[Owasp-board] Final Proposal to be sent to Kevin Greene

Eoin Keary eoin.keary at owasp.org
Sun Jun 8 22:31:27 UTC 2014


Thanks. We shall discuss this soon.
Again, keep up the good work.hope to meet you at appsec EU 

Eoin Keary
Owasp Global Board
+353 87 977 2988


On 8 Jun 2014, at 22:45, johanna curiel curiel <johanna.curiel at owasp.org> wrote:

> Thank you Eoin. I appreciate your support and the board's support and words but I think it was time for me to speak openly my experience with Samantha.
> 
> I didnt want to throw this before because this was her job and earning income,  but my honest opinion is that she was not the right person to be set as manager for project reviews, especially because she never listened or took my advice or the advice of the Project Advisory board team, she lacks technical understanding of projects so why was she taking decisions instead of asking and taking advice from the technical people. No wonder why was I the only person participating  in the end. She was still sending me forms to do reviews even when i mentioned in an email in march that this approach is wrong and filling criterias forms is not the correct ways of doing it and that I won't do anything until there is a clear objective regarding this. She ignored my advice completely. You do that , people stop contributing.
> 
> In the end all I saw was that she included me in emails when she need  something to be done. 
> Yes I felt like mishandled and used as cheap/free labor. This is how I felt about working with her. 
> 
> Closed chapter and time to concentrate in results.
> 
> Since last year september, after th efailure of the Advisory Board and the project review approach Isent an email to her 
> On Sunday, June 8, 2014, Eoin Keary <eoin.keary at owasp.org> wrote:
>> Johanna, you are doing a great Job. 
>> There is a little confusion regarding the grants from DHS and swamp.
>> Please keep going, you have the boards full support.
>> Projects is what OWASP is about, not politik!
>> 
>> 
>> Eoin Keary
>> Owasp Global Board
>> +353 87 977 2988
>> 
>> 
>> On 8 Jun 2014, at 17:57, johanna curiel curiel <johanna.curiel at owasp.org> wrote:
>> R
>>> > If there's anything you wanted me to talk with him about please let me know.
>>> 
>>> One of the most important things is that projects needs a proper build script and code analysis is done only on C/C++/Java, so I wonder how projects as hackademics are going to be deployed because there is no tool for code analysis for this yet. Esapi Java  or ZAP makes sense to me, but with all due respect hackademics is too early in this phase because is HTML,Javascript and PHP which is not supported by SWAMP.
>>> 
>>> Right now everything works through a web interface , no direct access is granted to the SWAMP servers, so no way of deploying properly packages or tools that are not written in the mentioned languages and they must have a C/C++ script. I tested this myself.
>>> 
>>> SWAMP tools are for code analysis assessment, so I don't know how Hackacademics project fits into this.
>>> 
>>> To me it makes sense to start with those tools written in the available languages AND that are for Code or vulnerability assessment, verify that OWASP tools can be properly build and deployed. That is my plan.
>>> 
>>> And then we need to coordinate with SWAMP how other languages will be integrated into this program. And  if only tools that are for code analysis or vulnerability findings will be part of the SWAMP toolset. So far this is the case. So tools such as Hackademics, WebGoat ...are not for this. We need to know what the SWAMP exactly will provide regarding this.
>>> 
>>> I'll be sending these questions to Irene Landrum, technical manager of the SWAMP, which I have contact with. just the technical questions.
>>> 
>>> Dan as I mentioned on the 16 june I'll get more info with these or after getting answers from Irene. But important is to know how those languages and tools that are not supported right now are been planned by the SWAMP.
>>> 
>>> Thats why the plan written by Samantha does make any sense to me from the technical point of view.
>>> 
>>> 
>>> On Sun, Jun 8, 2014 at 12:33 PM, dan cornell <dan.cornell at owasp.org> wrote:
>>> I'm going to be on-site at MITRE for a software assurance event tomorrow and I believe Kevin Greene from DHS is going to be there as well. If there's anything you wanted me to talk with him about please let me know. The DHS stuff I was waiting on finally got sorted out so I'm in a better position to talk with Kevin and the SWAMP folks now than I was for the past couple of months.
>>> 
>>> Thanks,
>>> 
>>> Dan
>>> 
>>> 
>>> 
>>> On Sun, Jun 8, 2014 at 11:25 AM, johanna curiel curiel <johanna.curiel at owasp.org> wrote:
>>> The purpose is the same too but no one ever informed me even when I have been so deeply involved in projects
>>> 
>>> and why not involving more projects? 
>>> 
>>> The idea of the SWAMP is to set the projects here too and use them for review purpose at the same time
>>> 
>>> 
>>> Samantha never told me anything and as I can see this dates from March...
>>> 
>>> I feel she has excluded me long time ago but this is just a confirmation of it. yea I was only good to review projects..only when she needed my technical help and never to be really part of key decisions and technical input.
>>> 
>>>  I kind of feel backstab and downgraded.
>>> 
>>> Anyways.. take a look of this
>>> _______________________________________________
>>> Owasp-board mailing list
>>> Owasp-board at lists.owasp.org
>>> https://lists.owasp.org/mailman/listinfo/owasp-board
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20140608/30c298ba/attachment-0001.html>


More information about the Owasp-board mailing list