[Owasp-leaders] OWASP Top 10 - 2013 Release Candidate Now Available

• Previous message: [Owasp-leaders] OWASP Top 10 - 2013 Release Candidate Now Available
• Next message: [Owasp-leaders] OWASP Top 10 - 2013 Release Candidate Now Available
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 19 Feb 2013, at 23:31, Jeff Williams wrote:

> I agree with a lot of the comments that have been made on both sides 
> of
> this discussion.  Vendor neutrality is important.  Vendor 
> *involvement* is
> also really important to OWASP.  In fact, I tend to agree with Dinis 
> that
> what OWASP needs most is *more* "abuse" of our brands.
>
> I think we should be very careful to distinguish:

Hi Jeff,

I have always believed in credit where credit is due. Just like in an 
academic paper. That is I totally think Jeff & Dave belong all over the 
OWASP top 10. That is totally fair. However, I also think your company 
benefits from the fact that your company can prove that you are the Jeff 
& Dave of the famous OWASP Top 10. Nobody can take that from you - but I 
also think it is poor taste to turn it into direct marketing.

Additionally, you have listed other companies - if you are working with 
others - then they also deserve credit where credit is due… that is 
only fair. I don't see those names; I would like to. That is only fair.

I totally agree - OWASP needs and wants vendor involvement - but the 
reason for the success is that we are 'vendor neutral' - people trust 
OWASP precisely because we don't push vendors; having Aspects, 
Trustwave, and WhiteHat's name all over things dilutes the 'vendor 
neutral' claim and makes OWASP seem hypocritical and looses trust.

Truth be told; if that is how we operate The first 3 years of my work 
was funded by WhiteHat Security; and nearly everything I ever touched 
would rightfully have WhiteHat Security all over it. Truth be told; 
Jeremiah has put more time, money and people into OWASP than anybody - 
BAR-NONE. WhiteHat Security is a model citizen if there ever was one.

That doesn't negate all the great things Aspect has done throughout the 
years - at all, your contributions have also been enormous and game 
changing. I just want Aspect to join WhiteHat in being a exemplary 
model, particularly since you have board positions as well.

Business is built on trust; and doubly so in security. Reasonable?



Dennis

-- 
[Dennis Groves](http://about.me/dennis.groves), MSc
[Email me](mailto:dennis.groves at owasp.org) or [schedule a 
meeting](http://goo.gl/8sPIy).

*This email is licensed under a [CC BY-ND 
3.0](http://creativecommons.org/licenses/by-nd/3.0/deed.en_GB) license.*

**Please do not send me Microsoft Office/Apple iWork documents.**
Send [OpenDocument](http://fsf.org/campaigns/opendocument/) instead!
Stand up for your freedom to install [free 
software](http://www.fsf.org/campaigns/secure-boot/statement).

> The idea that some lives matter less is the root of all that’s wrong 
> with the world. -- Paul Farmer

• Previous message: [Owasp-leaders] OWASP Top 10 - 2013 Release Candidate Now Available
• Next message: [Owasp-leaders] OWASP Top 10 - 2013 Release Candidate Now Available
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]