[Owasp-leaders] Measuring Intent and Funding Things

Yvan Boily yvanboily at gmail.com
Thu Mar 20 17:38:36 UTC 2014


I fully support using chapter funds to produce materials for OWASP
chapters, chapter leads, and to support projects and stuff.

What I am looking for here is to find a way to fund the production of OWASP
branded materials for non-OWASP stuff, for example if I want a case of
OWASP cheat sheets that are professionally produced so I can have our HR
team include them in the new hire kit for every new dev my employer hires,
OWASP shouldn't foot the bill for that :)  (something like this -
http://www.amazon.com/Microsoft-Introduction-Reference-Instructions-Shortcuts/dp/1936220156/ref=sr_1_14?ie=UTF8&qid=1395336990&sr=8-14&keywords=cheat+sheetas
opposed to a simple sheet of paper).

I guess maybe I am looking for a way to vote with my wallet for stuff that
might eventually be available as a general order product (which I suspect
will raise hackles, but hey, if OWASP doesn't do it, someone else will, and
pocket the money instead of investing it in community projects).



On Thu, Mar 20, 2014 at 7:07 AM, Dinis Cruz <dinis.cruz at owasp.org> wrote:

> I think having those professional materials are super important for OWASP
> and I also tend to have the OpenSAMM printed book at hand since it one of
> most professional ones we have :)
>
> So yes, Yvan you are spot on (from my point of view) on your analysis and
> OWASP should be helping to pay for those materials (specially since they
> are an investment into the OWASP brand, and who knows how many new members
> and conference attendees we would get from the recipients of
> those materials)
>
> My view is that we should be using some of the OWASP funds (currently
> available) to pay for this type of materials (so that our leaders can
> distribute it). I'm still waiting for the idea of '*OWASP Projects Funds
> bucket*' or '*OWASP Chapters Funds bucket'* so that us (the OWASP
> leaders) can 'just get on with it' and distribute the great stuff that is
> created at OWASP.
>
> Basically Yvan should be able to quickly order the materials he mentions
> below (all from a global fund that is available to all OWASP leaders).
>
> That is what I tried to do with the OWASP GSD project<https://www.owasp.org/index.php/OWASP_GSD_Project>,and
> as you can see on https://www.owasp.org/index.php/OWASP_GSD_Project that
> money has been put to good use (Yvan I think there is still some in
> there, so feel free to use it).
>
> BTW.. and if we can't get the 'OWASP Projects Funds bucket' setup in the
> next months, *what about topping up the GSD projects fund?*
>
> Dinis
>
>
> On 20 March 2014 12:22, Yvan Boily <yvanboily at gmail.com> wrote:
>
>> Hi Leaders,
>>
>> After seeing Jim's post about Cornucopia and buying a couple of copies of
>> the nicely produced OpenSAMM documents at AppSecEU last year, I was about
>> to post a response, but I realized that I had a bigger question.
>>
>> For BSidesVancouver this year we used crowd-funding and I learned that it
>> is a powerful way for the community involved with that to signal intent
>> about priorities when organizing the event.  It worked out really well, and
>> allowed us to keep our event 100% free for those who couldn't or chose not
>> to pay to attend.  Since it was super successful, I pretty much drank the
>> crowd funding kool-aid.   Later this year some gaming (as in playing
>> dungeons and dragons every sunday night) folks and I will be running a
>> separate kickstarter to collect funds to print something that we have been
>> working on as a hobby; we have had a number of people say they would buy a
>> copy, but using crowdfunding will allow us to figure out how much to spend
>> on printing stuff and potentially allow us to get a higher volume printed
>> so we can reduce the unit cost.
>>
>> In addition to this, I have pitched using crowd-funding to fund the
>> development of high quality training materials to at least one other OWASP
>> leader.
>>
>> Has anyone else in the OWASP community investigated using crowd-funding
>> via Indie Go-Go, Kickstarter, or others to measure intent and make physical
>> copies of things available?
>>
>> The reason I ask is:
>>
>> * I would like a professionally manufactured version of Cornucopia (I am
>> talking print quality, not anything else).  This is expensive.  Also, I
>> want about 12 copies, not 1.
>>
>> * I love the quality of the OpenSAMM guide; I literally carry it around
>> with me when I am attending security meetups and cons where I might talk
>> about OWASP because it's production values are simply superb.
>>
>> * I really wish I could buy (by the case) professional quality printouts
>> of the OWASP cheat sheets to give devs in my community, and at work.
>>
>> These things are expensive to produce (both the cost of manufacturing,
>> and the cost of producing good quality print materials).
>>
>> Is this something that people are interested in looking at it?  Is it a
>> viable option?  Are people going to freak out[1] for my suggesting it?
>>
>> Cheers,
>> Yvan
>>
>>
>>
>>
>> [1] omg drama talking about crowdfunding in some other communities I am
>> involved with (gaming, local activism, etc)
>>
>> _______________________________________________
>> OWASP-Leaders mailing list
>> OWASP-Leaders at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20140320/8865ad96/attachment-0001.html>


More information about the OWASP-Leaders mailing list