[Owasp-leaders] Full time OWASP evangelist...

Johanna Curiel johanna.curiel at owasp.org
Mon Dec 17 03:17:17 UTC 2012


I think we need to delegate clear responsibilities. A while ago I asked about the owasp code review guideline project and I received no answer. it is not clear for me who is responsible of which project and communication , allocation of efforts and resources becomes quite chaotic in this way.there has been no follow up.

is it possible to have a clear idea of who has been delegated and if this person takes responsibility/ accountability for the project otherwise he/she should not be in charged. 

control and management at a higher level is necessary to avoid chaos.


as a volunteer i want to set my efforts and time wisely used.and I would be glad to collaborate at a higher level , helping managing and been accountable for projects

best regards


johanna




Op 15 dec. 2012 om 16:43 heeft Dinis Cruz <dinis.cruz at owasp.org> het volgende geschreven:

> Dennis, Eric has a point here, lets keep the thread focused on the
> issue/idea of what resources should OWASP invest in
> 
> Dinis Cruz
> 
> On 15 Dec 2012, at 20:20, Eric Sheridan <eric.sheridan at owasp.org> wrote:
> 
>> I honestly don't know why I check this email account sometimes.
>> 
>> Sincerely,
>> Eric Sheridan
>> (twitter) @eric_sheridan
>> (blog) http://ericsheridan.blogspot.com
>> 
>> On 12/14/12 7:59 PM, Dennis Groves wrote:
>>> **THE LION AND THE FROG * *
>>> 
>>> A lion heard a frog croaking loudly and turned towards the sound,
>>> thinking that this must be the sound of some huge beast. After a while,
>>> the lion saw the frog come up out of the swamp. He went over to the frog
>>> and as he crushed him underfoot, the lion said, 'No one should be
>>> worried about a sound before the thing itself has been examined.'
>>> /This fable is for a man with a big mouth who talks and talks without
>>> accomplishing anything. /
>>> 
>>> 
>>> 
>>> On Sat, Dec 15, 2012 at 12:42 AM, Jerry Hoff <jerry at owasp.org
>>> <mailto:jerry at owasp.org>> wrote:
>>> 
>>>   Thanks Dennis,
>>> 
>>>   I recommend you communicate with the board - it might be majority
>>>   already agree with this proposal.
>>> 
>>>   We might need to start a new board called "owasp-bedtime-stories"
>>>   where we use nursery rhymes to communicate with each other.
>>> 
>>>   Jerry
>>> 
>>> 
>>> 
>>>   On Dec 14, 2012, at 6:52 PM, Dennis Groves <dennis.groves at owasp.org
>>>   <mailto:dennis.groves at owasp.org>> wrote:
>>> 
>>>>   *THE HORSE AND HIS GROOM *
>>>> 
>>>>       There was a groom who used to sell his horse's barley to the
>>>>       innkeepers and drink all evening long. He would then spend the
>>>>       whole next day combing and currying the horse. The horse said
>>>>       to the groom, 'If you really want me to look good, then don't
>>>>       sell the food that nourishes me!'
>>>> 
>>>>   If you truly aim to help OWASP please participate in the board
>>>>   meetings and listen to the problems, and get to know he
>>>>   organization *BEFORE* your propose solutions.
>>>> 
>>>>   Dennis
>>>> 
>>>> 
>>>>   On Fri, Dec 14, 2012 at 11:06 PM, Jerry Hoff <jerry at owasp.org
>>>>   <mailto:jerry at owasp.org>> wrote:
>>>> 
>>>>       If free training works - why not do more?
>>>> 
>>>>       I don't think any one person will be the focal attention
>>>>       point, but we need someone out full time raising awareness and
>>>>       getting corporate sponsorship.
>>>> 
>>>>       For the record I think Dinis Cruz would be great in this role.
>>>> 
>>>>       Jerry
>>>> 
>>>> 
>>>>       On Dec 14, 2012, at 4:00 PM, Konstantinos Papapanagiotou
>>>>       <Konstantinos at owasp.org <mailto:Konstantinos at owasp.org>> wrote:
>>>> 
>>>>>       I've said in many occasions that I'm against OWASP having a
>>>>>       CEO, and if an "evangelist" means CEO, then I guess I'm
>>>>>       against it as well. The main reason would be that it would
>>>>>       potentially place too much attention on a single person and
>>>>>       that person might end up actually "being" OWASP for a lot of
>>>>>       people.
>>>>> 
>>>>>       I'd like to see that the responsibilities of that person will
>>>>>       be before I nominate someone. Also, what
>>>>>       characteristics/qualities are we looking at?
>>>>> 
>>>>>       Will he be doing training? Will he be the only one doing
>>>>>       training? Why? Are we moving away from the free training
>>>>>       model that for example Eoin and Jim gave? From the Training
>>>>>       Days
>>>>>       (https://www.owasp.org/index.php/Greece/Training/OWASP_projects_and_resources_you_can_use_TODAY)
>>>>>       that were huge success both financially and in terms of
>>>>>       reaching out to the community?
>>>>> 
>>>>>       Aside from that I think that there are numerous amazing
>>>>>       initiatives that kicked off at some point but eventually
>>>>>       stayed there and never grew (training days are a perfect
>>>>>       example). We need paid employees to make sure that such
>>>>>       initiatives keep going. I don't care if we call them project
>>>>>       managers, CEO, evangelists or whatever.
>>>>> 
>>>>>       Kostas
>>>>> 
>>>>> 
>>>>>       On Fri, Dec 14, 2012 at 6:53 PM, Jerry Hoff <jerry at owasp.org
>>>>>       <mailto:jerry at owasp.org>> wrote:
>>>>> 
