[Owasp-board] Free OWASP Top 10 CBT

Matt Tesauro matt.tesauro at owasp.org
Tue Aug 21 21:13:31 UTC 2012


I second Dave (and basically third Jim) on this issue.

I thought I'd already replied to this one.  Sorry about that.

--
-- Matt Tesauro
OWASP Board Member
OWASP WTE Project Lead
http://www.owasp.org/index.php/Category:OWASP_Live_CD_Project
http://AppSecLive.org - Community and Download site


On Tue, Aug 21, 2012 at 12:27 PM, Dave Wichers <dave.wichers at owasp.org>wrote:

> I agree with Jim. His company could put an ad for it up on the OWASP site
> as part of his corporate membership or outright purchase of the ad, but we
> shouldn’t promote this on any OWASP mailing list as its of commercial
> benefit to his company, even though its free.****
>
> ** **
>
> -Dave****
>
> ** **
>
> *From:* owasp-board-bounces at lists.owasp.org [mailto:
> owasp-board-bounces at lists.owasp.org] *On Behalf Of *Jim Manico
> *Sent:* Friday, August 17, 2012 3:04 PM
> *To:* Bhalla, Nishchal; OWASP List
> *Subject:* Re: [Owasp-board] Free OWASP Top 10 CBT****
>
> ** **
>
> I say no, it's not open content. CCing board, see below.****
>
> --****
>
> Jim Manico****
>
> (808) 652-3805****
>
>
> On Aug 17, 2012, at 10:46 AM, "Bhalla, Nishchal" <nish at securitycompass.com>
> wrote:****
>
> So if I host it and don't have the leads form but it is fully free then it
> is fine to send to all?****
>
> ** **
> ------------------------------
>
> *From*: Jim Manico <jim.manico at owasp.org>
> *To*: Bhalla, Nishchal
> *Sent*: Fri Aug 17 12:45:21 2012
> *Subject*: Re: Free OWASP Top 10 CBT ****
>
> Unless its open and non-commercial, no way. Its against our ethics. See
> here:****
>
> ** **
>
>
> https://www.owasp.org/index.php/About_The_Open_Web_Application_Security_Project#Code_of_Ethics
> ****
>
> ** **
>
> ** **
>
> --****
>
> Jim Manico****
>
> VP, Security Architecture****
>
> WhiteHat Security****
>
> (808) 652-3805****
>
>
> On Aug 17, 2012, at 10:35 AM, "Bhalla, Nishchal" <nish at securitycompass.com>
> wrote:****
>
> Jim****
>
>  ****
>
> What would be your thoughts on sending it to the leaders, which I can send
> but don’t want to unless you guys think that is a bad idea too ?  ****
>
>  ****
>
> Nish.****
>
>  ****
>
> *Nish Bhalla*****
>
> *Founder *****
>
> *SC: Security Compass | SDE: SD Elements*****
>
> * *****
>
> *p:  *+1 (888) 777-2211  x101****
>
> *m:* +1 (732) 614-1020 ****
>
> *t:*  @securitycompass @sdelements****
>
>  ****
>
> *www.securitycompass.com | www.sdelements.com*****
>
>  ****
>
> *From:* Bhalla, Nishchal
> *Sent:* Friday, August 17, 2012 1:16 PM
> *To:* 'Jim Manico'
> *Cc:* 'Sarah Baso'
> *Subject:* RE: Free OWASP Top 10 CBT****
>
>  ****
>
> I do understand where you are coming from “not for profit corporation” and
> appreciate that. But I guess we disagree on the why it is helpful for the
> community. If it is not something that you want to send I understand it
> since you are on the board. ****
>
>  ****
>
> I would have definitely liked to send it to atleast the leaders if not to
> all so that people can decide if they decide not to view it, they don’t
> fill in the information. That is why it is open to the public.****
>
>  ****
>
> *Nish Bhalla*****
>
> *Founder *****
>
> *SC: Security Compass | SDE: SD Elements*****
>
> * *****
>
> *p:  *+1 (888) 777-2211  x101****
>
> *m:* +1 (732) 614-1020 ****
>
> *t:*  @securitycompass @sdelements****
>
>  ****
>
> *www.securitycompass.com | www.sdelements.com*****
>
>  ****
>
> *From:* Jim Manico [mailto:jim.manico at owasp.org]
> *Sent:* Friday, August 17, 2012 1:13 PM
> *To:* Bhalla, Nishchal
> *Cc:* Sarah Baso
> *Subject:* Re: Free OWASP Top 10 CBT****
>
>  ****
>
> Nish,****
>
>  ****
>
> I do not support using OWASP-all to assist you with lead generation.****
>
>  ****
>
> I think you are missing the point of a 501c3 not for profit corporation.**
> **
>
>  ****
>
> Our mission is to serve the community. We need to keep commercial
> interests at bay. ****
>
>  ****
>
> If you want to make the content available for free under an open license
> let me know.****
>
>  ****
>
> --****
>
> Jim Manico****
>
> (808) 652-3805****
>
>
> On Aug 17, 2012, at 9:55 AM, "Bhalla, Nishchal" <nish at securitycompass.com>
