[Owasp-board] great chatting with you + research proposal

Dave Wichers dave.wichers at owasp.org
Wed Mar 11 22:39:40 UTC 2009


I don't think OWASP should spend that much on any new project like this. Our
budget is very tight at this point.

 

-Dave

 

From: owasp-board-bounces at lists.owasp.org
[mailto:owasp-board-bounces at lists.owasp.org] On Behalf Of Jeff Williams
Sent: Wednesday, March 11, 2009 10:08 AM
To: 'OWASP Foundation Board List'
Subject: Re: [Owasp-board] great chatting with you + research proposal

 

Guys - since we didn't get to this on the call yesterday, could you all
please vote on this?  To refresh your memory I've attached the proposal -
it's for $15k to do a big survey on appsec practices like those in BS-IMM,
SAMM, CLASP, SDL, etc.

 

While I think it would be useful, and Jeff Payne is very capable, I'm not
totally sold on this.  How valuable do you think it would be to get this
type of data for OWASP?  Should the pool be OWASP members, selected
companies, or just anyone anonymously?

 

--Jeff

 

 

 

From: Jeff Williams [mailto:jeff.williams at owasp.org] 
Sent: Friday, March 06, 2009 1:01 AM
To: 'OWASP Foundation Board List'
Cc: 'Jeffery Payne'
Subject: FW: great chatting with you + research proposal

 

Hi Board,

 

I'm forwarding a proposal from Jeff Payne (formerly of Cigital) who is
proposing to lead a survey to gather data about how real companies are
dealing with application security.  Could you all please review and be
prepared to discuss at the board meeting next week?

 

Thanks,

 

--Jeff

 

 

From: Jeffery Payne [mailto:jeff.payne at coveros.com] 
Sent: Thursday, March 05, 2009 1:51 PM
To: Jeff Williams
Subject: great chatting with you + research proposal

 

Hi Jeff,

 

It was great catching up with you last week!  It sounds like things are
great and I'd love to figure out how we can work together on training and
other activities going forward.  Will you be at the upcoming DHS Software
Assurance Forum?  I'm speaking on Wed and will be there then as well as
attending the DHS / OWASP event on Friday.

 

Also, I've enclosed a grant proposal for the application security survey
that I mentioned to you.  I think this is a GREAT initiative that can not
only continue to position OWASP as the go to place for application security
resources but also raise the visibility of the entire app sec community.  I
could not tell from the web site who I was supposed to send this to so I
thought I'd send it to you directly.  A couple of questions: 1) how long
does it take to get a decision on grant proposals?  2) when can we start ;-)
Seriously, the person I want to work with me on this comes off her previous
project March 30 and I'd love to get her engaged before she is sucked into
something else.  Not sure if your turnaround time on a decision is that
quick or not.

 

Best regards,

 

jeff

-- 
Jeffery Payne
Chief Executive Officer
Coveros, Inc.

jeff.payne at coveros.com
703-431-2920

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20090311/9922e4ce/attachment-0002.html>


More information about the Owasp-board mailing list