[Owasp-leaders] Should OWASP projects (and in particular ZAP) aim to leave the OWASP nest?

Jim Manico jim.manico at owasp.org
Wed Dec 2 09:29:24 UTC 2015


I am just glad that ZAP is out there in the open source world.

And frankly, I do not see OWASP doing a lot of support it. If you moved 
it to Mozilla, especially if Mozilla was willing to provide resources to 
continue making it stronger, I would support such a move and continue to 
promote it.


On 12/2/15 11:05 AM, psiinon wrote:
> In a recent thread 
> <http://lists.owasp.org/pipermail/owasp-leaders/2015-December/015726.html> 
> Dinis stated:
> "all Owasp projects should be seen as research projects. The moment 
> they are big enough (i.e. big team, support, deliverables) and wish to 
> move beyond the 'research label' , is the moment where they need to 
> leave the 'Owasp nest' and face the real world by themselves"
> I have a lot of sympathy for this perspective, and have indeed been 
> wondering if now is the right time for ZAP to "go it alone".
> I'd like to stress that this is not just because of recent 
> controversies, so I'd like to discuss these as general principals 
> rather than in relation to recent events.
> I believe that OWASP has been very beneficial to ZAP, but I'm not sure 
> that OWASP is really set up to support projects that have grown to 
> ZAP's size.
> So, the 2 questions I'd be very interested in feedback on:
>   * Should OWASP projects aim to stand on their own outside of OWASP?
>   * Is this the right time for ZAP to do so?
> Many thanks,
> Simon
> -- 
> OWASP ZAP <https://www.owasp.org/index.php/ZAP> Project leader
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20151202/9c359b4c/attachment.html>

More information about the OWASP-Leaders mailing list