[Owasp-board] [Owasp-leaders] don't allow explicit discrimination 🙏🏿 (women only)

Avi D (OWASP Israel) avi.douglen at owasp.org
Fri Mar 15 09:32:44 UTC 2019

Thank you folks for the support and constructive suggestions. 


I agree with you Bjoern, though we would not bar males from joining the training there is definitely much to be said for the atmosphere in women groups as Prashant said. 


As far as financial discrimination… Not sure how much support there would have been for more free trainings :) 

However trainers can grant one seat in their own course to anyone they want – I personally would be happy to encourage them to “donate” it to those underrepresented groups, but that is really their own personal choice (and affects their income, so ¯\_(ツ)_/¯  )

Also while these may not be exactly student-affordable prices, it is very cheap compared to other events. We have some excellent courses that are being sold at 2 or 3 times the price, at eg Blackhat. It is really a great opportunity to get great training relatively cheap… 


Regarding Kevin’s suggestions: we did reach out to several (many) women and PoC to submit talks and trainings. Having an inclusive and supportive environment is absolutely essential for that to even work though… 

Additionally, we are trying to get sponsorships (here: https://telaviv.appsecglobal.org/docs/Global_AppSec_Tel_Aviv_2019_Sponsorship_Opportunities.pdf , wink wink!) for diversity scholarships as well! Would be greatly appreciative if you (and everyone) would share this with anyone that can help support this… 



Avi D 



From: owasp-leaders-bounces+avi.douglen=owasp.org at lists.owasp.org [mailto:owasp-leaders-bounces+avi.douglen=owasp.org at lists.owasp.org] On Behalf Of Bjoern Kimminich
Sent: Friday, March 15, 2019 9:39
To: owasp-leaders at lists.owasp.org; Martín Villalba <martin.villalba at owasp.org>; Prashant Kv <kvprashant at owasp.org>; Vandana Verma <vandana.verma at owasp.org>
Cc: OWASP Foundation Board List <owasp-board at lists.owasp.org>; Josh Grossman <josh.grossman at owasp.org>; owasp-leaders at lists.owasp.org
Subject: Re: [Owasp-leaders] don't allow explicit discrimination 🙏🏿 (women only)


Just for inspiration here are two very successful educational programs from Germany to encourage more girls to go into tech, IT or nat. science:

* https://www.girls-day.de/Daten-Fakten/Das-ist-der-Girls-Day/Ein-Zukunftstag-fuer-Maedchen/english
* https://www.mintpink.de (no EN version available)

If those would be "non-discriminatingly" open for boys as well, the same would happen like Prashant described and it's back to square zero.

Back to the conference trainings: The only thing I could understand frustration about is the fact that the "women only"-training is the only free training (sincere kudos to Vandana and WIA for that!), but I guess that all other trainers are allowed to host their trainings for free as well, no? Then the costs would be down to room and catering at the venue, lowering the financial entrance barrier thus allowing a more diverse mix of participants again.

So, with a sprinkle of sarcasm all the offered trainings are discriminating some groups either by gender or financial situation. But that makes it fair again, as everyone can feel equally discriminated. Or nobody does, which might be the preferable choice?


Am 15. März 2019 07:12:46 MEZ schrieb "Martín Villalba" <martin.villalba at owasp.org <mailto:martin.villalba at owasp.org> >:

Being a supporter of minority groups, I sometimes struggle myself to draw the line between supporting minority groups vs. not discriminating majority groups.  I think this one may be one of those cases for you Timur.  It should be clear to all of us that the intent of this women-only training is not discrimination of other genders, but only supporting and encouraging women in AppSec by giving them a space where they can feel more comfortable than they usually do in a male-dominated environment (same idea Prashant mentioned).


A while ago Vandana sent an email explaining this very clearly but unfortunately I couldn't find it just now.  She could share her thoughts again in this thread, if she feels like doing so (maybe just a copy paste from that older email).


Perhaps this women-only training would warrant a very brief explanation (somewhere in the conference page) as of why OWASP makes the choice to have a women-only event.  This could even bring awareness to more people and hopefully help build towards gender equality.






On Thu, Mar 14, 2019 at 10:58 PM Prashant Kv <kvprashant at owasp.org <mailto:kvprashant at owasp.org> > wrote:

Let’s not politicize everything.


 Feedback I have received from many girls is, InfoSec trainings tend to be male dominated and they feel unwelcomed to ask basic questions. They feel They are often rediculed for asking basic questions. The motive of women only training is not to exclude men but to give a closer and more emphatic learning environment for women. We did similar trainings in India and ladies have found it extremely useful. Ladies could get their doubts clarified without been afraid of rediculed or labeled.





On Thursday, March 14, 2019, Timur 'x' Khrotko [owasp] <timur at owasp.org <mailto:timur at owasp.org> > wrote:

Dear Board, dear Josh,


please modify the conditions of the Burp/ZAP training announced at Appsec Global in Tel Aviv. The "women only" condition is gender discriminatory, that is just plainly discriminatory and as such contradicts the faith and probably the policies of OWASP. Also it contradicted the training review policy which promised to make choices solely on professional grounds. 


Dear all,


I understand the idea behind it and I support the WIA initiative but there must be common sense limits. You shouldn't encourage black only tailor shops in your holy fight with racially discriminatory tailor shops. 


There're options to keep the idea, maybe make the training free for WIA members -- that would be against my taste still but maybe something tolerable. Or let WIA invent a clever and tasteful solution for the conditions of a free training to engage female devs in secdev.


As far as I know this isn't an issue with the Tel Aviv organisers as this training was nested from above. And also this women only thing already happened at one of the previous conferences, in the US probably.


Consider that when one inserts trainings for political reasons then similar trainings which could compete on professional grounds get automatically excluded. So by promoting causes which are not exactly the core causes OWASP exists for one harms the professional impartiality/etc.


Satirical sidenote: I'm not afraid of being tagged as trumpist since I'm already a Russian troll 😀 And during the Samantha-gate I already accepted highbrow American comments that we don't know modern social/moral norms at this side of the world.


Or would it be a good move next time to announce a 'Muslims only', 'Jews only', 'childfree only' or a 'gay only' training next time? (I subscribe to support all these causes and peoples sometimes discriminated -- even in my OWASP hat but not in a discriminatory way.)


Your thoughts?


Current reference: https://telaviv.appsecglobal.org/registration/



OWASP-Leaders mailing list
OWASP-Leaders at lists.owasp.org <mailto:OWASP-Leaders at lists.owasp.org> 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20190315/a6efc1b2/attachment.html>

More information about the Owasp-board mailing list