[Owasp-leaders] Commercial Services Registry -- Live!

dinis cruz dinis.cruz at owasp.org
Thu May 13 22:51:48 EDT 2010


Just a couple notes on this idea that I want to make sure that we are all on
the same page.

>From my point of view this project, the OWASP Commercial
(soon to created by Paulo on the WIKI + mailing list) is a very
important OWASP Initiative that the time as come to sort out.

In a nutshell, what we are trying to do is to formalize and maximize one of
the Business Model that currently supports OWASP today (i.e.* Company XYZ
that receives enough value or revenue from OWASP projects or from OWASP
related services (provided to their clients) that they (Company XYZ) allow
their employees to contribute to OWASP projects under company time*).

Mike is doing a great service for OWASP by putting a lot of energy into this
project, and we really need to figure out the best operation model to make
this work (in a way that is is accepted by our community)

To help this move along (and to bring in some extra energy/ideas) I will be
taking an active role in this project (joining Mike at the OWASP Commercial
Services <http://www.owasp.org/index.php/Commercial_Services> Project
leadership), and here is my invitation for you (owasp leader) to join the
project. Note that this is a critical project for OWASP and we need as much
help as we can get.

The idea is to use the next couple months to figure out the best (and
accepted) operation model for this Commercial
and only when we are ready, remove the (just added to Commercial
 page) *'Please note that the registry is currently under development and
listing requirements are subject to change'  *disclaimer) and launch this to
the world :)

In the short-term, we need to identify WHO is currently providing  Commercial
Services <http://www.owasp.org/index.php/Commercial_Services> around OWASP
Projects. Once we have that list, can analyze them as case studies and
figure out (with them) what is the best way to represent what they do  at
the OWASP Commercial
Services<http://www.owasp.org/index.php/Commercial_Services> pages
and the OWASP Wiki in general.

Since this is a big topic, if you are part of one of these companies that
provide Commercial
Services<http://www.owasp.org/index.php/Commercial_Services> around
OWASP Projects or want to be involved in this project,  please join this
project mailing list (soon to be created) and lets continue the conversation

Finally note I would like to make on this list about Mike Boberski.

I know that some of you had issues in the past with some of Mike's
emails/opinions/'tone of voice', and I have to say that I also had some
reservations about some of his comments too, BUT *I just spent 1h 25m with
Mike on the Phone and **I think that I finally found the problem.*

As I said to Mike on phone (and commented that I would be also mentioning it
to this list), he has an 'interesting' personality, whereby his
*spoken*arguments/voice are very different from his
*written* arguments/voice (i.e. he is much 'nicer' and 'easy to deal' with
by voice (and I assume in person) than via eMail).

So the bottom like with Mike is, when in doubt, pick up the phone and call
him (it will be faster and easier then to write a number of emails about it
:)  )

Dinis Cruz

On 12 May 2010 15:57, Boberski, Michael [USA] <boberski_michael at bah.com>wrote:

>  Dear Leaders,
> FYI, the OWASP home page has been updated with links to the new OWASP
> commercial services registry! *Many sincere thanks to all involved.*
> * *
> *What is the OWASP commercial services registry?*
> OWASP's mission is to make application security "visible," so that people
> and organizations can make informed decisions about application security
> risks, and as a value-add towards this end we have attempted to centralize
> OWASP project deliverable-based services in a single OWASP Commercial
> Services Registry. OWASP is not affiliated with any technology company, and
> *OWASP does not endorse commercial products or services*, although we
> support the informed use of commercial security technology, and that is the
> ultimate goal of this registry.
> *Updates to the OWASP home page:*
> The “navigation” panel on the left-hand side has been updated with a
> “Commercial Services” link. And, the icon column in the center of the page
> has been updated with a “Commercial Services” link and an associated text
> box.
> *Next steps:*
> To get your company listed, the work flow is to send requests to Kate<http://www.owasp.org/index.php/Contact>,
> per the “Get Listed” instructions on the “Home” tab of the commercial
> services registry page. There is currently a sample listing entry for each
> of the other tabs; it will be replaced as listings are submitted; hopefully
> the samples and the instructions above the table on each tab will provide
> sufficient guidance in terms of the information required.
> Best,
> Mike B.
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-leaders/attachments/20100514/22ce6f27/attachment.html 

More information about the OWASP-Leaders mailing list