[Owasp-board] Ciso project funding

Josh Sokol josh.sokol at owasp.org
Thu Oct 10 18:20:19 UTC 2013


Am I the only one who does a double take when I see over $58,000 allocated
to the "Local Chapter" for running the AppSec events?  Holy cow!  Take $5k
from there.  They won't miss it!

~josh


On Thu, Oct 10, 2013 at 12:22 PM, Michael Coates
<michael.coates at owasp.org>wrote:

> CC'ing list - thread got forked.
>
>
> --
> Michael Coates | OWASP | @_mwc
>
>
>
> On Thu, Oct 10, 2013 at 10:21 AM, Michael Coates <michael.coates at owasp.org
> > wrote:
>
>> So email isn't going to solve this issue. Samantha has records that
>> reflect one item, Eoin believes they are incorrect. Eoin, you'll need to
>> work directly with Samantha over Skype to identify what is correct or
>> incorrect.
>>
>> Second, we don't have 100s of 1000s of money available. Please review our
>> budget. We run the budget way too tight with little to no wiggle room.
>> Anytime we want to grab money we have to grab it from somewhere. Regardless
>> of this situation I won't vote for an allocation of funds that doesn't have
>> a source bucket that it is being taken from. This isn't red tape, this is
>> basic financial responsibility.
>>
>> Please see the budget here:
>> https://www.owasp.org/images/6/6d/2013_Budget_-_Final.pdf
>>
>> Total Expenses: $921,019
>> Total Income: $921,941
>> Net: $922
>>
>> So, $5000 is 5x the amount of unallocated funds, which means we can't
>> just allocate money. It has to come out of someone else's budget.
>>
>> I highly advise Eoin, Samantha, and Sarah schedule a phone call to align
>> on the current financial situation of the reboot. Once we have that
>> information we can decide on next steps.
>>
>>
>> -Michael
>>
>>
>> --
>> Michael Coates | OWASP | @_mwc
>>
>>
>> On Thu, Oct 10, 2013 at 8:49 AM, Eoin <eoin.keary at owasp.org> wrote:
>>
>>> Guys do what you seem fit.
>>>
>>> Don't fund CISO, fund CISO your choice.
>>> Bottom line is 2012 the following were accepted as to be funded by
>>> Reboot. (Note CISO)
>>> Now CISO has no funding.
>>> CISO makes funds for OWASP via Training
>>> CISO is an active project
>>>
>>> *Projects selected via first round of review*:
>>>
>>>    1. *OWASP Development Guide**: Funding Amount: $5000 initial funding
>>>    2. *OWASP CISO Guide*: Funding Amount: $5000 initial funding
>>>    3. *OWASP Zed Attack Proxy*: Funding Amount: $5000 initial funding
>>>    4. *OWASP Mobile Project*: Funding Amount: $5000 initial funding
>>>
>>>
>>>
>>> *Reboot funding:*
>>> An initial 15K granted earlier on this year (2012)
>>> And additional 15K was granted in Greece at the board meeting. (July
>>> 2012)
>>>
>>> We also have 25K for the testing, code review and development guides
>>> from DHS
>>> Dev, Code review and Testing guides have 25k funding already (DHS)
>>>
>>> *Total 55K*
>>>
>>>
>>>    1. OWASP Development Guide - DHS funded  *-* *No OWASP Funding
>>>    Required*
>>>    2. OWASP ZAP - moz funded  - *No OWASP Funding Required*
>>>    3. OWASP Testing Guide - DHS funded - *No OWASP Funding Required*
>>>    4. OWASP ESAPI - ?
>>>    5. OWASP Code Review Guide - DHS funded  - *No OWASP Funding Required
>>>    *
>>>    6. OWASP WebGoat PHP - OWASP funded - *No OWASP Funding Required*
>>>
>>>
>>> *So by my calculations we have very little allocated out of the
>>> 55K.......*
>>>
>>>
>>>
>>>
>>> On 9 October 2013 18:52, Michael Coates <michael.coates at owasp.org>wrote:
>>>
>>>> Thanks Samantha. That makes sense to me.
>>>>
>>>> So we have our answer to question 1.
>>>>
>>>>
>>>> Eoin, I'm interested in question #2. Can you give us your thinking on
>>>> those questions?
>>>>
>>>> Thanks!
>>>>
>>>> Michael
>>>>
>>>>
>>>> ---
>>>>
>>>>
>>>> 1. There is a discrepancy on funds for the project reboot. I'm unsure
