[Owasp-board] OWASP/WASC working together moving forward

Jeff Williams jeff.williams at owasp.org
Wed Aug 8 19:09:09 UTC 2007


I like that.

--Jeff

Jeff Williams, Chair
The OWASP Foundation
Work: 410-707-1487
Main: 301-604-4882
"Dedicated to finding and fighting the causes of insecure software"


-----Original Message-----
From: Dave Wichers [mailto:dave.wichers at owasp.org] 
Sent: Wednesday, August 08, 2007 9:08 AM
To: 'Andrew van der Stock'; 'Jeff Williams'; 'OWASP Board'
Subject: RE: [Owasp-board] OWASP/WASC working together moving forward

I think OWASP should handle all expenses and receive all the income.

As to co-branding. I think something like 'in conjunction with WASC' or in
partnership with WASC or something would be a reasonable way of cobranding.
And to get that, I think they should help with the local details and some of
the conference activities.

-Dave

-----Original Message-----
From: owasp-board-bounces at lists.owasp.org
[mailto:owasp-board-bounces at lists.owasp.org] On Behalf Of Andrew van der
Stock
Sent: Tuesday, August 07, 2007 6:32 PM
To: Jeff Williams; 'OWASP Board'
Subject: Re: [Owasp-board] OWASP/WASC working together moving forward

I definitely think a social event would definitely work, but I'd also like
to try doing a conference as that's a baby step towards long term
re-unification of the two - folding WASC into OWASP. We can only do that by
building up trust over a long period. I see the conference as one of these
baby steps. 

I think it would be a good idea to do it in several stages:

1. Yes - to talk with them officially and see what they want to do.

2. Yes - to a social event. This is a total no-brainer considering how
successful last Wednesday night was. Just need to find a sponsor.

3. No - to a lipstick job where they put their logo on our conference.
That's not a win-win situation for OWASP, and in fact doesn't help us at
all.

4. Once we have the details from (1), I am likely to vote YES to a joint
conference as long as they have some skin in the event, such as looking
after the local organization details, organizing social events, helping
select hotels, etc. This makes sense considering that the OWASP board is
mostly on the east coast and the WASC guys are local to the event.

We'd really need to look at how we'd split expenses and proceeds if it is a
true 50/50 effort as we rely on the conferences to fund OWASP activities
such as the summer of code, interns, OWASP on the move, the next conference,
etc, etc. I do not want to see OWASP footing the entire pre-conference bill
and then paying WASC 50% of the proceeds. That does not work for me.

But let's do (1) and (2) right now and see what happens. Baby steps first.
Let's help them move along the path towards coming into our fold as long as
it makes sense to do so.

Thanks,
Andrew


On 8/7/07 1:43 PM, "Jeff Williams" <jeff.williams at owasp.org> wrote:

> PLEASE VOTE!
> 
> Okay, so do we want to cobrand the conference?  I'm thinking that we
should
> just do another cobranded meetup like what we did at BlackHat.  Or perhaps
> we use this to work a deal where we would help them redo their threat
> taxonomy and cobrand that in return for cobranding the conference.  Or
> cobrand the mailing list.
> 
> I'm a bit worried that cobranding will stick forever, and we'll be some
> weird Lockheed-Grumman-Martin thing.  Ultimately I think we want to have
one
> brand... OWASP.
> 
> --Jeff
> 
> -----Original Message-----
> From: Jeremiah Grossman [mailto:jeremiah at whitehatsec.com]
> Sent: Monday, August 06, 2007 1:54 AM
> To: Jeff Williams; Dave Wichers; Tom Brennan; Dinis Cruz
> Cc: Robert Auger; Anurag Agarwal; Brian Bertacini; Andrew van der Stock
> Subject: OWASP/WASC working together moving forward
> 
> Gentlemen,
> 
>              Our black hat party was a wild success, no question
> about it. The turn out and level of excitement among the crowd
> surpassed any expectations I had. A job well done by all involved and
> I appreciate you guys from OWASP willingness to work with us and make
> it a success. Judging from conversations that took place during, I
> also think its safe to say we should look for more occasions where
> OWASP and WASC can work together. The most obvious opportunity being
> the San Jose conference in November.  Perhaps you'd be open co-
> branding the event as we did with the party and allow WASC the
> opportunity throw our weight behind it.
> 
> I want to be careful here since we do not wish to step on anyone
> toes. We know you guys probably have a lot of time already invested
> in the project already and we're not looking to piggy back on your
> work for free. All us WASC guys listed are local to the Bay Area, we
> know the people/companies on the ground very well, and have deep
> contacts in the community. Our pull in the area should be
> considerable if we could advertise an event with a solid line up and
> had the appropriate market messaging and collateral. I've also shared
> several more of my ideas previously, but first things first.
> 
> If this is something you'd like to do or discuss further, please let
> us know.
> 
> Regards,
> 
> Jeremiah
> 
> 
> 
> 
> 
> 
> 
> 
> _______________________________________________
> Owasp-board mailing list
> Owasp-board at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-board


_______________________________________________
Owasp-board mailing list
Owasp-board at lists.owasp.org
https://lists.owasp.org/mailman/listinfo/owasp-board




More information about the Owasp-board mailing list