[Owasp-leaders] Vendor Neutrality

Jim Manico jim.manico at owasp.org
Thu Feb 14 15:47:22 UTC 2013


Since committees are going away, I think this would make a great
global initiative! :)

--
Jim Manico
@Manicode
(808) 652-3805

On Feb 14, 2013, at 7:36 AM, Matteo Meucci <matteo.meucci at owasp.org> wrote:

> I think there is an interesting key point for OWASP here.
>
> Some leaders think that this promotion is ok, some leaders think NO.
> Also I see that some projects are completely open (for example using
> mailing list, wiki to edit the state of the project, ecc.) and some
> projects that are more closed. Someone still uses his Company template
> for the presentations talking about OWASP and so on.
>
> I propose a new OWASP Global Committees that should drive and monitor
> all the contents on the OWASP site and documents. This Committees
> represents the OWASP way to create an OWASP output (documents,
> presentations, wiki, ecc.) and should maintain a page with all the rules
> that are implemented during his work.
>
> For this single rule 'Is it possible to promote not OWASP Trainings on
> Chapters site?' I propose to vote. Then all the Chapters must adopt this
> new shared rule.
>
> What do you think about that?
>
> Thanks,
> Mat
>
> On 02/14/2013 04:31 PM, Jim Manico wrote:
>>> Even folks on this list who give
>> away "free" classes are simply obtaining contacts for consultancy and
>> product sales down the road.
>>
>> I've been doing significant free training in the OWASP community. For
>> example, Eoin and I are delivering a large free training at RSA and
>> they offered us a badge zapper for lead collection. We said "No way,
>> this is an OWASP event where we are representing OWASP. No way."
>>
>> Folks may not agree with my stance here and I'm ok with that, but I
>> try to practice what I preach. Heck Eric, I've sponsored Chapter
>> meetings and brought sales folks from my employer (everyone is free to
>> participate) with me, but I ask them not to pitch and not to bring
>> marketing material, even when they sponsor food. Just listen and meet
>> folks.
>>
>> My philosophy is: contribute, serve the OWASP mission, respect the
>> ethical guidelines, and deliver free talks and trainings in a vendor
>> neutral way. This is NOT being goody-2-shoes, it's also good for
>> business. Folks want to do business with you when you respect OWASP
>> and demonstrate appropriate ethics.
>>
>> And yes, my affiliation with OWASP has radically helped my career and
>> I've personally done well the past few years. This is why I started
>> 2012 by contributing 1000$ of my personal funds to OWASP. I challenge
>> the board and other leaders who can afford it to do the same.
>>
>> Also, the board has a legal/fiduciary and financial responsibility to
>> uphold the principles of a non-profit 501c3. We have been audited by
>> accountants in the past who said we were ok. But there are things that
>> accountants looking at numbers on paper will never see.
>>
>> I for one am going to continue to do my best as a board member (and
>> just as someone who really loves OWASP) to uphold the values of vendor
>> neutrality.
>>
>> --
>> Jim Manico
>> @Manicode
>> (808) 652-3805
>>
>> On Feb 14, 2013, at 6:54 AM, Eric Sheridan <eric.sheridan at owasp.org> wrote:
>>
>>> Even folks on this list who give
>>> away "free" classes are simply obtaining contacts for consultancy and
>>> product sales down the road.
>> _______________________________________________
>> OWASP-Leaders mailing list
>> OWASP-Leaders at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>
> --
> --
> Matteo Meucci
> OWASP Testing Guide Lead
> OWASP Italy President
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders


More information about the OWASP-Leaders mailing list