[Owasp-board] AppSec DC - causing confusion with AppSec US

Kate Hartmann kate.hartmann at owasp.org
Mon Jun 7 12:38:35 UTC 2010

I spent quite a bit of time on the phone with Mark and Doug on Friday
discussing the confusion around the name AppSec DC magnified by the timing
of the event.  They are not open to changing the name of the event for
several reasons.


1.       They insist that the board agreed to the event and the name over a
year ago

2.      They state that they intentionally named last year's event AppSec DC
instead of AppSec US to allow for continued branding of the event

3.      They believe that if they are forced to change the name of the
event, it would severely undermine their efforts to build on the success of
last year's event.


They argue that the naming conventions do not really fit the org anymore,
i.e. states there will be no more than 4 global events/year, and want to
rewrite the definitions.  They are looking at events like AppSec Ireland and
AppSec Brazil as similar, regional events, that keep the name AppSec in the


While I understand their arguments, I believe that they are not truly
understanding the community's perspective on the naming of the event.  As I
pointed out to Mark, we have spent the past year referring to the
definitions posted to define the scope of events.  


It will take a directive from the board to have them change the name.  I'm
not sure that the conferences committee can intervene on this as the primary
party involved is chair of the committee.


It is important that Dave and Jeff be involved in this since they were
specifically named as two board members who approved the wording last year.



Kate Hartmann

OWASP Operations Director

9175 Guilford Road

Suite 300

Columbia, MD  21046



kate.hartmann at owasp.org

Skype:  kate.hartmann1 


From: owasp-board-bounces at lists.owasp.org
[mailto:owasp-board-bounces at lists.owasp.org] On Behalf Of Eoin
Sent: Monday, June 07, 2010 6:43 AM
To: Matt Tesauro; OWASP Foundation Board List
Subject: Re: [Owasp-board] AppSec DC - causing confusion with AppSec US


Matt, I am actually on the connections committee since the last reshuffle.
But I agree with you on this issue if you think it shall affect delegate
numbers etc.
Question is does the US have two major confs every year or just one?


On 4 June 2010 17:02, Matt Tesauro <mtesauro at gmail.com> wrote:


I wanted to touch base with you about the naming of AppSec DC 2010 since
you're the board member on the conference committee.

I've had several people reach out to me about why OWASP is having two global
conferences in the US so close together.  The emails that have gone out from
the DC conference group haven't been very clear that it was a regional

I spoke with Kate about this on the phone a while ago but wanted to get your
input as well.

I think at the heart of it, the name is really the problem.  AppSec [your
name here] has been used historically for all the global level conferences.
With DC, there's a regional conference with that name. Its muddying the
waters and is particularly unfair to the AppSec US conference organizers.

I'd really like to see name change for this conference before this goes on
too long.  While I think the name change will be hard for the DC guys, I
think this is one of those cases where we have to ask them to take the hit
for the betterment of OWASP.

Sad fact is that Mark is the one who wrote the rules around the separate
levels of conferences.  He appears to be violating his own rules.

-- Matt Tesauro
OWASP Board Member
OWASP Live CD Project Lead
http://AppSecLive.org - Community and Download site

Eoin Keary
OWASP Global Board Member
OWASP Code Review Guide Lead Author

Sent from my i-Transmogrifier

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20100607/5a34acb7/attachment-0002.html>

More information about the Owasp-board mailing list