[Owasp-leaders] Request for OWASP board to approves 100K for a project Summit in 2016

johanna curiel curiel johanna.curiel at owasp.org
Tue Jun 30 21:49:04 UTC 2015


>From all these ideas the most I like and the one I think will have a big
impact of collaboration is a summit on web frameworks or a specific topic
like one for devs

I'm using shiro to protect an application I'm working on and I think if we
want developers to work on how to protect sites this is a great chance to
do it

That proposal idea on your blog is a good start I would like to work on for
a super  summit

Regards

Johanna


On Tuesday, June 30, 2015, Dinis Cruz <dinis.cruz at owasp.org> wrote:

> Hi Johanna, I stand by my original request (which you quoted):
>
> *"Request for OWASP board to approve 100K for a project Summit in
> 2016. And then ask for a  team or OWASP leaders to lead that effort"*
>
> I think that is the correct sequence of events to create another Summit
> like the two we had in Portugal in 2008 and 2011.
>
> For the ones that were not there you can read more details about those two
> Summits at https://www.owasp.org/index.php/Summit_2011 and
> https://www.owasp.org/index.php/OWASP_EU_Summit_2008 . For the 2011 event
> Sarah Baso created this detailed report
> <http://sl.owasp.org/summit2011_finalreport> which contains a lot of what
> we achieved and the thinking behind how it was organised and structured.
>
> I have also written extensively about my ideas about OWASP Summits which
> you can find at On the current OWASP Project Summit efforts (in Feb 2015)
> <http://blog.diniscruz.com/2015/02/on-current-owasp-project-summit-efforts.html> that
> post contains links to other posts, but here are main 'Summit related ones':
>
>    - Summits must be part of OWASP's DNA
>    <http://blog.diniscruz.com/2012/04/summits-must-be-part-of-owasps-dna.html>
>
>    - Great description of why OWASP Summits are special
>    <http://blog.diniscruz.com/2012/04/great-description-of-why-owasp-summits.html>
>
>    - I want to vote for a Summit Team+Vision , NOT for a venue
>    <http://blog.diniscruz.com/2012/04/i-want-to-vote-for-summit-teamvision.html>
>
>    - Some proposed Visions for next OWASP Summit
>    <http://blog.diniscruz.com/2012/04/some-proposed-visions-for-next-owasp.html>
>
> Dinis
>
>
> On 30 June 2015 at 18:31, johanna curiel curiel <johanna.curiel at owasp.org
> <javascript:_e(%7B%7D,'cvml','johanna.curiel at owasp.org');>> wrote:
>
>> Hi Paul & leaders
>>
>> I would like to clarify something from this thread and then we will move
>> soon to another.
>>
>> This email chain was started from Dinis as
>> "Request for OWASP board to approves 100K for a project Summit in 2016. And
>> then ask for a  team or OWASP leaders to lead that effort.Josh and
>> Andrew can provide more details on the context of this request"
>>
>> From this email came all sort of reactions but Dinis does not seems the
>> person who wants to lead this initiative (otherwise Dinis, correct me if
>> I'm wrong and please take the lead)
>>
>> Based on the reactions from this chain some people suggested:
>>
>>    - Have a big summit and spend 100K
>>    - OR Have small summits in different regions and more often
>>    - OR Have summits like OPENSAMM did with user day and sponsors
>>    - Have a summit in NYC
>>    - Create a committee to decide this
>>
>> At this moment I have no idea what we should do based on these reactions.
>>
>> The only thing that is clear to me is that we will set a Summit Committee
>> (Eoin, Tom,Claudia as support staff, me- if you want to join, please,
>> react).
>>
>> From there we move on.
>>
>> So far is my conclusion that the original idea of having a 100K summit
>> has not been decided or taken under the wing by any  specific leader.
