[Owasp-leaders] Measuring Intent and Funding Things
Jim Manico
jim.manico at owasp.org
Tue Mar 25 05:29:46 UTC 2014
Yvan,
Of course please use our brand guidelines
https://www.owasp.org/index.php/Marketing/Resources#tab=BRAND_GUIDELINES
and kick start this funding idea. Raising funds for our non profit
foundation is something we need to support and encourage. When you set
up a kickstarter or similar campaign, can you give the credentials to
Sarah Baso and/or work with her to ensure the funds to directly to the
foundation?
I might be smacked a bit for jumping the gun here, but that is ok. It's
my duty as a board member to support raising funds for the foundation,
so please charge ahead and I'll take responsibility for any flack for
moving fast on this.
Aloha,
Jim
On 3/25/14, 10:49 AM, Yvan Boily wrote:
> To be clear, the reason I keep asking permission instead of just
> moving forward is for one reason -
>
> Running a kickstarter for the OWASP community (or anyone else who
> participates) means collecting funds. I am happy to provide a
> complete accounting of the funds collected, and donate any extra funds
> collected to OWASP, but I want this activity blessed by the OWASP
> Board or whoever the right folks involved are before proceeding.
>
> Cheers,
> Yvan
>
> ps - irrational exuberance is the reason I do community stuff... a
> career in infosec has made me somewhat cynical, doing awesome
> community stuff ameliorates that ;)
>
>
> On Mon, Mar 24, 2014 at 10:12 PM, Jim Manico <jim.manico at owasp.org
> <mailto:jim.manico at owasp.org>> wrote:
>
> Yvan,
>
> For certain you are way too excited to get a copy. Greenspan
> talked about this as a form of "irrational exuberance". ;)
>
> By the same token, I think a crowdfunding campaign is a fantastic
> idea. I say go for it. This might be a great way to fund future
> endeavors. If you need any help reviewing the campaign copy before
> you go live, just give me a shout.
>
> Awesome + Aloha,
> Jim
>
>
>
>> I requested some a copy of the Cornucopia materials from blackfoot.
>>
>> I am happy to coordinate a print run of the cards, but in order
>> to dramatically simplify things I would prefer to run an
>> crowdfunding campaign to get a pile of them mass produced.
>> Basically the goal would be to get an estimate on the production
>> run, coordinate with (Sam|Kate|Colin|?!?) to get some nice OWASP
>> branded packaging (I haven't seen the controversial (?) packaging
>> mentioned in other threads).
>>
>> If there is media (videos of folks playing, copy about the game,
>> etc) that would also be helpful. The great thing about running
>> something like this through kickstarter is that you can allow
>> people to order them at unit cost, or to pay more to support this
>> or other OWASP projects.
>>
>> I also think this is a better way to allow community members
>> (including myself) to vote with their wallets rather than
>> spending sparse project funds to get something produced. Any
>> objections? Am I putting the cart before the horse here? Maybe I
>> am just a little too excited to get a copy?
>>
>> :)
>>
>>
>> On Mon, Mar 24, 2014 at 9:43 PM, Samantha Groves
>> <samantha.groves at owasp.org <mailto:samantha.groves at owasp.org>> wrote:
>>
>> Sorry, rules of engagement can be found here:
>> https://www.owasp.org/index.php/Funding
>>
>>
>> On Mon, Mar 24, 2014 at 9:42 PM, Samantha Groves
>> <samantha.groves at owasp.org
>> <mailto:samantha.groves at owasp.org>> wrote:
>>
>> We have about $18,000 available for project development:
>> https://www.owasp.org/index.php/Community_Engagement_-_Payments
>>
>>
>> I just need to update this page with what has already
>> been spent.
>>
>> In regard to ordering the books... what are these for? I
>> ask because there might be another budget this expense
>> will come from if they fall under another category.
>>
>>
>>
>> On Mon, Mar 24, 2014 at 4:55 PM, Dinis Cruz
>> <dinis.cruz at owasp.org <mailto:dinis.cruz at owasp.org>> wrote:
>>
>> Cool how much is it and what are the rules of engagement?
>>
>> Can I start by ordering 10x copies of OpenSAMM and
>> 10x copies of latest top 10?
>>
>> On 24 Mar 2014 14:55, "Samantha Groves"
>> <samantha.groves at owasp.org
>> <mailto:samantha.groves at owasp.org>> wrote:
>>
>> Just an FYI... There is a project fund bucket
>> that was given to us this year. It is not much,
>> but it is a start. The question now is... What do
>> you want to do with it?
