[Owasp-board] [Committees-chairs] SANS

Jim Manico jim.manico at owasp.org
Tue May 1 21:28:26 UTC 2012

I honestly think that SANS objectives are "fair" here.

They want to see OWASP'ers mingle with the SANS community and become
aware about SANS training.

By the same token, the are willing to open up their conference locations
(which are nice) to OWASP chapter meetings and let anyone attend those
for free, even non-conference members.

For certification, SANS wants to maintain the certification but get the
OWASP community to help maintain the test questions. They would also pay
OWASP a % of the proceeds and would likely become an OWASP sponsor as well.

Just like OWASP has had a major changing of the guard, SANS has had 2
major changing of the guards as well. I know Frank Kim and Jason Lam
well and trust them both. Dennis Kirby is good people. Of course they
want to grow their business, but they also want to serve the community.

I'd like to keep this conversation going. I think it would benefit the
OWASP mission a great deal.

And please note, I gain no benefit from this. In fact, I compete with
SANS! But I think this is good for the community.


> Very interesting.
> I think, as in other recent discussions, we need to focus on the impact on our mission.  Does this help promote our goals?  Frankly, I think the answer is a strong yes.
> However, there is the potential for an impact on our culture or the perception of our culture.  I think that many of the 'old guard' will reject this idea outright because of the for-profit aspect.  That said, I think it's fair to ask - 'how well is the current owasp model doing?'.  I.e. have we grown, have we reached a broader audience, have we made the impact we wanted to?   Reasonable minds may differ on the answers to those questions, but in my perception, I think we've begun to stagnate a bit (at least in terms of spreading awareness).  This offer from sans may be an opportunity to break that stagnation.
> In my mind, I think this is well worth some serious consideration.  And thank you, Jim, for limiting the distribution of your email to the chairs and board, where hopefully cooler minds can appropriately deliberate without the knee-jerk reactions that the list has seemed to embrace as of late.
> Rex
> On May 1, 2012, at 4:44 AM, Jim Manico <jim.manico at owasp.org> wrote:
>> SANS has offered to build an OWASP certification and give a percentage
>> of the proceeds to OWASP. They already have a GWEB certification that
>> could serve as a base for the program.
>> SANS has also offered to allow OWASP chapters to meet at it's
>> conferences around the world, lets folks attend OWASP meetings for free
>> (of course), serve drinks, and otherwise back off no-strings-attached.
>> SANS is of course a for-profit commercial enterprise.
>> Frank Kim, Denis Kirby and Jason Lam are the folks who run the SANS
>> AppSec program and made this offer to OWASP. They feel it's of value to
>> SANS just to have OWASP folks be aware that SANS exists, and they can
>> help the community at the same time.
>> I've known Frank and Jason for some thing and think they are good eggs.
>> Worth discussing...
>> -- 
>> Jim Manico
>> Connections Committee Chair
>> Cheatsheet Series Product Manager
>> OWASP Podcast Producer/Host
>> jim at owasp.org
>> www.owasp.org
>> _______________________________________________
>> Committees-chairs mailing list
>> Committees-chairs at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/committees-chairs

Jim Manico

Connections Committee Chair
Cheatsheet Series Product Manager
OWASP Podcast Producer/Host

jim at owasp.org

More information about the Owasp-board mailing list