>>>> what the final story is. Samantha is reporting 30k available and Eoin is
>>>> indicating something is not right and there was a vote on the wiki. We
>>>> should get to the bottom of this.
>>>>
>>>> Eoin - can you sync with Sarah & Samantha to flush this out and let us
>>>> know the current state?
>>>>
>>>> 2. Based on the outcome of #1 we either have funds available in project
>>>> reboot or we don't. If we don't, the request is to find $5,000 in the
>>>> current budget to cover
>>>> travel costs for the CISO project leaders to go somewhere.
>>>>
>>>> My questions are:
>>>> - Eoin : Do you have a proposed budget where we'll subtract the $5,000
>>>> from? Or do you have this money available somewhere else? Please just let
>>>> us know where the funds will come from.
>>>> - Eoin: Where are these people traveling to? AppSecUSA? How many
>>>> people? What's the purpose of travel? I agree the project is great. Just
>>>> want to know what the money is going towards.
>>>>
>>>>
>>>> --
>>>> Michael Coates | OWASP | @_mwc
>>>>
>>>>
>>>>
>>>> On Wed, Oct 9, 2013 at 10:34 AM, Samantha Groves <
>>>> samantha.groves at owasp.org> wrote:
>>>>
>>>>> As I have mentioned before:
>>>>>
>>>>> Eoin thought he had $45,000 in reboot, but he only had $30,000. It is
>>>>> my understanding that 3 projects were promised money that reboot did not
>>>>> have. I can forward you all the e-mails where I let Eoin know about this
>>>>> inconsistency last year, and where I showed him which projects I allocated
>>>>> the funds to since I got no direction to do otherwise. I am just surprised
>>>>> this was not managed a year ago by reboot leaders, and I am surprised this
>>>>> is coming up again after I let Eoin know almost one year ago. If there was
>>>>> such a problem with the allocation, then I should have been made aware of
>>>>> it in February.
>>>>>
>>>>> I NEVER removed money from the project fund. The money promised to the
>>>>> CISO Guide never existed as far as I am aware. The only reason the CISO
>>>>> Guide project is without money is because someone promised them money they
>>>>> didn't have to give.
>>>>>
>>>>> SG
>>>>>
>>>>>
>>>>> On Wed, Oct 9, 2013 at 10:24 AM, Eoin Keary <eoin.keary at owasp.org>wrote:
>>>>>
>>>>>> Sec
>>>>>>
>>>>>>
>>>>>> Eoin Keary
>>>>>> Owasp Global Board
>>>>>> +353 87 977 2988
>>>>>>
>>>>>>
>>>>>> On 9 Oct 2013, at 18:22, Michael Coates <michael.coates at owasp.org>
>>>>>> wrote:
>>>>>>
>>>>>> It looks we have two items two understand here:
>>>>>>
>>>>>> 1. There is a discrepancy on funds for the project reboot. I'm unsure
>>>>>> what the final story is. Samantha is reporting 30k available and Eoin is
>>>>>> indicating something is not right and there was a vote on the wiki. We
>>>>>> should get to the bottom of this.
>>>>>>
>>>>>> Eoin - can you sync with Sarah & Samantha to flush this out and let
>>>>>> us know the current state?
>>>>>>
>>>>>> 2. Based on the outcome of #1 we either have funds available in
>>>>>> project reboot or we don't. If we don't, the request is to find $5,000 in
>>>>>> the current budget to cover
>>>>>> travel costs for the CISO project leaders to go somewhere.
>>>>>>
>>>>>> My questions are:
>>>>>> - Eoin : Do you have a proposed budget where we'll subtract the
>>>>>> $5,000 from? Or do you have this money available somewhere else? Please
>>>>>> just let us know where the funds will come from.
>>>>>> - Eoin: Where are these people traveling to? AppSecUSA? How many
>>>>>> people? What's the purpose of travel? I agree the project is great. Just
>>>>>> want to know what the money is going towards.
>>>>>>
>>>>>> Thanks!
>>>>>> Michael
>>>>>>
>>>>>>
>>>>>> --
>>>>>> Michael Coates | OWASP | @_mwc
>>>>>>
>>>>>>
>>>>>>
>>>>>> On Wed, Oct 9, 2013 at 10:11 AM, Jim Manico <jim.manico at owasp.org>wrote:
>>>>>>
>>>>>>> I've seen the CISO project being talked about very positively in the