>>
>> Regards
>>
>> Johanna
>>
>>
>>
>> On Tue, Jun 30, 2015 at 12:37 PM, Paul Ritchie <paul.ritchie at owasp.org
>> <javascript:_e(%7B%7D,'cvml','paul.ritchie at owasp.org');>> wrote:
>>
>>> Hi Tom, all:
>>>
>>> Back in the middle of this thread of 30 emails, I already volunteered
>>> and inserted Claudia into the mix, and she WILL be very actively working
>>> with the Community team on this.
>>>
>>> But, lets be clear - This is a  community driven request for $100K to
>>> the Board to propose a fairly significant Project Summit.  Step 1 is for
>>> the community to create the proposal, timeline & value proposition that can
>>> be presented to the Board for approval.
>>>
>>> Then, once approved, her role as 'coordinator' will be to assist and
>>> partner with the 'Project Summit Planning Team' on any and all task
>>> required to initiate and complete a successful Project Summit 'with the
>>> planning team'.
>>>
>>> To clear up expectations, her role was defined as a 'Coordinator' rather
>>> than a Project manager, so that means that she will be leading some
>>> programs, but major programs like a $100K Project Summit will be led by a
>>> Community driven planning team.
>>>
>>> I suggest its time to move this email thread into a teleconference and
>>> working session on building a proposal.
>>>
>>> @Claudia & Johanna - can the 2 of you coordinate your schedules and
>>> propose/schedule a teleconference meeting date.
>>> Goal = ID the people willing to do some 'hands on' work to build the
>>> proposal, and plus volunteer on the planning & implementation team.
>>>
>>> Thanks, Paul
>>>
>>>
>>>
>>>
>>> Best Regards, Paul Ritchie
>>> OWASP Executive Director
>>> paul.ritchie at owasp.org
>>> <javascript:_e(%7B%7D,'cvml','paul.ritchie at owasp.org');>
>>>
>>>
>>> On Tue, Jun 30, 2015 at 4:06 AM, johanna curiel curiel <
>>> johanna.curiel at owasp.org
>>> <javascript:_e(%7B%7D,'cvml','johanna.curiel at owasp.org');>> wrote:
>>>
>>>> Right on Tom
>>>> I think that Claudia's key role as Project coordinator is to support
>>>> and manage requests  for project funding and activities related to projects
>>>>
>>>> On Tuesday, June 30, 2015, Tom Brennan <tomb at owasp.org
>>>> <javascript:_e(%7B%7D,'cvml','tomb at owasp.org');>> wrote:
>>>>
>>>>> Isn't this not the focus of Claudia?
>>>>>
>>>>> We should back up and wait for her observations and recommendations.
>>>>> I am looking forward to the first public meeting with her and a podcast
>>>>> with her actually.
>>>>>
>>>>>
>>>>> On Monday, June 29, 2015, johanna curiel curiel <
>>>>> johanna.curiel at owasp.org> wrote:
>>>>>
>>>>>> Would love to provide my P.O.V. about this discussion ;-)
>>>>>>
>>>>>> 2 years ago, there was a free pass to start projects, anyone could
>>>>>> start a EMPTY project and make use of funds.
>>>>>> The result of this action:
>>>>>> After 2 years 90+ were empty(2 or 3 years without a single
>>>>>> deliverbale) from an inventory of 150 (totally empty at all) and the OWASP
>>>>>> inventory was a shell of empty wiki pages. It took us 6 months to clean up
>>>>>> all this, and people misusing the OWASP brand for projects that were
>>>>>> empty.We had cases were some leaders were even saying they were members of
>>>>>> the board!
>>>>>>
>>>>>> We cannot trust blindly everyone to spend money (or even start empty
>>>>>> projects) without at least explaining what is it for what.This works with
>>>>>> small group of projects but not for +100 projects.
>>>>>>
>>>>>> I do agree that the situation of 'budget allocation' chapters vs.
>>>>>> projects is an issue but so difficult to spend money is not.
>>>>>>
>>>>>> I have a full time job and get the time to write a small explanation
>>>>>> to get funds for an initiative and how and under which conditions. OWASP do
>>>>>> not ask an entire report to do this. Just a small explanation. The bigger
>>>>>> the budget, off course you need to explain more the purpose of
>>>>>>
>>>>>>
>>>>>> @ Dinis I do respect your pov but definitely we cannot allow this
>>>>>> kind of free for all. It has been shown that people already abused from
>>>>>> this free pass and now with more than +100 projects, we need regulations.
