[Owasp-leaders] Proposal: Remove all commercial/non-OWASP logos from OWASP.org

John Steven John.Steven at owasp.org
Thu Apr 4 11:43:58 UTC 2013


PREFACE: this email does not relate directly to the project sponsor
topic. It is highly related, IMO.

Jeff Williams and I built a resource for those OWASPers or commercial
entities (like an AppSec consulting firm) that wanted to interact with
private third parties (like a bank) in such a way that the result
could be open sourced and donated to OWASP. Find it here:


I embarked upon this project because multiple private third parties
have expressed interest in interacting with OWASP but don't trust that
influential OWASP members will behave properly keeping their interests
and sensitive information in mind. This project was a way to insulate
these organizations from trouble while they contribute through a
trusted party.

While I don't think it's always necessary or ideal for participating
parties to advertise their brand as sponsor, I think it's important to
keep the option open as an incentive.

It's interesting that the document linked above contains "Success
Stories". With the exception of one (WebGoat), none of the successes
list the brand that contributed them.

Phone: 703.727.4034
Rss: http://feeds.feedburner.com/M1splacedOnTheWeb

On Thu, Apr 4, 2013 at 7:28 AM, Martin Knobloch
<martin.knobloch at owasp.org> wrote:
> In the past, if I am not mistaken, there was the option to sponsor a
> project. Not knowing the insides about in how far this has been used or what
> the detailed agreement was, we should look into that first for the project
> pages!
> Again, investigate the implications first, define guidelines, (board) vote
> and take action then!

More information about the OWASP-Leaders mailing list