<html><head></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; "><div><br></div><div>This seems like a good survey in an area where everyone could benefit from an open report.  I think the specifics of the contract are good. I like the section on Copyright and Branding and the fact that the questions will be mutually agreed upon. I think these items dispel many of the common concerns when OWASP looks at agreements with other organizations.<div><br></div><div>I support this.</div><div><br></div><div><br><div><span class="Apple-style-span" style="border-collapse: separate; color: rgb(0, 0, 0); font-family: Helvetica; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; orphans: 2; text-indent: 0px; text-transform: none; white-space: normal; widows: 2; word-spacing: 0px; -webkit-border-horizontal-spacing: 0px; -webkit-border-vertical-spacing: 0px; -webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0px; font-size: medium; "><br>Michael Coates<br>OWASP<br></span></div></div><div><span class="Apple-style-span" style="border-collapse: separate; color: rgb(0, 0, 0); font-family: Helvetica; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; orphans: 2; text-indent: 0px; text-transform: none; white-space: normal; widows: 2; word-spacing: 0px; -webkit-border-horizontal-spacing: 0px; -webkit-border-vertical-spacing: 0px; -webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0px; font-size: medium; "><br></span></div><div><span class="Apple-style-span" style="border-collapse: separate; color: rgb(0, 0, 0); font-family: Helvetica; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; orphans: 2; text-indent: 0px; text-transform: none; white-space: normal; widows: 2; word-spacing: 0px; -webkit-border-horizontal-spacing: 0px; -webkit-border-vertical-spacing: 0px; -webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0px; font-size: medium; "><br></span></div></div><div><br><blockquote type="cite"><div style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; "><div><div><div>On Aug 22, 2011, at 8:20 PM, Rex Booth wrote:</div><br class="Apple-interchange-newline"><blockquote type="cite">
  
    <meta content="text/html; charset=ISO-8859-1" http-equiv="Content-Type">
  
  <div bgcolor="#FFFFFF" text="#000000">
    Thanks Jeff.<br>
    <br>
    Board - what say the rest of you?  I believe Eoin and Tom are on
    board.  Dave, Seba, Michael?  I'd like to get this signed between
    all parties ASAP so we can aim for a kickoff at Appsec USA.<br>
    <br>
    Thanks,<br>
    Rex<br>
    <br>
    On 8/18/2011 10:36 PM, Jeff Williams wrote:
    <blockquote cite="mid:05be01cc5e18$db6bc180$92434480$@owasp.org" type="cite">
      <meta http-equiv="Content-Type" content="text/html;
        charset=ISO-8859-1">
      <meta name="Generator" content="Microsoft Word 14 (filtered
        medium)">
      <style><!--
/* Font Definitions */
@font-face
        {font-family:Helvetica;
        panose-1:2 11 6 4 2 2 2 2 2 4;}
@font-face
        {font-family:Helvetica;
        panose-1:2 11 6 4 2 2 2 2 2 4;}
@font-face
        {font-family:Calibri;
        panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
        {font-family:Tahoma;
        panose-1:2 11 6 4 3 5 4 4 2 4;}
@font-face
        {font-family:Consolas;
        panose-1:2 11 6 9 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
        {margin:0in;
        margin-bottom:.0001pt;
        font-size:12.0pt;
        font-family:"Times New Roman","serif";
        color:black;}
a:link, span.MsoHyperlink
        {mso-style-priority:99;
        color:blue;
        text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
        {mso-style-priority:99;
        color:purple;
        text-decoration:underline;}
pre
        {mso-style-priority:99;
        mso-style-link:"HTML Preformatted Char";
        margin:0in;
        margin-bottom:.0001pt;
        font-size:10.0pt;
        font-family:"Courier New";
        color:black;}
p.MsoAcetate, li.MsoAcetate, div.MsoAcetate
        {mso-style-priority:99;
        mso-style-link:"Balloon Text Char";
        margin:0in;
        margin-bottom:.0001pt;
        font-size:8.0pt;
        font-family:"Tahoma","sans-serif";
        color:black;}
p.MsoListParagraph, li.MsoListParagraph, div.MsoListParagraph
        {mso-style-priority:34;
        mso-margin-top-alt:auto;
        margin-right:0in;
        mso-margin-bottom-alt:auto;
        margin-left:0in;
        font-size:12.0pt;
        font-family:"Times New Roman","serif";
        color:black;}
span.HTMLPreformattedChar
        {mso-style-name:"HTML Preformatted Char";
