[Owasp-leaders] Vendor Neutrality

Jerry Hoff jerry at owasp.org
Thu Feb 14 02:10:47 UTC 2013


Hi Ryan,

First of all, thank you for volunteering to lead an OWASP course.  I hope to attend at least one of the classes as we ramp up for AppsecUSA 2013. 

I think the issue here is the wording: 

>>> As a special introduction to the SpiderLabs instructor led course I would like to extend to you a $500 discount code “TRUSTWAVE_500OFF” to be used during check-out.


Although this email was sent from OWASP, it reads like it comes directly from a vendor.  You have to admit, the following would have been a little more proper:

As a special introduction to this OWASP course I would like to extend to you a $500 discount code "OWASP_500OFF" during checkout.

...I'll save the propriety of using sales gimmicks like "$500 discount codes" for a different thread….

Ryan, we are not saying you or Tom did anything wrong.  It's natural for companies to want to promote their name.  However, OWASP is made up of volunteers, not companies.  We risk the loss of the public goodwill and vendor neutrality if we allow the misuse of the foundation's brand.

Is this fair? 

Jerry

--
Jerry Hoff
@jerryhoff
jerry at owasp.org



On Feb 13, 2013, at 8:59 PM, Ryan Barnett <ryan.barnett at owasp.org> wrote:

> Yes I work for Trustwave.  That being said, I don't anything wrong with it. If you go to the webpage -https://www.owasp.org/index.php/NYC - there are 3 training classes run by different people. Only 1 class is from Trustwave.
> 
> This is no different than any training classes run at conferences except for maybe the branded discount code.
> 
> -Ryan 
> 
> On Feb 13, 2013, at 8:47 PM, Jerry Hoff <jerry at owasp.org> wrote:
> 
>> I agree.
>> 
>> OWASP Classes should be led by volunteers.  This is pretty bad and it clearly reads as a SpiderLabs advertisement. 
>> 
>> The instructor's name isn't even listed, but simply a "SpiderLabs instructor led course".  The coupon code is the icing on the cake.
>> 
>> Tom, please respond to this and let us know how you think this is a justified use of the OWASP brand.
>> 
>> --
>> Jerry Hoff
>> @jerryhoff
>> jerry at owasp.org
>> 
>> 
>> 
>> On Feb 13, 2013, at 8:37 PM, Jim Manico <jim.manico at owasp.org> wrote:
>> 
>>> Hey folks,
>>> 
>>> Please see the email at the bottom of this message.
>>> 
>>> This email hit the NYC chapter list today and we discussed it through the board list earlier. I feel this is an abuse of the OWASP brand and vendor neutrality rules to some degree, but other board members politely disagreed with me. That's fair.
>>> 
>>> Can you please chime in here? Am I off-base or do you feel this is OWASP brand or vendor neutrality abuse?
>>> 
>>> I know this is a specific example, but I think it's very important to the organization. So far, I feel like I stand alone when complaining about these situations and I'd appreciate your feedback. If you have the time, please click deeper into the email below and investigate a bit. 
>>> 
>>> I am happy to back away from the issue of vendor neutrality if you think I am off base.
>>> 
>>> Thanks all,
>>> Jim Manico
>>> @Manicode
>>> (808) 652-3805
>>> 
>>> ***********
>>> 
>>> 
>>> From: Tom Brennan <tomb at owasp.org>
>>> Date: Tuesday, February 12, 2013 6:56 PM
>>> To: "OWASPNYCMETRO-announce at meetup.com" <OWASPNYCMETRO-announce at meetup.com>
>>> Subject: [OWASPNYCMETRO] NYC March 13th Training
>>> 
>>> Its coming....INSTRUCTOR LED TRAINING IN NYC
>>> 
>>> Details: https://www.owasp.org/index.php/NYC
>>> 
>>> As a special introduction to the SpiderLabs instructor led course I would like to extend to you a $500 discount code “TRUSTWAVE_500OFF” to be used during check-out.
>>> 
>>> Hack Your Own Code: Advanced Training for Developers (2 Day Training Course)
>>> This class provides security developers an exciting chance to hone their programming skills while also learning to exploit common web vulnerabilities.
>>> 
>>> For more information on the (3) training classes available visit:
>>> 
>>> https://www.owasp.org/index.php/NYC
>>> 
>>> 
>>> Have additional questions? 
>>> 
>>> Call 973-202-0122 to discuss
>>> 
>>> _______________________________________________
>>> OWASP-Leaders mailing list
>>> OWASP-Leaders at lists.owasp.org
>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>> 
>> _______________________________________________
>> OWASP-Leaders mailing list
>> OWASP-Leaders at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-leaders

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20130213/34496f9d/attachment-0001.html>


More information about the OWASP-Leaders mailing list