> wrote:****
>
> Hi Jim,****
>
>  ****
>
> Would love to say yes, but I don’t think we can currently. I think
> currently we do want to have it for the public through our website for
> leads. I do think it is very relavant to everyone on owasp list because it
> is free and all we are getting is their contact info. If you can please
> bring it to the board, I would really appreciate it.****
>
>  ****
>
> Nish.****
>
>  ****
>
> *Nish Bhalla*****
>
> *Founder *****
>
> *SC: Security Compass | SDE: SD Elements*****
>
> * *****
>
> *p:  *+1 (888) 777-2211  x101****
>
> *m:* +1 (732) 614-1020 ****
>
> *t:*  @securitycompass @sdelements****
>
>  ****
>
> *www.securitycompass.com | www.sdelements.com*****
>
>  ****
>
> *From:* Jim Manico [mailto:jim.manico at owasp.org]
> *Sent:* Thursday, August 16, 2012 6:19 PM
> *To:* Bhalla, Nishchal
> *Cc:* Sarah Baso
> *Subject:* Re: Free OWASP Top 10 CBT****
>
>  ****
>
> Then this is commercial, not pure OWASP. You need to be fully free and
> open to be pure OWASP in a way that merits use of the OWASP list.****
>
>  ****
>
> Want to bring this to the board? I respect if you do.****
>
>  ****
>
> Nish, OWASP is a 501c3 not for profit. As a OWASP volunteer you have an
> ethical duty to put your business interest aside and focus on support of
> the community. :)****
>
>  ****
>
> Would you be interested in releasing this project under a open
> source/content license like ShareAlike?****
>
>  ****
>
> --****
>
> Jim Manico****
>
> VP, Security Architecture****
>
> WhiteHat Security****
>
> (808) 652-3805****
>
>
> On Aug 16, 2012, at 3:09 PM, "Bhalla, Nishchal" <nish at securitycompass.com>
> wrote:****
>
> Yes users need to register, it is part of our marketing. It is
> freecbt.securitycompass.com****
>
>  ****
> ------------------------------
>
> *From*: Jim Manico <jim.manico at owasp.org>
> *To*: Bhalla, Nishchal
> *Sent*: Thu Aug 16 17:07:05 2012
> *Subject*: Re: Free OWASP Top 10 CBT ****
>
> What OWASP URL is this project hosted under? Is it free and open? Do users
> need to register?****
>
> --****
>
> Jim Manico****
>
> (808) 652-3805****
>
>
> On Aug 16, 2012, at 2:30 PM, "Bhalla, Nishchal" <nish at securitycompass.com>
> wrote:****
>
> Hey Jim,****
>
>  ****
>
> Hope things are going well. We recently released our OWASP Top 10 CBTs and
> I wanted to send it to all at owasp and wondered if you can help me with
> that. I don’t want to spam them across and get dinged for it like the
> “Securitybyte cross post” thus am trying to figure out who I should be
> asking to get this posted.****
>
>  ****
>
> Nish.****
>
>  ****
>
> *Nish Bhalla*****
>
> *Founder *****
>
> *SC: Security Compass | SDE: SD Elements*****
>
> * *****
>
> *p:  *+1 (888) 777-2211  x101****
>
> *m:* +1 (732) 614-1020****
>
> *t:* @securitycompass, @sdelements****
>
>  ****
>
> *www.securitycompass.com | www.sdelements.com*****
>
>  ****
>
> “Free OWASP Training here: http://freecbt.securitycompass.com/ ”****
>
> *****************************************************************************************************************************************
> ****
>
> The information in this email is confidential and may be legally
> privileged. Access to this email by anyone other than the intended
> addressee is unauthorized.  If you are not the intended recipient of this
> message, any review, disclosure, copying, distribution, retention, or any
> action taken or omitted to be taken in reliance on it is prohibited and may
> be unlawful. If you are not the intended recipient, please reply to or
> forward a copy of this message to the sender and delete the message, any
> attachments, and any copies thereof from your system.
> *****************************************************************************************************************************************
> ****
>
>  ****
>
>  ****
>
>
> _______________________________________________
> Owasp-board mailing list
> Owasp-board at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-board
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20120821/2c6ee249/attachment-0001.html>


More information about the Owasp-board mailing list