[Owasp-board] Time to review

johanna curiel curiel johanna.curiel at owasp.org
Sun Feb 21 17:06:22 UTC 2016


Hi Noreen

That page I found when I did a google search. That is the page probably
most people find using a search engine

>>In terms of recognition, I have been giving shout outs in social media
and the News Flash and Connector newsletters to people ...[]

Thank you and I appreciate all the work you have been doing supporting us
in these matters.

>>Furthermore, you end as a solo-player, nobody gives you thanks, when all
you are trying to do is help, burning your free time chasing waterfalls.

I would like to clarify that don't contribute to receive thanks or
recognition,but is nice when you get recognition because it means your work
is meaningful.Thats is the way I measure it ;-).

As part of a volunteer management program, recognition is part of it, in
spite what some seem to ignore  and I believe you and some members of the
board have sure expressed it, In contrast  to other members that should be
careful with the way the treat volunteers using *very* rude expressions
that I have never  received in my live. And I believe I don't deserve that
kind of treatment.
[image: Inline image 2]


Ending as solo player means to me, no one is interested to contribute and
join that cause.

We have a lack of volunteers for reviewing projects and maintaining
outdated content on the wiki.

 If you read careful, my point is that these activities do not seem to have
enough interest within OWASP volunteers, so you end up with a very small
group that cannot sustain them easily, *not to what the community expects*.

>> The current volunteer "page" link in the left navigation is a list of
volunteer jobs from our database and is not ideal way to present these
jobs. I would encourage people to suggest ways to improve volunteer
engagement. We can use the talk page of the Become a Volunteer page, but I
would want to link it to the Global Initiatives page for findability or see
if there is a more appropriate, active page to use for that discussion.


Personally I think that the best way to support volunteers is to have a
clear mission alignment with the activities the foundations wants vs the
activities volunteers want to do. Similar to mozilla:
*You have to begin by allowing the volunteer 'to choose what interest
them'....*

[image: Inline image 3]

These are just suggestions, based on my observation, as a volunteer that
wants to help OWASP:

   - If cleaning and classifying content in the wiki does not seem to
   motivate owasp volunteers, then analyse why. (I do not like to help with
   the wiki cleaning because is boring)
   - If people do not want to review projects, then you know we cannot
   sustain this activity with volunteers alone( few have voted for even
   graduating a project)
   - If project leaders want to try something different by putting content
   on the Github, *let them*.

Noreen, If you want me to help building a similar page as Mozilla through a
global initiative, we can set that as a project initiative.
https://www.mozilla.org/en-US/contribute/

I would love to help with this and help build a better volunteer matching
program within OWASP

Cheers

Johanna



On Sun, Feb 21, 2016 at 12:19 PM, Noreen Whysel <noreen.whysel at owasp.org>
wrote:

