[Owasp-board] FW: Suggested Core Values Attached

Eoin eoin.keary at owasp.org
Tue Jan 4 15:45:30 UTC 2011


It does not feel as strong as the previous draft but it does cover the
bases.......

Phrases like "OWASP is not for sale" and "not influenced by commercial
organisations" is strong stuff in my opinion.

"OWASP understands that application security is a global in scope and
knows..." is there a typo here?
should it be "OWASP understands that application security is a global
challenge and knows...."

Do we need something about "OWASP is not a hacking
organisation./collective....."under ethical?

-ek


On 3 January 2011 20:45, Matt Tesauro <matt.tesauro at owasp.org> wrote:

> To keep this thread alive, I've modified the latest version from Jeff.
>
> All the board members should have received an email alerting them of
> their edit privileges to the current draft of the OWASP Core Values.
>
> It is a Google document, which should, show real-time collaboration due
> to the new Google Docs format [1].
>
> I moved this from email to Google docs to keep the formatting Jeff added
> in his last modification.  Since we all have @owasp emails, I've added
> the following with edit privileges:
> jeff.williams at owasp.org, dinis.cruz at owasp.org, dave.wichers at owasp.org,
> tom.brennan at owasp.org, seba at owasp.org, eoin.keary at owasp.org
>
> When we get greater consensus on the draft, I'll move it over to the
> OWASP wiki.
>
> The document is also available (view-only) at this URL:
>
> https://docs.google.com/document/pub?id=1EbQ17h_G7HOAmnGxtf_dvZyjln9AGQcbXBzCJnNpA2M
>
>
> [1] https://docs.google.com/support/bin/answer.py?answer=176442
>
> --
> -- Matt Tesauro
> OWASP Board Member
> OWASP WTE Project Lead
> http://www.owasp.org/index.php/Category:OWASP_Live_CD_Project
> http://AppSecLive.org <http://appseclive.org/> - Community and Download
> site
>
> On 12/22/2010 10:47 AM, Jeff Williams wrote:
> > I think this is where we are….
> >
> > * *
> >
> > *1.      **Open – *_At OWASP, everything we do is radically
> > transparent_. This means that our work is done in public so that we can
> > get early feedback and participation. Our governance and finances are
> > also fully disclosed so that anyone can verify that we are good steward
> > for the application security community.
> >
> >
> >
> > *2.      **Integrity – *_OWASP is not for sale_.  Our most precious
> > commodity is the trust that people put in our work. If we even show the
> > appearance of being biased by commercial forces, we lose that trust.
> > OWASP’s non-profit status and volunteer leadership helps to shield us
> > from these forces. This does not imply that we cannot work with
> > commercial companies when their goals align with ours, just that we must
> > remain vigilant against the appearance of impropriety.
> >
> >
> >
> > *3.      **Global – *_OWASP engages a global community for a global
> > problem_. Anyone anywhere is open to participate in the OWASP community.
> > MORE HERE.**
> >
> >
> >
> > *4.      **Experimentation – *_OWASP uses projects to create progress_.
> > Application security is still a very young discipline. At OWASP, we
> > encourage and support all kinds of experiments to find solutions to our
> > challenges. Where we have success we may create standards that encourage
> > further experimentation. Leadership in OWASP is based on effort and
> > results, and we want anyone with the drive to create and promote new
> > ideas to join with us.**
> >
> >
> >
> > *5.      **Ethical - *_At OWASP we behave ethically and treat others
> > with respect_. MORE HERE.**
> >
> >
> >
> > I apologize for not getting these finished.  I’m hoping you all can
> > drive this forward.
> >
> >
> >
> > --Jeff
> >
> >
> >
> >
> >
> > *From:*owasp-board-bounces at lists.owasp.org
> > [mailto:owasp-board-bounces at lists.owasp.org] *On Behalf Of *Kate
> Hartmann
> > *Sent:* Wednesday, December 22, 2010 9:06 AM
> > *To:* OWASP Foundation Board List
> > *Subject:* [Owasp-board] FW: Suggested Core Values Attached
> > *Importance:* High
> >
> >
> >
> > Board, I have heard that Seba, Jeff, and Tom will NOT be able to make
> > the call.  I have not specifically heard from Dave, but I believe he is
> > also on vacation.
> >
> >
> >
> > That being said, it seems like the purpose and content of the call can
> > be discussed and finalized through an email thread.
> >
> >
> >
> > Please take a look at the content of this email and the attachments and
> > see if you agree.
> >
> >
> >
> > Kate Hartmann
> >
> > Operations Director
> >
> > 301-275-9403
> >
> > www.owasp.org <http://www.owasp.org/>
>  >
> > Skype:  Kate.hartmann1
> >
> >
> >
> > *From:*Richard Tesauro [mailto:tesauros at mac.com]
> > *Sent:* Wednesday, December 22, 2010 9:02 AM
> > *To:* Kate Hartmann
> > *Cc:* Matt Tesauro
> > *Subject:* Suggested Core Values Attached
> > *Importance:* High
> >
> >
> >
> > Good morning Kate,
> >
> >
> >
> > At my request, Matt posted the attached on the TMC wiki. It is the
> > consolidation of "values" emails in a single document.
> >
> >
> >
> > Presuming you will email the Board again, I need your help informing
> > them about the wiki addition as well as the the call purpose and ground
> > rules below.
> >
> >
> >
> > *Call Purpose:*
> >
> > 1) Select the OWASP Core Values
> >
> > 2) Draft Core Values Definitions
> >
> > 3) List Core Values in Desired Order
> >
> >
> >
> > *Call Process Ground Rules:*
> >
> > 1) The 5 Questions for Validating a Core Value will be the reference
> > point for discussion
> >
> > 2) 30-40 seconds per speaker comment
> >
> > 3) Based on wiki posted data and information through December 23
> >
> >
> >
> > Please call or email with any questions or desired clarifications. I
> > hope to encourage Thursday's call and drafting of OWASP Core Values.
> >
> >
> >
> > Thanks again,
> > Richard A. (Dick) Tesauro
> >
> > President and Founder
> > *Tesauro Management Counselors (TMC)*
> >
> > *Trusted Advisor and Catalyst*
> >
> >
> >
> > *Helping Leaders Create Enduring, Growing, "Great" Organizations*
> >
> >
> >
> > 3124 Trevolle Place
> > Dallas, Texas 75204-5537
> > 214-823-6028 (Phone)
> > 214-924-1154 (Cell)
> > RA at TesauroMC.com
> > www.TesauroMC.com <http://www.tesauromc.com/> <http://www.tesauromc.com/
> >
> >
> >
> >
> >
> >
> > _______________________________________________
> > Owasp-board mailing list
> > Owasp-board at lists.owasp.org
> > https://lists.owasp.org/mailman/listinfo/owasp-board
>
>
> _______________________________________________
> Owasp-board mailing list
> Owasp-board at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-board
>



-- 
Eoin Keary
OWASP Global Board Member
OWASP Code Review Guide Lead Author

Sent from my i-Transmogrifier
http://asg.ie/
https://twitter.com/EoinKeary
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20110104/c451d654/attachment-0002.html>


More information about the Owasp-board mailing list