[Owasp-board] [Owasp-leaders] don't allow explicit discrimination 🙏🏿 (women only)

Avi D (OWASP Israel) avi.douglen at owasp.org
Fri Mar 15 09:04:45 UTC 2019

Hi Timur, 


As you know, I am the conference chair for this event. It’s a shame you didn’t feel comfortable reaching out to me directly before complaining at everybody. :) 


As Josh explained to you, I added this training outside the CFT submission process. As such there was never any conflict between this and any other submitted training proposal that may have been on a similar topic. This FREE training is being organized by the WIA committee, and Vandana in particular, and offered free (at her own personal expense) to _increase_ inclusion in OWASP events, and the industry in general. 


Whether or not you have encountered a problem with the current level of diversity in OWASP, AppSec events, and the industry in general – I assure you, this problem exists, it is significant, and it’s in a pretty terrible state right now. This free training is a blessed effort to get more women (and those identifying as women, as well as other underrepresented groups) into the industry, help them get started in a field that has traditionally been (and still is) biased against these groups, and hopefully rebalance our overwhelmingly male community. This is absolutely one of the core causes of OWASP, and part of our core mission: to make security visible and accessible to ALL developers etc. 


That said, if you feel strongly about it you can just as well sign up for the course – we will not be checking anyone’s genitals before we let them through the door. (Though I believe you are teaching a course yourself at the same time? So I’m not sure what you’re cranky about here.)


FYI, I will point out that we do have a strict Code of Conduct at our event, in addition to OWASP’s generic one. TBF it is a bit basic IMO, but it DOES have teeth: any abuse, harassment, or making someone feel like they do not belong is not acceptable, and can even lead to expelling an abuser, no matter who they are. Anyone and everyone should feel comfortable and safe attending and participating in the conference. 

Suggesting a comparison between WIA and other inclusivity efforts to Jim Crow laws, or trivializing these efforts as “political reasons”, or joking about white supremacy – this is not really a bannable offense, but I would strongly suggest reconsidering this approach. It’s not a wholesome path to be on… :) 


Looking forward to seeing you here again, and discussing further over a beer (or non-alcoholic drink if you prefer)! 



Avi D 


P.S. I am aware that are lack of diversity is not solely based on gender, e.g. PoC, trans, and more. As there are many groups that are not quite comfortable in many of these events, we do try to express universal inclusivity, and explicitly mention that anyone from underrepresented groups are included, not just women. If anyone feels they are still left out from this, please let me know and we will do whatever we can. 



From: owasp-leaders-bounces+avi.douglen=owasp.org at lists.owasp.org [mailto:owasp-leaders-bounces+avi.douglen=owasp.org at lists.owasp.org] On Behalf Of Timur 'x' Khrotko [owasp]
Sent: Friday, March 15, 2019 3:31
To: Josh Grossman <josh.grossman at owasp.org>; OWASP Foundation Board List <owasp-board at lists.owasp.org>; owasp-leaders at lists.owasp.org
Subject: [Owasp-leaders] don't allow explicit discrimination 🙏🏿 (women only)


Dear Board, dear Josh,


please modify the conditions of the Burp/ZAP training announced at Appsec Global in Tel Aviv. The "women only" condition is gender discriminatory, that is just plainly discriminatory and as such contradicts the faith and probably the policies of OWASP. Also it contradicted the training review policy which promised to make choices solely on professional grounds. 


Dear all,


I understand the idea behind it and I support the WIA initiative but there must be common sense limits. You shouldn't encourage black only tailor shops in your holy fight with racially discriminatory tailor shops. 


There're options to keep the idea, maybe make the training free for WIA members -- that would be against my taste still but maybe something tolerable. Or let WIA invent a clever and tasteful solution for the conditions of a free training to engage female devs in secdev.


As far as I know this isn't an issue with the Tel Aviv organisers as this training was nested from above. And also this women only thing already happened at one of the previous conferences, in the US probably.


Consider that when one inserts trainings for political reasons then similar trainings which could compete on professional grounds get automatically excluded. So by promoting causes which are not exactly the core causes OWASP exists for one harms the professional impartiality/etc.


Satirical sidenote: I'm not afraid of being tagged as trumpist since I'm already a Russian troll 😀 And during the Samantha-gate I already accepted highbrow American comments that we don't know modern social/moral norms at this side of the world.


Or would it be a good move next time to announce a 'Muslims only', 'Jews only', 'childfree only' or a 'gay only' training next time? (I subscribe to support all these causes and peoples sometimes discriminated -- even in my OWASP hat but not in a discriminatory way.)


Your thoughts?


Current reference: https://telaviv.appsecglobal.org/registration/



-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20190315/0fcd3f52/attachment-0001.html>

More information about the Owasp-board mailing list