[Owasp-board] Fwd: OWASP/WASC working together moving forward

Dave Wichers dave.wichers at owasp.org
Tue Aug 21 18:45:57 UTC 2007

I'm starting to work on the agenda now, so regardless of the title of how we
work together, I'd like to get with Jeremiah or whomever from WASC right
away to start working on the agenda and see if they can help find or suggest
speakers, otherwise the agenda will be mostly set before they start to


Are you guys OK with me contacting him right away to start working on the




From: owasp-board-bounces at lists.owasp.org
[mailto:owasp-board-bounces at lists.owasp.org] On Behalf Of Dave Wichers
Sent: Tuesday, August 21, 2007 12:26 PM
To: 'OWASP Board'
Subject: Re: [Owasp-board] Fwd: OWASP/WASC working together moving forward


I'm OK with either option, however, I don't want to give away the joint
event title if they don't come through. It would be nice if we could say
something like: "If you guys step up and help provide great speakers and
local logistics support then we'll make it a joint event, but if you don't
then will just say "in association with" or something like that. However,
that's a bit complicated and  maybe not practical to state and measure,
i.e., what are the criteria and by when? I'd at least like to see
significant support in the next 30 days and if we get lots of help, then I'm
OK with the joint nature of the conference.




From: owasp-board-bounces at lists.owasp.org
[mailto:owasp-board-bounces at lists.owasp.org] On Behalf Of Dinis Cruz
Sent: Monday, August 20, 2007 1:46 PM
To: OWASP Board
Subject: [Owasp-board] Fwd: OWASP/WASC working together moving forward


Hi Guys

I spent some time speaking with Jeremiah during the SANS event and they are
much more interested in an OWASP/WASC event than an an "OWASP in partnership
with WASC" event.

Since they don't want a share of the financial responsibility and profits
this makes it much more simple. 

Jeremiah seems quite motivated to help (see below) and fells that can get a
very good crowd in the event.

Note that this would be a good change to work together and to make up our
minds if both organizations should merge (with OWASP as the main brand :)  )

I am actually quite interested in pinging the rest of our community to see
what they say, so I will drop them an email.

What do you guys think?


---------- Forwarded message ----------
From: Jeremiah Grossman <jeremiah at whitehatsec.com>
Date: Aug 17, 2007 10:51 PM
Subject: Re: OWASP/WASC working together moving forward 
To: Dinis Cruz <dinis at ddplus.net>

Hey Dinis,

        Thanks for the time spent with me at SANS, that was very helpful.
And I believe we're a lot more like minded than I originally thought. 
I hope the rest of the OWASP team is the same way. Being that time is
short, are you our default contact person for the co-branded
conference? No one else seems to be responding and time is REALLY
short... so the sooner we know the better. There is excitement on our 
side about it...but my hands are tied without a go ahead from OWASP.



On Aug 10, 2007, at 7:31 AM, Dinis Cruz wrote:

> Hi Jeremiah
> Nothing like that, just a case of being slow at responding to 
> emails and having an internal (within the OWASP board) discussion
> about how to best handle this issue.
> You should hear something from us very soon.
> Dinis
> On 8/8/07, Jeremiah Grossman < jeremiah at whitehatsec.com> wrote: Hiya
> Dinis,
> I was hoping that either Jeff or Dave would have responded to this by
> now. Maybe they are busy, I don't know or perhaps they are not 
> interested and unsure how to say it without hurting our feelings or
> something. Either way, I don't want to waste our time, theirs, or
> anyone else's for that matter. What do you think? Should I just hold 
> tight and be patient?
> Regards,
> Jeremiah-
> Begin forwarded message:
> > From: Jeremiah Grossman <jeremiah at whitehatsec.com >
> > Date: August 5, 2007 10:54:10 PM PDT
> > To: Jeff Williams < jeff.williams at owasp.org>, Dave Wichers
> > < conferences at owasp.org <mailto:conferences at owasp.org> >, Tom Brennan
<tbrennan at accessitgroup.com>,
> > Dinis Cruz <dinis at ddplus.net>
> > Cc: Robert Auger < robert at webappsec.org>, Anurag Agarwal
> > < anurag_agarwal at paycycle.com>, Brian Bertacini
> > < <mailto:brian at appsecconsulting.com>  brian at appsecconsulting.com>,
Andrew van der Stock
> > <vanderaj at owasp.org >
> > Subject: OWASP/WASC working together moving forward
> >
> > Gentlemen, 
> >
> >             Our black hat party was a wild success, no question
> > about it. The turn out and level of excitement among the crowd
> > surpassed any expectations I had. A job well done by all involved 
> > and I appreciate you guys from OWASP willingness to work with us
> > and make it a success. Judging from conversations that took place
> > during, I also think its safe to say we should look for more 
> > occasions where OWASP and WASC can work together. The most obvious
> > opportunity being the San Jose conference in November.  Perhaps
> > you'd be open co-branding the event as we did with the party and 
> > allow WASC the opportunity throw our weight behind it.
> >
> > I want to be careful here since we do not wish to step on anyone
> > toes. We know you guys probably have a lot of time already invested 
> > in the project already and we're not looking to piggy back on your
> > work for free. All us WASC guys listed are local to the Bay Area,
> > we know the people/companies on the ground very well, and have deep 
> > contacts in the community. Our pull in the area should be
> > considerable if we could advertise an event with a solid line up
> > and had the appropriate market messaging and collateral. I've also 
> > shared several more of my ideas previously, but first things first.
> >
> > If this is something you'd like to do or discuss further, please
> > let us know.
> >
> > Regards, 
> >
> > Jeremiah
> >
> >
> >
> >
> >
> >
> >
> >
> --
> Dinis Cruz
> Chief OWASP Evangelist 
> http://www.owasp.org

Dinis Cruz
Chief OWASP Evangelist

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20070821/ac924d76/attachment-0002.html>

More information about the Owasp-board mailing list