[Owasp-board] Free OWASP Top 10 CBT

Jim Manico jim.manico at owasp.org
Fri Aug 17 17:43:58 UTC 2012


Forwarding Nish's note to the board. See below.

--
Jim Manico
VP, Security Architecture
WhiteHat Security
(808) 652-3805

On Aug 17, 2012, at 10:25 AM, "Bhalla, Nishchal" <nish at securitycompass.com>
wrote:

Thanks Jim, I appreciate your note to the board. I think my fundamental
thought is since it is OWASP Top 10 training for free, it should go out to
the list, if it was something else, I would have agreed with Jim.
Additionally, it is an option for them to decide if they don’t want to sign
in, they don’t need to but I wanted to be direct and ask if I send such a
note to owasp-all what is the harm in that ?



Thanks again Jim.



Nish.



*Nish Bhalla*

*Founder *

*SC: Security Compass | SDE: SD Elements*

* *

*p:  *+1 (888) 777-2211  x101

*m:* +1 (732) 614-1020

*t:*  @securitycompass @sdelements



*www.securitycompass.com | www.sdelements.com*



*From:* Jim Manico [mailto:jim.manico at owasp.org]
*Sent:* Friday, August 17, 2012 1:23 PM
*To:* OWASP List
*Cc:* Sarah Baso; Bhalla, Nishchal
*Subject:* Re: Free OWASP Top 10 CBT



Board,



Nish is releasing an OWASP Top Ten CBT that is not an open license but is
free for folks to use - if they register for the site for lead generation
for Nish's company.



He wants to use "OWASP-all" to announce this.



Although this is good work from Nish, I do not think OWASP wants to support
commercial endeavors like this via OWASP-all or other OWASP email lists.



Nish asked me to bring this to the board, so here we are.



--

Jim Manico

(808) 652-3805


On Aug 17, 2012, at 10:15 AM, "Bhalla, Nishchal" <nish at securitycompass.com>
wrote:

I do understand where you are coming from “not for profit corporation” and
appreciate that. But I guess we disagree on the why it is helpful for the
community. If it is not something that you want to send I understand it
since you are on the board.



I would have definitely liked to send it to atleast the leaders if not to
all so that people can decide if they decide not to view it, they don’t
fill in the information. That is why it is open to the public.



*Nish Bhalla*

*Founder *

*SC: Security Compass | SDE: SD Elements*

* *

*p:  *+1 (888) 777-2211  x101

*m:* +1 (732) 614-1020

*t:*  @securitycompass @sdelements



*www.securitycompass.com | www.sdelements.com*



*From:* Jim Manico [mailto:jim.manico at owasp.org]
*Sent:* Friday, August 17, 2012 1:13 PM
*To:* Bhalla, Nishchal
*Cc:* Sarah Baso
*Subject:* Re: Free OWASP Top 10 CBT



Nish,



I do not support using OWASP-all to assist you with lead generation.



I think you are missing the point of a 501c3 not for profit corporation.



Our mission is to serve the community. We need to keep commercial interests
at bay.



If you want to make the content available for free under an open license
let me know.



--

Jim Manico

(808) 652-3805


On Aug 17, 2012, at 9:55 AM, "Bhalla, Nishchal" <nish at securitycompass.com>
wrote:

Hi Jim,



Would love to say yes, but I don’t think we can currently. I think
currently we do want to have it for the public through our website for
leads. I do think it is very relavant to everyone on owasp list because it
is free and all we are getting is their contact info. If you can please
bring it to the board, I would really appreciate it.



Nish.



*Nish Bhalla*

*Founder *

*SC: Security Compass | SDE: SD Elements*

* *

*p:  *+1 (888) 777-2211  x101

*m:* +1 (732) 614-1020

*t:*  @securitycompass @sdelements



*www.securitycompass.com | www.sdelements.com*



*From:* Jim Manico [mailto:jim.manico at owasp.org]
*Sent:* Thursday, August 16, 2012 6:19 PM
*To:* Bhalla, Nishchal
*Cc:* Sarah Baso
*Subject:* Re: Free OWASP Top 10 CBT



Then this is commercial, not pure OWASP. You need to be fully free and open
to be pure OWASP in a way that merits use of the OWASP list.



Want to bring this to the board? I respect if you do.



Nish, OWASP is a 501c3 not for profit. As a OWASP volunteer you have an
ethical duty to put your business interest aside and focus on support of
the community. :)



Would you be interested in releasing this project under a open
source/content license like ShareAlike?



--

Jim Manico

VP, Security Architecture

WhiteHat Security

(808) 652-3805


On Aug 16, 2012, at 3:09 PM, "Bhalla, Nishchal" <nish at securitycompass.com>
wrote:

Yes users need to register, it is part of our marketing. It is
freecbt.securitycompass.com


------------------------------

*From*: Jim Manico <jim.manico at owasp.org>
*To*: Bhalla, Nishchal
*Sent*: Thu Aug 16 17:07:05 2012
*Subject*: Re: Free OWASP Top 10 CBT

What OWASP URL is this project hosted under? Is it free and open? Do users
need to register?

--

Jim Manico

(808) 652-3805


On Aug 16, 2012, at 2:30 PM, "Bhalla, Nishchal" <nish at securitycompass.com>
wrote:

Hey Jim,



Hope things are going well. We recently released our OWASP Top 10 CBTs and
I wanted to send it to all at owasp and wondered if you can help me with that.
I don’t want to spam them across and get dinged for it like the
“Securitybyte cross post” thus am trying to figure out who I should be
asking to get this posted.



Nish.



*Nish Bhalla*

*Founder *

*SC: Security Compass | SDE: SD Elements*

* *

*p:  *+1 (888) 777-2211  x101

*m:* +1 (732) 614-1020

*t:* @securitycompass, @sdelements



*www.securitycompass.com | www.sdelements.com*



“Free OWASP Training here: http://freecbt.securitycompass.com/ ”

*****************************************************************************************************************************************


The information in this email is confidential and may be legally
privileged. Access to this email by anyone other than the intended
addressee is unauthorized.  If you are not the intended recipient of this
message, any review, disclosure, copying, distribution, retention, or any
action taken or omitted to be taken in reliance on it is prohibited and may
be unlawful. If you are not the intended recipient, please reply to or
forward a copy of this message to the sender and delete the message, any
attachments, and any copies thereof from your system.
*****************************************************************************************************************************************
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20120817/5754413d/attachment-0001.html>


More information about the Owasp-board mailing list