[Owasp-board] Financial Support for OWASP Project Leaders to speak at OWASP conferences??

Eoin eoin.keary at owasp.org
Wed Sep 22 13:02:37 UTC 2010


I am happy to support  payment of  Fab's expenses out of Ireland Chapter
funds.

Going forward I think it should be on a case by case basis. - the quality
needs to be there in terms of the delivery and presentation content.
Just because a leader requests this does not necessarily mean the
presentation is any good. (What is the value of delivering the presentation,
is it worth the investment?).

Eoin






On 22 September 2010 13:22, Dave Wichers <dave.wichers at owasp.org> wrote:

>  Fabio has asked for financial help to go to OWASP DC in Nov and present
> his work on the OWASP ESAPI Swingset. His request seems very reasonable and
> I think we should try to support this, but we just don’t have any precedent
> for it.
>
>
>
> So here is my question:
>
>
>
> 1)      Do we want to simply support it out of Boardmember discretionary
> funds?
>
> 2)      Do we want to require our conferences to provide some amount of
> budget to help OWASP project leaders present?
>
> a.      Maybe at some ratio of the total # of speakers, like 1 for every
> 10 or something?
>
> b.      Such funds to be used only upon request??
>
> 3)      Do we want to set up a separate fund to support OWASP project
> leaders presenting at OWASP conferences
>
>
>
> In the past, the leaders employers have been paying for this, which
> obviously saves OWASP money, and I’d think that we’d like to continue that
> behavior when the employers are willing.
>
>
>
> So, if we do any of these things I don’t think we want to make a big deal
> out of it. Alternatively, we could make a big deal out of it in order to
> encourage more OWASP project leaders to present their projects. I think we
> should require such projects to be fairly active, but I doubt that would be
> much of a problem.
>
>
>
> Thoughts?
>
>
>
> -Dave
>
>
>
> *From:* Dave Wichers [mailto:dave.wichers at owasp.org]
> *Sent:* Wednesday, September 22, 2010 8:16 AM
> *To:* 'fabio.e.cerullo at aib.ie'
> *Cc:* 'eoin.keary at owasp.org'
> *Subject:* RE: RE: Swingset @ AppSecDC 2010
>
>
>
> I agree with you in principle. OWASP just hasn’t done this in the past, so
> we simply don’t have any precedent for this, and therefore we don’t have any
> budget specifically set aside to support these kinds of activities.
>
>
>
> I’ll talk to the board to see what we can do. I agree these are valuable to
> the OWASP community and we should support/encourage OWASP contributors to
> speak at our conferences about their projects.
>
>
>
> Thanks, Dave
>
>
>
> p.s. Has the work you’ve done been finalized and posted to Google or OWASP?
> I wanted to let NSA know that your Swingset app was done and available for
> them to play with.
>
>
>
> *From:* fabio.e.cerullo at aib.ie [mailto:fabio.e.cerullo at aib.ie]
> *Sent:* Wednesday, September 22, 2010 6:53 AM
> *To:* Dave Wichers
> *Cc:* eoin.keary at owasp.org
> *Subject:* RE: RE: Swingset @ AppSecDC 2010
>
>
>
>
> Hi Dave,
>
> I understand OWASP not covering expenses for everyone to attend conferences
> as this will obviously be expensive, even prohibitive.
>
> However, I think special consideration should be taken for leaders who are
> promoting OWASP across the globe on a voluntary basis.
>
> In my particular case, I've asked for resources at AIB (my employer) to
> build a customized version of the Swingset application and then donate it to
> OWASP.
> I think that is supportive enough from my employer, and asking for funds to
> travel to the US in order to present the tool at AppSec DC wouldn't be
> appropiate.
> I am not planning on going to DC to mingle with potential clients/etc, but
> rather to promote OWASP and some of its tools in that particular conference.
>
> The OWASP Ireland chapter (which I'm currently leading) is lucky enough to
> have funds available thanks to hard work during the year and a tremendous
> effort by Eoin and the rest of the team to put up a successful conference
> last week. However, I think saying we need to use those funds to cover
> travel expenses is not fair to the chapter or its members who paid their
> annual membership and are expecting those funds to be used in their local
> community.
>
> OWASP Ireland obviously is not benefiting from me presenting SwingSet at DC
> and if I have to stick to the rule, I shouldn't go to the AppSecDC
> conference for that particular reason. However, if we look at our mission of
> 'making application security visible' OWASP central should cover at least
> part of these costs because the final beneficiary of this project in the end
> is... our global community.
>
> Please let me know how would you like to proceed on this.
>
> Thank you,
>
> Fabio Cerullo
> Divisional Information Security
> Bankcentre D1,
> Ballsbridge,
> Dublin 4,
> Ireland.
>
> Tel: +353 1 772 6309
> Email: fabio.e.cerullo at aib.ie
>
>    *"Dave Wichers" <dave.wichers at owasp.org>*
>
> 21/09/2010 23:23
>
>
>         To:        <fabio.e.cerullo at aib.ie>
>         cc:
>         Subject:        RE: RE: Swingset @ AppSecDC 2010
>
>
>
>
>
> Fabio,
>
> In general, presenters employers pay them to attend/present as it looks
> good that their employer is supporting this kind of work, and you get to
> mingle with potential clients, etc.
>
> In this case, is AIB supportive of your efforts and willing to pay your
> expenses, or are you in the situation where you would have to pay most or
> all of your own expenses?
>
> -Dave
>
>
>
> ******************************************************
>
> This document is strictly confidential and is intended for use by the addressee unless otherwise indicated.
>
>
>
> This email has been scanned by an external email security system.
>
>
>
> Allied Irish Banks
>
>
>
> AIB and AIB Group are registered business names of Allied Irish Banks p.l.c. Allied Irish Banks, p.l.c. is regulated by the Financial Regulator.  Registered Office: Bankcentre, Ballsbridge, Dublin 4. Tel: + 353 1 6600311; Registered in Ireland: Registered No. 24173
>
>
>
> Please consider the environment before printing this e-mail.
>
> ******************************************************
>
>
> _______________________________________________
> Owasp-board mailing list
> Owasp-board at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-board
>
>


-- 
Eoin Keary
OWASP Global Board Member
OWASP Code Review Guide Lead Author

Sent from my i-Transmogrifier
http://asg.ie/
https://twitter.com/EoinKeary
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20100922/b7d34287/attachment-0002.html>


More information about the Owasp-board mailing list