[OCC] [OWASP - SSB] Extending Survey Deadline until Dec 31st
dinis.cruz at owasp.org
Tue Feb 2 19:52:52 EST 2010
(also CCing OCC (OWASP Connections Committee)
Thanks for the links and info .
I definitely agree that we should figure out a way to give this more
Lorna (OWASP's PR department :) ) , can you work with Boaz and Jeremiah on
the following ideas:
- Text to be included on the next OWASP newsletter
- email to owasp-leaders list asking them to help (to be sent when Boaz
and Jeremiah are ready)
- (talk with Kate about the next email to owasp-all (all email registered
at an OWASP mailing list) and see if we can add a link in there about this)
- Create a WIKI page to help with the 'outreach' activities related to
this project's survey (i.e. a WIKI page similar to the one we talked about
the OWASP Top in today's OCC call)
- Add to the WIKI page a number of 'sample blog and twitter' entries
so that our community can easy use them on their blogs or twitter accounts
Boaz and Jeremiah, can you guys provide more details on what are the next
steps? (for example is the survey ready to go? has it been already used? do
you still need a couple months to get it ready?,etc..)
Question: Why didn't we create a book with the results of the previous
is something that has quite a lot of value and could expose this project's
results to a much wider community)
On 3 February 2010 00:30, Boaz Gelbord <bgelbord at wgen.net> wrote:
> Hi Dinis,
> The project surveys companies about the nature of their web application
> security spending.
> Our wiki page is at
> As Jeremiah said, until now we relied on a network of partners to
> collect survey responses but this has proved increasingly challenging.
> We had approximately 50 respondents in each of the first two surveys we
> conducted but haven't been able to replicate that response rate.
> OWASP could help by including the survey URL in a newsletter, or
> including it in a mailing to sponsors/members. Does either of these seem
> like a viable option, and what would timelines be for getting this
> Thanks for the help-
> -----Original Message-----
> From: dinis cruz [mailto:dinis.cruz at owasp.org]
> Sent: Tuesday, February 02, 2010 8:47 AM
> To: Jeremiah Grossman
> Cc: Mr. Tom Brennan; Boaz Gelbord; Kate Hartmann; Lorna Alamri
> Subject: Re: [OWASP - SSB] Extending Survey Deadline until Dec 31st
> Sure, that should be fine.
> Can you give us a couple more details about this project (and other
> ideas you might have on how #OWASP could help)
> Dinis Cruz
> On 1 Feb 2010, at 21:09, Jeremiah Grossman <jeremiah at whitehatsec.com>
> > Tom / Dinis,
> > Our project (by Boaz and myself) could use some visibility
> > assistance. As you know our project is a survey format, and the more
> > respondents we get the better. Previous efforts have yielded nice
> > results, but its a fight every time to get the necessary amount of
> > respondents -- mostly because we can't get out link into enough
> > inboxes. We've so far relied on our participants to send it out to
> > their constituency and coordinate of that is tough to say the least.
> > Instead of going that route, and possibly letting the effort die for
> > unnecessary reasons, would it be possible to get some visibility for
> > our project in an upcoming OWASP newsletter? If so, what would that
> > process be?
> > We think that should give us the necessary circulation to get people
> > to fill out the survey.
> > Regards,
> > Jeremiah-
> > On Feb 1, 2010, at 9:12 AM, Boaz Gelbord wrote:
> >> Inclusion in the next OWASP newsletter would be great. Do you think
> >> we should security shift gears and just publish the survey URL and
> >> password in the newsletter? The locked down data collection approach
> >> does not seem to be generating enough responses!
> >> -----Original Message-----
> >> From: Jeremiah Grossman [mailto:jeremiah at whitehatsec.com]
> >> Sent: Monday, February 01, 2010 12:08 PM
> >> To: Boaz Gelbord
> >> Subject: Re: [OWASP - SSB] Extending Survey Deadline until Dec 31st
> >> Instead of getting the list, want to just be included in the next
> >> OWASP newsletter? Or did you want to keep it separate?
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Owasp-connections-committee