evangelist, Are you a member yet?
http://www.owasp.org 

_______________________________________________

Owasp-board mailing list

Owasp-board at lists.owasp.org

http://lists.owasp.org/mailman/listinfo/owasp-board

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20061220/6fc5c42d/attachment-0002.html>


More information about the Owasp-board mailing list