> Hi Johanna,
>
> We are looking for ways to better support our volunteers and would like
> people to suggest ideas. It is interesting that the page you found (Become
> an OWASP Volunteer) is a stub page that no other page on the wiki links to.
>
>
> https://www.owasp.org/index.php?title=Special%3AWhatLinksHere&target=Become_an_OWASP_Volunteer&namespace=
>
> The current volunteer "page" link in the left navigation is a list of
> volunteer jobs from our database and is not ideal way to present these
> jobs. I would encourage people to suggest ways to improve volunteer
> engagement. We can use the talk page of the Become a Volunteer page, but I
> would want to link it to the Global Initiatives page for findability or see
> if there is a more appropriate, active page to use for that discussion.
>
> In terms of recognition, I have been giving shout outs in social media and
> the News Flash and Connector newsletters to people who have made
> contributions, including project releases, project reviews and successful
> regional and chapter events and trainings, and Mark Miller is actively
> seeking folks to interview for the 24/7 podcast. If you know of a
> contribution that should get public acknowledgement, do let me know so we
> can let everyone know about it.
>
> Noreen Whysel
> Community Manager
> OWASP Foundation
>
> On Feb 20, 2016, at 8:10 PM, johanna curiel curiel <
> johanna.curiel at owasp.org> wrote:
>
> >>I am very confused. No one asked you to do any work here, am I mistaken?
>
> BTW , there is a nice wiki page asking for people to be volunteers:
> https://www.owasp.org/index.php/Become_an_OWASP_Volunteer
>
> Yes, I think that quite contradicts that 'no one asked you to do any work
> here'...
>
> Maybe should be set as inactive.😁 I would do it will all the pleasure...
> 😝
>
>
> On Sat, Feb 20, 2016 at 9:03 PM, Jim Manico <jim.manico at owasp.org> wrote:
>
>> I was not at all trying to be mean or hurtful, I was just saying that
>> this is all volunteer and you do not have to work on the Bug Bounty
>> program. I was worried you felt pressure here, and I did not think that was
>> fair.
>>
>> I was not trying to be mean, at all.
>>
>> - Jim
>>
>>
>> On 2/20/16 7:02 PM, johanna curiel curiel wrote:
>>
>> >>I am very confused. *No one asked you to do any work here, am I
>> mistaken? *
>>
>> I don't think this is a very nice thing to say to a volunteer.
>>
>> On Sat, Feb 20, 2016 at 9:00 PM, Jim Manico <jim.manico at owasp.org> wrote:
>>
>>>
>>> *> Thats counts for every volunteer I assume...*
>>>
>>> Of course it does, me too!. :) There are about 10 folks active on the
>>> wiki who I talk to on a very regular basis. In my experience we all really
>>> enjoy messin' with the wiki and have a lot of fun interacting with each
>>> other. It's satisfying and we all learn in the process.
>>>
>>> Wiki work brings a lot of joy to me in my OWASP interactions so imma
>>> going to keep doing it. These are folks who are really sharp about
>>> application security, enjoy debating the finer points and are happy to
>>> contribute some of their expertise to the foundation. No one forced any of
>>> the wiki (or project) folks to contribute. They want to. :)
>>>
>>> Aloha,
>>> Jim
>>>
>>> Not bad traffic for wiki pages
>>>
>>> 2.1 million
>>> https://www.owasp.org/index.php/XSS_Filter_Evasion_Cheat_Sheet
>>> 1.9 million
>>> https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet
>>>
>>>
>>>
>>>
>>> >>I am very confused. *No one asked you to do any work here, am I
>>> mistaken? *
>>>
>>> *Thats counts for every volunteer I assume...*
>>>
>>> On Sat, Feb 20, 2016 at 8:50 PM, Jim Manico < <jim.manico at owasp.org>
>>> jim.manico at owasp.org> wrote:
>>>
>>>> > I don't think you have read properly what I'm trying to say, which
>>>> is, that these activities, where there seems to be a need for operational
>>>> support, such as reviewing or wiki editing , does not have enough traction
>>>> from volunteer efforts and therefore not sustainable. Many talk cheap and
>>>> in the end, not enough people toy backup operations.
>>>>
>>>> Right. Wiki could use more help, but the Bug Bounty proposals include
>>>> significant *vendor* support. I think that will work wel
>>>>
>>>> > If you consider the wiki a success, (with XSS fiasco included) then
>>>> you have not read the responses people provided on the survey I did where
>>>> 50 members of our community responded.Have you read what they say?
>>>>
>>>> Fiasco? We found and fixed bugs. That's good. The world keeps on
>>>> spinning. Yes, I know of the complains from the 50 folks in your survey,
