[Owasp-board] Ciso project funding

Eoin Keary eoin.keary at owasp.org
Thu Oct 10 19:24:44 UTC 2013


I disagree. What are the chapter funds doing for our mission? $270k or so?
OWASP has benefited the banks more than appsec.



Eoin Keary
Owasp Global Board
+353 87 977 2988


On 10 Oct 2013, at 18:22, Michael Coates <michael.coates at owasp.org> wrote:

> CC'ing list - thread got forked.
> 
> 
> --
> Michael Coates | OWASP | @_mwc
> 
> 
> 
> On Thu, Oct 10, 2013 at 10:21 AM, Michael Coates <michael.coates at owasp.org> wrote:
>> So email isn't going to solve this issue. Samantha has records that reflect one item, Eoin believes they are incorrect. Eoin, you'll need to work directly with Samantha over Skype to identify what is correct or incorrect.
>> 
>> Second, we don't have 100s of 1000s of money available. Please review our budget. We run the budget way too tight with little to no wiggle room. Anytime we want to grab money we have to grab it from somewhere. Regardless of this situation I won't vote for an allocation of funds that doesn't have a source bucket that it is being taken from. This isn't red tape, this is basic financial responsibility.
>> 
>> Please see the budget here: https://www.owasp.org/images/6/6d/2013_Budget_-_Final.pdf
>> 
>> Total Expenses: $921,019
>> Total Income: $921,941
>> Net: $922
>> 
>> So, $5000 is 5x the amount of unallocated funds, which means we can't just allocate money. It has to come out of someone else's budget. 
>> 
>> I highly advise Eoin, Samantha, and Sarah schedule a phone call to align on the current financial situation of the reboot. Once we have that information we can decide on next steps.
>> 
>> 
>> -Michael
>> 
>> 
>> --
>> Michael Coates | OWASP | @_mwc
>> 
>> 
>> On Thu, Oct 10, 2013 at 8:49 AM, Eoin <eoin.keary at owasp.org> wrote:
>>> Guys do what you seem fit.
>>>  
>>> Don't fund CISO, fund CISO your choice.
>>> Bottom line is 2012 the following were accepted as to be funded by Reboot. (Note CISO)
>>> Now CISO has no funding.
>>> CISO makes funds for OWASP via Training
>>> CISO is an active project
>>>  
>>> Projects selected via first round of review:
>>> OWASP Development Guide*: Funding Amount: $5000 initial funding
>>> OWASP CISO Guide: Funding Amount: $5000 initial funding
>>> OWASP Zed Attack Proxy: Funding Amount: $5000 initial funding
>>> OWASP Mobile Project: Funding Amount: $5000 initial funding
>>>  
>>>  
>>> Reboot funding:
>>> An initial 15K granted earlier on this year (2012)
>>> And additional 15K was granted in Greece at the board meeting. (July 2012)
>>>  
>>> We also have 25K for the testing, code review and development guides from DHS
>>> Dev, Code review and Testing guides have 25k funding already (DHS)
>>>  
>>> Total 55K
>>>  
>>> OWASP Development Guide - DHS funded  - No OWASP Funding Required
>>> OWASP ZAP - moz funded  - No OWASP Funding Required
>>> OWASP Testing Guide - DHS funded - No OWASP Funding Required
>>> OWASP ESAPI - ?
>>> OWASP Code Review Guide - DHS funded  - No OWASP Funding Required
>>> OWASP WebGoat PHP - OWASP funded - No OWASP Funding Required
>>>  
>>> So by my calculations we have very little allocated out of the 55K.......
>>>  
>>>  
>>> 
>>> 
>>> On 9 October 2013 18:52, Michael Coates <michael.coates at owasp.org> wrote:
>>>> Thanks Samantha. That makes sense to me.
>>>> 
>>>> So we have our answer to question 1.
>>>> 
>>>> 
>>>> Eoin, I'm interested in question #2. Can you give us your thinking on those questions?
