[Owasp-board] Vendor Neutrality

Dave Wichers dave.wichers at owasp.org
Wed Feb 13 23:56:20 UTC 2013


This is not a chapter meeting. This is a chapter training event that they
are charging a fee for, just like a chapter could hold a local conference
and charge a fee for that too.  And to be consistent with the OWASP
Conferences, they are charging the same fee for these events as the OWASP
Conferences do.

I'm not sure I see the problem. Other than it could have been more clear
that this was an OWASP Chapter sponsored training event, and not a Trustwave
event.

-Dave

-----Original Message-----
From: Jim Manico [mailto:jim.manico at owasp.org] 
Sent: Wednesday, February 13, 2013 6:31 PM
To: Dave Wichers
Cc: 'OWASP Foundation Board List'
Subject: Re: [Owasp-board] Vendor Neutrality

See section 5.02 of the bylaws which state chapter meetings must follow the
chapter handbook.

So...

https://www.owasp.org/index.php/OWASP_Foundation_ByLaws#SECTION_5.02_Local_C
hapters

Points to....

https://www.owasp.org/index.php/Chapter_Handbook/Chapter_2:_Mandatory_Chapte
r_Rules#Organize_free_and_open_meetings

Which state that all OWASP Chapter meetings need to be free per our bylaws.

There is also this...

https://www.owasp.org/index.php/Chapter_Handbook/Chapter_2:_Mandatory_Chapte
r_Rules#Maintain_vendor_neutrality_.28act_independently.29

Which states that vendors need to act independently at chapter meetings and
chapter activites.

In my opinion, this kind of activity completely blurs the lines between
where OWASP ends and vendors start.

I think we should do (a lot) better. Especially for an event driven by a
board member!

- Jim Manico
@Manicode
(808) 652-3805


> This is an OWASP Chapter Training event with a  similar revenue split 
> as the OWASP Conferences.
> 
> While I think it could have been made more clear that this is an OWASP 
> Training event, and not just a Trustwave vendor training pitch in the 
> email, I wouldn't call this a major foul.
> 
> For example, it would have been better (in my opinion) if it said 
> something
> like:
> 
> "As a special introduction to the SpiderLabs instructor led course 
> being offered as part of the 1st ever OWASP NYC Chapter Training 
> Event, I would like to extend to you ..."
> 
> If this was just Trustwave trying to promote their own training event 
> that had nothing to do with OWASP, then yes, this would cross the line 
> in my opinion. (But its not).
> 
> -Dave
> 
> -----Original Message-----
> From: owasp-board-bounces at lists.owasp.org
> [mailto:owasp-board-bounces at lists.owasp.org] On Behalf Of Jim Manico
> Sent: Wednesday, February 13, 2013 5:48 PM
> To: OWASP Foundation Board List
> Subject: [Owasp-board] Vendor Neutrality
> 
> A few folks sent this text my way today. This went out to the NYC 
> chapter list yesterday. What do you think, Board, is this respecting 
> vendor neutrality?
> 
> *****
> 
> From: Tom Brennan <tomb at owasp.org>
> Date: Tuesday, February 12, 2013 6:56 PM
> To: "OWASPNYCMETRO-announce at meetup.com" 
> <OWASPNYCMETRO-announce at meetup.com>
> Subject: [OWASPNYCMETRO] NYC March 13th Training
> 
> Its coming....INSTRUCTOR LED TRAINING IN NYC
> 
> Details: https://www.owasp.org/index.php/NYC
> 
> As a special introduction to the SpiderLabs instructor led course I 
> would like to extend to you a $500 discount code "TRUSTWAVE_500OFF" to 
> be used during check-out.
> 
> Hack Your Own Code: Advanced Training for Developers (2 Day Training 
> Course) This class provides security developers an exciting chance to 
> hone their programming skills while also learning to exploit common 
> web vulnerabilities.
> 
>  For more information on the (3) training classes available visit:
> 
> https://www.owasp.org/index.php/NYC
> 
> 
> Have additional questions? 
> 
> Call 973-202-0122 to discuss
> _______________________________________________
> Owasp-board mailing list
> Owasp-board at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-board
> 




More information about the Owasp-board mailing list