        mso-style-priority:99;
        mso-style-link:"HTML Preformatted";
        font-family:"Consolas","serif";
        color:black;}
span.EmailStyle20
        {mso-style-type:personal-reply;
        font-family:"Calibri","sans-serif";
        color:#1F497D;}
span.BalloonTextChar
        {mso-style-name:"Balloon Text Char";
        mso-style-priority:99;
        mso-style-link:"Balloon Text";
        font-family:"Tahoma","sans-serif";
        color:black;}
.MsoChpDefault
        {mso-style-type:export-only;
        font-size:10.0pt;}
@page WordSection1
        {size:8.5in 11.0in;
        margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
        {page:WordSection1;}
/* List Definitions */
@list l0
        {mso-list-id:40832465;
        mso-list-template-ids:1447045898;}
ol
        {margin-bottom:0in;}
ul
        {margin-bottom:0in;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
      <div class="WordSection1"><p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">Thanks
            Rex,<o:p></o:p></span></p><p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"><o:p> </o:p></span></p><p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">Great
            presentation and Iím convinced.  I approve.<o:p></o:p></span></p><p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"><o:p> </o:p></span></p><p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">--Jeff<o:p></o:p></span></p><p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"><o:p> </o:p></span></p>
        <div>
          <div style="border:none;border-top:solid #B5C4DF
            1.0pt;padding:3.0pt 0in 0in 0in"><p class="MsoNormal"><b><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif";color:windowtext">From:</span></b><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif";color:windowtext">
                Rex Booth [<a class="moz-txt-link-freetext" href="mailto:rex.booth@owasp.org">mailto:rex.booth@owasp.org</a>] <br>
                <b>Sent:</b> Thursday, August 18, 2011 8:17 PM<br>
                <b>To:</b> Eoin<br>
                <b>Cc:</b> Jeff Williams; Rex Booth;
                Global_industry_committee; OWASP Foundation Board List;
                Michael Coates; <a class="moz-txt-link-abbreviated" href="mailto:committees-chairs@lists.owasp.org">committees-chairs@lists.owasp.org</a>; Dave
                Wichers; Tom Brennan; Sebastien Deleersnyder<br>
                <b>Subject:</b> Re: [Global_industry_committee]
                [Owasp-board] Industry Survey<o:p></o:p></span></p>
          </div>
        </div><p class="MsoNormal"><o:p> </o:p></p><p class="MsoNormal">Eoin and Jeff - good questions and fair
          concerns.  Let me briefly address them.<br>
          <br>
          Eoin - I understand your concern about GT riding the OWASP
          wave.  A couple points to hopefully assuage:<o:p></o:p></p>
        <ol start="1" type="1">
          <li class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;mso-list:l0
            level1 lfo1">I'm the primary point of contact within GT. 
            Yes, of course, I recognize the value of being associated
            with OWASP, but in my 5+ years in the org, I've only acted
            in ways that respect the mission and culture.  I will ensure
            that my firm does not violate our values.<o:p></o:p></li>
          <li class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;mso-list:l0
            level1 lfo1">The draft MOU is very clear about what GT's
            role will be in the survey.  Our participation outside of
            the MOU will be limited to individuals conducting surveys on
            behalf of OWASP - just as will dozens of others from various
            firms across the globe.  <o:p></o:p></li>
          <li class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;mso-list:l0
            level1 lfo1">Other than sponsorship of the survey (earned
            through hundreds of support hours related to survey
            execution, analysis and production), the advantage we
            receive from this activity will be available to all other
            OWASP participants - face time with CISOs - but it will be
            strictly controlled.  I intend to host an "interview
            training session" for all interviewers (GT and non-GT) to
            explain how we should conduct ourselves.<o:p></o:p></li>
        </ol><p class="MsoNormal"><br>
          Jeff - regarding the goals and output.  I've attached a slide
          deck that provides an overview of our intent and approach. 
