[Owasp-leaders] [Owasp-board] Board meeting - proposed discussion items

Eoin Keary eoin.keary at owasp.org
Sun Dec 6 11:23:27 UTC 2015


OWASP has lots of admin staff. All doing great work.

It needs to hire full time technical staff to manage code projects. 
It needs to invest in a platform to enable projects and ideas become real solutions.

All solutions need to be vetted independently by experts in their respective fields which should also be funded as a formal engagement.

I don't believe a project summit will change anything apart from a temporary shot of adrenaline. It won't improve quality and after the initial energy is lost projects will return to the usual status quo.

The $100k should let OWASP hire two decent technical guys for nearly a full time technical oversight role. Items like governance and independence can be managed by volunteers in a structured way.

Eoin Keary
OWASP Volunteer
@eoinkeary



> On 3 Dec 2015, at 4:45 p.m., psiinon <psiinon at gmail.com> wrote:
> 
> Board,
> cc the leaders list,
> 
> Topic: OWASP (code) projects
> 
> I believe that the OWASP code projects are in crisis. Maybe other types as well, but I'll let other more knowledgeable people speak for those.
> I think that code projects bring significant benefits to OWASP, but unfortunately they are much less tangible than the money that conferences bring in.
> I think that code projects are poorly supported by OWASP, particularly large and active projects like ZAP.
> I would like to know if the board is happy with the current state of affairs re code projects.
> If they are unhappy then I would like to know if they think anything should change, particularly with respect to the amount of time and money that is invested in them.
> 
> Topic: Communications with employees and contributors
> 
> We've just seen a valued and very active contributor leave OWASP, and it appears that the nature of recent email discussions was a major contributing factor.
> We've also had a well publicised incident in the past whereby an employee left in which email discussions appear to have also played a significant role.
> I think its fair to say that in both cases the individuals have expressed that they did not think that they were treated with the respect that they deserved.
> Does the board accept that we might have an issue regarding email discussions getting out of hand?
> If so, does the board propose to do anything about it?
> Hint: perhaps an external organisation could provide valuable advise and guidance here?
> 
> I look forward to hearing if these topics are discussed at the next board meeting and what the conclusions are, if any.
> 
> Leaders - feel free to chip in with your thoughts...
> 
> Cheers,
> 
> Simon
> 
> -- 
> OWASP ZAP Project leader
> _______________________________________________
> Owasp-board mailing list
> Owasp-board at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-board
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20151206/fccaf572/attachment.html>


More information about the OWASP-Leaders mailing list