[Owasp-leaders] Upcoming election of a new OWASP board member

Matt Tesauro mtesauro at gmail.com
Wed Nov 4 22:50:18 EST 2009

As I'm sure you all know, OWASP is adding a new member to the board.
I've added my name to the list of fine candidates and wanted to provide
a summary of my vision for OWASP moving forward.  I break this up into
"Long Term Directions and Goals" and "Short Term Specific Items"

My thoughts are fully spelled out here along with my past work with

For those with smart phones (or just liking shorter emails) here's an

== Long Term Directions and Goals ==
* Increase the OWASP community
   ** Create teams by grouping community members with similar interests 
     e.g. graphics team, marketing team...
   ** Find a clear and effective method for teams, global committees and
the board to communicate
   ** Make sure OWASP is a compelling choice for potential project
and/or chapter leaders
   ** Reach out to other related groups to increase the community
   ** Better define the scope of the Global Committees and the newly
created teams
   ** Demonstrate the opportunities offered by joining the OWASP
   ** Produce a Code of Conduct for the community
   ** Tailor appeals to specific audiences e.g. grouping projects by
target audience
* Set a specific direction from the board 
   ** Short, medium and long term goals
* Education is hugely important and needs increased attention
* Industry is hugely important and needs increased attention

== Short Term Specific Items ==
* Establish an OWASP Archive
   ** Create a place to hold final releases of projects in a single,
unified place.  Benefits include one place to find OWASP 'assets' as
well as mitigating the risk of project releases disappearing.
* Sub-domaining owasp.org
   ** Brings external project pages "closer to home"
   ** Allows projects greater freedom for how to promote their projects
while keeping all projects within the owasp.org domain.
* Re-think creating OWASP Forums
   ** OWASP is loosing a ton of good content in the mail lists
   ** Many people could become 'contributors' by answering forum posts
   ** Forums would be an initial draw of people into the larger OWASP
   ** OWASP forums as an open and free version of Experts exchange for
application security

That's the overview.  If you want the full details, I've got them here:

I'll be at AppSec DC should you want me to further discuss any of the
above or feel free to drop me an email.


-- Matt Tesauro
OWASP Live CD Project Lead
http://AppSecLive.org - Community and Download site

More information about the OWASP-Leaders mailing list