          This may answer some of your questions.<br>
          <br>
          In addition, I should note that GT has extensive experience
          developing and executing meaningful, professional surveys for
          various organizations, including AGA and TechAmerica.  We know
          how to do this and do it well.  I'm happy to host a conference
          call between OWASP and our primary survey manager if anybody
          is interested.<br>
          <br>
          Please let me know if I can address any other questions.<br>
          <br>
          Thanks,<br>
          Rex<br>
          <br>
          On 8/18/2011 6:16 PM, Eoin wrote: <o:p></o:p></p>
        <div><p class="MsoNormal">The longest email if have written in a
            while...... <o:p></o:p></p>
        </div>
        <div><p class="MsoNormal">Jeff we talked about this over a year ago
            and you still maintain the same point, I respect that.<o:p></o:p></p>
        </div>
        <div><p class="MsoNormal">The survey in mind shall address the
            views of industry such that owasp can listen. The survey is
            not about what owasp want but what the respondents want. <br>
            It's a good start and Rex has taken and ran with this. Only
            concern for me is GT riding the owasp wave, as this survey
            is for owasp to use in order to find focus and direction,
            core aspect of industry focus is to act on indicate
            concerns.<o:p></o:p></p>
        </div>
        <div><p class="MsoNormal">I believe the first draft of the survey
            needs to be reviewed to help ensure it is asking the right
            questions as the answers are easy, asking the right
            questions are hard. I don't believe GT should have control
            over the questions being asked for example. <o:p></o:p></p>
        </div>
        <div><p class="MsoNormal">Can we agree to pit a little time aside
            to review the first draft of the survey such that the
            majority is happy with the level, direction, intended
            audience, amount of questions, coverage etc.<o:p></o:p></p>
        </div>
        <div><p class="MsoNormal"><o:p> </o:p></p>
        </div>
        <div><p class="MsoNormal">Eoin<o:p></o:p></p>
        </div>
        <div>
          <div><p class="MsoNormal"> <o:p></o:p></p>
          </div>
        </div>
        <div><p class="MsoNormal" style="margin-bottom:12.0pt"><br>
            On 18 Aug 2011, at 22:15, "Jeff Williams" <<a moz-do-not-send="true" href="mailto:jeff.williams@owasp.org">jeff.williams@owasp.org</a>>
            wrote:<o:p></o:p></p>
        </div>
        <blockquote style="margin-top:5.0pt;margin-bottom:5.0pt">
          <div>
            <div><p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">Tom,</span><o:p></o:p></p><p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"> </span><o:p></o:p></p><p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">I
                  like the idea of doing a survey and I think
                  collaborating with a firm like GT is a good idea. 
                  Weíve discussed the idea for years and Iíve raised the
                  same questions every time.  I question whether we have
                  the capability to produce a good survey instrument. 
