[Owasp-board] Fwd: New Owasp Evangelist and OWASP membership

Dinis Cruz dinis at ddplus.net
Thu Jan 4 16:13:11 UTC 2007


we need to get more testimonies like this :)


---------- Forwarded message ----------
From: Dan Ross <dan.ross at picbusiness.com>
Date: Jan 4, 2007 3:15 PM
Subject: RE: New Owasp Evangelist and OWASP membership
To: Dinis Cruz <dinis at ddplus.net>

 Hi Dinis,

I joined OWASP because I wanted a chance to show my ideas to a bunch of
smart people.  Shortly after joining, I gave my first presentation (I intend
to do more).  I got my money's worth just by the feedback I got at this
presentation.  ;-)

Early on, after experiencing a security issue in our web application, I
learned a lot from the many articles on owasp.org.  I even required all my
programmers go to at least one meeting.  I recommend recruiting be at least
mentioned at each meeting ("Hey guys, if you know somebody who might be

The funny thing about security is, if nothing has happened yet, then you're
still an expert.  Here's an article that underscores (what I believe is) a
general lack of caring about security in the first place:
While you and I know, that if *anybody* had this security thing worked out,
then *everybody* would be doing it that way, and the issue would go away.

*THAT*, to me, is the OWASP Advantage:  continuing security education on an
evolving battlefield.  Too cheesy?

Good luck on your endeavor!

Dan Ross
VP Engineering
PIC Business Systems

*From:* owasp-all-bounces at lists.owasp.org [mailto:
owasp-all-bounces at lists.owasp.org] *On Behalf Of *Dinis Cruz
*Sent:* Saturday, December 16, 2006 6:53 AM
*To:* owasp-all at lists.owasp.org
*Subject:* New Owasp Evangelist and OWASP membership

(note: this is a variation of the email sent a couple days to the
owasp-leaders mailing list (for reference the owasp-leaders mailing list
contains all OWASP projects
<https://www.owasp.org/index.php/Category:OWASP_Project>leaders and all
local OWASP chapters<https://www.owasp.org/index.php/Category:OWASP_Chapter>leaders))

Hello, Dinis Cruz here from OWASP (some of you will know me from the OWASP
.Net Project <http://www.owasp.org/index.php/Category:OWASP_.NET_Project>,
from the OWASP Autumn of Code
2006<https://www.owasp.org/index.php/Owasp_Autumn_Of_Code_2006>or of
from one of my presentations at an OWASP

After much internal debate I decided to agree with Jeff's idea for my
official OWASP title: Chief OWASP Evangelist.

I don't like the religious connotations of that title, but technology
evangelism does have a somewhat different meaning, and looking at the other
'technical evangelists' out there (and in the past) I do feel that I am
following the footsteps of giants :).

What I want to do with this first email is to say Hi, and to offer my
services to you as a point of contact for OWASP related activities. One of
my main objectives is to maximize the potential of OWASP and its community,
so anything that I can do to help, just let me know.

I also want ALL of you and your companies to become OWASP members.

OWASP membership numbers are still ridiculously low, and I want to know why!

   - Is it because it is too expensive?
   - Is it because it is too complicated to join in?
   - Is it because there is no perceived added value in joining in?
   - Is it because you haven't had the time in the past to join? (see
   for more details)

Please let me know why you and your company haven't join as OWASP members
(and for the ones that have joined, let me know why you joined).

A couple other objectives for me:

   - Promote OWASP to OWASP (the reality is that most of us have no idea
   of what projects there are at OWASP and what they have already created /
   delivered (see for example the list of current projects
   - Promote collaboration and integration between OWASP projects (there
   are tons of potential synergies between OWASP projects out there)
   - Promote OWASP to the world, and let them know the great stuff that
   we are doing
   - Work with the OWASP chapters, so that what happens locally is
   exposed to the rest of us (I also would like to see collaboration between
   chapters, and the re-use of its  materials)
   - Review the current OWASP tools and content and work with its
   creators to make it even better
   - Follow the final stages of the "OWASP Autumn of Code"
sponsorships https://www.owasp.org/index.php/OWASP_Autumn_of_Code_2006_-_Selection
   and start working on the OWASP Spring of Code :)

I will also increase the number of emails sent to the owasp-leaders list and
to the owasp-all list, so let me know when the volume is too high :)

And remember, I am here to help. If I don't respond to your email in a
couple days, just keep resending it until you get an answer (my inbox
sometimes behaves like a black hole:  "the email goes in and never returns"
:) )

Talk to you soon,

Dinis Cruz
Chief OWASP Evangelist, Are you a member yet?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20070104/31c7b794/attachment-0002.html>

More information about the Owasp-board mailing list