>>>>>           I think a technical evangelist / CEO role would pay for
>>>>>           himself / herself almost immediately.
>>>>> 
>>>>>           Imagine doing training where all the $$ goes back to
>>>>>           OWASP, in addition to spending time doing fundraising,
>>>>>           etc....
>>>>> 
>>>>>           Jerry
>>>>> 
>>>>>           On Dec 14, 2012, at 11:26 AM, Eoin <eoin.keary at owasp.org
>>>>>           <mailto:eoin.keary at owasp.org>> wrote:
>>>>> 
>>>>>> Jerry,
>>>>>> It comes down to cash and revenue stream. I'd love  to
>>>>>           have a CEO of owasp also.
>>>>>> 
>>>>>> 
>>>>>> Eoin Keary
>>>>>> Owasp Global Board
>>>>>> +353 87 977 2988 <tel:%2B353%2087%20977%202988>
>>>>>> 
>>>>>> 
>>>>>> On 14 Dec 2012, at 04:52, Jerry Hoff <jerry at owasp.org
>>>>>           <mailto:jerry at owasp.org>> wrote:
>>>>>> 
>>>>>>> Esteemed Board and Leaders,
>>>>>>> 
>>>>>>> I've been doing a lot of thinking about OWASP and our
>>>>>           mission - and I really think we need a little more balance.
>>>>>>> 
>>>>>>> We obviously have a strong volunteer base consisting
>>>>>           of many of the most experienced and motivated web app sec
>>>>>           pros on the planet.
>>>>>>> 
>>>>>>> However, I think we also need more full time owasp
>>>>>           employees to evangelize, coordinate and guide us as we
>>>>>           experience sustained growth, attention and involvement.
>>>>>>> 
>>>>>>> We want to make appsec more visible, to inform as many
>>>>>           stakeholders as possible of the security issues that
>>>>>           plague web and application development.
>>>>>>> 
>>>>>>> To better achieve these ends I move to start a
>>>>>           petition / movement to hire a full time evangelist.
>>>>>>> 
>>>>>>> Ideally this would be a position filled by a vocal
>>>>>           advocate for OWASP and appsec who can take our message
>>>>>           and advance it out to the developer community at large.
>>>>>>> 
>>>>>>> This role could also assist the other full time owasp
>>>>>           employees shape and guide the organization and its
>>>>>           outreach efforts.
>>>>>>> 
>>>>>>> Along with owasp, I've been highly involved with
>>>>>           toastmasters - what they have done as an organization can
>>>>>           easily serve as an organizational  template for us.
>>>>>>> 
>>>>>>> I have deep love and respect for OWASP and everyone
>>>>>           who volunteers - I'm extremely confident that investing
>>>>>           in a full time evangelist will reap huge returns and
>>>>>           cement OWASP even more firmly in the development world.
>>>>>>> 
>>>>>>> Leaders, what do you think? Would love to hear from
>>>>>           those who agree / disagree. Anyone interested in full
>>>>>           time OWASP evangelizing?
>>>>>>> 
>>>>>>> In the meantime I'm going to be working towards
>>>>>           getting corporate sponsorship to fund more full timers.
>>>>>>> 
>>>>>>> Distinti saluti,
>>>>>>> Jerry
>>>>>>> _______________________________________________
>>>>>>> OWASP-Leaders mailing list
>>>>>>> OWASP-Leaders at lists.owasp.org
>>>>>           <mailto:OWASP-Leaders at lists.owasp.org>
>>>>>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>>>           _______________________________________________
>>>>>           OWASP-Leaders mailing list
>>>>>           OWASP-Leaders at lists.owasp.org
>>>>>           <mailto:OWASP-Leaders at lists.owasp.org>
>>>>>           https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>> 
>>>>       _______________________________________________
>>>>       OWASP-Leaders mailing list
>>>>       OWASP-Leaders at lists.owasp.org
>>>>       <mailto:OWASP-Leaders at lists.owasp.org>
>>>>       https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>> 
>>>> 
>>>> 
>>>> 
>>>>   --
>>>>   Dennis Groves <http://about.me/dennis.groves>, MSc
>>>>   Email me, <mailto:dennis.groves at owasp.org> or schedule a meeting
>>>>   <http://goo.gl/8sPIy>.
>>>>   /This email is licensed under a CC BY-ND 3.0
>>>>   <http://creativecommons.org/licenses/by-nd/3.0/deed.en_GB> license./
>>>>   Stand up for your freedom to install free software.
>>>>   <http://www.fsf.org/campaigns/secure-boot/statement>
>>>>   Please do not send me Microsoft Office/Apple iWork documents.
>>>>   Send OpenDocument <http://fsf.org/campaigns/opendocument/> instead!
>>>> 
>>>>   <http://www.owasp.org/>
>>> 
>>> 
>>> 
>>> --
>>> Dennis Groves <http://about.me/dennis.groves>, MSc
>>> Email me, <mailto:dennis.groves at owasp.org> or schedule a meeting
>>> <http://goo.gl/8sPIy>.
>>> /This email is licensed under a CC BY-ND 3.0
>>> <http://creativecommons.org/licenses/by-nd/3.0/deed.en_GB> license./
>>> Stand up for your freedom to install free software.
>>> <http://www.fsf.org/campaigns/secure-boot/statement>
>>> Please do not send me Microsoft Office/Apple iWork documents.
>>> Send OpenDocument <http://fsf.org/campaigns/opendocument/> instead!
>>> 
>>> <http://www.owasp.org/>
>>> 
>>> 
>>> 
>>> _______________________________________________
>>> OWASP-Leaders mailing list
>>> OWASP-Leaders at lists.owasp.org
>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>> _______________________________________________
>> OWASP-Leaders mailing list
>> OWASP-Leaders at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders


More information about the OWASP-Leaders mailing list