[Owasp-board] Update - CFT Issue re:PCI training via OWASP

johanna curiel curiel johanna.curiel at owasp.org
Fri May 8 16:02:53 UTC 2015


I didn't know that, so in that case, this is equivalent to the  CFT PCI
training in discussion.

Why not make the materials public, free and open source then? Why not
include this in the call for trainers?

I'm creating such materials as part of the OWASP PCI project and I'm
willing to make sure these materials are full open source including the VM.


What unfortunately cannot be  free is my time providing the training ;-)
just as the agreement between OWASP conference and trainers during the
conference. Such an agreement generates funds and pays the time of the
trainer

regards

Johanna



On Fri, May 8, 2015 at 10:48 AM, Jim Manico <jim.manico at owasp.org> wrote:

> > If I understood well from Paul's email, the idea is that the materials
> are free, just exactly as an OWASP training during the conference.
>
> OWASP Conference training is not open source or free, it's all vendor
> proprietary training that is limited to paid attendees only. I feel that it
> is counter to our mission to have closed training like that since we claim
> "everyone is welcome to participate... all our materials are under an open
> license" etc.
>
> --
> Jim Manico
> @Manicode
> (808) 652-3805
>
> On May 7, 2015, at 1:29 PM, johanna curiel curiel <
> johanna.curiel at owasp.org> wrote:
>
> Hi Jim
>
> >>to support our strategic goal I suggest we build free training materials
> for all to use.
>
> If I understood well from Paul's email, the idea is that the materials are
> free, just exactly as an OWASP training during the conference.  I also
> support this, indeed we should think a concept as coursera does, live
> training is similar to OWASP conference training
>
> as Paul mentioned:
> 3.  To ensure the content was not exclusive, we required the open webinar
> training to be produced
>
> regards
>
> Johanna
>
>
>
> On Thu, May 7, 2015 at 4:10 PM, Jim Manico <jim.manico at owasp.org> wrote:
>
>> Paul,
>>
>> I would like to shut this down because it makes us a security vendor. We
>> do not want to be that. We want to be an open source company where all of
>> our materials and projects are free. To support our strategic goal I
>> suggest we build free training materials for all to use.
>>
>> ••• I admit I am biased because I am a professional trainer and will
>> excuse myself from any vote on this or other training issues.
>>
>> Regards,
>> --
>> Jim Manico
>> @Manicode
>> (808) 652-3805
>>
>> On May 7, 2015, at 1:04 PM, Paul Ritchie <paul.ritchie at owasp.org> wrote:
>>
>> To OWASP Board Group List:
>>
>> I'm pleased to see a healthy discussion and strong viewpoints about
>> Training since this is one of our continuing Strategic Goals for 2015.  Let
>> me provide some 'first hand' information about this CFT.
>>
>> Specifically, this opportunity came from a company who 'knows about
>> OWASP' and knows and respects our 'quality & style' of training.
>>
>> They wanted some PCI training for their developers and their "end user
>> service reps" and they wanted OWASP to provide the training, not one of the
>> other commercial entities.
>>
>> As we evaluating this, we determined it met several of our key goals and
>> objectives, so we decided to run it as a pilot or trial to see how it
>> worked out for the Community and OWASP.  Does it meet our Core valules?   Open?
>> - check, Innovative? - check, Global? - check, Done w/Integrity? - check.
>>
>> 1.  It meets the Training goal, and more specifically it provides
>> training to ~125 Developers as well as ~1,000 customer service reps.
>> 2.  To keep opportunities 'open' we decided to make a broad Call For
>> Trainer, like we do at our AppSec Conferences.
>> 3.  To ensure the content was not exclusive, we required the open webinar
>> training to be produced
>> 4.  We are not providing any sort of "certification" for the training -
>> it is knowledge sharing only.
>> 5.  We have 3 submissions already under the CFT, and more than half a
>> dozen community members who volunteered to be on the content review team.
>>
>> 6.  Background -- There has been discussion for many years about
>> leveraging a paid training program that was modeled after the successful
>> conference style training, as a possible revenue stream for the
>> Foundation.  Many leaders have supported this in the past.  The conference
>> style model was attempted in a couple of different places ( Denver and NY)
>> with mixed results.  This is a sort of hybrid - on a small scale - to see
>> how it works.
>>
>> Again, I'm encouraged by all the healthy discussion on Training, and I
>> acknowledge the strong opinions on this topic.  In summary, this
>> opportunity popped up, we were able to structure it to meet our goals,
>> objectives & policies, so we are investing time & resource to 'test' this
>> new and innovative approach.
>> You are welcome to reach out to me or Kate with questions.  Kate is
>> closest to this program and she can connect you with other leaders working
>> on this as needed.
>>
>> Best Regards, Paul Ritchie
>> OWASP Executive Director
>> paul.ritchie at owasp.org
>>
>>  _______________________________________________
>> Owasp-board mailing list
>> Owasp-board at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-board
>>
>>
>> _______________________________________________
>> Owasp-board mailing list
>> Owasp-board at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-board
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20150508/6a4e1c49/attachment.html>


More information about the Owasp-board mailing list