[Owasp-board] Owasp mission

Dinis Cruz dinis at ddplus.net
Wed Dec 20 19:28:49 UTC 2006


Ok, we seem to have some different point of view here, so why don't we open
these discussions (the OWASP mission and the job listings) to the
owasp-leaders mailing list (in fact I am temped to send it to the owasp-all
since I got some good responses last time, what do you think?).

Let's see what the community say :)

Dinis Cruz
Chief OWASP Evangelist, Are you a member yet?
http://www.owasp.org



On 12/20/06, Jeff Williams <jeff.williams at owasp.org> wrote:
>
>  I think that's a bit strong actually, especially for a not for profit
> foundation.
>
>
>
> Try this… http://www.google.com/search?q=foundation+%22dedicated+to%22
>
>
>
> People need a snappy little catch-phrase to help them quickly know what
> OWASP does and keep their eye on the ball of what we're trying to achieve.
>
> --Jeff
>   ------------------------------
>
> *From:* Andrew van der Stock [mailto:vanderaj at owasp.org]
> *Sent:* Wednesday, December 20, 2006 9:10 AM
> *To:* jeff.williams at owasp.org
> *Cc:* owasp-board at lists.owasp.org
> *Subject:* Re: [Owasp-board] Owasp mission
>
>
>
> Mission statements are exactly like bullshit bingo. My favorite mission
> statement generator is here:
>
>
>
> http://www.dilbert.com/comics/dilbert/games/career/bin/ms.cgi
>
>
>
> It produces mission statements at least as good as most and more
> meaningful. A typical example:
>
>
>
> *We exist to proactively leverage other's interdependent resources*
>
>
>
> Unless it's short and snappy and to the point re: OWASP, I'd prefer not to
> have one at all.
>
>
>
> thanks,
>
> Andrew
>
>
>
> On 19/12/2006, at 4:10 PM, Jeff Williams wrote:
>
>
>
>  I'm open to coming up with a new mission.  Can we agree that this should
> be a statement of our quest at the highest level?
>
>
>
> I sort of agree that the "fight" is artificial.  But just like the "war"
> on drugs, and the battle to cure cancer, fight against homelessness, and
> even the war on terror, the analogy helps to get people motivated.
>
>
>
> But I don't agree that the concept of insecure software is too abstract
> for people to understand. I think everyone gets that.
>
>
>
> In my opinion, the mission statement below is:
>
>  - too long
>
>  - too boring
>
>  - too cautious
>
>  - too technical
>
>  - yawn…
>
>
>
> I like this story about vision statements. A vision is a view of the
> future the way you want it to be.  Bill Gates had a vision for Microsoft, "a
> computer on every desktop". And over a decade or so, that vision became
> reality.  My vision is a world with software you can trust.  We're a long
> way from achieving it, and I'm not entirely sure it's possible, but I want
> OWASP's mission to be achieving that vision.
>
>
>
> Now we need a really catchy way to say it.  This is a marketing problem,
> not a technical one.  The right mission is the one that captures the
> imagination of the people who might fund OWASP, join or run a chapter, or
> contribute to OWASP's projects.
>
>
>
> --Jeff
>
>
>   ------------------------------
>
> *From:* owasp-board-bounces at lists.owasp.org [
> mailto:owasp-board-bounces at lists.owasp.org<owasp-board-bounces at lists.owasp.org>]
> *On Behalf Of *Dinis Cruz
> *Sent:* Monday, December 18, 2006 10:00 AM
> *To:* owasp-board at lists.owasp.org
> *Subject:* [Owasp-board] Owasp mission
>
>
>
> A while ago we had as OWASP mission (in the home page I think)
>
> *Enable organizations to develop, maintain, and purchase applications that
> they can trust through the development of free, open, and unbiased
> application security documentation, tools, chapters, and conferences.*
>
> Now we are back to
>
> *The Open Web Application Security Project (OWASP) is dedicated to finding
> and fighting the causes of insecure software. *
>
> Which I don't realy like since it is framing what we do as a fight (which
> is not) and uses the very abstract concept of 'insecure software'.
>
> I know that 'trust' is also an subjective concept, but it is more related
> to the real world which revolves around: trust, consequences and risk
> mitigation.
>
> Can we agree on a Mission and Tag line for Owasp here? (note the page http://www.owasp.org/index.php/About_The_Open_Web_Application_Security_Project
> has a variation of the first one)
>
> Dinis Cruz
> Chief OWASP Evangelist, Are you a member yet?
> http://www.owasp.org
>
> _______________________________________________
>
> Owasp-board mailing list
>
> Owasp-board at lists.owasp.org
>
> http://lists.owasp.org/mailman/listinfo/owasp-board
>
>
>
> _______________________________________________
> Owasp-board mailing list
> Owasp-board at lists.owasp.org
> http://lists.owasp.org/mailman/listinfo/owasp-board
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20061220/e8b4c6b2/attachment-0002.html>


More information about the Owasp-board mailing list