[Owasp-board] OWASP/WASC working together moving forward

Andrew van der Stock vanderaj at owasp.org
Tue Aug 7 22:32:24 UTC 2007

I definitely think a social event would definitely work, but I'd also like
to try doing a conference as that's a baby step towards long term
re-unification of the two - folding WASC into OWASP. We can only do that by
building up trust over a long period. I see the conference as one of these
baby steps. 

I think it would be a good idea to do it in several stages:

1. Yes - to talk with them officially and see what they want to do.

2. Yes - to a social event. This is a total no-brainer considering how
successful last Wednesday night was. Just need to find a sponsor.

3. No - to a lipstick job where they put their logo on our conference.
That's not a win-win situation for OWASP, and in fact doesn't help us at

4. Once we have the details from (1), I am likely to vote YES to a joint
conference as long as they have some skin in the event, such as looking
after the local organization details, organizing social events, helping
select hotels, etc. This makes sense considering that the OWASP board is
mostly on the east coast and the WASC guys are local to the event.

We'd really need to look at how we'd split expenses and proceeds if it is a
true 50/50 effort as we rely on the conferences to fund OWASP activities
such as the summer of code, interns, OWASP on the move, the next conference,
etc, etc. I do not want to see OWASP footing the entire pre-conference bill
and then paying WASC 50% of the proceeds. That does not work for me.

But let's do (1) and (2) right now and see what happens. Baby steps first.
Let's help them move along the path towards coming into our fold as long as
it makes sense to do so.


On 8/7/07 1:43 PM, "Jeff Williams" <jeff.williams at owasp.org> wrote:

> Okay, so do we want to cobrand the conference?  I'm thinking that we should
> just do another cobranded meetup like what we did at BlackHat.  Or perhaps
> we use this to work a deal where we would help them redo their threat
> taxonomy and cobrand that in return for cobranding the conference.  Or
> cobrand the mailing list.
> I'm a bit worried that cobranding will stick forever, and we'll be some
> weird Lockheed-Grumman-Martin thing.  Ultimately I think we want to have one
> brand... OWASP.
> --Jeff
> -----Original Message-----
> From: Jeremiah Grossman [mailto:jeremiah at whitehatsec.com]
> Sent: Monday, August 06, 2007 1:54 AM
> To: Jeff Williams; Dave Wichers; Tom Brennan; Dinis Cruz
> Cc: Robert Auger; Anurag Agarwal; Brian Bertacini; Andrew van der Stock
> Subject: OWASP/WASC working together moving forward
> Gentlemen,
>              Our black hat party was a wild success, no question
> about it. The turn out and level of excitement among the crowd
> surpassed any expectations I had. A job well done by all involved and
> I appreciate you guys from OWASP willingness to work with us and make
> it a success. Judging from conversations that took place during, I
> also think its safe to say we should look for more occasions where
> OWASP and WASC can work together. The most obvious opportunity being
> the San Jose conference in November.  Perhaps you'd be open co-
> branding the event as we did with the party and allow WASC the
> opportunity throw our weight behind it.
> I want to be careful here since we do not wish to step on anyone
> toes. We know you guys probably have a lot of time already invested
> in the project already and we're not looking to piggy back on your
> work for free. All us WASC guys listed are local to the Bay Area, we
> know the people/companies on the ground very well, and have deep
> contacts in the community. Our pull in the area should be
> considerable if we could advertise an event with a solid line up and
> had the appropriate market messaging and collateral. I've also shared
> several more of my ideas previously, but first things first.
> If this is something you'd like to do or discuss further, please let
> us know.
> Regards,
> Jeremiah
> _______________________________________________
> Owasp-board mailing list
> Owasp-board at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-board

More information about the Owasp-board mailing list