>>>> 
>>>> Thanks!
>>>> 
>>>> Michael
>>>> 
>>>> 
>>>> ---
>>>> 
>>>> 
>>>> 1. There is a discrepancy on funds for the project reboot. I'm unsure what the final story is. Samantha is reporting 30k available and Eoin is indicating something is not right and there was a vote on the wiki. We should get to the bottom of this.
>>>> 
>>>> Eoin - can you sync with Sarah & Samantha to flush this out and let us know the current state?
>>>> 
>>>> 2. Based on the outcome of #1 we either have funds available in project reboot or we don't. If we don't, the request is to find $5,000 in the current budget to cover 
>>>> travel costs for the CISO project leaders to go somewhere.
>>>> 
>>>> My questions are:
>>>> - Eoin : Do you have a proposed budget where we'll subtract the $5,000 from? Or do you have this money available somewhere else? Please just let us know where the funds will come from.
>>>> - Eoin: Where are these people traveling to? AppSecUSA? How many people? What's the purpose of travel? I agree the project is great. Just want to know what the money is going towards.
>>>> 
>>>> 
>>>> --
>>>> Michael Coates | OWASP | @_mwc
>>>> 
>>>> 
>>>> 
>>>> On Wed, Oct 9, 2013 at 10:34 AM, Samantha Groves <samantha.groves at owasp.org> wrote:
>>>>> As I have mentioned before:
>>>>> 
>>>>> Eoin thought he had $45,000 in reboot, but he only had $30,000. It is my understanding that 3 projects were promised money that reboot did not have. I can forward you all the e-mails where I let Eoin know about this inconsistency last year, and where I showed him which projects I allocated the funds to since I got no direction to do otherwise. I am just surprised this was not managed a year ago by reboot leaders, and I am surprised this is coming up again after I let Eoin know almost one year ago. If there was such a problem with the allocation, then I should have been made aware of it in February. 
>>>>> 
>>>>> I NEVER removed money from the project fund. The money promised to the CISO Guide never existed as far as I am aware. The only reason the CISO Guide project is without money is because someone promised them money they didn't have to give. 
>>>>> 
>>>>> SG
>>>>> 
>>>>> 
>>>>> On Wed, Oct 9, 2013 at 10:24 AM, Eoin Keary <eoin.keary at owasp.org> wrote:
>>>>>> Sec
>>>>>> 
>>>>>> 
>>>>>> Eoin Keary
>>>>>> Owasp Global Board
>>>>>> +353 87 977 2988
>>>>>> 
>>>>>> 
>>>>>> On 9 Oct 2013, at 18:22, Michael Coates <michael.coates at owasp.org> wrote:
>>>>>> 
>>>>>>> It looks we have two items two understand here:
>>>>>>> 
>>>>>>> 1. There is a discrepancy on funds for the project reboot. I'm unsure what the final story is. Samantha is reporting 30k available and Eoin is indicating something is not right and there was a vote on the wiki. We should get to the bottom of this.
>>>>>>> 
>>>>>>> Eoin - can you sync with Sarah & Samantha to flush this out and let us know the current state?
>>>>>>> 
>>>>>>> 2. Based on the outcome of #1 we either have funds available in project reboot or we don't. If we don't, the request is to find $5,000 in the current budget to cover 
>>>>>>> travel costs for the CISO project leaders to go somewhere.
>>>>>>> 
>>>>>>> My questions are:
>>>>>>> - Eoin : Do you have a proposed budget where we'll subtract the $5,000 from? Or do you have this money available somewhere else? Please just let us know where the funds will come from.
