[Owasp-leaders] Fwd: Re: Should OWASP projects (and in particular ZAP) aim to leave the OWASP nest?

Andrew van der Stock vanderaj at owasp.org
Wed Dec 2 13:39:54 UTC 2015


If OWASP cannot be a good home for projects, we have failed our mission.

Work with us to make OWASP a great place to start and host great appsec
projects. I personally believe in all of our projects. If anything, the
thing that can help any project is more community, more contributors, and
more positive action.

thanks,
Andrew

On Thu, Dec 3, 2015 at 12:24 AM, Dinis Cruz <dinis.cruz at owasp.org> wrote:

> Small clarification, in my mind 'leaving owasp' is more like a 'child
> leaving home' vs a divorce
>
> I wouldn't expect ZAP to be suddenly completely divorced from Owasp or its
> community. There would always be a connection and collaboration between
> them. I would also expect ZAP to show it's roots and connection to OWASP
> (especially in integrations with other Owasp projects).Simon would still be
> an Owasp leader
>
> Ironically if ZAP was much widely used by developers , it would expose
> Owasp to a much wider audience
> On 2 Dec 2015 9:38 am, "Christo" <christo.goosen at owasp.org> wrote:
>
>>
>> Hi
>>
>> I would hate to see the ZAP project go.
>>
>> Its been one of the success stories of OWASP. Gives OWASP a lot of
>> recognition considering how often it rates top 5 in Security scanner tool
>> surveys.
>>
>> Thanks for the hard work Simon, but you must do what is best for the
>> project.
>>
>> If possible keep it in OWASP
>>
>> CG
>>
>> On 02/12/2015 11:29, Jim Manico wrote:
>>
>> Simon,
>>
>> I am just glad that ZAP is out there in the open source world.
>>
>> And frankly, I do not see OWASP doing a lot of support it. If you moved
>> it to Mozilla, especially if Mozilla was willing to provide resources to
>> continue making it stronger, I would support such a move and continue to
>> promote it.
>>
>> Respectfully,
>> Jim
>>
>>
>> On 12/2/15 11:05 AM, psiinon wrote:
>>
>> In a recent thread
>> <http://lists.owasp.org/pipermail/owasp-leaders/2015-December/015726.html>
>> Dinis stated:
>>
>> "all Owasp projects should be seen as research projects. The moment they
>> are big enough (i.e. big team, support, deliverables) and wish to move
>> beyond the 'research label' , is the moment where they need to leave the
>> 'Owasp nest' and face the real world by themselves"
>>
>> I have a lot of sympathy for this perspective, and have indeed been
>> wondering if now is the right time for ZAP to "go it alone".
>>
>> I'd like to stress that this is not just because of recent controversies,
>> so I'd like to discuss these as general principals rather than in relation
>> to recent events.
>>
>> I believe that OWASP has been very beneficial to ZAP, but I'm not sure
>> that OWASP is really set up to support projects that have grown to ZAP's
>> size.
>>
>> So, the 2 questions I'd be very interested in feedback on:
>>
>>    - Should OWASP projects aim to stand on their own outside of OWASP?
>>    - Is this the right time for ZAP to do so?
>>
>> Many thanks,
>>
>> Simon
>>
>> --
>> OWASP ZAP <https://www.owasp.org/index.php/ZAP> Project leader
>>
>>
>> _______________________________________________
>> OWASP-Leaders mailing listOWASP-Leaders at lists.owasp.orghttps://lists.owasp.org/mailman/listinfo/owasp-leaders
>>
>>
>>
>>
>> _______________________________________________
>> OWASP-Leaders mailing listOWASP-Leaders at lists.owasp.orghttps://lists.owasp.org/mailman/listinfo/owasp-leaders
>>
>>
>> --
>> [image: OWASP Logo]
>>
>>
>> Christo Goosen
>> OWASP Cape Town Chapter Leader
>> OWASP Foundationhttps://www.owasp.org
>>
>>
>>
>>
>> _______________________________________________
>> OWASP-Leaders mailing list
>> OWASP-Leaders at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>
>>
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20151203/72a7dca7/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/png
Size: 331357 bytes
Desc: not available
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20151203/72a7dca7/attachment-0001.png>


More information about the OWASP-Leaders mailing list