[Owasp-leaders] Profiling as software Open Source organization

psiinon psiinon at gmail.com
Wed Mar 4 10:18:22 UTC 2015

Very interesting topic :)

What would this mean in terms of structure and funding of OWASP?

I think that one of the biggest problems we have right now is funding
Creating world class software takes time, effort and therefore money.
Right now all of the OWASP projects are either funded by individual
volunteers working in their own time or organisations contributing some of
their employees time to work on projects (someone please correct me if I'm
To get significantly more time/effort allocated to projects we'd either
need to convince organisations to donate more time or to pay individual

A lot of OWASPs funding comes through sponsorship from organizations.
I've heard through the grapevine that some existing sponsors are really
unhappy with ZAP as they think it is potentially impacting their business.
I suspect they would be _very_ unhappy if OWASP started to pay for extra
people to work on ZAP ;)
If we start investing more in projects like ZAP then these sort of concerns
are going to increasingly occur.

I _really_ like the idea of investing more in OWASP projects, but I can see
quite a few potential issues around the money side that will need to be



On Tue, Mar 3, 2015 at 7:12 PM, johanna curiel curiel <
johanna.curiel at owasp.org> wrote:

> Leaders
> I would like to hear ideas on how could we become more a open source
> 'software' organization similar to Mozilla, Samba
> We need to define:
>    - What kind of software we want to build
>    - Focus and invest our 'development' and improvements efforts into the
>    most successful projects (example:ZAP, APPSENSOR, ModSecurity Rules,
>    CRSF..etc)
>    - Allow incubators to work as experimentation and help the most
>    promising develop into successful ones
>    - Market the projects as 'Products'
>    -
> More ideas?
> I think is time we take projects into the next level
> regards
> Johanna
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders

OWASP ZAP <https://www.owasp.org/index.php/ZAP> Project leader
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20150304/d2b85d1c/attachment.html>

More information about the OWASP-Leaders mailing list