[Owasp-leaders] Question about owasp logos
dinis.cruz at owasp.org
Mon Nov 8 09:33:40 EST 2010
I just took a look at this and at first sight they are doing a lot of
things right (remember that our objective is to have OWASP materials and
brand as widely used as possible)
#1) They are not calling it an 'OWASP Web Application Security' course
(which usually implies that it is an OWASP Activity)
#3) When OWASP in mentioned on the course description it says '...based on
OWASP.." (which again is the right way to place it)
#3) The branding is clearly not OWASP and it should be obvious to
the attendees that this is not an OWASP-run event.
Now, the problem with #3 (Branding of the course) is that they also use
OWASP Logo (and name) in the banner. This is a fuzzy area and as long as the
impression is not given that this is an OWASP-driven and organized event, we
should actually be encouraging this type of activity (instead of 'hitting
The only two things I can think of to ask them is
1) to use a logo that has the text 'based on' inside it (as in : "...based
on OWASP materials...") and to include a link to OWASP's website were we
make it very explicit that we/OWASP :
- supports the use of OWASP materials by training companies
- but are DO NOT responsible for the course content or delivery
- and DO NOT endorse or recommend it.
The question/issue that I think we should focus on is how to find a way to
link from OWASP's website to this course (so that it encourages more like
this). The http://www.owasp.org/index.php/OWASP_Related_Commercial_Servicesis
still in early days, but that would be the place to do it.
Note that what we CAN'T put on OWASP's website is:
- Marketing text provided by commercial companies about what they do
- Directly link to external commercial services not organized by OWASP
- Advertize commercial activities at OWASP's Chapter/Conferences events
or pages (unless managed and controlled by the Conference Organization team
or by the OWASP Related Commercial
Note that the Chapter's Committee is currently inactive, so chapter leaders
please take a moment to look at your chapter and make sure that there is a
very big and explicit separation between OWASP Activities and the inevitable
commercial interests that exist in your chapter (for more details see the OWASP
Chapter Handbook <http://www.owasp.org/index.php/Category:Chapter_Handbook>
Recapping, we need to find more ways to encourage the use of OWASP
materials, and what is really needed are a number of 'use-case' in our WIKI
that help individuals/companies to understand the rules-of-the-game and the
best way to leverage the amazing materials that our leaders create.
On 8 November 2010 08:57, John Vargas <johnvargas at gmail.com> wrote:
> Hi Leaders!
> I have a question .. I just learned that a company is conducting a
> workshop to explain the OWASP TOP10 and web application security, which will
> cost $ 60 and is using the logos of "OWASP" on the flyers and website.
> I'm sure this is not allowed by the license type OWASP trademark, but I
> want to confirm it.
> Here is the link of the flyer
> John Vargas P. - LRU # 357244
> IT Security Consultant - OWASP Perú Chapter Leader
> Visita: http://www.owasp.org/index.php/Peru
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the OWASP-Leaders