[Owasp-leaders] Standing for the OWASP Board: an agenda for the future
abiusx at owasp.org
Sun Jul 27 04:18:41 UTC 2014
I support your cause, and hence your candidacy.
These are exactly what I’ve been trying to achieve for two years now in OWASP.
On Jul 26, 2014, at 9:30 PM, Andrew van der Stock <vanderaj at owasp.org> wrote:
> Hi there,
> I have formally submitted my name to be in the Board Elections 2014.
> I am standing for:
> * Reforming the Board. We need to improve the independence, ethics and dispute resolution processes. I will be a root and branches reformer to encourage the Board to make a couple of the positions available to truly independent directors. I will be encouraging all current Board and future Board members to undertake an Institute of Company Directors course to understand their duties, and the way they integrate with the Foundation they are responsible for.
> * Projects. We must broaden our church to be truly inclusive of modern web applications, web services, cloud, system, embedded and mobile. I propose the Board create a process for RedBook style short intensive workshops of 1-2 weeks where projects can ask for funding to move their project to completion or a much higher state of quality. This should be backed by industry participation, ensuring our core deliverables are actually useful to developers and architects. The days of funding anyone but the content creators must end. We need to be famous for our developer centric projects, and these projects should be immediately useful to developers and their teams.
> * Standards. We need to be the trusted advisor to PCI, NIST, and ISO. This is not an easy path to take, but if we are not at the table, we become irrelevant. Additionally, we have an opportunity to take our flagship standards products (Application Security Verification Standard and Proactive Controls) and plug a market hole for easily applicable advice to developers. Developers don't read ISO 27034, they don't read PCI DSS. They should be reading and using our materials.
> * Education. We need to create University level course (100, 200, 300) with the help of a university educator. I propose that we ask a range of universities to come to AppSec USA and start the process of formulating a curriculum, which once completed will become the default standard university curriculum for application security.
> I know there are excellent candidates already. I encourage you to ask them their positions on reforming the Board, Projects, Standards, and Education. With your vote, you get to choose the future of OWASP. I want to bring us back to our core mission of being relevant to developers, the literal standard bearer for all application developers, and the thought leader for the next generation of contributors and supporters.
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the OWASP-Leaders