[Owasp-leaders] How to increase ZAP takeup?

Justin Klein Keane justin at madirish.net
Thu Sep 11 12:39:11 UTC 2014


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Although I think language bashing is a little simplistic, the
criticisms of aesthetics and performance could be accurate and
probably should be taken to heart.  Many folks find the native Java UI
elements pretty bad so perhaps exploring a different rendering UI
might be worthwhile.

Evangelism is probably one of the biggest things I can think of to
promote an open source project.  Appearances on podcasts, articles in
popular media outlets for the profession, videos on YouTube, books,
etc., all improve the visibility of a project and the attention will
likely be cumulative.

Although I really liked the hack-a-thon at last year's OWASP AppSec
USA, having more developers might not actually be good for a project.
 Rather, having more users with more feature requests, bug reports,
etc. could be a big boon for the project.

Finally, although I love ZAP I've found that a lot of its new features
can be a little overwhelming for a novice user and have a tendency to
hide the most basic use cases.  I think this is perhaps a user
experience issue and perhaps the project has reached the maturity
where a proper UX consultation might be in order.

Cheers,

Justin C. Klein Keane
http://www.MadIrish.net

The digital signature on this e-mail may be verified using
the public key at http://www.madirish.net/gpgkey

On 9/11/14, 8:31 AM, psiinon wrote:
> About 11% of last weeks 2.3.1 downloads were for Macs: 
> http://sourceforge.net/projects/zaproxy/files/2.3.1/ :)
> 
> On Thu, Sep 11, 2014 at 1:24 PM, (P7N) Jason Johnson 
> <jason.johnson at p7n.net <mailto:jason.johnson at p7n.net>> wrote:
> 
> Mac users use ZAP? I'm kidding.
> 
> 
> 
> On September 11, 2014 7:11:18 AM CDT, abbas.naderi at owasp.org 
> <mailto:abbas.naderi at owasp.org> wrote:
> 
> Personally the major reason I don’t like these tools is that they
> are Java based, and Java based apps are ugly and slow on OS X. If I
> led the project, I’d port to python or something else, but I know
> thats a very expensive decision and probably not viable. -A
> 
>> On Sep 11, 2014, at 7:50 AM, Andrew Muller 
>> <andrew.muller at owasp.org <mailto:andrew.muller at owasp.org>>
>> wrote:
>> 
>> A subtle advertising campaign could work
>> 
>> <pharoah bender endorses ZAP.jpg>
>> 
>>>> 
>> On Thu, Sep 11, 2014 at 8:59 PM, psiinon <psiinon at gmail.com 
>> <mailto:psiinon at gmail.com>> wrote:
>> 
>> Leaders,
>> 
>> As you hopefully know, ZAP is one of the most successful of all
>> of the OWASP projects.
>> 
>> However I want to significantly increase its takeup, and for that
>> I'd like your advice and guidance.
>> 
>> *What do you think are the top 3 (or more) things we could do
>> increase ZAP usage?*
>> 
>> I'm not just asking about new features or technical changes (but
>> please include those if you think they are important), but also
>> advertizing, online presence, documentation, tutorial videos,
>> conference talks, fluffy toys etc etc. Anything that you think
>> will get more developers and security folk using ZAP.
>> 
>> I was going to start a poll, but I decided I didnt want to 
>> restrict or unduly influence your replies, so please "think out
>> of the box" and other such cliches ;)
>> 
>> Feel free to reply on this thread or directly to me.
>> 
>> Many thanks,
>> 
>> Simon
>> 
>> -- OWASP ZAP <https://www.owasp.org/index.php/ZAP> Project
>> leader
>> 
>> _______________________________________________ OWASP-Leaders
>> mailing list OWASP-Leaders at lists.owasp.org 
>> <mailto:OWASP-Leaders at lists.owasp.org> 
>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>> 
>> 
>> 
>> 
>> -- ____________________ *Andrew Muller* Canberra OWASP Chapter
>> Leader OWASP Testing Guide Co-Leader 
>> _______________________________________________ OWASP-Leaders
>> mailing list OWASP-Leaders at lists.owasp.org 
>> <mailto:OWASP-Leaders at lists.owasp.org> 
>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
> 
> ------------------------------------------------------------------------
>
>  OWASP-Leaders mailing list OWASP-Leaders at lists.owasp.org
> <mailto:OWASP-Leaders at lists.owasp.org> 
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
> 
> 
> Jason Johnson cell: 405-875-4413 <tel:405-875-4413> ProjectSeven
> Networks™ ___
> 
> 💻because data is beautiful...
> 
> 🌲please do not print this email.
> 
> _______________________________________________ OWASP-Leaders
> mailing list OWASP-Leaders at lists.owasp.org
> <mailto:OWASP-Leaders at lists.owasp.org> 
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
> 
> 
> 
> 
> -- OWASP ZAP <https://www.owasp.org/index.php/ZAP> Project leader
> 
> 
> _______________________________________________ OWASP-Leaders
> mailing list OWASP-Leaders at lists.owasp.org 
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
> 
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.22 (Darwin)
Comment: GPGTools - http://gpgtools.org

iPwEAQECAAYFAlQRl+wACgkQkSlsbLsN1gBCtQb+Ipt+eKtnsdPx2PMLtGRdC7kX
bWeg+486rpebu4+U2Y7x88LsK1O/8OHX2zecfVj1ALAxaITlUqS+2tj+Vcm6Br1x
8ts35xEuO0xbQmkxdD0Dx3iUed7caphcIN930YZvDDjaH/mdieD29V5LG+7B11VZ
vrrF9vnbChJPxuqyDdKT5VcIUYwV+nzT95NNibE/p7i2lltBnEmVccQtnjx5VFzf
p4BJI6gy0AV0hxr1evFWzfu79RpC/fRcHwYhhujc5nq6BvcLp3fm3eadE2N401kD
v3BBHCc4+ZrlFRwJN4U=
=FOhf
-----END PGP SIGNATURE-----


More information about the OWASP-Leaders mailing list