>>>>>>> media. This is good visibility for us. What happened?
>>>>>>>
>>>>>>> Aloha,
>>>>>>> Jim
>>>>>>>
>>>>>>> > Ok 4 me
>>>>>>> > On 09 Oct 2013 10:46, "Eoin Keary" <eoin.keary at owasp.org> wrote:
>>>>>>> >
>>>>>>> >> Board, the ciso project is very active even to the point that we
>>>>>>> deliver
>>>>>>> >> paid CISO training which OWASP benefits.
>>>>>>> >>
>>>>>>> >> It appears the reboot funding was moved by Samantha away for the
>>>>>>> ciso
>>>>>>> >> project. Hence the project does not have any funding.
>>>>>>> >> May I ask that we grant the project $5000 to cover travel costs
>>>>>>> given they
>>>>>>> >> assumed they had funding.
>>>>>>> >>
>>>>>>> >> We granted funding to the project via reboot which has since been
>>>>>>> revoked.
>>>>>>> >>
>>>>>>> >> Can we make a decision on this ASAP. I assure you all that this
>>>>>>> is a good
>>>>>>> >> spend of our limited funds.
>>>>>>> >>
>>>>>>> >> RSVP.
>>>>>>> >>
>>>>>>> >> Eoin Keary
>>>>>>> >> Owasp Global Board
>>>>>>> >> +353 87 977 2988
>>>>>>> >>
>>>>>>> >> _______________________________________________
>>>>>>> >> Owasp-board mailing list
>>>>>>> >> Owasp-board at lists.owasp.org
>>>>>>> >> https://lists.owasp.org/mailman/listinfo/owasp-board
>>>>>>> >>
>>>>>>> >
>>>>>>> >
>>>>>>> >
>>>>>>> > _______________________________________________
>>>>>>> > Owasp-board mailing list
>>>>>>> > Owasp-board at lists.owasp.org
>>>>>>> > https://lists.owasp.org/mailman/listinfo/owasp-board
>>>>>>> >
>>>>>>>
>>>>>>> _______________________________________________
>>>>>>> Owasp-board mailing list
>>>>>>> Owasp-board at lists.owasp.org
>>>>>>> https://lists.owasp.org/mailman/listinfo/owasp-board
>>>>>>>
>>>>>>
>>>>>> _______________________________________________
>>>>>> Owasp-board mailing list
>>>>>> Owasp-board at lists.owasp.org
>>>>>> https://lists.owasp.org/mailman/listinfo/owasp-board
>>>>>>
>>>>>>
>>>>>> _______________________________________________
>>>>>> Owasp-board mailing list
>>>>>> Owasp-board at lists.owasp.org
>>>>>> https://lists.owasp.org/mailman/listinfo/owasp-board
>>>>>>
>>>>>>
>>>>>
>>>>>
>>>>> --
>>>>>
>>>>> *Samantha Groves, MBA*
>>>>>
>>>>> *OWASP Projects Manager*
>>>>>
>>>>> *
>>>>> *
>>>>>
>>>>> The OWASP Foundation
>>>>>
>>>>> Phoenix, USA
>>>>>
>>>>> Email: samantha.groves at owasp.org
>>>>>
>>>>> Skype: samanthahz
>>>>>
>>>>>
>>>>> OWASP Global Projects<https://www.owasp.org/index.php/Category:OWASP_Project>
>>>>>
>>>>> Book a Meeting with Me <http://goo.gl/mZXdZ>
>>>>>
>>>>> OWASP Contact US Form <http://owasp4.owasp.org/contactus.html>
>>>>>
>>>>> New Project Application Form<https://docs.google.com/a/owasp.org/spreadsheet/viewform?formkey=dHZfWGhHZ0Z4UFFwZU42djBXcVVLSlE6MQ#gid=0>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>
>>>
>>>
>>> --
>>> Eoin Keary
>>> OWASP Member
>>> https://twitter.com/EoinKeary
>>>
>>>
>>
>>
>> --
>>
>> *Samantha Groves, MBA*
>>
>> *OWASP Projects Manager*
>>
>> *
>> *
>>
>> The OWASP Foundation
>>
>> Phoenix, USA
>>
>> Email: samantha.groves at owasp.org
>>
>> Skype: samanthahz
>>
>>
>> OWASP Global Projects<https://www.owasp.org/index.php/Category:OWASP_Project>
>>
>> Book a Meeting with Me <http://goo.gl/mZXdZ>
>>
>> OWASP Contact US Form <http://owasp4.owasp.org/contactus.html>
>>
>> New Project Application Form<https://docs.google.com/a/owasp.org/spreadsheet/viewform?formkey=dHZfWGhHZ0Z4UFFwZU42djBXcVVLSlE6MQ#gid=0>
>>
>>
>>
>>
>>>
>>>
>>> --
>>> Eoin Keary
>>> OWASP Member
>>> https://twitter.com/EoinKeary
>>>
>>>
>>
>
> _______________________________________________
> Owasp-board mailing list
> Owasp-board at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-board
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20131010/0a4e7075/attachment-0001.html>


More information about the Owasp-board mailing list