[Owasp-leaders] Full time OWASP evangelist...

Dinis Cruz dinis.cruz at owasp.org
Sat Dec 15 20:43:47 UTC 2012


Dennis, Eric has a point here, lets keep the thread focused on the
issue/idea of what resources should OWASP invest in

Dinis Cruz

On 15 Dec 2012, at 20:20, Eric Sheridan <eric.sheridan at owasp.org> wrote:

> I honestly don't know why I check this email account sometimes.
>
> Sincerely,
> Eric Sheridan
> (twitter) @eric_sheridan
> (blog) http://ericsheridan.blogspot.com
>
> On 12/14/12 7:59 PM, Dennis Groves wrote:
>> **THE LION AND THE FROG * *
>>
>> A lion heard a frog croaking loudly and turned towards the sound,
>> thinking that this must be the sound of some huge beast. After a while,
>> the lion saw the frog come up out of the swamp. He went over to the frog
>> and as he crushed him underfoot, the lion said, 'No one should be
>> worried about a sound before the thing itself has been examined.'
>> /This fable is for a man with a big mouth who talks and talks without
>> accomplishing anything. /
>>
>>
>>
>> On Sat, Dec 15, 2012 at 12:42 AM, Jerry Hoff <jerry at owasp.org
>> <mailto:jerry at owasp.org>> wrote:
>>
>>    Thanks Dennis,
>>
>>    I recommend you communicate with the board - it might be majority
>>    already agree with this proposal.
>>
>>    We might need to start a new board called "owasp-bedtime-stories"
>>    where we use nursery rhymes to communicate with each other.
>>
>>    Jerry
>>
>>
>>
>>    On Dec 14, 2012, at 6:52 PM, Dennis Groves <dennis.groves at owasp.org
>>    <mailto:dennis.groves at owasp.org>> wrote:
>>
>>>    *THE HORSE AND HIS GROOM *
>>>
>>>        There was a groom who used to sell his horse's barley to the
>>>        innkeepers and drink all evening long. He would then spend the
>>>        whole next day combing and currying the horse. The horse said
>>>        to the groom, 'If you really want me to look good, then don't
>>>        sell the food that nourishes me!'
>>>
>>>    If you truly aim to help OWASP please participate in the board
>>>    meetings and listen to the problems, and get to know he
>>>    organization *BEFORE* your propose solutions.
>>>
>>>    Dennis
>>>
>>>
>>>    On Fri, Dec 14, 2012 at 11:06 PM, Jerry Hoff <jerry at owasp.org
>>>    <mailto:jerry at owasp.org>> wrote:
>>>
>>>        If free training works - why not do more?
>>>
>>>        I don't think any one person will be the focal attention
>>>        point, but we need someone out full time raising awareness and
>>>        getting corporate sponsorship.
>>>
>>>        For the record I think Dinis Cruz would be great in this role.
>>>
>>>        Jerry
>>>
>>>
>>>        On Dec 14, 2012, at 4:00 PM, Konstantinos Papapanagiotou
>>>        <Konstantinos at owasp.org <mailto:Konstantinos at owasp.org>> wrote:
>>>
>>>>        I've said in many occasions that I'm against OWASP having a
>>>>        CEO, and if an "evangelist" means CEO, then I guess I'm
>>>>        against it as well. The main reason would be that it would
>>>>        potentially place too much attention on a single person and
>>>>        that person might end up actually "being" OWASP for a lot of
>>>>        people.
>>>>
>>>>        I'd like to see that the responsibilities of that person will
>>>>        be before I nominate someone. Also, what
>>>>        characteristics/qualities are we looking at?
>>>>
>>>>        Will he be doing training? Will he be the only one doing
>>>>        training? Why? Are we moving away from the free training
>>>>        model that for example Eoin and Jim gave? From the Training
>>>>        Days
>>>>        (https://www.owasp.org/index.php/Greece/Training/OWASP_projects_and_resources_you_can_use_TODAY)
>>>>        that were huge success both financially and in terms of
>>>>        reaching out to the community?
>>>>
>>>>        Aside from that I think that there are numerous amazing
>>>>        initiatives that kicked off at some point but eventually
>>>>        stayed there and never grew (training days are a perfect
>>>>        example). We need paid employees to make sure that such
>>>>        initiatives keep going. I don't care if we call them project
>>>>        managers, CEO, evangelists or whatever.
>>>>
>>>>        Kostas
>>>>
>>>>
>>>>        On Fri, Dec 14, 2012 at 6:53 PM, Jerry Hoff <jerry at owasp.org
>>>>        <mailto:jerry at owasp.org>> wrote:
>>>>
>>>>            I think a technical evangelist / CEO role would pay for
>>>>            himself / herself almost immediately.
>>>>
>>>>            Imagine doing training where all the $$ goes back to
>>>>            OWASP, in addition to spending time doing fundraising,
>>>>            etc....
>>>>
>>>>            Jerry
>>>>
>>>>            On Dec 14, 2012, at 11:26 AM, Eoin <eoin.keary at owasp.org
