[Owasp-board] O'Reilly

Jim Manico jim.manico at owasp.org
Fri Mar 25 20:42:22 UTC 2016

And one more note on O'Reilly after further consideration.

O'Reilly (while being a commercial entity) is all about spreading high 
quality technical knowledge (and not about selling products beyond their 
books). I'm a lot more likely put more of our resources into partnering 
with them than I was originally.


On 3/19/16 2:20 AM, Tom Brennan - OWASP wrote:
> Great stuff outreach is good and O'Reilly has been good to OWASP 
> chapters with free books for those that ask and the plan around that 
> global effort
> Will be interesting to also review the results of the conference 
> survey Kelly did from the general mailing lists and rank them
> On Saturday, March 19, 2016, Matt Konda <matt.konda at owasp.org 
> <mailto:matt.konda at owasp.org>> wrote:
>     Hi.
>     As you may know, O'Reilly announced this week that they are
>     running a new Security conference.
>     My initial take is that the emergence of a new security conference
>     out of O'Reilly is "a good thing"™. I believe there is some risk
>     but also some opportunity here since O'Reilly also hosts many key
>     developer conferences and is a substantial communication platform
>     with developers with their books and video training content.
>     The approach I would generally recommend and advocate for would be
>     a "make people look and feel good by association with OWASP" and
>     basically try to help and collaborate in a purely altruistic way
>     aligned with OWASP's mission.  But I wanted to toss this by the
>     broader board for input because there are obviously some risks and
>     philosophical questions we want to be clear about if we do engage.
>     I know some people at O'Reilly so I navigated and talked with
>     O'Reilly's VP of Conferences Friday to explore what they are
>     doing.  The conference is definitely a general security conference
>     not focused on AppSec - but it will likely include some AppSec
>     content.  They are _very_ interested in co-marketing
>     possibilities.  They would be super interested in sponsors. 
>     Obviously, their business model is to make profit from the
>     conference, book and other content that they license.
>     Undoubtedly they are responding to market opportunity.  One
>     outcome would be to take this as a signal to run more AppSecs or
>     really push more mid size regional events.  That could mean hiring
>     more staff to help.  They are also expanding into Asia with local
>     organizations on the ground to do that.
>     As we are, they are passionate about the editorial and commercial
>     independence of their content. Within that constraint, there may
>     be opportunities to assist as a resource to their conference
>     chairs looking to inject some security talks into their events. 
>     We already have a goal to get OWASP related content into their
>     conferences such as Velocity, OSCON, Software Architecture, Strata
>     etc. as a conscious and first class item.  Maybe we could suggest
>     invited speakers and topics and help with talk selection.  Maybe
>     we could even get our name on a track if we help their conference
>     chairs?  Definitely idealistic and open ended at this point, but
>     maybe interesting?  Probably depends a lot conference chair to
>     conference chair.  This would require a sustained and organized
>     effort specifically for this by a group of OWASP volunteers.
>     Just to be clear, I framed the discussion with O'Reilly as:  I'm
>     gathering information and looking at ideas, there are operational
>     processes and a bigger decision making process behind me at OWASP
>     that would have to happen for any of these things, I just wanted
>     to understand where O'Reilly were coming from and what the
>     possible collaboration paths might be.
>     I think at the very least we should explore co-marketing
>     possibilities - and as we do so, I would encourage us to value our
>     brand and experience and also to think outside the box about what
>     the most ambitious possibilities are for OWASP and make sure to
>     push for deeper and meaningful commitments from them.  There may
>     be ways that we can support them that dramatically change our
>     communication strategy with developers - let's talk about those.
>     In any case, I think this raises some interesting possibilities
>     and issues so I wanted to share the information I had gathered and
>     give you all the opportunity to weigh in.
>     Best,
>     Matt
> -- 
> Tom Brennan
> Global Board of Directors
> NYC/NJ Metro Chapter Leader
> (d) 973-506-9304
> OWASP Foundation | www.owasp.org <http://www.owasp.org>
> The information contained in this message and any attachments may be 
> privileged, confidential, proprietary or otherwise protected from 
> disclosure. If you, the reader of this message, are not the intended 
> recipient, you are hereby notified that any dissemination, 
> distribution, copying or use of this message and any attachment is 
> strictly prohibited. If you have received this message in error, 
> please notify the sender immediately by replying to the message, 
> permanently delete it from your computer and destroy any printout.
> _______________________________________________
> Owasp-board mailing list
> Owasp-board at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-board

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20160325/205add94/attachment-0001.html>

More information about the Owasp-board mailing list