                  Survey design is considerably more difficult than
                  writing down a few questions.  Itís a scientific
                  experiment and it need careful design.</span><o:p></o:p></p><p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"> </span><o:p></o:p></p><p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">For
                  this, Iíd like to understandÖ</span><o:p></o:p></p><p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"> </span><o:p></o:p></p><p class="MsoListParagraph" style="text-indent:-.25in"><span style="font-size:11.0pt;font-family:Symbol;color:#1F497D">∑</span><span style="font-size:7.0pt;color:#1F497D">        </span><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">What
                  are the specific goals of the survey?</span><o:p></o:p></p><p class="MsoListParagraph" style="text-indent:-.25in"><span style="font-size:11.0pt;font-family:Symbol;color:#1F497D">∑</span><span style="font-size:7.0pt;color:#1F497D">        </span><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">What
                  exactly is it that OWASP is trying to find out?</span><o:p></o:p></p><p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"> </span><o:p></o:p></p><p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">If
                  OWASP is to be responsible for coming up with the
                  questions, we need to follow some kind of process to
                  derive survey questions that will specifically answer
                  some interesting questions about our space.   Itís
                  hard to create questions that both achieve our goals
                  and is not biased in any way.</span><o:p></o:p></p><p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"> </span><o:p></o:p></p><p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">Personally
                  I think a survey could help answer specific questions
                  around:</span><o:p></o:p></p><p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"> </span><o:p></o:p></p><p class="MsoListParagraph" style="text-indent:-.25in"><span style="font-size:11.0pt;font-family:Symbol;color:#1F497D">∑</span><span style="font-size:7.0pt;color:#1F497D">        </span><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">Standards
                  that OWASP could produce</span><o:p></o:p></p><p class="MsoListParagraph" style="text-indent:-.25in"><span style="font-size:11.0pt;font-family:Symbol;color:#1F497D">∑</span><span style="font-size:7.0pt;color:#1F497D">        </span><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">How
                  appsec budgets are divided across training, secure
                  coding, verification, mgmt.</span><o:p></o:p></p><p class="MsoListParagraph" style="text-indent:-.25in"><span style="font-size:11.0pt;font-family:Symbol;color:#1F497D">∑</span><span style="font-size:7.0pt;color:#1F497D">        </span><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">Org
                  structure around appsec roles</span><o:p></o:p></p><p class="MsoListParagraph" style="text-indent:-.25in"><span style="font-size:11.0pt;font-family:Symbol;color:#1F497D">∑</span><span style="font-size:7.0pt;color:#1F497D">        </span><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">Metrics
                  used to report appsec to management</span><o:p></o:p></p><p class="MsoListParagraph" style="text-indent:-.25in"><span style="font-size:11.0pt;font-family:Symbol;color:#1F497D">∑</span><span style="font-size:7.0pt;color:#1F497D">        </span><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">Percentage
                  of application portfolio regularly assessed in appsec
                  verification program</span><o:p></o:p></p><p class="MsoListParagraph" style="text-indent:-.25in"><span style="font-size:11.0pt;font-family:Symbol;color:#1F497D">∑</span><span style="font-size:7.0pt;color:#1F497D">        </span><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">Percentage
                  of Internal apps vs. external apps covered</span><o:p></o:p></p><p class="MsoListParagraph" style="text-indent:-.25in"><span style="font-size:11.0pt;font-family:Symbol;color:#1F497D">∑</span><span style="font-size:7.0pt;color:#1F497D">        </span><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">Use
                  of standard application security controls</span><o:p></o:p></p><p class="MsoListParagraph" style="text-indent:-.25in"><span style="font-size:11.0pt;font-family:Symbol;color:#1F497D">∑</span><span style="font-size:7.0pt;color:#1F497D">        </span><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">Which
                  OWASP projects are most useful</span><o:p></o:p></p><p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"> </span><o:p></o:p></p><p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">But
                  thereís a lot of work to change these topics into
                  specific experiments embodied in one or more survey
                  questions.</span><o:p></o:p></p><p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"> </span><o:p></o:p></p><p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">--Jeff</span><o:p></o:p></p><p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"> </span><o:p></o:p></p><p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"> </span><o:p></o:p></p>
