[Owasp-leaders] Should OWASP projects (and in particular ZAP) aim to leave the OWASP nest?

Josh Sokol josh.sokol at owasp.org
Wed Dec 2 13:47:57 UTC 2015


It might help if you could elaborate on what OWASP can do to help you get
to the next level (whatever that is).  OWASP has a lot of people, money,
etc that are at our Leaders' disposal.  If this decision would be made on
resources, or lack thereof, then I think we can help justify sticking
around.  If there's something bigger (like how to make ZAP a freemium model
perhaps), then I would like to see us having those conversations as well.
In short, I believe that ZAP (or any project for that matter) is good for
OWASP and want to see OWASP reciprocate in ways that are beneficial to ZAP.

On Dec 2, 2015 3:14 AM, "psiinon" <psiinon at gmail.com> wrote:

> In a recent thread
> <http://lists.owasp.org/pipermail/owasp-leaders/2015-December/015726.html>
> Dinis stated:
> "all Owasp projects should be seen as research projects. The moment they
> are big enough (i.e. big team, support, deliverables) and wish to move
> beyond the 'research label' , is the moment where they need to leave the
> 'Owasp nest' and face the real world by themselves"
> I have a lot of sympathy for this perspective, and have indeed been
> wondering if now is the right time for ZAP to "go it alone".
> I'd like to stress that this is not just because of recent controversies,
> so I'd like to discuss these as general principals rather than in relation
> to recent events.
> I believe that OWASP has been very beneficial to ZAP, but I'm not sure
> that OWASP is really set up to support projects that have grown to ZAP's
> size.
> So, the 2 questions I'd be very interested in feedback on:
>    - Should OWASP projects aim to stand on their own outside of OWASP?
>    - Is this the right time for ZAP to do so?
> Many thanks,
> Simon
> --
> OWASP ZAP <https://www.owasp.org/index.php/ZAP> Project leader
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20151202/9c46b048/attachment.html>

More information about the OWASP-Leaders mailing list