>>>>>> It didn't cost you much to write an email explaining in a sentence what was
>>>>>> it for.
>>>>>>
>>>>>> The issue : if you do not explain what is it for, everyone then wants
>>>>>> the same and becomes chaotic.
>>>>>>
>>>>>> Regards
>>>>>>
>>>>>> Johanna
>>>>>>
>>>>>> On Mon, Jun 29, 2015 at 2:44 PM, Mark Miller <mark.miller at owasp.org>
>>>>>> wrote:
>>>>>>
>>>>>>> The full interview with Josh, Andrew and Dinis is now available as
>>>>>>> an OWASP 24/7 Podcast: OWASP Project Funding
>>>>>>> <http://www.sonatype.org/nexus/2015/06/29/owasp-project-funding-w-josh-sokol-dinis-cruz-and-andrew-van-der-stock/>
>>>>>>> w/ Josh Sokol, Dinis Cruz and Andrew van der Stock. I hope you find it
>>>>>>> helpful to further this discussion. -- Mark
>>>>>>>
>>>>>>> On Mon, Jun 29, 2015 at 1:35 PM, johanna curiel curiel <
>>>>>>> johanna.curiel at owasp.org> wrote:
>>>>>>>
>>>>>>>> >Unsure how to govern this but setting up an empty wiki and not
>>>>>>>> having any activity for a time after is not a project? Unsure we should
>>>>>>>> fund such empty vessels :)
>>>>>>>>
>>>>>>>> No empty vessel, no empty wikis is the motto and has been after the
>>>>>>>> latest big clean up since 2 years ago. After so many called 'projects' that
>>>>>>>> were empty(more than 90), we have set as rule that a project must
>>>>>>>> deliver something based on their road-map, based on the time line provided
>>>>>>>> by its road-map. We evaluate the project based on the criteria we published
>>>>>>>> 2 years ago  and communicate with the project leader. There is no purpose
>>>>>>>> or advantage to have an empty wiki or poor content when potential OWASP
>>>>>>>> users look at your project. We try to focus on a minimum quality because
>>>>>>>> this goes along with OWASP reputation.
>>>>>>>>
>>>>>>>> @Mike:
>>>>>>>> All projects, including incubators have the opportunity to go. Last
>>>>>>>> Summit KBA-PMP applied to assist the summit @EU, which is an incubator and
>>>>>>>> they were there , but KBA has been working on its deliverable and are quite
>>>>>>>> active with meetings and research.
>>>>>>>> I do not recall you sent me an agenda.
>>>>>>>>
>>>>>>>> Keep in mind that the Summit is about sharing with other leaders
>>>>>>>> but is more about getting things done for your own project. So the question
>>>>>>>> is : What do you want to achieve during those 2 days, what are your targets
>>>>>>>> and what is your purpose and goals for assisting?
>>>>>>>>
>>>>>>>> ZAP will not be at this summit so ,(and btw Simon was fully
>>>>>>>> sponsored by his employer as there are others such Appsensor)
>>>>>>>> You want to participate  just like anyone:
>>>>>>>>
>>>>>>>>    - Create an agenda, send it to me
>>>>>>>>    - I publish it on the Task force mailing list, we evaluate the
>>>>>>>>    project. I know that already Timo did a quick review.
>>>>>>>>    - Describe What do you want to get done during this period
>>>>>>>>    - We evaluate your project to see how far you are regarding the
>>>>>>>>    road-map and maturity level
>>>>>>>>    - We evaluate your proposal and based on this you get the
>>>>>>>>    opportunity
>>>>>>>>
>>>>>>>> Budget is tight so first come first served based on the agenda and
>>>>>>>> deliverable. Your project is quite new (June 2, 2015). So please bear with
>>>>>>>> us also that the summit budget allocation is based on how much a project
>>>>>>>> has delivered.