>>>> and I agree with those concerns. But you must have missed the many
>>>> *millions* of page hits on *several*  wiki pages and other
>>>> documentation projects...
>>>>
>>>> Johanna, I do not know why you keep targeting me in these emails. I am
>>>> just one board member - one that you apparently do not like or have respect
>>>> for. Maybe consider talking to other board members if you are not happy
>>>> with my actions. In the meantime, I am going to do a little wiki work
>>>> tonight.
>>>>
>>>> If you have sustainable ideas for these programs, by all means lets
>>>> hear them. If there are things you need me to read, let me know. I am doing
>>>> my best in my limited time as a volunteer.
>>>>
>>>> Aloha,
>>>> - Jim
>>>>
>>>>
>>>>
>>>> On 2/20/16 6:43 PM, johanna curiel curiel wrote:
>>>>
>>>> >>I am very confused. *No one asked you to do any work here, am I
>>>> mistaken? *
>>>>
>>>> Exactly,  *thank you for making that clear.*
>>>>
>>>> I don't think you have read properly what I'm trying to say, which is,
>>>> that these activities, where there seems to be a need for operational
>>>> support, such as reviewing or wiki editing , does not have enough traction
>>>> from volunteer efforts and therefore not sustainable. Many talk cheap and
>>>> in the end, not enough people toy backup operations.
>>>>
>>>> If you consider the wiki a success, (with XSS fiasco included) then you
>>>> have not read the responses people provided on the survey I did where 50
>>>> members of our community responded.Have you read what they say?
>>>>
>>>> I'm looking for a discussion around solutions and creating initiatives
>>>> that are sustainable.
>>>>
>>>> Once again Jim, thank you for making it very clear to me how you think.
>>>>
>>>>  I was expecting a some discussions around sustainability.
>>>>
>>>> Cheers
>>>>
>>>> Johanna
>>>>
>>>> On Sat, Feb 20, 2016 at 8:29 PM, Jim Manico < <jim.manico at owasp.org>
>>>> jim.manico at owasp.org> wrote:
>>>>
>>>>> Joanna,
>>>>>
>>>>> All I asked is that we give other vendors a chance to propose a bug
>>>>> bounty program instead of just choosing one vendor. I am not "the decider"
>>>>> here. I did not initiate the bug bounty program nor do I disagree with all
>>>>> of your comments below. I am sure we will face several challenges. I still
>>>>> think it's a good idea to try and I'm grateful Josh is taking a leadership
>>>>> position here.
>>>>>
>>>>> > I'm out of this equation regarding any decisions of a bounty program
>>>>> and management of it in the future.
>>>>>
>>>>> For someone who is "out of the equation" you sure have a lot to say!
>>>>> No one is asking you to do - any work. You are a volunteer (like me) and
>>>>> you do as you like when you feel like it and that is ok.
>>>>>
>>>>> > Wiki have shown that volunteer based does not work.
>>>>>
>>>>> I strongly disagree. I know the wiki is tough for some to read, and it
>>>>> needs work, but several pages have received millions of hits and have
>>>>> helped many on several issues. I know the wiki needs work, but I am proud
>>>>> of the accomplishments of the thousands of volunteers who have contributed
>>>>> to that knowledge base in some way.
>>>>>
>>>>> > Therefore, I prefer to abstain to participate on this bounty
>>>>> initiative because my workload has multiplied by the dozen, and as a
>>>>> volunteer, I cannot provide any guarantees of my availability in the future.
>>>>>
>>>>> I am very confused. No one asked you to do any work here, am I
>>>>> mistaken? I do not understand why you are upset or are abstaining in
>>>>> something that I did not even know you were a part of. I just recall you
>>>>> (and Josh) getting very upset that I even suggested we look at other vendor
>>>>> proposals.... First you suggest we get a specific vendor for an OWASP bug
>>>>> bounty program, then you get upset that I suggested we discuss this with
>>>>> other vendors, and now you abstaining. It's hard for me to follow what you
>>>>> want here. I have watched you email the world about "taking on an
>>>>> initiative" and then quit several times now, that I am having a lot of
>>>>> trouble following your work and needs. And I have done this a few times
>>>>> myself, I'm not perfect. But I do keep trying.
>>>>>
>>>>> > This counts for the review process. This is the reason why we,
>>>>>  Enrico and I, proposed to decentralise and focus on a platform. Even so,
>>>>> this platform is highly dependable on volunteers. So far, only 6 members
>>>>> have voted for Graduation of the OWASP security project.We lack
>>>>> participation. I feel like no one cares. Or people just don't want to
