[OCC] [Committees-chairs] ZDNet (ISC)2 Author?

Christian Heinrich christian.heinrich at owasp.org
Mon Jul 4 20:23:55 EDT 2011


Jason,

I am not aware of any journalist who has an association with OWASP
aside from HNN who I believe were paid for reporting on the recent
Summit and are advertising the upcoming http://appsecusa.org.

https://www.owasp.org/index.php/Category:OWASP_Google_Hacking_Project
was also featured on HHN without payment i.e.
http://www.hackernews.com/2010/07/19/hnncast-2010-07-16/ but I don't
consider this exposure beneficial to OWASP.

Since I used to work for NewsCorp and a relative is a tech editor, it
is in the interest of OWASP to hire a PR professional rather than
attempt to approach journalists direct which would result in being
ignored.

On Mon, Jul 4, 2011 at 3:26 PM, Jason Li <jason.li at owasp.org> wrote:
> Christian,
> I'm sure that Ryan has a wide audience, but that wasn't really the model I
> was seeking.
> I was hoping to identify a high profile author that *already* had a previous
> connection with OWASP and reach out to them to solidify that connection.
> I misinterpreted your original message to mean that you had identified Ryan
> as such a person with an existing affinity for OWASP.
> Paying for professional PR might be an interesting initiative - but that's
> really for the Connections Committee to hash out.
> -Jason
>
> On Mon, Jul 4, 2011 at 12:53 AM, Christian Heinrich
> <christian.heinrich at owasp.org> wrote:
>>
>> Jason,
>>
>> http://threatpost.com/en_us/blogs/recap-2nd-owasp-conference-030909
>> was initially published on ThreatPost i.e. not from a feed.
>>
>> Ryan Naraine is possibly the most read (i.e. approx ~35K subscribers)
>> and is fairly independent from Kaspersky i.e. ThreatPost didn't
>> contact Eugene Kaspersky for a quote regarding
>>
>> http://threatpost.com/en_us/blogs/hacking-demo-facebook-photos-leads-arrest-and-privacy-questions-051811
>> even though he was in attendance at AusCERT 2011.
>>
>> Ryan also won a Pwnie in 2008 for
>> http://www.youtube.com/watch?v=bHxyHlFZ778
>>
>> If OWASP wants to reach an audience outside of our existing feed then
>> it would be therefore be in our interests to hire a trained PR
>> professional who has a relationship with the tech press.
>>
>> On Mon, Jul 4, 2011 at 7:15 AM, Jason Li <jason.li at owasp.org> wrote:
>> > Connections Committee,
>> > I've looked into the links that Christian provided so we can get a sense
>> > of
>> > if/how we should make contact.
>> > Ryan Naraine, whom Christian cited, works for Kaspersky Lab and has a
>> > blog
>> > on ZDNet that presumably gets a lot of visibility and readership.
>> > Two of the links that Christian sent point to Kaspersky Lab's news feed
>> > which re-posts stories by others (including the article by Christian
>> > himself
>> > that he provided the link for).
>> > While some of these happen to be about OWASP, the feed is aggregated
>> > from
>> > multiple sources and not particularly specific to us.
>> > OWASP's Moderated AppSec News Feed already provides a similar service of
>> > re-posting relevant security stories.
>> > As a result, I don't see too much need for OWASP to reach out to
>> > Kaspersky
>> > Lab's regarding this feed. The only thing I would say would be to make
>> > sure
>> > that any stories the Connections Committee wants to broadcast in the
>> > future
>> > are picked up in their aggregation.
>> > With regards to Ryan's postings on ZDNet, I've utilized Google to
>> > search his
>> > entries for mentions on OWASP
>> >
>> > (http://www.google.com/search?sourceid=chrome&ie=UTF-8&q=site%3Awww.zdnet.com%2Fblog%2Fsecurity+OWASP).
>> > There doesn't appear to be are many posts where *he* mentions OWASP.
>> > The posts that do cite OWASP are almost all universally by one guest