>>>>>>> - Eoin: Where are these people traveling to? AppSecUSA? How many people? What's the purpose of travel? I agree the project is great. Just want to know what the money is going towards.
>>>>>>> 
>>>>>>> Thanks!
>>>>>>> Michael
>>>>>>> 
>>>>>>> 
>>>>>>> --
>>>>>>> Michael Coates | OWASP | @_mwc
>>>>>>> 
>>>>>>> 
>>>>>>> 
>>>>>>> On Wed, Oct 9, 2013 at 10:11 AM, Jim Manico <jim.manico at owasp.org> wrote:
>>>>>>>> I've seen the CISO project being talked about very positively in the media. This is good visibility for us. What happened?
>>>>>>>> 
>>>>>>>> Aloha,
>>>>>>>> Jim
>>>>>>>> 
>>>>>>>> > Ok 4 me
>>>>>>>> > On 09 Oct 2013 10:46, "Eoin Keary" <eoin.keary at owasp.org> wrote:
>>>>>>>> >
>>>>>>>> >> Board, the ciso project is very active even to the point that we deliver
>>>>>>>> >> paid CISO training which OWASP benefits.
>>>>>>>> >>
>>>>>>>> >> It appears the reboot funding was moved by Samantha away for the ciso
>>>>>>>> >> project. Hence the project does not have any funding.
>>>>>>>> >> May I ask that we grant the project $5000 to cover travel costs given they
>>>>>>>> >> assumed they had funding.
>>>>>>>> >>
>>>>>>>> >> We granted funding to the project via reboot which has since been revoked.
>>>>>>>> >>
>>>>>>>> >> Can we make a decision on this ASAP. I assure you all that this is a good
>>>>>>>> >> spend of our limited funds.
>>>>>>>> >>
>>>>>>>> >> RSVP.
>>>>>>>> >>
>>>>>>>> >> Eoin Keary
>>>>>>>> >> Owasp Global Board
>>>>>>>> >> +353 87 977 2988
>>>>>>>> >>
>>>>>>>> >> _______________________________________________
>>>>>>>> >> Owasp-board mailing list
>>>>>>>> >> Owasp-board at lists.owasp.org
>>>>>>>> >> https://lists.owasp.org/mailman/listinfo/owasp-board
>>>>>>>> >>
>>>>>>>> >
>>>>>>>> >
>>>>>>>> >
>>>>>>>> > _______________________________________________
>>>>>>>> > Owasp-board mailing list
>>>>>>>> > Owasp-board at lists.owasp.org
>>>>>>>> > https://lists.owasp.org/mailman/listinfo/owasp-board
>>>>>>>> >
>>>>>>>> 
>>>>>>>> _______________________________________________
>>>>>>>> Owasp-board mailing list
>>>>>>>> Owasp-board at lists.owasp.org
>>>>>>>> https://lists.owasp.org/mailman/listinfo/owasp-board
>>>>>>> 
>>>>>>> _______________________________________________
>>>>>>> Owasp-board mailing list
>>>>>>> Owasp-board at lists.owasp.org
>>>>>>> https://lists.owasp.org/mailman/listinfo/owasp-board
>>>>>> 
>>>>>> _______________________________________________
>>>>>> Owasp-board mailing list
>>>>>> Owasp-board at lists.owasp.org
>>>>>> https://lists.owasp.org/mailman/listinfo/owasp-board
>>>>> 
>>>>> 
>>>>> 
>>>>> -- 
>>>>> Samantha Groves, MBA
>>>>> OWASP Projects Manager
>>>>> 
>>>>> The OWASP Foundation
>>>>> Phoenix, USA
>>>>> Email: samantha.groves at owasp.org
>>>>> Skype: samanthahz 
>>>>> 
>>>>> OWASP Global Projects
>>>>> Book a Meeting with Me
>>>>> OWASP Contact US Form
>>>>> New Project Application Form
>>> 
>>> 
>>> 
>>> -- 
>>> Eoin Keary
>>> OWASP Member
>>> https://twitter.com/EoinKeary
>> 
>> 
>> 
>> -- 
>> Samantha Groves, MBA
>> OWASP Projects Manager
>> 
>> The OWASP Foundation
>> Phoenix, USA
>> Email: samantha.groves at owasp.org
>> Skype: samanthahz 
>> 
>> OWASP Global Projects
>> Book a Meeting with Me
>> OWASP Contact US Form
>> New Project Application Form
>> 
>> 
>>> 
>>> 
>>> 
>>> -- 
>>> Eoin Keary
>>> OWASP Member
>>> https://twitter.com/EoinKeary
> 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20131010/90e16ca3/attachment-0001.html>


More information about the Owasp-board mailing list