>>>>> participate in this kind of thing.I have no freaking idea.
>>>>>
>>>>> Johanna, if you are not satisfied with your volunteer activities, then
>>>>> I suggest you find another way to lend support at OWASP (there are many
>>>>> many things going on with application security) or *take a break and
>>>>> take some time off*. OWASP is not supposed to get your angry or make
>>>>> you feel unsatisfied.  It's Saturday night and I'm stuck in Chicago so I'm
>>>>> going to work on a few wiki tasks on my plate because that gives me a lot
>>>>> of satisfaction - even in the face of other folks, like yourself, who do
>>>>> not see the value in the wiki. I do - so I'm going to keep at it.
>>>>>
>>>>> > Furthermore, you end as a solo-player, nobody gives you thanks, when
>>>>> all you are trying to do is help, burning your free time chasing
>>>>> waterfalls.(Thats counts for you with the wiki editing of +8000 pages, I
>>>>> guess all you hear is criticism just as I do, and people just tends to
>>>>> forget we are not OWASP staff, we are volunteers)
>>>>>
>>>>> Yea, I think that if you join OWASP because you want "thanks" - you're
>>>>> in it for the wrong reason. Johanna, I have seen folks give you MANY
>>>>> compliments - over and over and over - on big public lists - from folks all
>>>>> over the world - and it does not seem to be enough for you, so I do not
>>>>> know what to tell you. I do the work I do at OWASP because I believe it in
>>>>> and find the value in it. I don't want thanks - I actually dislike getting
>>>>> public thanks - I just want more volunteers involved. And I find that
>>>>> leading by example helps. There are quite a few folks working on the wiki
>>>>> with me. I am super grateful for them all. Generating new content is not an
>>>>> issue, dealing with older content is.
>>>>>
>>>>> > Whatever the reason , the effect is, volunteered based initiatives
>>>>> as wiki, reviews and possibly Bounty program, does not seem to work.
>>>>>
>>>>> This is a fair point regarding the bug bounty program. Please keep in
>>>>> mind that several of the bounty programs proposed would be vendor driven,
>>>>> not volunteer driven. It's not decided yet nor is it my call (or even
>>>>> charge). This thread started because I asked to be vendor neutral, and if
>>>>> this was to start over I'd do the same.
>>>>>
>>>>> Have a nice Saturday night. I'm off to work on the Java wiki page and
>>>>> do a little cleanup.
>>>>>
>>>>> Aloha,
>>>>> - Jim
>>>>>
>>>>>
>>>>> On 2/20/16 11:14 AM, johanna curiel curiel wrote:
>>>>>
>>>>> >>I trust those involved will make a good decision here.
>>>>>
>>>>> >>First, the current proposal *does not include the triage,
>>>>> reproduction, and remediation piece* (the Bugcrowd one does).  After
>>>>> speaking with them about this, they explained that it is because there is
>>>>> additional costs involved with that because they partner with other
>>>>> companies to provide that service.  That said, they offered to talk to one
>>>>> of their partners and had a strong belief that they could offer this to us
>>>>> as well.
>>>>>
>>>>> Hi Jim.
>>>>>
>>>>> I'm all in favour of vendor neutrality at all times.I admire your
>>>>> pro-activeness in these matters, however, at this point, I'm out of this
>>>>> equation regarding any decisions of a bounty program and management of it
>>>>> in the future.
>>>>>
>>>>> One of the major problems we have, is to create sustainable
>>>>> initiatives. I'm a volunteer with limited time. My availability will vary a
>>>>> lot and this is common for volunteers.
>>>>>
>>>>> I think is important that we ask ourselves who will be accountable for
>>>>> the system we bring in and able to manage this continuously. Volunteer
>>>>> based, I'm not convinced.
>>>>>
>>>>> Wiki and Reviews have shown that volunteer based does not work.
>>>>> Therefore, I prefer to abstain to participate on this bounty initiative
>>>>> because my workload has multiplied by the dozen, and as a volunteer, I
>>>>> cannot provide any guarantees of my availability in the future.
>>>>>
>>>>> This counts for the review process. This is the reason why we,  Enrico
>>>>> and I, proposed to decentralise and focus on a platform. Even so, this
>>>>> platform is highly dependable on volunteers. So far, only 6 members have
>>>>> voted for Graduation of the OWASP security project.We lack participation. I
>>>>> feel like no one cares. Or people just don't want to participate in this
>>>>> kind of thing.I have no freaking idea.
>>>>>
>>>>> So far, there has not been any reviewers that have worked on reviews