>> > author,
>> > Nathan McFeters, who is no longer with the site
>> > (http://www.zdnet.com/blog/security/saying-farewell/1668)
>> > Unfortunately as a result, it does not seem like the links that
>> > Christian
>> > sent would be a good match for our purposes.
>> > I think we should identify some authors of high visibility news sites
>> > that
>> > have already shown previous interest in OWASP (e.g. perhaps covering an
>> > OWASP event or attending a conference or chapter meeting). Perhaps we
>> > can
>> > reach out and bring them to more OWASP events so they'll write about us
>> > even
>> > more! We're a really fun group to hang out with - and I'm sure anyone we
>> > invite to our events will quickly learn to love OWASP. Their positive
>> > experiences (and hopefully the stories they write about those
>> > experiences)
>> > will in turn help us grow the organization.
>> > Is there some kind of tool out there that would allow us to search
>> > existing
>> > web articles to cross-correlate news media with OWASP event attendance?
>> > -Jason
>> > On Fri, Jul 1, 2011 at 8:57 PM, Jason Li <jason.li at owasp.org> wrote:
>> >>
>> >> I'll make initial contact next week after the holiday and hand off to
>> >> the
>> >> Connections Committee assuming a successful rapport.
>> >> -Jason
>> >>
>> >> On Fri, Jul 1, 2011 at 8:34 PM, Jim Manico <jim.manico at owasp.org>
>> >> wrote:
>> >>>
>> >>> Jason, by all means - if you have the charge (which you do) can you
>> >>> please reach out to them and CC press at owasp.org? We will follow up and
>> >>> help where we can.
>> >>>
>> >>> Rock on!
>> >>> - Jim
>> >>>
>> >>> > Christian,
>> >>> >
>> >>> > That's great information.
>> >>> >
>> >>> > Sounds like the Connections Committee has a couple of leads to
>> >>> > follow
>> >>> > up on.
>> >>> >
>> >>> > Connections Committee - let me know if there's anything I can do to
>> >>> > help!
>> >>> >
>> >>> > -Jason
>> >>> >
>> >>> > On Jul 1, 2011, at 8:12 PM, Christian Heinrich
>> >>> > <christian.heinrich at owasp.org> wrote:
>> >>> >
>> >>> >> Jason,
>> >>> >>
>> >>> >> On Fri, Jul 1, 2011 at 9:44 PM, Jason Li <jason.li at owasp.org>
>> >>> >> wrote:
>> >>> >>> I'm glad that you felt compelled to conduct some web
>> >>> >>> reconnaissance
>> >>> >>> on this
>> >>> >>> issue, but that's not really what I was asking.
>> >>> >>> My rhetorical question was how did it come about that a ZD Net
>> >>> >>> blogger
>> >>> >>> (regardless of the identity/source of that blogger) became so
>> >>> >>> enamored with
>> >>> >>> (ISC)2?
>> >>> >>> And then my actual question to the Connections Committee was what
>> >>> >>> can
>> >>> >>> we do
>> >>> >>> as OWASP attain similar mindshare, visibility and prominence?
>> >>> >>
>> >>> >> I suspect that (ISC)2 reached a commercial arrangement with CBS
>> >>> >> Interactive (owner of ZDNet) to publish a blog.
>> >>> >>
>> >>> >> Ryan Naraine of http://www.zdnet.com/blog/security has republished
>> >>> >> contributions from OWASP before with the appropriate disclaimer
>> >>> >> i.e.
>> >>> >> http://threatpost.com/en_us/blogs/recap-2nd-owasp-conference-030909
>> >>> >> and http://threatpost.com/en_us/category/article-tags/owasp
>> >>> >>
>> >>> >>
>> >>> >> --
>> >>> >> Regards,
>> >>> >> Christian Heinrich
>> >>> >> http://www.owasp.org/index.php/user:cmlh
>> >>> > _______________________________________________
>> >>> > Committees-chairs mailing list
>> >>> > Committees-chairs at lists.owasp.org
>> >>> > https://lists.owasp.org/mailman/listinfo/committees-chairs
>> >>>
>> >>
>> >
>> >
>>
>>
>>
>> --
>> Regards,
>> Christian Heinrich
>> http://www.owasp.org/index.php/user:cmlh
>
>



-- 
Regards,
Christian Heinrich
http://www.owasp.org/index.php/user:cmlh


More information about the Owasp-connections-committee mailing list