              <div>
                <div style="border:none;border-top:solid #B5C4DF
                  1.0pt;padding:3.0pt 0in 0in 0in"><p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><b><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif"">From:</span></b><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif"">
                      <a moz-do-not-send="true" href="mailto:owasp-board-bounces@lists.owasp.org">owasp-board-bounces@lists.owasp.org</a>
                      [<a moz-do-not-send="true" href="mailto:owasp-board-bounces@lists.owasp.org">mailto:owasp-board-bounces@lists.owasp.org</a>]
                      <b>On Behalf Of </b>Tom Brennan<br>
                      <b>Sent:</b> Thursday, August 18, 2011 12:06 PM<br>
                      <b>To:</b> OWASP Foundation Board List<br>
                      <b>Cc:</b> Rex Booth; Michael Coates;
                      Global_industry_committee; Rex Booth; <a moz-do-not-send="true" href="mailto:committees-chairs@lists.owasp.org">committees-chairs@lists.owasp.org</a><br>
                      <b>Subject:</b> [Owasp-board] Industry Survey</span><o:p></o:p></p>
                </div>
              </div><p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"> <o:p></o:p></p>
              <div><p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Board,<o:p></o:p></p>
              </div>
              <div><p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"> <o:p></o:p></p>
              </div>
              <div><p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">After
                  several months of discussions across global committees
                  the attached has been submitted by Grant Thorton to
                  conduct a collaborative industry study.   The
                  agreement is attached for review and approval
                  including citing reference for end result.<o:p></o:p></p>
              </div>
              <div><p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"> <o:p></o:p></p>
              </div>
              <div><p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Please
                  read and vote on your decision to support this effort
                  in producing a collaboration document.  I suspect that
                  we will likely see more of these types of agreements
                  between business and OWASP to set a understanding as
                  part of the growing ecosystem that wants to understand<o:p></o:p></p>
              </div>
              <div><p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"> <o:p></o:p></p>
              </div>
              <div><p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">After
                  discussions with multiple parties since AppSecEU I
                  support this and vote to approve this "project"
                  effort.<o:p></o:p></p>
              </div>
              <div><p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"> <o:p></o:p></p>
              </div>
              <div><p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Please
                  review and vote YES/NO/ABSTAIN prior to the September
                  Board meeting at AppSecUSA<o:p></o:p></p>
              </div>
              <div><p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"> <o:p></o:p></p>
              </div><p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"> <o:p></o:p></p>
              <div>
                <blockquote style="margin-top:5.0pt;margin-bottom:5.0pt">
                  <div><p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span style="font-size:13.5pt;font-family:"Helvetica","sans-serif""> </span><o:p></o:p></p>
                  </div>
                </blockquote>
              </div>
            </div>
          </div>
        </blockquote>
        <blockquote style="margin-top:5.0pt;margin-bottom:5.0pt">
          <div><p class="MsoNormal">_______________________________________________<br>
              Global_industry_committee mailing list<br>
              <a moz-do-not-send="true" href="mailto:Global_industry_committee@lists.owasp.org">Global_industry_committee@lists.owasp.org</a><br>
              <a moz-do-not-send="true" href="https://lists.owasp.org/mailman/listinfo/global_industry_committee">https://lists.owasp.org/mailman/listinfo/global_industry_committee</a><o:p></o:p></p>
          </div>
        </blockquote><p class="MsoNormal"><br>
          <br>
          <br>
          <o:p></o:p></p>
        <pre>_______________________________________________<o:p></o:p></pre>
        <pre>Global_industry_committee mailing list<o:p></o:p></pre>
        <pre><a moz-do-not-send="true" href="mailto:Global_industry_committee@lists.owasp.org">Global_industry_committee@lists.owasp.org</a><o:p></o:p></pre>
        <pre><a moz-do-not-send="true" href="https://lists.owasp.org/mailman/listinfo/global_industry_committee">https://lists.owasp.org/mailman/listinfo/global_industry_committee</a><o:p></o:p></pre><p class="MsoNormal"><o:p> </o:p></p>
      </div>
    </blockquote>
    <br>
  </div>

</blockquote></div><br></div></div></blockquote></div><br></body></html>