>>
>>
>> On Thu, Mar 20, 2014 at 10:38 AM, Yvan Boily
>> <yvanboily at gmail.com
>> <mailto:yvanboily at gmail.com>> wrote:
>>
>> I fully support using chapter funds to
>> produce materials for OWASP chapters, chapter
>> leads, and to support projects and stuff.
>>
>> What I am looking for here is to find a way
>> to fund the production of OWASP branded
>> materials for non-OWASP stuff, for example if
>> I want a case of OWASP cheat sheets that are
>> professionally produced so I can have our HR
>> team include them in the new hire kit for
>> every new dev my employer hires, OWASP
>> shouldn't foot the bill for that :)
>> (something like this -
>> http://www.amazon.com/Microsoft-Introduction-Reference-Instructions-Shortcuts/dp/1936220156/ref=sr_1_14?ie=UTF8&qid=1395336990&sr=8-14&keywords=cheat+sheet
>> as opposed to a simple sheet of paper).
>>
>> I guess maybe I am looking for a way to vote
>> with my wallet for stuff that might
>> eventually be available as a general order
>> product (which I suspect will raise hackles,
>> but hey, if OWASP doesn't do it, someone else
>> will, and pocket the money instead of
>> investing it in community projects).
>>
>>
>>
>> On Thu, Mar 20, 2014 at 7:07 AM, Dinis Cruz
>> <dinis.cruz at owasp.org
>> <mailto:dinis.cruz at owasp.org>> wrote:
>>
>> I think having those professional
>> materials are super important for OWASP
>> and I also tend to have the OpenSAMM
>> printed book at hand since it one of most
>> professional ones we have :)
>>
>> So yes, Yvan you are spot on (from my
>> point of view) on your analysis and OWASP
>> should be helping to pay for those
>> materials (specially since they are an
>> investment into the OWASP brand, and who
>> knows how many new members and conference
>> attendees we would get from
>> the recipients of those materials)
>>
>> My view is that we should be using some
>> of the OWASP funds (currently available)
>> to pay for this type of materials (so
>> that our leaders can distribute it). I'm
>> still waiting for the idea of '*/OWASP
>> Projects Funds bucket/*' or '*/OWASP
>> Chapters Funds bucket'/* so that us (the
>> OWASP leaders) can 'just get on with it'
>> and distribute the great stuff that is
>> created at OWASP.
>>
>> Basically Yvan should be able to quickly
>> order the materials he mentions below
>> (all from a global fund that is available
>> to all OWASP leaders).
>>
>> That is what I tried to do with the OWASP
>> GSD project
>> <https://www.owasp.org/index.php/OWASP_GSD_Project>,and
>> as you can see on
>> https://www.owasp.org/index.php/OWASP_GSD_Project
>> that money has been put to good use (Yvan
>> I think there is still some in there, so
>> feel free to use it).
>>
>> BTW.. and if we can't get the 'OWASP
>> Projects Funds bucket' setup in the next
>> months, */what about topping up the GSD
>> projects fund?/*
>>
>> Dinis
>>
>>
>> On 20 March 2014 12:22, Yvan Boily
>> <yvanboily at gmail.com
>> <mailto:yvanboily at gmail.com>> wrote:
>>
>> Hi Leaders,
>>
>> After seeing Jim's post about
>> Cornucopia and buying a couple of
>> copies of the nicely produced
>> OpenSAMM documents at AppSecEU last
>> year, I was about to post a response,
>> but I realized that I had a bigger
>> question.
>>
>> For BSidesVancouver this year we used
>> crowd-funding and I learned that it
>> is a powerful way for the community
>> involved with that to signal intent
>> about priorities when organizing the
>> event. It worked out really well,
>> and allowed us to keep our event 100%
>> free for those who couldn't or chose
>> not to pay to attend. Since it was
>> super successful, I pretty much drank
>> the crowd funding kool-aid. Later
>> this year some gaming (as in playing
>> dungeons and dragons every sunday
>> night) folks and I will be running a
>> separate kickstarter to collect funds
>> to print something that we have been
>> working on as a hobby; we have had a
>> number of people say they would buy a
>> copy, but using crowdfunding will
>> allow us to figure out how much to
>> spend on printing stuff and
>> potentially allow us to get a higher
>> volume printed so we can reduce the
>> unit cost.
