<html>
  <head>
    <meta content="text/html; charset=windows-1252"
      http-equiv="Content-Type">
  </head>
  <body bgcolor="#FFFFFF" text="#000000">
    Thank you Timo.<br>
    <br>
    The OWASP Cheatsheets series need a full review before the year is
    over. If anyone is interested in helping with the review, please
    join the project list and give us your comments. I am planning an
    intense review period during July and August, the only months I am
    home this year. :)<br>
    <br>
    Also, if anyone has super deep expertise on individual topics and
    would like to take on a lead editor role for certain topics, please
    let me know!<br>
    <br>
    This is a VERY heavily hit portion of OWASP.org and I've love your
    help to make it better.<br>
    <br>
    <a class="moz-txt-link-freetext" href="https://lists.owasp.org/mailman/listinfo/owasp-cheat-sheets">https://lists.owasp.org/mailman/listinfo/owasp-cheat-sheets</a><br>
    <br>
    Aloha!<br>
    - Jim<br>
    <br>
    <div class="moz-cite-prefix">On 5/29/15 12:29 PM, Timo Goosen wrote:<br>
    </div>
    <blockquote
cite="mid:CAMOWqYD=F+N+K5TuY3ZvYbkK41VAuHFbwUCvAMdVm_UMJgpdmA@mail.gmail.com"
      type="cite">
      <div dir="ltr">
        <div>I support this initiative. </div>
        <div><br>
        </div>
        I'd like to see some funds allocated to updating the XSS Evasion
        Cheat Sheet as well as all the other offensive related
        cheatsheets. 
        <div><br>
        </div>
        <div>Attacks are changing all the time and we need to put some
          money towards having the latest info.</div>
        <div><br>
        </div>
        <div>Regards.</div>
        <div>Timo<br>
          <div><br>
          </div>
          <div><br>
          </div>
        </div>
      </div>
      <div class="gmail_extra"><br>
        <div class="gmail_quote">On Thu, May 28, 2015 at 6:00 PM, Josh
          Sokol <span dir="ltr"><<a moz-do-not-send="true"
              href="mailto:josh.sokol@owasp.org" target="_blank">josh.sokol@owasp.org</a>></span>
          wrote:<br>
          <blockquote class="gmail_quote" style="margin:0 0 0
            .8ex;border-left:1px #ccc solid;padding-left:1ex">
            <div dir="ltr">
              <div>Some great thoughts and ideas here Matt and I agree
                with pretty much everything you've said.  IIRC, I think
                there were challenges with using Meetup as a platform
                over in APAC (China?) which I think is why it hasn't
                received a more global adoption.  In general, I do like
                the idea of a centralized platform for our chapters to
                organize events in a way where they are easily found by
                people in other communities.  For example, a search for
                "security" in Meetup should yield the OWASP meeting in
                your area.<br>
                <br>
                One thing that I also like about Meetup is the open
                Discussions forums.  I've tried for years now to get a
                social platform for OWASP that isn't the mailing list. 
                I've spent quite a bit of personal time with the content
                on <a moz-do-not-send="true" href="http://my.owasp.org"
                  target="_blank">http://my.owasp.org</a>, and promoted
                it a few times, but despite my best efforts, it seems
                that OWASP very much prefers these old school mailing
                lists for communication.  It's been a great platform for
                OWASP Austin, but there's not much activity outside of
                that, unfortunately.  My ideal would be a scenario where
                content on the mailing list is sync'd to the discussion
                forums and vice-versa.  I'm not sure how possible that
                would be, but it would certainly make these kinds of
                conversations more available and searchable to those not
                "in the know".<span class="HOEnZb"><font color="#888888"><br>
                    <br>
                  </font></span></div>
              <span class="HOEnZb"><font color="#888888">~josh<br>
                </font></span></div>
            <div class="gmail_extra"><br>
              <div class="gmail_quote">
                <div>
                  <div class="h5">On Thu, May 28, 2015 at 10:07 AM, Matt
                    Konda <span dir="ltr"><<a moz-do-not-send="true"
                        href="mailto:matt.konda@owasp.org"
                        target="_blank">matt.konda@owasp.org</a>></span>
                    wrote:<br>
                  </div>
                </div>
                <blockquote class="gmail_quote" style="margin:0 0 0
                  .8ex;border-left:1px #ccc solid;padding-left:1ex">
                  <div>
                    <div class="h5">
                      <div dir="ltr">Hello all,
                        <div><br>
                        </div>
                        <div>Sorry in advance for the long email.</div>
                        <div><br>
                        </div>
                        <div>Following up on our meeting and some
                          discussions at AppSecEU, I wanted to think
                          more about the OWASP "platform".  I see one
                          role of the board as working to make it easy
                          for the volunteers and leaders to succeed with
                          their projects, events and community building
                          (chapters).</div>
                        <div><br>
                        </div>
                        <div>I'm a visual person so I put this
                          presentation together with boxes and colors as
                          a point of reference.  I'm interested in your
                          feedback (comments enabled).  Please be
                          patient with me, this is just a rough idea and
                          is not intended in any way to be a criticism
                          of where we are and what we are doing!!!  I
                          made notes in the notes area to explain my
                          color choices.</div>