>>>>>>>>
>>>>>>>> If you have questions, please let us know
>>>>>>>>
>>>>>>>> regards
>>>>>>>>
>>>>>>>> Johanna
>>>>>>>>
>>>>>>>>
>>>>>>>> On Mon, Jun 29, 2015 at 12:54 PM, Eoin Keary <eoin.keary at owasp.org>
>>>>>>>> wrote:
>>>>>>>>
>>>>>>>>> Unsure how to govern this but setting up an empty wiki and not
>>>>>>>>> having any activity for a time after is not a project? Unsure we should
>>>>>>>>> fund such empty vessels :)
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> Eoin Keary
>>>>>>>>> OWASP Volunteer
>>>>>>>>> @eoinkeary
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> On 29 Jun 2015, at 18:41, Mike Goodwin <mike.goodwin at owasp.org>
>>>>>>>>> wrote:
>>>>>>>>>
>>>>>>>>> Hello all,
>>>>>>>>>
>>>>>>>>> I agree that we want to encourage activity and forward progress on
>>>>>>>>> projects, but does that mean that a summit should only be for established
>>>>>>>>> projects that have delivered already? I am just in the process of starting
>>>>>>>>> a new OWASP project - I'm waiting anxiously for its approval by the Project
>>>>>>>>> Task Force. I'm the sole contributor at the moment,  but I am active on it,
>>>>>>>>> it has regular code checkins and there is a working prototype that is
>>>>>>>>> moving forward with a clear goal (it is
>>>>>>>>> https://www.owasp.org/index.php/OWASP_Threat_Dragon for anyone
>>>>>>>>> that want to take a look).
>>>>>>>>>
>>>>>>>>> I would benefit a lot from the experience of other project leaders
>>>>>>>>> both directly in terms of their opinion on the project and indirectly in
>>>>>>>>> terms of how to promote a project and build its visibility and eventually
>>>>>>>>> its user base. I'd love it to be the next ZAP! The time I need that support
>>>>>>>>> most is now, at the start of the project, rather than once its already
>>>>>>>>> succeeded. Or maybe to put it another way, I need a different type of
>>>>>>>>> support as the leader of an incubator compared to the leaders of flagship
>>>>>>>>> projects.
>>>>>>>>>
>>>>>>>>> I appreciate that this is a tricky issue. Many organisations and
>>>>>>>>> businesses suffer from the inability to end projects that have no chance of
>>>>>>>>> furthering their mission. Given that our projects are volunteer-led, this
>>>>>>>>> will be even more difficult for us. However, the best companies are the
>>>>>>>>> ones that can judge where to focus their efforts, keeping a balanced
>>>>>>>>> portfolio of established products alongside early stage ones. This is an
>>>>>>>>> extension inn some ways of the the "risk taking in NFPs" discussion that
>>>>>>>>> Diniz Cruz raised.
>>>>>>>>>
>>>>>>>>> I'm not sure what the answer is, but I'm pretty sure that I could
>>>>>>>>> benefit from the experience of meeting and talking with people who have
>>>>>>>>> already turned incubator projects into flagships ones.
>>>>>>>>>
>>>>>>>>> Thoughts and comments welcome!
>>>>>>>>>
>>>>>>>>> Mike
>>>>>>>>>
>>>>>>>>> On 28 June 2015 at 19:33, johanna curiel curiel <
>>>>>>>>> johanna.curiel at owasp.org> wrote:
>>>>>>>>>
>>>>>>>>>> 100K can allow us to involve more projects but I believe in
>>>>>>>>>> regulations.
>>>>>>>>>>
>>>>>>>>>> After having review so many projects, there are many people that
>>>>>>>>>> were starting a project with no content and after a year or 2, an empty
>>>>>>>>>> wiki page has hanging with the title project, but there was no project
>>>>>>>>>> content to be found.
>>>>>>>>>>
>>>>>>>>>> I don't think we want to sponsor this kind of behaviour.