>>
>> In addition to this, I have pitched
>> using crowd-funding to fund the
>> development of high quality training
>> materials to at least one other OWASP
>> leader.
>>
>> Has anyone else in the OWASP
>> community investigated using
>> crowd-funding via Indie Go-Go,
>> Kickstarter, or others to measure
>> intent and make physical copies of
>> things available?
>>
>> The reason I ask is:
>>
>> * I would like a professionally
>> manufactured version of Cornucopia (I
>> am talking print quality, not
>> anything else). This is expensive.
>> Also, I want about 12 copies, not 1.
>>
>> * I love the quality of the OpenSAMM
>> guide; I literally carry it around
>> with me when I am attending security
>> meetups and cons where I might talk
>> about OWASP because it's production
>> values are simply superb.
>>
>> * I really wish I could buy (by the
>> case) professional quality printouts
>> of the OWASP cheat sheets to give
>> devs in my community, and at work.
>>
>> These things are expensive to produce
>> (both the cost of manufacturing, and
>> the cost of producing good quality
>> print materials).
>>
>> Is this something that people are
>> interested in looking at it? Is it a
>> viable option? Are people going to
>> freak out[1] for my suggesting it?
>>
>> Cheers,
>> Yvan
>>
>>
>>
>>
>> [1] omg drama talking about
>> crowdfunding in some other
>> communities I am involved with
>> (gaming, local activism, etc)
>>
>> _______________________________________________
>> OWASP-Leaders mailing list
>> OWASP-Leaders at lists.owasp.org
>> <mailto:OWASP-Leaders at lists.owasp.org>
>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>
>>
>>
>>
>> _______________________________________________
>> OWASP-Leaders mailing list
>> OWASP-Leaders at lists.owasp.org
>> <mailto:OWASP-Leaders at lists.owasp.org>
>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>
>>
>>
>>
>> --
>>
>> *Samantha Groves, MBA*
>>
>> /OWASP Projects Manager/
>>
>> /
>> /
>>
>> The OWASP Foundation
>>
>> Phoenix, USA
>>
>> Email: samantha.groves at owasp.org
>> <mailto:samantha.groves at owasp.org>
>>
>> Skype: samanthahz
>>
>>
>> OWASP Global Projects
>> <https://www.owasp.org/index.php/Category:OWASP_Project>
>>
>> Book a Meeting with Me <http://goo.gl/mZXdZ>
>>
>> OWASP Contact US Form
>> <http://owasp4.owasp.org/contactus.html>
>>
>> New Project Application Form
>> <http://www.tfaforms.com/263506>
>>
>>
>>
>>
>>
>>
>> --
>>
>> *Samantha Groves, MBA*
>>
>> /OWASP Projects Manager/
>>
>> /
>> /
>>
>> The OWASP Foundation
>>
>> Phoenix, USA
>>
>> Email: samantha.groves at owasp.org
>> <mailto:samantha.groves at owasp.org>
>>
>> Skype: samanthahz
>>
>>
>> OWASP Global Projects
>> <https://www.owasp.org/index.php/Category:OWASP_Project>
>>
>> Book a Meeting with Me <http://goo.gl/mZXdZ>
>>
>> OWASP Contact US Form
>> <http://owasp4.owasp.org/contactus.html>
>>
>> New Project Application Form <http://www.tfaforms.com/263506>
>>
>>
>>
>>
>>
>>
>> --
>>
>> *Samantha Groves, MBA*
>>
>> /OWASP Projects Manager/
>>
>> /
>> /
>>
>> The OWASP Foundation
>>
>> Phoenix, USA
>>
>> Email: samantha.groves at owasp.org
>> <mailto:samantha.groves at owasp.org>
>>
>> Skype: samanthahz
>>
>>
>> OWASP Global Projects
>> <https://www.owasp.org/index.php/Category:OWASP_Project>
>>
>> Book a Meeting with Me <http://goo.gl/mZXdZ>
>>
>> OWASP Contact US Form <http://owasp4.owasp.org/contactus.html>
>>
>> New Project Application Form <http://www.tfaforms.com/263506>
>>
>>
>>
>>
>>
>>
>> _______________________________________________
>> OWASP-Leaders mailing list
>> OWASP-Leaders at lists.owasp.org <mailto:OWASP-Leaders at lists.owasp.org>
>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20140325/3fe7b1c1/attachment-0001.html>
More information about the OWASP-Leaders
mailing list