[Owasp-leaders] Training & Donation

Dirk Wetter dirk at owasp.org
Mon Feb 17 19:34:51 UTC 2014

Am 02/02/2014 11:13 PM, schrieb Jim Manico:
> You are missing the third and most important model, especially since we are a charitable non-profit organization:
> 3) Free training for anyone

that is certainly appreciated -- honestly.

Besides our mission please don't forget the catch here: OWASP needs income, and
trainings generate that.

A model where you have both, i.e. a freebie and a payed training *simultaneously* --
jeopardizes our income. Who goes to a paid training when at the same time you
can enjoy a freebie? (also you have cancellation terms for rooms for a "jeopardized"
training -

I know most people don't like the business side of OWASP. But we need to pay
our employees, infrastructure, other costs etc. I was struggling with this decision
at the last conference (OWASP AppSec Research 2013) too.

> It's this model, to my utter amazement, has been blocked a few times at large OWASP conferences.

yes that could have been my "fault" too, see above.

Maybe a way out is to phrase that not as a training but as a workshop and stick
conditions to it (e.g. pay for regular conference). Maybe a careful test is needed

If both payed/free beer are *not* running at the same conference -- you're very welcome!

> There is also option four:
> 4) Increase the cost of admission, expand the training program, and offer it to everyone as part of a new kind of "education" conference.

Admission costs -- depends. Still there's my first concern. Other point: Admission costs are
sometimes too expensive already. Take the last USA conference in NYC. Of course NYC is an
expensive city and OWASP needed to cover the expenses but I felt the fees were a bit on the
pricey side for a non-financial-district employee. Bottom line: if it helps bringing
security to the world and the increase of fee has the argument of a jolly good training
100% freebie program -- why not.



German OWASP Board, (Chair AppSec Research 2013)

Send me encrypted mails (Key ID 0xB818C039)

More information about the OWASP-Leaders mailing list