                        <div><br>
                        </div>
                        <div><a moz-do-not-send="true"
href="https://docs.google.com/a/owasp.org/presentation/d/1SLd1BG4TxrN75NqQo8_zKLC8CfhYa8WgfkXx7mcerhU/edit?usp=sharing"
                            target="_blank">https://docs.google.com/a/owasp.org/presentation/d/1SLd1BG4TxrN75NqQo8_zKLC8CfhYa8WgfkXx7mcerhU/edit?usp=sharing</a><br>
                        </div>
                        <div><br>
                        </div>
                        <div>Getting more concrete, I want to suggest
                          based on this thought process that we invest
                          in Meetup as an organization and hire a
                          technical writer on a 3 month contract basis.</div>
                        <div><br>
                        </div>
                        <div>Here is the long story of why: </div>
                        <div><br>
                        </div>
                        <div>I asked one successful project leader what
                          OWASP could do to remove obstacles to success
                          and their answer (paraphrasing) was something
                          like this: <br>
                        </div>
                        <div>
                          <div><br>
                          </div>
                          <div>"We struggle with:  publicity,
                            documentation and training courses."</div>
                          <div><br>
                          </div>
                          <div>This made me think that a concrete
                            investment we could make to support projects
                            would be to hire a contract technical writer
                            to help with documentation across projects
                            and the wiki.  Assuming a 3 month, full time
                            gig at a rate of $40 per hour (75th
                            percentile according to this <a
                              moz-do-not-send="true"
                              href="http://www.bls.gov/oes/current/oes273042.htm"
                              target="_blank">http://www.bls.gov/oes/current/oes273042.htm</a>)
                            would cost approximately 21K.  </div>
                          <div><br>
                          </div>
                          <div>We could build a list of tasks focused
                            on:  </div>
                          <div>
                            <ul>
                              <li>Documentation for 3 projects</li>
                              <li>10 wiki page updates per week (2 per
                                day based on google analytics top hits)</li>
                            </ul>
                          </div>
                          <div>I imagine the person would work closely
                            with the project co-ordinator and community
                            manager.</div>
                          <div><br>
                          </div>
                          <div>I don't know just what is realistic, but
                            I am interested in exploring ways that we
                            can model and then build a platform of core
                            services that the foundation can provide to
                            support projects, chapters and events - with
                            the goal of making it easier to have success
                            with our volunteers and leaders.</div>
                          <div><br>
                          </div>
                          <div>What do you think?  One thing that would
                            help me is if we can think about the metrics
                            we wanted to measure in strategic goals and
                            whether these things would move the needle. 
                            I haven't gotten there yet, but it seems to
                            make sense...</div>
                          <div><br>
                          </div>
                          <div>Input appreciated!!!</div>
                          <span><font color="#888888">
                              <div><br>
                              </div>
                              <div>Matt</div>
                              <div><br>
                              </div>
                            </font></span></div>
                      </div>
                      <br>
                    </div>
                  </div>
                  <span class="">_______________________________________________<br>
                    Owasp-board mailing list<br>
                    <a moz-do-not-send="true"
                      href="mailto:Owasp-board@lists.owasp.org"
                      target="_blank">Owasp-board@lists.owasp.org</a><br>
                    <a moz-do-not-send="true"
                      href="https://lists.owasp.org/mailman/listinfo/owasp-board"
                      target="_blank">https://lists.owasp.org/mailman/listinfo/owasp-board</a><br>
                    <br>
                  </span></blockquote>
              </div>
              <br>
            </div>
            <br>
            _______________________________________________<br>
            Owasp-board mailing list<br>
            <a moz-do-not-send="true"
              href="mailto:Owasp-board@lists.owasp.org">Owasp-board@lists.owasp.org</a><br>
            <a moz-do-not-send="true"
              href="https://lists.owasp.org/mailman/listinfo/owasp-board"
              target="_blank">https://lists.owasp.org/mailman/listinfo/owasp-board</a><br>
            <br>
          </blockquote>
        </div>
        <br>
      </div>
      <br>
      <fieldset class="mimeAttachmentHeader"></fieldset>
      <br>
      <pre wrap="">_______________________________________________
Owasp-board mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Owasp-board@lists.owasp.org">Owasp-board@lists.owasp.org</a>
<a class="moz-txt-link-freetext" href="https://lists.owasp.org/mailman/listinfo/owasp-board">https://lists.owasp.org/mailman/listinfo/owasp-board</a>
</pre>
    </blockquote>
    <br>
  </body>
</html>