>>>>>>>>>>
>>>>>>>>>> We want to sponsor and support those projects that are working
>>>>>>>>>> hard to get things done. Recession period is not the point here. It's about
>>>>>>>>>> starting a project in a wiki page that never comes with a deliverable. But
>>>>>>>>>> lets also consider that if a project has been inactive for more than 3
>>>>>>>>>> years and suddenly a project leader wants to 'revive the project', the
>>>>>>>>>> summit should not be used as a kind of paid vacation and 'by the way'
>>>>>>>>>> participate in the summit.
>>>>>>>>>>
>>>>>>>>>> Thats why we need some kind of rules for participation and
>>>>>>>>>> regulation to avoid abuses.
>>>>>>>>>>
>>>>>>>>>> I think we need to make clear that anyone that wants to make use
>>>>>>>>>> of funds for summits, have to produce a clear deliverable that contributes
>>>>>>>>>> to their project. That's why now, our rules for starting projects must have
>>>>>>>>>> some deliverables, but even so, there are still many projects that produce
>>>>>>>>>> very little and are called projects. Like once Josh said, we should not
>>>>>>>>>> confuse concepts or ideas and call them projects.
>>>>>>>>>>
>>>>>>>>>> I also like the idea of small events based on different regions
>>>>>>>>>> that are more accessible for project leaders in different regions and time
>>>>>>>>>> zones.
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> On Sun, Jun 28, 2015 at 2:16 PM, Eoin Keary <eoin.keary at owasp.org
>>>>>>>>>> > wrote:
>>>>>>>>>>
>>>>>>>>>>> Spot on Tobias.
>>>>>>>>>>> A breakdown of the 100k would be a first step. Do we need 100k
>>>>>>>>>>> or more/less?
>>>>>>>>>>>
>>>>>>>>>>> I'm happy to help with this given my decent track record with
>>>>>>>>>>> flagship projects.
>>>>>>>>>>>
>>>>>>>>>>> I'd still suggest having more than 1 summit and having them more
>>>>>>>>>>> frequent globally as projects may need a summit event at different times. -
>>>>>>>>>>> more frequent and smaller events.
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> Eoin Keary
>>>>>>>>>>> OWASP Volunteer
>>>>>>>>>>> @eoinkeary
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> On 28 Jun 2015, at 21:00, Tobias <tobias.gondrom at owasp.org>
>>>>>>>>>>> wrote:
>>>>>>>>>>>
>>>>>>>>>>> I agree. And big thanks to all the interest and voluntary
>>>>>>>>>>> announced contributions.
>>>>>>>>>>> It will be great see all this come to fruition.
>>>>>>>>>>> And I believe it will also be good to see some basic plan for
>>>>>>>>>>> this to see how much money we like to spend and how. Some more details down
>>>>>>>>>>> the road will also help motivate chapters and sponsors even more.
>>>>>>>>>>> Best regards, Tobias
>>>>>>>>>>>
>>>>>>>>>>> Ps.: Small addition: if people feel that a committee is too
>>>>>>>>>>> complicated, we could also handle this as an "initiative". Whatever works
>>>>>>>>>>> best for the team.
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> On 28/06/15 19:35, Josh Sokol wrote:
>>>>>>>>>>>
>>>>>>>>>>>  It's great to see a discussion already happening around this.
>>>>>>>>>>> For context, this was something that Dinis, Andrew, Mark, and I talked
>>>>>>>>>>> about on the OWASP Podcast that we recorded last Friday.  It was an
>>>>>>>>>>> "initiative" that Dinis suggested as a way to encourage Chapters and
>>>>>>>>>>> Projects to donate some of their "ring-fenced" account money and further
>>>>>>>>>>> the OWASP mission.  With Tom already offering a $10k donation from the
>>>>>>>>>>> OWASP NJ Chapter, it looks like we could pretty easily raise the $100k that
>>>>>>>>>>> Dinis suggests and then some.  I believe that the Board would be in full
>>>>>>>>>>> support of this initiative.  What I would propose is that those interested
>>>>>>>>>>> should establish a new "OWASP Project Summit Committee" under the new
>>>>>>>>>>> Committees 2.0 model (
>>>>>>>>>>> http://owasp.blogspot.com/2014/07/owasp-committees-20.html).
