jim.manico at owasp.org
Fri Mar 25 20:42:22 UTC 2016
And one more note on O'Reilly after further consideration.
O'Reilly (while being a commercial entity) is all about spreading high
quality technical knowledge (and not about selling products beyond their
books). I'm a lot more likely put more of our resources into partnering
with them than I was originally.
On 3/19/16 2:20 AM, Tom Brennan - OWASP wrote:
> Great stuff outreach is good and O'Reilly has been good to OWASP
> chapters with free books for those that ask and the plan around that
> global effort
> Will be interesting to also review the results of the conference
> survey Kelly did from the general mailing lists and rank them
> On Saturday, March 19, 2016, Matt Konda <matt.konda at owasp.org
> <mailto:matt.konda at owasp.org>> wrote:
> As you may know, O'Reilly announced this week that they are
> running a new Security conference.
> My initial take is that the emergence of a new security conference
> out of O'Reilly is "a good thing"™. I believe there is some risk
> but also some opportunity here since O'Reilly also hosts many key
> developer conferences and is a substantial communication platform
> with developers with their books and video training content.
> The approach I would generally recommend and advocate for would be
> a "make people look and feel good by association with OWASP" and
> basically try to help and collaborate in a purely altruistic way
> aligned with OWASP's mission. But I wanted to toss this by the
> broader board for input because there are obviously some risks and
> philosophical questions we want to be clear about if we do engage.
> I know some people at O'Reilly so I navigated and talked with
> O'Reilly's VP of Conferences Friday to explore what they are
> doing. The conference is definitely a general security conference
> not focused on AppSec - but it will likely include some AppSec
> content. They are _very_ interested in co-marketing
> possibilities. They would be super interested in sponsors.
> Obviously, their business model is to make profit from the
> conference, book and other content that they license.
> Undoubtedly they are responding to market opportunity. One
> outcome would be to take this as a signal to run more AppSecs or
> really push more mid size regional events. That could mean hiring
> more staff to help. They are also expanding into Asia with local
> organizations on the ground to do that.
> As we are, they are passionate about the editorial and commercial
> independence of their content. Within that constraint, there may
> be opportunities to assist as a resource to their conference
> chairs looking to inject some security talks into their events.
> We already have a goal to get OWASP related content into their
> conferences such as Velocity, OSCON, Software Architecture, Strata
> etc. as a conscious and first class item. Maybe we could suggest
> invited speakers and topics and help with talk selection. Maybe
> we could even get our name on a track if we help their conference
> chairs? Definitely idealistic and open ended at this point, but
> maybe interesting? Probably depends a lot conference chair to
> conference chair. This would require a sustained and organized
> effort specifically for this by a group of OWASP volunteers.
> Just to be clear, I framed the discussion with O'Reilly as: I'm
> gathering information and looking at ideas, there are operational
> processes and a bigger decision making process behind me at OWASP
> that would have to happen for any of these things, I just wanted
> to understand where O'Reilly were coming from and what the
> possible collaboration paths might be.
> I think at the very least we should explore co-marketing
> possibilities - and as we do so, I would encourage us to value our
> brand and experience and also to think outside the box about what
> the most ambitious possibilities are for OWASP and make sure to
> push for deeper and meaningful commitments from them. There may
> be ways that we can support them that dramatically change our
> communication strategy with developers - let's talk about those.
> In any case, I think this raises some interesting possibilities
> and issues so I wanted to share the information I had gathered and
> give you all the opportunity to weigh in.
> Tom Brennan
> Global Board of Directors
> NYC/NJ Metro Chapter Leader
> (d) 973-506-9304
> OWASP Foundation | www.owasp.org <http://www.owasp.org>
> The information contained in this message and any attachments may be
> privileged, confidential, proprietary or otherwise protected from
> disclosure. If you, the reader of this message, are not the intended
> recipient, you are hereby notified that any dissemination,
> distribution, copying or use of this message and any attachment is
> strictly prohibited. If you have received this message in error,
> please notify the sender immediately by replying to the message,
> permanently delete it from your computer and destroy any printout.
> Owasp-board mailing list
> Owasp-board at lists.owasp.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Owasp-board