[Owasp-board] Promoting commercial activities through OWASP Mailing Lists

Josh Sokol josh.sokol at owasp.org
Wed Mar 19 13:36:47 UTC 2014


It probably wouldn't hurt to provide additional guidance via the Chapter
Leader Handbook here:

https://www.owasp.org/index.php/Chapter_Handbook/Chapter_4:_Chapter_Administration#Mailing_Lists

It addresses a similar situation (job postings) by saying it's up to the
Chapter Leader to determine what they would like to do.  I think the real
caveat here is to ensure that if they are doing this for one company, then
they are not excluding others who are looking for similar promotions (ie.
vendor neutral).  Obviously, this becomes a steep slope.  The way we have
handled it in Austin in the past is by trying to summarize all of these
"opportunities" in a monthly e-mail sent by the chapter leader.  Anything
sent directly by the vendor would be unofficial and potentially considered
SPAM.  It's a little bit of extra work, but it does allow the chapter to
control the messaging and ensure that no vendor is getting preferential
treatment.

~josh


On Wed, Mar 19, 2014 at 6:59 AM, Tom Brennan <tomb at owasp.org> wrote:

> There is a membership page now that outlines this logo/description this
> has to be promoted
>
> https://www.owasp.org/index.php/Corporate_Supporter_Bios
>
> This if promoted will raise visibility to the who and the what as well as
> the new membership model.
>
>
> There is a membership page now that outlines this logo/description
>
> https://www.owasp.org/index.php/Corporate_Supporter_Bios
>
> This if promoted will raise visibility to the who and the what as well as
> the new membership model.
>
> Re mainlining list spam on lists, Facebook, google+ and linkedin etc I see
> that as a issue that can only be moderated by a human on staff and drooping
>
> The simple fact is that of someone gives to the community with projects
> any type and volunteerism that is "advertising" in a constructive way of
> there skills in the space.
>
> Also adding a disclaimer footer to all mailing lists would help raising
> sponsorship awareness + dropping the spammer noise mostly from over zealous
> marketeers
>
> ====
> Disclaimer: OWASP does not endorse or recommend commercial products or
> services allowing our community to remain vendor neutral with the
> collective wisdom of the best minds in application security worldwide.  If
> your looking for that look here:
> https://www.owasp.org/index.php/Corporate_Supporter_Bios otherwise let's
> keep our lists focused on the mission
> ====
>
>
> Tom Brennan
> 9732020122
>
> Tom Brennan
> 9732020122
>
> On Mar 19, 2014, at 7:25 AM, Fabio Cerullo <fcerullo at owasp.org> wrote:
>
> hi,
>
> Please read thread below...
>
> Some companies are approaching OWASP chapter leaders and asking them to
> promote their training courses, services, etc through the OWASP mailing
> lists. In exchange, they provide a discount to OWASP members.
>
> As there is no clear understanding among chapter leaders if this is
> allowed or not, I think the Board needs to step up and provide guidance for
> them.
>
> Do we say yay, nay or launch a community vote?
>
> Thanks
> Fabio
>
> ---------- Forwarded message ----------
> From: Fabio Cerullo <fcerullo at owasp.org>
> Date: Tue, Mar 18, 2014 at 7:53 PM
> Subject: Re: Advanced Android and iOS Exploitation
> To: Darren Fitzpatrick <darren.fitzpatrick at owasp.org>
> Cc: Eoin <eoin.keary at owasp.org>, Fiona Collins <fiona.collins at owasp.org>,
> Owen Pendlebury <owen.pendlebury at owasp.org>, Sarah Baso <
