<html><head><meta http-equiv="content-type" content="text/html; charset=utf-8"></head><body dir="auto"><div><blockquote type="cite" style="-webkit-tap-highlight-color: rgba(26, 26, 26, 0.296875); -webkit-composition-fill-color: rgba(175, 192, 227, 0.230469); -webkit-composition-frame-color: rgba(77, 128, 180, 0.230469); "><b>> </b><b>If someone at an OWASP event asks for my card, is it permitted to have my company info on the card?</b></blockquote>- depends on the reasons they are asking? Owasp related or commercial?<br><br>Eoin Keary<div>Owasp Global Board</div><div>+353 87 977 2988</div><div><br></div></div><div><br>On 27 Sep 2014, at 18:45, Jim Manico <<a href="mailto:email@example.com">firstname.lastname@example.org</a>> wrote:<br><br></div><blockquote type="cite"><div>
<meta http-equiv="content-type" content="text/html; charset=ISO-8859-1">
A member of our community asked me a few questions about OWASP
projects and our commercial stance. Here are my answers, did I
answer these correctly?<br>
<b>> </b><b>If someone at an OWASP event asks for my card, is it
permitted to have my company info on the card?</b><br>
I tend to give people two cards when I can. One OWASP card (this is
my non-profit card) and my commercial card (this is my business). I
do not put the OWASP logo on my commercial card and I do not put my
company logo on an OWASP card. I'm going to check with the board on
this to make sure I'm communicating this properly.<br>
My suggesting is that you should not initiate commercial activities
on any OWASP communication channel (OWASP email, OWASP lists, etc).
But if someone asks YOU and initiates a commercial conversation,
move it to a different email address and knock yourself out. :)<b><br>
> Does this change if I'm presenting or not?</b><br>
No, but when presenting at OWASP conferences, please do not use that
platform to sell your commercial product or service. It's part of
our speaker agreement. And in general, <i><b>never ever imply that
OWASP endorses your commercial product or service</b></i>. Cool?
There are of course vendor options at OWASP conferences.<b><br>
> do I have to close down the open source project as it exists,
and move everything to OWASP, or can I point the OWASP pages at
the existing open source project?</b><br>
We prefer that you use the OWASP wiki to describe your project, and
then point to a <u>open source public repository</u> of your code.
In our project template there is a section for "external resources"
where you can link to other resources. I do not think you have the
close down what you are doing now, but the OWASP project page should
be non-commercial and should not point to commercial activities,
other than a neutral sponsor page.<br>
</div></blockquote><blockquote type="cite"><div><span>_______________________________________________</span><br><span>Owasp-board mailing list</span><br><span><a href="mailto:Owaspemail@example.com">Owaspfirstname.lastname@example.org</a></span><br><span><a href="https://lists.owasp.org/mailman/listinfo/owasp-board">https://lists.owasp.org/mailman/listinfo/owasp-board</a></span><br></div></blockquote></body></html>