[Owasp-board] Free OWASP Top 10 CBT

Dave Wichers dave.wichers at owasp.org
Tue Aug 21 17:27:02 UTC 2012


I agree with Jim. His company could put an ad for it up on the OWASP site as
part of his corporate membership or outright purchase of the ad, but we
shouldn't promote this on any OWASP mailing list as its of commercial
benefit to his company, even though its free.

 

-Dave

 

From: owasp-board-bounces at lists.owasp.org
[mailto:owasp-board-bounces at lists.owasp.org] On Behalf Of Jim Manico
Sent: Friday, August 17, 2012 3:04 PM
To: Bhalla, Nishchal; OWASP List
Subject: Re: [Owasp-board] Free OWASP Top 10 CBT

 

I say no, it's not open content. CCing board, see below.

--

Jim Manico

(808) 652-3805


On Aug 17, 2012, at 10:46 AM, "Bhalla, Nishchal" <nish at securitycompass.com>
wrote:

So if I host it and don't have the leads form but it is fully free then it
is fine to send to all?

 

  _____  

From: Jim Manico <jim.manico at owasp.org> 
To: Bhalla, Nishchal 
Sent: Fri Aug 17 12:45:21 2012
Subject: Re: Free OWASP Top 10 CBT 

Unless its open and non-commercial, no way. Its against our ethics. See
here:

 

https://www.owasp.org/index.php/About_The_Open_Web_Application_Security_Proj
ect#Code_of_Ethics

 

 

--

Jim Manico

VP, Security Architecture

WhiteHat Security

(808) 652-3805


On Aug 17, 2012, at 10:35 AM, "Bhalla, Nishchal" <nish at securitycompass.com>
wrote:

Jim

 

What would be your thoughts on sending it to the leaders, which I can send
but don't want to unless you guys think that is a bad idea too ?  

 

Nish.

 

Nish Bhalla

Founder 

SC: Security Compass | SDE: SD Elements

 

p:  +1 (888) 777-2211  x101

m: +1 (732) 614-1020 

t:  @securitycompass @sdelements

 

www.securitycompass.com | www.sdelements.com

 

From: Bhalla, Nishchal 
Sent: Friday, August 17, 2012 1:16 PM
To: 'Jim Manico'
Cc: 'Sarah Baso'
Subject: RE: Free OWASP Top 10 CBT

 

I do understand where you are coming from "not for profit corporation" and
appreciate that. But I guess we disagree on the why it is helpful for the
community. If it is not something that you want to send I understand it
since you are on the board. 

 

I would have definitely liked to send it to atleast the leaders if not to
all so that people can decide if they decide not to view it, they don't fill
in the information. That is why it is open to the public.

 

Nish Bhalla

Founder 

SC: Security Compass | SDE: SD Elements

 

p:  +1 (888) 777-2211  x101

m: +1 (732) 614-1020 

t:  @securitycompass @sdelements

 

www.securitycompass.com | www.sdelements.com

 

From: Jim Manico [mailto:jim.manico at owasp.org] 
Sent: Friday, August 17, 2012 1:13 PM
To: Bhalla, Nishchal
Cc: Sarah Baso
Subject: Re: Free OWASP Top 10 CBT

 

Nish,

 

I do not support using OWASP-all to assist you with lead generation.

 

I think you are missing the point of a 501c3 not for profit corporation.

 

Our mission is to serve the community. We need to keep commercial interests
at bay. 

 

If you want to make the content available for free under an open license let
me know.

 

--

Jim Manico

(808) 652-3805


On Aug 17, 2012, at 9:55 AM, "Bhalla, Nishchal" <nish at securitycompass.com>
wrote:

Hi Jim,

 

Would love to say yes, but I don't think we can currently. I think currently
we do want to have it for the public through our website for leads. I do
think it is very relavant to everyone on owasp list because it is free and
all we are getting is their contact info. If you can please bring it to the
board, I would really appreciate it.

 

Nish.

 

Nish Bhalla

Founder 

SC: Security Compass | SDE: SD Elements

 

p:  +1 (888) 777-2211  x101

m: +1 (732) 614-1020 

t:  @securitycompass @sdelements

 

www.securitycompass.com | www.sdelements.com

 

From: Jim Manico [mailto:jim.manico at owasp.org] 
Sent: Thursday, August 16, 2012 6:19 PM
To: Bhalla, Nishchal
Cc: Sarah Baso
Subject: Re: Free OWASP Top 10 CBT

 

Then this is commercial, not pure OWASP. You need to be fully free and open
to be pure OWASP in a way that merits use of the OWASP list.

 

Want to bring this to the board? I respect if you do.

 

Nish, OWASP is a 501c3 not for profit. As a OWASP volunteer you have an
ethical duty to put your business interest aside and focus on support of the
community. :)

 

Would you be interested in releasing this project under a open
source/content license like ShareAlike?

 

--

Jim Manico

VP, Security Architecture

WhiteHat Security

(808) 652-3805


On Aug 16, 2012, at 3:09 PM, "Bhalla, Nishchal" <nish at securitycompass.com>
wrote:

Yes users need to register, it is part of our marketing. It is
freecbt.securitycompass.com

 

  _____  

From: Jim Manico <jim.manico at owasp.org> 
To: Bhalla, Nishchal 
Sent: Thu Aug 16 17:07:05 2012
Subject: Re: Free OWASP Top 10 CBT 

What OWASP URL is this project hosted under? Is it free and open? Do users
need to register?

--

Jim Manico

(808) 652-3805


On Aug 16, 2012, at 2:30 PM, "Bhalla, Nishchal" <nish at securitycompass.com>
wrote:

Hey Jim,

 

Hope things are going well. We recently released our OWASP Top 10 CBTs and I
wanted to send it to all at owasp and wondered if you can help me with that. I
don't want to spam them across and get dinged for it like the "Securitybyte
cross post" thus am trying to figure out who I should be asking to get this
posted.

 

Nish.

 

Nish Bhalla

Founder 

SC: Security Compass | SDE: SD Elements

 

p:  +1 (888) 777-2211  x101

m: +1 (732) 614-1020

t: @securitycompass, @sdelements

 

www.securitycompass.com |  <http://www.sdelements.com> www.sdelements.com

 

"Free OWASP Training here:  <http://freecbt.securitycompass.com/>
http://freecbt.securitycompass.com/ "

****************************************************************************
************************************************************* 

The information in this email is confidential and may be legally privileged.
Access to this email by anyone other than the intended addressee is
unauthorized.  If you are not the intended recipient of this message, any
review, disclosure, copying, distribution, retention, or any action taken or
omitted to be taken in reliance on it is prohibited and may be unlawful. If
you are not the intended recipient, please reply to or forward a copy of
this message to the sender and delete the message, any attachments, and any
copies thereof from your system.
****************************************************************************
*************************************************************

 

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20120821/309b1fe0/attachment-0001.html>


More information about the Owasp-board mailing list