[Owasp-leaders] OWASP Top 10 - 2013 Release Candidate Now Available
dennis.groves at owasp.org
Tue Feb 19 14:48:55 UTC 2013
On 19 Feb 2013, at 23:31, Jeff Williams wrote:
> I agree with a lot of the comments that have been made on both sides
> this discussion. Vendor neutrality is important. Vendor
> *involvement* is
> also really important to OWASP. In fact, I tend to agree with Dinis
> what OWASP needs most is *more* "abuse" of our brands.
> I think we should be very careful to distinguish:
I have always believed in credit where credit is due. Just like in an
academic paper. That is I totally think Jeff & Dave belong all over the
OWASP top 10. That is totally fair. However, I also think your company
benefits from the fact that your company can prove that you are the Jeff
& Dave of the famous OWASP Top 10. Nobody can take that from you - but I
also think it is poor taste to turn it into direct marketing.
Additionally, you have listed other companies - if you are working with
others - then they also deserve credit where credit is due… that is
only fair. I don't see those names; I would like to. That is only fair.
I totally agree - OWASP needs and wants vendor involvement - but the
reason for the success is that we are 'vendor neutral' - people trust
OWASP precisely because we don't push vendors; having Aspects,
Trustwave, and WhiteHat's name all over things dilutes the 'vendor
neutral' claim and makes OWASP seem hypocritical and looses trust.
Truth be told; if that is how we operate The first 3 years of my work
was funded by WhiteHat Security; and nearly everything I ever touched
would rightfully have WhiteHat Security all over it. Truth be told;
Jeremiah has put more time, money and people into OWASP than anybody -
BAR-NONE. WhiteHat Security is a model citizen if there ever was one.
That doesn't negate all the great things Aspect has done throughout the
years - at all, your contributions have also been enormous and game
changing. I just want Aspect to join WhiteHat in being a exemplary
model, particularly since you have board positions as well.
Business is built on trust; and doubly so in security. Reasonable?
[Dennis Groves](http://about.me/dennis.groves), MSc
[Email me](mailto:dennis.groves at owasp.org) or [schedule a
*This email is licensed under a [CC BY-ND
**Please do not send me Microsoft Office/Apple iWork documents.**
Send [OpenDocument](http://fsf.org/campaigns/opendocument/) instead!
Stand up for your freedom to install [free
> The idea that some lives matter less is the root of all that’s wrong
> with the world. -- Paul Farmer
More information about the OWASP-Leaders