>>>>            <mailto:eoin.keary at owasp.org>> wrote:
>>>>
>>>>> Jerry,
>>>>> It comes down to cash and revenue stream. I'd love  to
>>>>            have a CEO of owasp also.
>>>>>
>>>>>
>>>>> Eoin Keary
>>>>> Owasp Global Board
>>>>> +353 87 977 2988 <tel:%2B353%2087%20977%202988>
>>>>>
>>>>>
>>>>> On 14 Dec 2012, at 04:52, Jerry Hoff <jerry at owasp.org
>>>>            <mailto:jerry at owasp.org>> wrote:
>>>>>
>>>>>> Esteemed Board and Leaders,
>>>>>>
>>>>>> I've been doing a lot of thinking about OWASP and our
>>>>            mission - and I really think we need a little more balance.
>>>>>>
>>>>>> We obviously have a strong volunteer base consisting
>>>>            of many of the most experienced and motivated web app sec
>>>>            pros on the planet.
>>>>>>
>>>>>> However, I think we also need more full time owasp
>>>>            employees to evangelize, coordinate and guide us as we
>>>>            experience sustained growth, attention and involvement.
>>>>>>
>>>>>> We want to make appsec more visible, to inform as many
>>>>            stakeholders as possible of the security issues that
>>>>            plague web and application development.
>>>>>>
>>>>>> To better achieve these ends I move to start a
>>>>            petition / movement to hire a full time evangelist.
>>>>>>
>>>>>> Ideally this would be a position filled by a vocal
>>>>            advocate for OWASP and appsec who can take our message
>>>>            and advance it out to the developer community at large.
>>>>>>
>>>>>> This role could also assist the other full time owasp
>>>>            employees shape and guide the organization and its
>>>>            outreach efforts.
>>>>>>
>>>>>> Along with owasp, I've been highly involved with
>>>>            toastmasters - what they have done as an organization can
>>>>            easily serve as an organizational  template for us.
>>>>>>
>>>>>> I have deep love and respect for OWASP and everyone
>>>>            who volunteers - I'm extremely confident that investing
>>>>            in a full time evangelist will reap huge returns and
>>>>            cement OWASP even more firmly in the development world.
>>>>>>
>>>>>> Leaders, what do you think? Would love to hear from
>>>>            those who agree / disagree. Anyone interested in full
>>>>            time OWASP evangelizing?
>>>>>>
>>>>>> In the meantime I'm going to be working towards
>>>>            getting corporate sponsorship to fund more full timers.
>>>>>>
>>>>>> Distinti saluti,
>>>>>> Jerry
>>>>>> _______________________________________________
>>>>>> OWASP-Leaders mailing list
>>>>>> OWASP-Leaders at lists.owasp.org
>>>>            <mailto:OWASP-Leaders at lists.owasp.org>
>>>>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>>            _______________________________________________
>>>>            OWASP-Leaders mailing list
>>>>            OWASP-Leaders at lists.owasp.org
>>>>            <mailto:OWASP-Leaders at lists.owasp.org>
>>>>            https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>
>>>        _______________________________________________
>>>        OWASP-Leaders mailing list
>>>        OWASP-Leaders at lists.owasp.org
>>>        <mailto:OWASP-Leaders at lists.owasp.org>
>>>        https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>
>>>
>>>
>>>
>>>    --
>>>    Dennis Groves <http://about.me/dennis.groves>, MSc
>>>    Email me, <mailto:dennis.groves at owasp.org> or schedule a meeting
>>>    <http://goo.gl/8sPIy>.
>>>    /This email is licensed under a CC BY-ND 3.0
>>>    <http://creativecommons.org/licenses/by-nd/3.0/deed.en_GB> license./
>>>    Stand up for your freedom to install free software.
>>>    <http://www.fsf.org/campaigns/secure-boot/statement>
>>>    Please do not send me Microsoft Office/Apple iWork documents.
>>>    Send OpenDocument <http://fsf.org/campaigns/opendocument/> instead!
>>>
>>>    <http://www.owasp.org/>
>>
>>
>>
>> --
>> Dennis Groves <http://about.me/dennis.groves>, MSc
>> Email me, <mailto:dennis.groves at owasp.org> or schedule a meeting
>> <http://goo.gl/8sPIy>.
>> /This email is licensed under a CC BY-ND 3.0
>> <http://creativecommons.org/licenses/by-nd/3.0/deed.en_GB> license./
>> Stand up for your freedom to install free software.
>> <http://www.fsf.org/campaigns/secure-boot/statement>
>> Please do not send me Microsoft Office/Apple iWork documents.
>> Send OpenDocument <http://fsf.org/campaigns/opendocument/> instead!
>>
>> <http://www.owasp.org/>
>>
>>
>>
>> _______________________________________________
>> OWASP-Leaders mailing list
>> OWASP-Leaders at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders


More information about the OWASP-Leaders mailing list