[Owasp-leaders] Fwd: Urgent** Get Connected and Status Update : Chapter Leaders only

Andy Lewis alewis at owasp.org
Fri Apr 1 12:18:43 UTC 2016

Hi Akash and Valibhau - the "O" in OWASP stands for "Open," so I'd
personally be inclined to disregard the "strictly monitored" & "Leadership
will be transferred" phrases, or any such megalomaniacal statements.
Even so, there are guidelines for use of the name & logo (see link at the
bottom of this email). The Board would be able to articulate in detail
those guidelines and a history of actions taken, so hopefully someone from
the Board has PM'd you.  I've cc:'d Tom Brennan with whom I've had a
working OWASP relationship for >10 yrs; his counsel can be relied upon
without fail.

I agree that the tone is offensive and hope that you will see past this and
continue to pursue the OWASP mission in spite of occasional distractions
like this.

9 years ago I had a similar event - an individual returned from AppSec USA
and decided that both Colorado Chapters needed to be more active.  The
result of that conflict yielded an ongoing regional conference, because the
Denver Chapter leader and I decided that if someone was so intensely
motivated then we ought to put him to work.  So, we all met over coffee and
set a date and responsibilities for the 1st annual SnowFROC (
www.snowfroc.com), the largest appsec conference in our region.
In our case, the "despot's" motivation was sincere, and he was willing to
put action behind his words.
9 years later, he is a good friend and we invited him to speak at this
year's conference :-)

Best wishes to you and your Chapters for a similarly happy outcome!  If
there's anything I can do to help, please PM me.

Munir - I appreciate your even-handed tone and approach.  I wish I'd known
you 9 years ago :-)

All the best,


On Friday, April 1, 2016, Munir Njiru <munir.njiru at owasp.org> wrote:

> Hi,
> If this hasn't been put to a vote by all local chapters , I believe it
> would be a more appropriate approach to follow to avoid the friction. It
> may be a good idea to standardise but it also needs buy in or else it will
> remain purely just an idea and start constant political wars than progress.
> My 2 cents
> Kind Regards,
> Munir Njenga,
> OWASP Chapter Leader (Kenya) || Information Security Consultant ||
> Developer
> Mob   (KE) +254 (0) 734960670
> =============================
> Chapter Page: www.owasp.org/index.php/Kenya
> Project Site:
> http://alienwithin.github.io/OWASP-mth3l3m3nt-framework/
> Email: munir.njiru at owasp.org
> Facebook: https://www.facebook.com/OWASP.Kenya
> Mailing List: https://lists.owasp.org/mailman/listinfo/owasp-Kenya
> On Thu, Mar 31, 2016 at 9:26 PM, Akash Mahajan <akash.mahajan at owasp.org>
> wrote:
>> Hello Fellow Chapter Leaders,
>> This email has been sent to a bunch of city OWASP  chapters in India.
>> I would like clarification on under what rules of OWASP Handbook does
>> this kind of action is defined under.
>> As far as I understand once we have mature city chapters in a country, a
>> country wide chapter is defunct as that makes no sense. As it is, OWASP as
>> a legal entity exists only in the USA (AFAIK, I could be wrong)
>> The tone of the email is quite hostile and without any transparency on
>> how a few individuals have become we have to report to, this seems unfair
>> and this point a bit of sham.
>> I apologise if my email is reactionary in its tone, but while we are
>> doing some excellent work in our city, we honestly didn't sign up to be
>> dictated by folks who in their introductory email seem to have forgotten
>> common courtesy.
>> Thank you for reading.
>> ---------- Forwarded message ----------
>> From: Milan Singh Thakur <milan at owasp.org>
>> Date: 31 March 2016 at 17:45
>> Subject: Urgent** Get Connected and Status Update : Chapter Leaders only
>> Hi Team,
>> I am glad to announce that I and Nitin Pandey will be leading OWASP INDIA
>> now.
>> We need to sync up and work effectively hereafter to ensure consistency
>> of chapters in India. If you guys have any issues regarding your chapters
>> and need support, then feel free to ping me or Nitin for it. We will ensure
>> full support actively.
>> We are going to organise *AppSec INDIA* event starting this year. We
>> will choose active chapter Leaders to be part of INDIA Board and Event
>> Committee.
>> *Note*: All chapters are being monitored now. So please ensure you
>> maintain activity or else STRICT ACTION will be taken against those
>> chapters. We have noticed few Leaders are misusing OWASP name for
>> commercial purpose, this will not be tolerated. Legal action will be taken.
>> We are giving 30 April 2016 as deadline for making your chapter active
>> again. If still found to be inactive, then Leadership will be transferred
>> to more capable/willing candidate.
>> If any buddy of your's is willing to start new chapter/student_chapter,
>> then let us know.
>> Lot of surprises are coming this year for OWASP Buddies :)
>> Regards,
>> Milan Singh Thakur
>> OWASP Foundation
>> Mob: +91 9405901005
>> --
>> Warm regards,
>> Akash Mahajan
>> *That Web Application Security Guy* | +91 99 805 271 82
>> akashm.com | *@makash* on twitter | linkd.in/webappsecguy
>> *OWASP Bangalore Chapter Lead | null Community Manager*
>> _______________________________________________
>> OWASP-Leaders mailing list
>> OWASP-Leaders at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20160401/ac83c197/attachment.html>

More information about the OWASP-Leaders mailing list