[Owasp-leaders] Fwd: Re: Should OWASP projects (and in particular ZAP) aim to leave the OWASP nest?

Dinis Cruz dinis.cruz at owasp.org
Wed Dec 2 13:24:35 UTC 2015


Small clarification, in my mind 'leaving owasp' is more like a 'child
leaving home' vs a divorce

I wouldn't expect ZAP to be suddenly completely divorced from Owasp or its
community. There would always be a connection and collaboration between
them. I would also expect ZAP to show it's roots and connection to OWASP
(especially in integrations with other Owasp projects).Simon would still be
an Owasp leader

Ironically if ZAP was much widely used by developers , it would expose
Owasp to a much wider audience
On 2 Dec 2015 9:38 am, "Christo" <christo.goosen at owasp.org> wrote:

>
> Hi
>
> I would hate to see the ZAP project go.
>
> Its been one of the success stories of OWASP. Gives OWASP a lot of
> recognition considering how often it rates top 5 in Security scanner tool
> surveys.
>
> Thanks for the hard work Simon, but you must do what is best for the
> project.
>
> If possible keep it in OWASP
>
> CG
>
> On 02/12/2015 11:29, Jim Manico wrote:
>
> Simon,
>
> I am just glad that ZAP is out there in the open source world.
>
> And frankly, I do not see OWASP doing a lot of support it. If you moved it
> to Mozilla, especially if Mozilla was willing to provide resources to
> continue making it stronger, I would support such a move and continue to
> promote it.
>
> Respectfully,
> Jim
>
>
> On 12/2/15 11:05 AM, psiinon wrote:
>
> In a recent thread
> <http://lists.owasp.org/pipermail/owasp-leaders/2015-December/015726.html>
> Dinis stated:
>
> "all Owasp projects should be seen as research projects. The moment they
> are big enough (i.e. big team, support, deliverables) and wish to move
> beyond the 'research label' , is the moment where they need to leave the
> 'Owasp nest' and face the real world by themselves"
>
> I have a lot of sympathy for this perspective, and have indeed been
> wondering if now is the right time for ZAP to "go it alone".
>
> I'd like to stress that this is not just because of recent controversies,
> so I'd like to discuss these as general principals rather than in relation
> to recent events.
>
> I believe that OWASP has been very beneficial to ZAP, but I'm not sure
> that OWASP is really set up to support projects that have grown to ZAP's
> size.
>
> So, the 2 questions I'd be very interested in feedback on:
>
>    - Should OWASP projects aim to stand on their own outside of OWASP?
>    - Is this the right time for ZAP to do so?
>
> Many thanks,
>
> Simon
>
> --
> OWASP ZAP <https://www.owasp.org/index.php/ZAP> Project leader
>
>
> _______________________________________________
> OWASP-Leaders mailing listOWASP-Leaders at lists.owasp.orghttps://lists.owasp.org/mailman/listinfo/owasp-leaders
>
>
>
>
> _______________________________________________
> OWASP-Leaders mailing listOWASP-Leaders at lists.owasp.orghttps://lists.owasp.org/mailman/listinfo/owasp-leaders
>
>
> --
> [image: OWASP Logo]
>
>
> Christo Goosen
> OWASP Cape Town Chapter Leader
> OWASP Foundationhttps://www.owasp.org
>
>
>
>
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20151202/b832c58f/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/png
Size: 331357 bytes
Desc: not available
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20151202/b832c58f/attachment-0001.png>


More information about the OWASP-Leaders mailing list