[Owasp-board] Promotion of OWASP by Non-"non-profits"

Michael Coates michael.coates at owasp.org
Wed Feb 19 22:15:11 UTC 2014


I'd like to understand everyone's thoughts on promotion of OWASP from other
entities - specifically those that are either corporations, private
entities and generally companies with different motives then us and a

More specifically, what expectations to do you feel should be placed on a
company that wants to promote an owasp project or contribute time and
resources to the betterment of owasp that of course also benefit themselves
too (e.g. being a good person has tangential benefits for the person and
those associated with the person)?

A few questions for consideration
1. Does an owasp project or initiative need to live only on the owasp wiki?
2. Can a company push forward with an owasp project and promote that
project on their website too?
3. Do questions 1 and 2 matter provided the company/person acts per our
brand usage guidelines here?

I certainly have my opinions but want to open up the discussion.

I ask these larger questions because the overall issue is more important.
However, we can also later dive into this idea with a concrete example. We
have a great scenario where someone is funded by a company to do things
that benefit OWASP - the podcast series. If we have concerns about any
aspect of that situation, I'd like to understand them in the overall
context of how we encourage company participation.

Also, if our expectations don't match our stated guidance we need to
quickly update our guidance. It's hard for us to expect people to follow
rules if we don't publish them :)


Michael Coates
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20140219/9de75122/attachment.html>

More information about the Owasp-board mailing list