[Owasp-board] WASPY Awards and Questionable Ethics

Jim Manico jim.manico at owasp.org
Mon Oct 1 02:02:12 UTC 2012


The WASPY Awards (Web Application Security Person of the Year) is 
leaving me very concerned.

After reading...


...it looks like only the board will vote for the winners.

     "The OWASP board will review the profiles of the chapter/project 
level winners and will then select 5 Global finalists."

I also noticed that Tom Brennan nominated two candidates who are his 
co-workers (2 of the 13 candidates). Tom's company is also one of the 
sponsors of this award. And as a board member he helps vote on the 
winners. Both of these projects show Tom as the project leader.

*    Candidate:*Ryan Barnett

*    Candidate Submitted By:*OWASP HTTP POST TOOL

*    Accomplishments:*Ryan is a core developers on the OWASP CRS 

*    Why this person was chosen?*When working on the HTTP POST TOOL we 
made it available ....

*    Candidate:*Charles Henderson

*    Candidate Submitted By:*OWASP RFP 

*    Accomplishments:*This OWASP effort has been adopted by numerous 
organizations worldwide to help them meet their contracting needs when 
procuring application security services.

*    Why this person was chosen?*Project contributor

So may I ask if OWASP board members who nominated candidates plan to 
recuse themselves from the voting? Or better yet, isn't it more 
appropriate allow the membership community to vote for the Web 
Application Security Person of the Year?

Or Tom, did you plan to sponsor, nominate and elect the winner? I once 
again cry foul. _*This is again why I am very concerned with you running 
for board when you make decisions like this with questionable ethics.*_

PS: Ryan Barnett and Chris Henderson are both stellar professionals and 
this is in no way reflective of their talent.

Thank you,
Jim Manico
OWASP Volunteer
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20120930/5fab3871/attachment.html>

More information about the Owasp-board mailing list