[Owasp-board] On vendor neutrality and projects....

Eoin Keary eoin.keary at owasp.org
Sun Sep 28 13:10:27 UTC 2014


> > If someone at an OWASP event asks for my card, is it permitted to have my company info on the card?
- depends on the reasons they are asking? Owasp related or commercial?

Eoin Keary
Owasp Global Board
+353 87 977 2988


On 27 Sep 2014, at 18:45, Jim Manico <jim.manico at owasp.org> wrote:

> A member of our community asked me a few questions about OWASP projects and our commercial stance. Here are my answers, did I answer these correctly?
> 
> > If someone at an OWASP event asks for my card, is it permitted to have my company info on the card?
> 
> I tend to give people two cards when I can. One OWASP card (this is my non-profit card) and my commercial card (this is my business). I do not put the OWASP logo on my commercial card and I do not put my company logo on an OWASP card. I'm going to check with the board on this to make sure I'm communicating this properly.
> 
> My suggesting is that you should not initiate commercial activities on any OWASP communication channel (OWASP email, OWASP lists, etc). But if someone asks YOU and initiates a commercial conversation, move it to a different email address and knock yourself out. :)
> 
> > Does this change if I'm presenting or not?
> 
> No, but when presenting at OWASP conferences, please do not use that platform to sell your commercial product or service. It's part of our speaker agreement. And in general, never ever imply that OWASP endorses your commercial product or service. Cool? There are of course vendor options at OWASP conferences.
> 
> > do I have to close down the open source project as it exists, and move everything to OWASP, or can I point the OWASP pages at the existing open source project?
> 
> We prefer that you use the OWASP wiki to describe your project, and then point to a open source public repository of your code. In our project template there is a section for "external resources" where you can link to other resources. I do not think you have the close down what you are doing now, but the OWASP project page should be non-commercial and should not point to commercial activities, other than a neutral sponsor page.
> 
> Helpful?
> 
> Aloha,
> Jim
> 
> _______________________________________________
> Owasp-board mailing list
> Owasp-board at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-board
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20140928/94bf3e14/attachment.html>


More information about the Owasp-board mailing list