> sarah.baso at owasp.org>
>
>
> One way or the other I think we need to cascade the message to all leaders.
>
> At present the rules are not clear about this.
>
> Some chapters are allowing this and other dont.
>
> @Sarah: what are your thoughts on this?
>
> Thanks
> Fabio
>
>
> On Tuesday, March 18, 2014, Darren Fitzpatrick <
> darren.fitzpatrick at owasp.org> wrote:
>
>> It was actually the exact same training course with the Espion query a
>> while ago. He was supposed to be coming over and doing it through us but it
>> didn't sell well in the end, although I thought it sounded pretty good.
>>
>> I thought the commercial promotion response made sense personally,
>> despite it being fairly relevant. I doubt those slides could be shared as
>> per speaker agreement as its a totally commercial setup!
>> On 18 Mar 2014 18:38, "Eoin Keary" <eoin.keary at owasp.org> wrote:
>>
>> It's commercial promotion IMHO.
>> It is against our policies AFAIK but I've cc'ed Sarah to clarify.
>>
>> Would this open the gates to for example: "BCC are offering 10% discount
>> on all our pen-testing services to all members??"
>>
>> We also said "No" to Espion last year for a similar request if I remember
>> correctly.
>>
>> I've cc'ed Sarah to clarify. She's the main lady after all!
>>
>>
>>
>>
>> Eoin Keary
>> Owasp Global Board
>> +353 87 977 2988
>>
>>
>> On 18 Mar 2014, at 17:42, Fabio Cerullo <fcerullo at owasp.org> wrote:
>>
>>
>>
>> ---------- Forwarded message ----------
>> From: *Sumit Siddharth* <sumit.siddharth at gmail.com>
>> Date: Tuesday, March 18, 2014
>> Subject: Advanced Android and iOS Exploitation
>> To: Fabio Cerullo <fcerullo at owasp.org>
>>
>>
>> Hi Fabio,
>>
>> did the board approve it?
>>
>> Sid
>>
>>
>> On Wed, Mar 12, 2014 at 1:33 PM, Sumit Siddharth <
>> sumit.siddharth at gmail.com> wrote:
>>
>> Thanks
>>
>>
>> On Wed, Mar 12, 2014 at 1:32 PM, Fabio Cerullo <fcerullo at owasp.org>wrote:
>>
>> Sid
>>
>> I passed your message to the owasp ireland board for review.
>>
>> If approved, it will be posted in the coming days.
>>
>> Thanks
>> Fabio
>>
>>
>> On Wed, Mar 12, 2014 at 1:30 PM, Sumit Siddharth <
>> sumit.siddharth at gmail.com> wrote:
>>
>> Hi Fabio,
>>
>> can you help here?
>>
>> Sid
>>
>>
>> On Fri, Mar 7, 2014 at 10:27 AM, Sumit Siddharth <
>> sumit.siddharth at gmail.com> wrote:
>>
>> if you want, I can create one for you to distribute for 10%?
>>
>>
>> On Fri, Mar 7, 2014 at 10:25 AM, Fabio Cerullo <fcerullo at owasp.org>wrote:
>>
>> Sumit
>>
>> Are there any special discounts for owasp members?
>>
>> Thanks
>> Fabio
>>
>>
>> On Friday, March 7, 2014, Sumit Siddharth <sumit.siddharth at gmail.com>
>> wrote:
>>
>> hello mate,
>>
>> we are hosting a 3 day training event in London on Advanced Android and
>> iOS Exploitation:
>>
>>
>> https://www.eventbrite.com/e/advanced-android-and-ios-exploitation-tickets-10788329183
>>
>> Any chance you can put a word out for me within your team/contacts.
>>
>> Thanks
>> Sid
>>
>>
>> --
>> Sumit Siddharth
>>
>>
>>
>>
>> --
>> Sumit Siddharth
>>
>>
>>
>>
>> --
>> Sumit Siddharth
>>
>>
> _______________________________________________
> Owasp-board mailing list
> Owasp-board at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-board
>
>
>
> --
> Sent from mobile
>
> _______________________________________________
> Owasp-board mailing list
> Owasp-board at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-board
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20140319/a66eaa47/attachment-0001.html>


More information about the Owasp-board mailing list