[Owasp-board] Potential Next Generation OWASP Project Guidelines

Michael Coates michael.coates at owasp.org
Mon Apr 15 18:42:51 UTC 2013


Thanks for proposing this. I recently created a shared google doc (editable
by board & viewable by world) for us to add proposals for discussion. I
think this will be an effective way for us to both discuss and keep track
of proposals so they aren't lost in a see of email.

Would you be willing to discuss there in the google doc?
Direct Link:

Shared Folder Link:

On the wiki page I added a quick mention at the top that this new policy is
under discussion and linked to the google doc.
*This policy is in draft and under discussion with the OWASP board -
current notes and discussion can be found


Michael Coates | OWASP | @_mwc

On Mon, Apr 15, 2013 at 7:27 AM, Jim Manico <jim.manico at owasp.org> wrote:

> Please take a look at:
> https://www.owasp.org/index.php/Projects/Project_Brand_Guidelines
> This is a work in progress (thank you Samantha for your work on this!)
> The key section I'd like to focus your attention on is this:
> Project Sponsors and Acknowledgement
> As an OWASP Project Leader, it is important that your project, in its
> entirety, is run independently of commercial influence. Additionally it is
> important that every project related communication or activity presents the
> public perception that the project is run independently of commercial
> influence. There should be no misinterpretation by any user on either the
> mailing lists, OWASP Wiki, or any other external website that the project
> is run solely by the project leader, and not by any other organizations.
> We do actively encourage our project leaders to find sponsorship,
> partnership, and collaborative opportunities with other members or
> organizations within the information security community. As a community run
> organization, we feel these relationships are paramount to the success of
> our projects. While we do value the contributions of our project sponsors,
> we do have branding and sponsorship acknowledgement rules that must be
> adhered to by all OWASP Project Leaders. We feel these rules are necessary
> to maintain the integrity of our vendor neutrality stance. Here are the
> rules below:
> * OWASP Projects can be sponsored in a number of ways: Giving staff time
> to work on project deliverables, financial donations, working space in your
> offices, and/or project donation.
> * OWASP Project sponsors may have their company name listed in the
> "Project Sponsors" section of the OWASP Project Wiki Page with a link to
> the sponsor's page on our wiki.
> * OWASP Project sponsors may have their logo, a short company bio, and
> their project contributions listed on the sponsor's page. (This is the
> suggested "global sponsorship page" and is not attached to a project ed:
> Jim)
> * OWASP Project sponsors may NOT place their logo on any OWASP Project
> Wiki Page.
> * OWASP Project sponsors may NOT place their logo on any OWASP Project
> deliverable. A company name may be placed under a sponsor's section, but
> NEVER the company logo.
> * All contributors must be listed in a neutral way where contributor name,
> company, and roles are displayed textually in a table if they are to be
> placed on the OWASP Project wiki page.
> Six month audits will be conducted based on these rules to make sure all
> projects are in compliance. It is the responsibility of the individual
> Project Leader to make sure these rules are followed for their project.
> For your consideration,
> Jim
> _______________________________________________
> Owasp-board mailing list
> Owasp-board at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-board
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20130415/da232991/attachment.html>

More information about the Owasp-board mailing list