[Owasp-board] [Governance] [Owasp-leaders] NIST, the NSA and fun with crypto reviews

Eoin Keary eoin.keary at owasp.org
Sat Jun 13 23:56:06 UTC 2015

Hello Christian,
The majority of the material you refer to here
Was co authored by myself. It has no corporate branding.
It was donated by myself and jim after we trained 200 people at outside RSA (at a
Pool hall). 

We also got crap from people who also do pro training as opening editable content was deemed damaging to their commercial interests.

Your remarks are unfounded and laughable.
Nice try mate.

The RSA 2013 pullout by OWASP was also my doing as I pissed them off by forcing a heated debate etc and they set out a bunch of conditions including not supporting BSides. We told RSA we would not comply to such requests.

> On 3 Jun 2015, at 09:48, Christian Heinrich <christian.heinrich at cmlh.id.au> wrote:
> Jim,
>> On Tue, Jun 2, 2015 at 12:10 AM, Jim Manico <jim.manico at owasp.org> wrote:
>> You are right this looks fishy. I used the RSA template per their request.
>> Since this talk (which was in 2013) I have open sourced the material,
>> rebranded it using the OWASP template and attached the raw PowerPoint > to the
>> proactive control project under the "Quick Access" section for all to use.
> I've had several poor dealings with Whitehat Security due to their
> lack of claimed ethics or morals.
> However, I don't consider having to use their presentation template an
> issue or unreasonable condition since "company slide templates aren't
> acceptable for OWASP ..." either to quote
> https://www.owasp.org/index.php/Speaker_Agreement
>> On Tue, Jun 2, 2015 at 12:10 AM, Jim Manico <jim.manico at owasp.org> wrote:
>> As a board member I need to keep away from even the appearances of
>> conflict
>> of interest and will endeavor to do better in the future. I hope this
>> addresses your (fair) concern.
> The conflict of interest is that in addition to being an OWASP Board
> Member you are also an OWASP Project Leader when these OWASP Projects
> should be handed over until you have completed your service to the
> OWASP Board.
> https://www.owasp.org/index.php/Education/Free_Training is nothing
> more than subversive marketing of OWASP Board Member's products and/or
> services so that they are "made visible" to potential customers as
> students.
> Can you please address the ongoing relationship to the commercial
> BlackHat conference and HP's upcoming presentation at RSA Conference
> USA 2015 too?
> -- 
> Regards,
> Christian Heinrich
> http://cmlh.id.au/contact
> _______________________________________________
> Governance mailing list
> Governance at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/governance
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20150614/d0c4a7ce/attachment.html>

More information about the Owasp-board mailing list