[Owasp-leaders] Question on OWASP Demographics

James McGovern JMcGovern at virtusa.com
Tue Oct 26 10:45:38 EDT 2010


I am also learning more about marketing as well. I think the challenge is one of not just presenting but the ability to send the same types of information up and down the food chain. For example, if I wanted to purchase a new shiny product, the CIO is almost guaranteed to ask me whether I talked with Gartner, etc in which I would respond that I also included the latest analyst report on the Sharepoint. Sometimes, people do ask the “wrong” questions and the answer isn’t always to see it as an opportunity to change their perspective, but to also provide evidence that can sit on their sharepoint as well.

 

Maybe the question doesn’t need to be answered by having quant numbers on demographics but could be answered by having other forms of marketing material such as why others sponsor OWASP and the value proposition they receive for doing so. Businesses don’t spend money for altruistic purposes but in hopes that it is an investment that will pay a dividend. Attempting to noodle what this would be for a non-security firm. For example, what would it take to convince Accenture, Oracle or even SAP to become members especially since they aren’t selling web application security offerings.

 

James McGovern
Insurance SBU 

Virtusa Corporation

100 Northfield Drive, Suite 305 | Windsor, CT | 06095

Phone:  860 688 9900 Ext:  1037 | Facsimile:  860 688 2890  

  <http://www.virtusa.com/>    <http://www.virtusa.com/blog/>    <https://twitter.com/VirtusaCorp>    <http://www.linkedin.com/companies/virtusa>    <http://www.facebook.com/VirtusaCorp> 

 

From: Neil Smithline [mailto:neil.smithline at owasp.org] 
Sent: Tuesday, October 26, 2010 10:35 AM
To: owasp-leaders at lists.owasp.org
Cc: James McGovern
Subject: Re: [Owasp-leaders] Question on OWASP Demographics

 

James,

I know I'm going out on a limb, but this is my first posting to owasp-leaders so I figure I may as well go for all or nothing :-)

I think the "marketing-oriented types" asked the wrong question. If we go back to pre-electronic days, you can view OWASP as a publisher of various media types all focused on app security. In that model, what does a marketing type care about who is doing the publishing, editing, or writing. What a marketing type cares about is what is the demographics of the publications.

I think that if we sell sponsorships based on our memberships, we're limited to pure app security types. But if we sell sponsorship based on our distribution, it is entirely different.

For me, the question isn't about who OWASP members are. It is about who visits OWASP.org, what they look at, and what they distribute to other people. It is about how many people use ESAPI, read the T10, etc...

I'm not a  "marketing-oriented type" and can't even play one on TV, but I think this is OWASP's selling strategy, not who its members are.

I know that Aspect Security has a special relationship with OWASP, but look at the T10 wiki (http://www.owasp.org/index.php/Top_10_2010) and, even better, the T10 presentation (http://owasptop10.googlecode.com/files/OWASP_Top_10_-_2010%20Presentation.pptx). Tell the marketing-oriented types "Imagine your logo here."

Hope this makes sense. As I said I was going for an all-or-nothing. Hope I scored.

Neil Smithline



On 10/25/10 15:57 , James McGovern wrote: 

Had the opportunity to hang out with a few marketing-oriented types and to pick their brain regarding tactics to encourage OWASP sponsorship. For companies that sell security products, the value proposition is more obvious than say those who sell general consulting services. They inquired as to the demographics of OWASP members in which I couldn’t readily answer (names, representative titles, decision-making authority, etc).  

 

Has anyone else faced the demographic question and was able to provide such answers?

 

James McGovern
Insurance SBU 

Virtusa Corporation

100 Northfield Drive, Suite 305 | Windsor, CT | 06095

Phone:  860 688 9900 Ext:  1037 | Facsimile:  860 688 2890  

 <http://www.virtusa.com/>   <http://www.virtusa.com/blog/>   <https://twitter.com/VirtusaCorp>   <http://www.linkedin.com/companies/virtusa>   <http://www.facebook.com/VirtusaCorp> 

 

Virtusa was recently ranked and featured in 2010 Global Services 100, IAOP's 2010 Global Outsourcing 100 sub-list, 2009 Deloitte Technology Fast 500 and 2009 Dataquest-IDC Best Employers Survey among others.
 
---------------------------------------------------------------------------------------------
 
This message, including any attachments, contains confidential information intended for a specific individual and purpose, and is intended for the addressee only. Any unauthorized disclosure, use, dissemination, copying, or distribution of this message or any of its attachments or the information contained in this e-mail, or the taking of any action based on it, is strictly prohibited. If you are not the intended recipient, please notify the sender immediately by return e-mail and delete this message.
 
---------------------------------------------------------------------------------------------
 
 
_______________________________________________
OWASP-Leaders mailing list
OWASP-Leaders at lists.owasp.org
https://lists.owasp.org/mailman/listinfo/owasp-leaders

Virtusa was recently ranked and featured in 2010 Global Services 100, IAOP's 2010 Global Outsourcing 100 sub-list, 2009 Deloitte Technology Fast 500 and 2009 Dataquest-IDC Best Employers Survey among others.

---------------------------------------------------------------------------------------------

This message, including any attachments, contains confidential information intended for a specific individual and purpose, and is intended for the addressee only. Any unauthorized disclosure, use, dissemination, copying, or distribution of this message or any of its attachments or the information contained in this e-mail, or the taking of any action based on it, is strictly prohibited. If you are not the intended recipient, please notify the sender immediately by return e-mail and delete this message.

---------------------------------------------------------------------------------------------
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-leaders/attachments/20101026/7ea33d66/attachment-0001.html 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/jpeg
Size: 1397 bytes
Desc: image001.jpg
Url : https://lists.owasp.org/pipermail/owasp-leaders/attachments/20101026/7ea33d66/attachment-0001.jpe 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/gif
Size: 744 bytes
Desc: image002.gif
Url : https://lists.owasp.org/pipermail/owasp-leaders/attachments/20101026/7ea33d66/attachment-0004.gif 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/gif
Size: 1211 bytes
Desc: image003.gif
Url : https://lists.owasp.org/pipermail/owasp-leaders/attachments/20101026/7ea33d66/attachment-0005.gif 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/gif
Size: 789 bytes
Desc: image004.gif
Url : https://lists.owasp.org/pipermail/owasp-leaders/attachments/20101026/7ea33d66/attachment-0006.gif 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/gif
Size: 763 bytes
Desc: image005.gif
Url : https://lists.owasp.org/pipermail/owasp-leaders/attachments/20101026/7ea33d66/attachment-0007.gif 


More information about the OWASP-Leaders mailing list