>>>>> since we restarted this initiative.Even before, when Claudia start offering
>>>>> amazon cards in exchange for reviews, only 2 persons participated for 2
>>>>> reviews one different projects. We keep on looking, I believe Claudia has
>>>>> contact them, but in the end, nothing.
>>>>>
>>>>>  I took many hours to build that criteria and let people comment and
>>>>> collaborate, so we make this process easier. There has been some
>>>>> participation , but from very few. We provide the community with all the
>>>>> opportunities to participate but still, there is a lack of interested in
>>>>> this subject.
>>>>>
>>>>> I spoke with Jason Li, and even on an interview you did to him in
>>>>> 2008, he had the same idea of providing a platform for participation, but
>>>>> people don't want to volunteer to for these kind of tasks, just as happens
>>>>> with the wiki.
>>>>>
>>>>> Furthermore, you end as a solo-player, nobody gives you thanks, when
>>>>> all you are trying to do is help, burning your free time chasing
>>>>> waterfalls.(Thats counts for you with the wiki editing of +8000 pages, I
>>>>> guess all you hear is criticism just as I do, and people just tends to
>>>>> forget we are not OWASP staff, we are volunteers)
>>>>>
>>>>> I think is time that, from the operational management point of view,
>>>>> to revise all these actions and have a very serious talk about this.
>>>>>
>>>>>    - Are they sustainable only volunteer based?
>>>>>    - What has the experience shown?
>>>>>    - Why does owasp lack volunteers to help on these tasks?
>>>>>    - Is the workload to big to expect volunteers to do this?
>>>>>    - Is this a community that has not time to do this kind of work?
>>>>>    - Do they actually want to do these kind of tasks?
>>>>>
>>>>> Volunteers are volunteers, they are not workforce nor can you expect
>>>>> the same output.You cannot expect anything from them.
>>>>>
>>>>> A volunteer must feel he gains something back for giving his time. If
>>>>> there is no exchange on this part, if he does not feel valued or that his
>>>>> work matters,  or enjoys what he does, then , I think , volunteer work
>>>>> stops. For me , it must have a meaning, that what I do , matters.
>>>>>
>>>>> Whatever the reason , the effect is, volunteered based initiatives as
>>>>> wiki, reviews and possibly Bounty program, does not seem to work.
>>>>>
>>>>> We should evaluate this before we keep bringing systems that cannot be
>>>>> volunteered-based sustained.
>>>>>
>>>>> Cheers
>>>>>
>>>>> Johanna
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> On Sat, Feb 20, 2016 at 12:17 AM, Jim Manico < <jim.manico at owasp.org>
>>>>> jim.manico at owasp.org> wrote:
>>>>>
>>>>>> Josh,
>>>>>>
>>>>>> I am grateful you took the time to hear other bounty vendors out,
>>>>>> especially since I forced your hand to do so to some degree.
>>>>>>
>>>>>> I trust those involved will make a good decision here.
>>>>>>
>>>>>> I do not have a charge over this and do not want to interfere, but if
>>>>>> you want my assistance just ask.
>>>>>>
>>>>>> Aloha,
>>>>>> Jim
>>>>>>
>>>>>>
>>>>>>
>>>>>> On 2/19/16 4:07 PM, Josh Sokol wrote:
>>>>>>
>>>>>> I went ahead and spoke with HackerOne this afternoon even though
>>>>>> others were unable to make it.  I'm going to be mostly out-of-pocket over
>>>>>> the next couple of weeks, but at least wanted to be informed.  I took some
>>>>>> notes, included below, but had a couple of things that are worth mentioning
>>>>>> here.  First, the current proposal does not include the triage,
>>>>>> reproduction, and remediation piece (the Bugcrowd one does).  After
>>>>>> speaking with them about this, they explained that it is because there is
>>>>>> additional costs involved with that because they partner with other
>>>>>> companies to provide that service.  That said, they offered to talk to one
>>>>>> of their partners and had a strong belief that they could offer this to us
>>>>>> as well.  With that, I think that what they are offering is pretty much
>>>>>> equivalent to what Bugcrowd is offering.  That said, the ask is **VERY**
>>>>>> different.  While Bugcrowd is looking for an OWASP Platinum sponsorship
>>>>>> package in exchange for their services, HackerOne is literally asking for
>>>>>> nothing.  They said that they are big supporters of the OWASP Foundation
>>>>>> and what we stand for and want to do this to help us out.  I was not
>>>>>> expecting this, but am extremely happy with what I heard from them.  We
>>>>>> haven't talked to Cobalt yet, but my gut at this point is that HackerOne
>>>>>> would make for a great partner on this and I would recommend, if we were to
