[Owasp-leaders] Should OWASP projects (and in particular ZAP) aim to leave the OWASP nest?
josh.sokol at owasp.org
Wed Dec 2 13:47:57 UTC 2015
It might help if you could elaborate on what OWASP can do to help you get
to the next level (whatever that is). OWASP has a lot of people, money,
etc that are at our Leaders' disposal. If this decision would be made on
resources, or lack thereof, then I think we can help justify sticking
around. If there's something bigger (like how to make ZAP a freemium model
perhaps), then I would like to see us having those conversations as well.
In short, I believe that ZAP (or any project for that matter) is good for
OWASP and want to see OWASP reciprocate in ways that are beneficial to ZAP.
On Dec 2, 2015 3:14 AM, "psiinon" <psiinon at gmail.com> wrote:
> In a recent thread
> Dinis stated:
> "all Owasp projects should be seen as research projects. The moment they
> are big enough (i.e. big team, support, deliverables) and wish to move
> beyond the 'research label' , is the moment where they need to leave the
> 'Owasp nest' and face the real world by themselves"
> I have a lot of sympathy for this perspective, and have indeed been
> wondering if now is the right time for ZAP to "go it alone".
> I'd like to stress that this is not just because of recent controversies,
> so I'd like to discuss these as general principals rather than in relation
> to recent events.
> I believe that OWASP has been very beneficial to ZAP, but I'm not sure
> that OWASP is really set up to support projects that have grown to ZAP's
> So, the 2 questions I'd be very interested in feedback on:
> - Should OWASP projects aim to stand on their own outside of OWASP?
> - Is this the right time for ZAP to do so?
> Many thanks,
> OWASP ZAP <https://www.owasp.org/index.php/ZAP> Project leader
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the OWASP-Leaders