[Owasp-leaders] Fwd: Re: Should OWASP projects (and in particular ZAP) aim to leave the OWASP nest?

psiinon psiinon at gmail.com
Wed Dec 2 14:36:13 UTC 2015


I like this analogy.

I think we should be asking ourselves: how can we help projects grow and
become much more than they are now?
It certainly doesnt need to mean a messy divorce which benefits nobody.
Can projects be continue to grow within OWASP?
Or is there a stage when they need to take on their own identity, and in
doing so continue to help OWASP?
I still believe in the OWASP mission, and want to support that, no matter
where ZAP ends up.

Cheers,

Simon

On Wed, Dec 2, 2015 at 1:24 PM, Dinis Cruz <dinis.cruz at owasp.org> wrote:

> Small clarification, in my mind 'leaving owasp' is more like a 'child
> leaving home' vs a divorce
>
> I wouldn't expect ZAP to be suddenly completely divorced from Owasp or its
> community. There would always be a connection and collaboration between
> them. I would also expect ZAP to show it's roots and connection to OWASP
> (especially in integrations with other Owasp projects).Simon would still be
> an Owasp leader
>
> Ironically if ZAP was much widely used by developers , it would expose
> Owasp to a much wider audience
> On 2 Dec 2015 9:38 am, "Christo" <christo.goosen at owasp.org> wrote:
>
>>
>> Hi
>>
>> I would hate to see the ZAP project go.
>>
>> Its been one of the success stories of OWASP. Gives OWASP a lot of
>> recognition considering how often it rates top 5 in Security scanner tool
>> surveys.
>>
>> Thanks for the hard work Simon, but you must do what is best for the
>> project.
>>
>> If possible keep it in OWASP
>>
>> CG
>>
>> On 02/12/2015 11:29, Jim Manico wrote:
>>
>> Simon,
>>
>> I am just glad that ZAP is out there in the open source world.
>>
>> And frankly, I do not see OWASP doing a lot of support it. If you moved
>> it to Mozilla, especially if Mozilla was willing to provide resources to
>> continue making it stronger, I would support such a move and continue to
>> promote it.
>>
>> Respectfully,
>> Jim
>>
>>
>> On 12/2/15 11:05 AM, psiinon wrote:
>>
>> In a recent thread
>> <http://lists.owasp.org/pipermail/owasp-leaders/2015-December/015726.html>
>> Dinis stated:
>>
>> "all Owasp projects should be seen as research projects. The moment they
>> are big enough (i.e. big team, support, deliverables) and wish to move
>> beyond the 'research label' , is the moment where they need to leave the
>> 'Owasp nest' and face the real world by themselves"
>>
>> I have a lot of sympathy for this perspective, and have indeed been
>> wondering if now is the right time for ZAP to "go it alone".
>>
>> I'd like to stress that this is not just because of recent controversies,
>> so I'd like to discuss these as general principals rather than in relation
>> to recent events.
>>
>> I believe that OWASP has been very beneficial to ZAP, but I'm not sure
>> that OWASP is really set up to support projects that have grown to ZAP's
>> size.
>>
>> So, the 2 questions I'd be very interested in feedback on:
>>
>>    - Should OWASP projects aim to stand on their own outside of OWASP?
>>    - Is this the right time for ZAP to do so?
>>
>> Many thanks,
>>
>> Simon
>>
>> --
>> OWASP ZAP <https://www.owasp.org/index.php/ZAP> Project leader
>>
>>
>> _______________________________________________
>> OWASP-Leaders mailing listOWASP-Leaders at lists.owasp.orghttps://lists.owasp.org/mailman/listinfo/owasp-leaders
>>
>>
>>
>>
>> _______________________________________________
>> OWASP-Leaders mailing listOWASP-Leaders at lists.owasp.orghttps://lists.owasp.org/mailman/listinfo/owasp-leaders
>>
>>
>> --
>> [image: OWASP Logo]
>>
>>
>> Christo Goosen
>> OWASP Cape Town Chapter Leader
>> OWASP Foundationhttps://www.owasp.org
>>
>>
>>
>>
>> _______________________________________________
>> OWASP-Leaders mailing list
>> OWASP-Leaders at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>
>>
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>
>


-- 
OWASP ZAP <https://www.owasp.org/index.php/ZAP> Project leader
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20151202/ab819f8f/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/png
Size: 331357 bytes
Desc: not available
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20151202/ab819f8f/attachment-0001.png>


More information about the OWASP-Leaders mailing list