[Owasp-leaders] OWASP (free) sponsorship of The IT Summit in Austin, TX

Jeff Williams jeff.williams at owasp.org
Tue Jan 6 17:02:41 EST 2009

Hi Matt,

Generally, we are quite cautious of this sort of partnership with commercial
enterprises.  We have tried to do this sort of thing a few times in the
past, and in the end it always seems as though the commercial entity
exploits the goodwill of OWASP. At this point, we might do this with another
security-focused not-for-profit but it would have to be pretty obviously
fair and beneficial to both parties.

Chapters can (and should) speak for OWASP on matters of application security
consistent with our mission, ethical principles, the content in the wiki,
and chapter rules.  However chapters should work through the OWASP board to
get partnerships and relationships established and taking on other

I think a preferable way to work with this kind of conference is to ask for
a speaking slot to discuss application security, or perhaps even to
coordinate an appsec focused track.  The conferences committee has the lead
on things like this.


Jeff Williams, Chair
The OWASP Foundation

-----Original Message-----
From: owasp-leaders-bounces at lists.owasp.org
[mailto:owasp-leaders-bounces at lists.owasp.org] On Behalf Of Matt Tesauro
Sent: Tuesday, January 06, 2009 3:41 PM
To: Owasp-Leaders at Lists.Owasp
Subject: [Owasp-leaders] OWASP (free) sponsorship of The IT Summit in

The email below my signature arrived in the inbox of the local Austin
chapter's president earlier today. In it, the conference offers OWASP
"to sponsor The IT Summit, at no cost."

This raised a number of questions for the Austin chapter leadership:

* Is it OK to be a free sponsor of an event like this?
* Has that been done in the past?
* Can the chapter speak for OWASP?
* Any clue what "in exchange for your promotion of the conference to
your people" might mean?  An email to the chapter mail list perhaps?
* Is this something for the Global Conferences Committee?

Since there will be Austin people at this event, it could help the local
chapter grow.  Also, as it is "the ultimate conference series for
top-level executives from the private sector, government, education, and
economic development communities." (their words), OWASP may get a chance
to influence those people who can tell those reporting to them to use
OWASP.  Thoughts?

-- Matt Tesauro
OWASP Live CD Project Lead
http://mtesauro.com/livecd/ - Documentation Wiki

---------- Forwarded message ----------
From: Casey with The IT Summit <cjy at paramountworldgroup.com>
Date: Tue, Jan 6, 2009 at 9:53 AM
Subject: Complimentary Sponsorship at the IT Summit Austin Conference
May 7, 2009
To: jwickett at impactnews.com


I am sorry I was unable to reach you this morning.  I received a request
from John Cox (who sit on our governing body) to contact your
organization and extend you a special invitation to our conference.

The Open Web Application Security Project is invited to sponsor The IT
Summit, at no cost.

The IT Summit is an annual executive technology conference series
visiting eight cities throughout the United States. The purpose of the
conference series is to support education, economic development, and the
proliferation of information technology. Attendees are senior-level IT
executives from government, education, and regional corporations. The
events feature a full day of presentations, networking, and demonstrations.

We propose to provide the Open Web Application Security Project with
complimentary promotion on the conference website, print work, and
conference guide, and to provide your members with complimentary
admission in exchange for your promotion of the conference to your people.

Please visit
http://theitsummit.com/events-08/losangeles-california/index.html to
view details from our most recent conference which was produced
along-side Randi Levin the CTO & GM for the City of Los Angeles.

I look forward to hearing from you.

Casey Yarbrough
Senior Sales Executive
(503) 608-4747 Direct
(949) 463-8018 Cell
(530) 618-4747 Fax
cjy at paramountworldgroup.com
OWASP-Leaders mailing list
OWASP-Leaders at lists.owasp.org

More information about the OWASP-Leaders mailing list