>>>>>>>>>>> The first step in this process is for a community member to propose the new
>>>>>>>>>>> committee here on the Leaders List stating their rationale and desired
>>>>>>>>>>> scope for creating a new committee.  Basically, we need someone to step up
>>>>>>>>>>> to lead the initial effort of scoping what this committee will be
>>>>>>>>>>> responsible for doing.  Once we have that, the Board will determine if
>>>>>>>>>>> there is an existing conflict (I doubt it) and then will initiate a public
>>>>>>>>>>> call for people interested in membership.  By creating a committee for this
>>>>>>>>>>> initiative, we are empowering those committee members to take action as
>>>>>>>>>>> defined in the scope and spend money as allocated by the budget.  Is there
>>>>>>>>>>> someone who would like to take lead on forming the committee?
>>>>>>>>>>>
>>>>>>>>>>>  ~josh
>>>>>>>>>>>
>>>>>>>>>>> On Fri, Jun 26, 2015 at 5:06 PM, Dinis Cruz <
>>>>>>>>>>> dinis.cruz at owasp.org> wrote:
>>>>>>>>>>>
>>>>>>>>>>>> And then ask for a a team or OWASP leaders to lead that effort.
>>>>>>>>>>>>
>>>>>>>>>>>>  Josh and Andrew can provide more details on the context of
>>>>>>>>>>>> this request
>>>>>>>>>>>>
>>>>>>>>>>>>  Dinis
>>>>>>>>>>>>
>>>>>>>>>>>> _______________________________________________
>>>>>>>>>>>> OWASP-Leaders mailing list
>>>>>>>>>>>> OWASP-Leaders at lists.owasp.org
>>>>>>>>>>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> _______________________________________________
>>>>>>>>>>> OWASP-Leaders mailing listOWASP-Leaders at lists.owasp.orghttps://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> _______________________________________________
>>>>>>>>>>> OWASP-Leaders mailing list
>>>>>>>>>>> OWASP-Leaders at lists.owasp.org
>>>>>>>>>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> _______________________________________________
>>>>>>>>>>> OWASP-Leaders mailing list
>>>>>>>>>>> OWASP-Leaders at lists.owasp.org
>>>>>>>>>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> _______________________________________________
>>>>>>>>>> OWASP-Leaders mailing list
>>>>>>>>>> OWASP-Leaders at lists.owasp.org
>>>>>>>>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>
>>>>>>>>
>>>>>>>> _______________________________________________
>>>>>>>> OWASP-Leaders mailing list
>>>>>>>> OWASP-Leaders at lists.owasp.org
>>>>>>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>>>>>>
>>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> --
>>>>>>> *Mark Miller, Senior Storyteller*
>>>>>>> *Curator and Founder, Trusted Software Alliance*
>>>>>>>
>>>>>>> *Host and Executive Producer, OWASP 24/7 Podcast ChannelCommunity
>>>>>>> Advocate, Sonatype*
>>>>>>>
>>>>>>> *Developers and Application Security: Who is Responsible?*
>>>>>>> <https://www.surveymonkey.com/s/Developers_and_AppSec>
>>>>>>>
>>>>>>>
>>>>>>
>>>>>
>>>>> --
>>>>> Tom Brennan
>>>>> 973-202-0122
>>>>>
>>>>
>>>> _______________________________________________
>>>> OWASP-Leaders mailing list
>>>> OWASP-Leaders at lists.owasp.org
>>>> <javascript:_e(%7B%7D,'cvml','OWASP-Leaders at lists.owasp.org');>
>>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>>
>>>>
>>>
>>
>> _______________________________________________
>> OWASP-Leaders mailing list
>> OWASP-Leaders at lists.owasp.org
>> <javascript:_e(%7B%7D,'cvml','OWASP-Leaders at lists.owasp.org');>
>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20150630/6b39f789/attachment-0001.html>


More information about the OWASP-Leaders mailing list