>>>>>> accept their offer, providing them with a logo placement on the supporter
>>>>>> page (as a minimum) as a token of our appreciation.
>>>>>>
>>>>>> So, I realize that we still have one more vendor to talk to, but
>>>>>> HackerOne looks really good.  With Johanna out-of-pocket for the
>>>>>> foreseeable future, I wanted to make a recommendation to pull Simon
>>>>>> Bennetts (if he is willing) into this evaluation process.  I think that a
>>>>>> bug bounty program would be of huge benefit to his efforts, and would like
>>>>>> to get his impression of the value of such a tool for his project.  Simon,
>>>>>> would you be willing to hop on a call with the HackerOne folks to take a
>>>>>> look at their platform?  Or, if you'd prefer, we have access to the
>>>>>> platform already and can get you an account to poke around with on your
>>>>>> own.
>>>>>>
>>>>>> In any case, notes are below.  Have a great weekend!
>>>>>>
>>>>>> ~josh
>>>>>>
>>>>>> *Your Platform:*
>>>>>>
>>>>>>    - Workflow & Automation: Focused on engineering the world's most
>>>>>>    advanced vulnerability coordination platform.
>>>>>>    - Signal: Numerous systems, such as Reputation and hackbot,
>>>>>>    dedicated to ensuring high signal programs.
>>>>>>    - Transparent: All hackers have a profile, history and
>>>>>>    reputation.  Advanced public disclosure workflow when needed.
>>>>>>
>>>>>>
>>>>>> *You are in Control:*
>>>>>>
>>>>>>    - Flexible: Run private or public programs, with or without
>>>>>>    bounties, managed or unmanaged.
>>>>>>    - Ownership: You own your data.  HackerOne makes no claims on
>>>>>>    Vulnerability Information.
>>>>>>    - Multiparty Coordination: Easily pull in other vendors or
>>>>>>    external parties into a case.
>>>>>>
>>>>>> *Service Donation:*
>>>>>>
>>>>>>    - Waive bounty service fees
>>>>>>    - Donate HackerOne Enterprise and a dedicated success manager for
>>>>>>    min 2 years.
>>>>>>
>>>>>> FREE Program
>>>>>>
>>>>>>    - [email protected] Workflow
>>>>>>    - Hacker Reputation
>>>>>>    - Intelligent Duplication Detection
>>>>>>    - Automation
>>>>>>    - Issue Tracker Integration
>>>>>>    - Analytics Dashboard
>>>>>>
>>>>>> PROFESSIONAL Program ($2k/mo)
>>>>>>
>>>>>>    - Everything in Free
>>>>>>    - Advanced Hacker Matching
>>>>>>    - Performance Benchmarking
>>>>>>    - Launch & Optimization Guidance
>>>>>>    - Report Mediation
>>>>>>    - Reports API
>>>>>>
>>>>>> ENTERPRISE Program:
>>>>>>
>>>>>>    - Everything in Professional
>>>>>>    - Dedicated Success Manager
>>>>>>    - Custom Analytics & Reporting
>>>>>>    - Custom Integrations
>>>>>>    - Custom Branding Theme
>>>>>>    - Communications Guidance
>>>>>>
>>>>>> ADD ON: Bug Bounty Global Payments (Included in our deal)
>>>>>>
>>>>>> ADD ON: HackerOne Managed - Triage, Reproduction & Remediation
>>>>>> Guidance (Not included today in the proposal.  Implemented by partners.
>>>>>> Need to negotiate this.)
>>>>>>
>>>>>>    - Would propose to have a separate instance for each project +
>>>>>>    OWASP Foundation resources
>>>>>>    - Do not want anything in return.  Support the OWASP Foundation
>>>>>>    and what we are doing.
>>>>>>    - Have a built in leaderboard sortable by timeframe
>>>>>>    - Ranks hackers based on "signal" and "impact"
>>>>>>    - Have an integration with Salesforce ticketing
>>>>>>    - Support a wide range of common disclosure scenarios such as
>>>>>>    "public disclosure".  By default they are confidential.
>>>>>>
>>>>>>
>>>>>>
>>>>>
>>>>>
>>>>> --
>>>>> Johanna Curiel
>>>>> OWASP Volunteer
>>>>>
>>>>>
>>>>>
>>>>
>>>>
>>>> --
>>>> Johanna Curiel
>>>> OWASP Volunteer
>>>>
>>>>
>>>>
>>>
>>>
>>> --
>>> Johanna Curiel
>>> OWASP Volunteer
>>>
>>>
>>>
>>
>>
>> --
>> Johanna Curiel
>> OWASP Volunteer
>>
>>
>>
>
>
> --
> Johanna Curiel
> OWASP Volunteer
>
> _______________________________________________
> Owasp-board mailing list
> Owasp-board at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-board
>
>


-- 
Johanna Curiel
OWASP Volunteer
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20160221/f55599c2/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Screenshot 2016-02-21 12.47.16.png
Type: image/png
Size: 79521 bytes
Desc: not available
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20160221/f55599c2/attachment-0002.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Screenshot 2016-02-21 12.54.23.png
Type: image/png
Size: 166105 bytes
Desc: not available
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20160221/f55599c2/attachment-0003.png>


More information about the Owasp-board mailing list