[Owasp-board] Proposal: OWASP 'Discounts' and promotion of such onOWASP

Jeff Williams jeff.williams at owasp.org
Thu Jan 25 21:05:49 UTC 2007


What do you all think of the "proposal" mechanism for raising and addressing
issues quickly and efficiently?  I suggest that everyone should respond to
the proposal with an answer that indicates whether you agree, disagree, or
would like to discuss further along with any conditions.

I'm willing to agree to the proposal, provided that we link to a separate
page with these deals, instead of providing them right in the membership
benefits page.

--Jeff


-----Original Message-----
From: owasp-board-bounces at lists.owasp.org
[mailto:owasp-board-bounces at lists.owasp.org] On Behalf Of Dave Wichers
Sent: Thursday, January 25, 2007 3:12 PM
To: owasp-board at lists.owasp.org
Subject: [Owasp-board] Proposal: OWASP 'Discounts' and promotion of such
onOWASP

Jeff and I talked about this briefly and this is what I propose:

1) If someone wants to offer a discount to OWASP members, and
2) That organization also contributes something of specific benefit to OWASP
itself, then we should do the following, and ONLY the following:

What we will do:

We should list the event/item/etc. as a single bullet under the ' Discounted
conference registration fees ...' bullet #4 on the Benefits of Membership
page. This bullet will include the minimum necessary to understand what the
thing/event is, what the discount is, and a link to that organization's site
for more info.

I would be happy to be the conduit through which all such updates are done,
for consistency reasons. If this discount list gets large enough, we could
make it a separate page.

What we won't do:

Mention or promote this anywhere else on the OWASP site, or allow it to be
broadcast over OWASP mailing lists. It would be OK to mention it verbally at
OWASP chapter meetings, I would think.

What qualifies as a specific benefit to OWASP:

Things like:
  Some revenue share arrangement with OWASP
  Providing some goods/services/licenses to OWASP
  Joining OWASP as a corporate member (this is important)

What do you guys think about this limited / controlled model to allow OWASP
to 'promote' the existence of such discounts.

I like the idea, but do share Jeff's concern and I hope this provides enough
constraints so it doesn't get out of hand.

I also like the idea of expanding the member benefits in this way as it
might encourage more people to join.

Thoughts?

-Dave

-----Original Message-----
From: Dave Wichers [mailto:dave.wichers at owasp.org] 
Sent: Wednesday, January 24, 2007 10:45 AM
To: 'owasp-board at lists.owasp.org'
Subject: RE: [Owasp-board] FW: Motivation to attend OWASP meetings

OK,

I agree with the concern but what do you consider a direct and specific
benefit? If the organization joins OWASP (which is a direct $) benefit, and
then offers a discount to something like a conference or some training, does
that qualify? I kind of think it should, but I could be convinced otherwise.

-Dave

-----Original Message-----
From: owasp-board-bounces at lists.owasp.org
[mailto:owasp-board-bounces at lists.owasp.org] On Behalf Of Jeff Williams
Sent: Wednesday, January 24, 2007 10:40 AM
To: OWASP Board
Subject: [Owasp-board] FW: Motivation to attend OWASP meetings

Hi,

We're getting a number of requests from people to make special deals to
OWASP members.  While it seems like a 'no-harm' kind of thing, I'm a little
concerned about the long-term effect here.  It is really misusing OWASP for
a little cheap marketing.  I'm sure nobody here has a malicious intent, but
over the long term, it makes OWASP look a little shady.

My recommendation is that we never let anyone do this kind of advertising at
OWASP (outside the banner ad), unless there is a direct and specific benefit
to OWASP itself, and not just a corollary benefit to the members.

Thoughts?

--Jeff
 
Jeff Williams, Chair
The OWASP Foundation
work: 410-707-1487
main: 301-604-4882
 
"Dedicated to finding and fighting the causes of insecure software"

-----Original Message-----
From: Nish Bhalla [mailto:nish at securitycompass.com] 
Sent: Wednesday, January 24, 2007 10:35 AM
To: 'Jeff Williams'
Cc: dinis at ddplus.net
Subject: Motivation to attend OWASP meetings

Hi Guys,

We in the Toronto OWASP chapter are having very very few people (non
organizers 2 may be 3) attend OWASP monthly meetings, so we were planning to
do a raffle to give out seats in Security Compass public class (Haven't
decided which one yet but possibly a one day source code review or hacking
basics class). 

We wanted to extend this to other chapters as well, we would like to do it
in an manner that is acceptable per OWASP and organized in such a manner
that there is not a whole lot of misuse of giving this seat out.

Please let me know what you guys think of this option and how you think we
should proceed with this.

Nish.


_______________________________________________
Owasp-board mailing list
Owasp-board at lists.owasp.org
http://lists.owasp.org/mailman/listinfo/owasp-board


_______________________________________________
Owasp-board mailing list
Owasp-board at lists.owasp.org
http://lists.owasp.org/mailman/listinfo/owasp-board




More information about the Owasp-board mailing list