[Owasp-leaders] AppSec-Eu 2018 - communication to the community

Martin Knobloch martin.knobloch at owasp.org
Mon Apr 16 19:28:32 UTC 2018


Dear OWASP community,

The OWASP Foundation board of directors has come to the understanding
that previous
information
<https://owasp.blogspot.be/2018/04/board-statement-about-appsec-eu-2018.html>
that was shared about the move of OWASP AppSec-Eu from Tel Aviv to London
has not been received as being open and transparent enough.

As  mentioned in previous communications, we do recognize the communication
has not been optimal and we are working hard to improve this. Nevertheless,
the community has clearly articulated your desire to have more background
information and the reasoning behind the move of the venue.

As we believe truly in the "O" of OWASP, I will hereby share more
information about the justification for the move of AppSec-Eu away from Tel
Aviv.

As with any foundation, OWASP needs to maintain sound financial health to
empower our members and to achieve our mission goals. We do have many
expenses and our financials are publicly available.

The OWASP Foundation's financial health does heavily lean on the two major
annual conferences: AppSec-Eu and AppSec-US. In 2017, both conferences
failed on meet financial goals, the first ending up negative and the latter
making much less than expected. This was not due to any person or group,
but was just a fact of what happened. The teams that put on these
conferences did a fantastic job.

With this background, our new Executive Director did look into the
proceedings of the upcoming global conference, AppSec-Eu, in Tel Aviv. Her
analysis revealed several risk factors with this location that were cause
for concern that the conference could have difficulties generating the
required profit. This, on top of the the problems the Foundation
experienced in 2017, discussed above, would put OWASP at too much financial
risk.

Some factors that lead to the decision to move were:

   -

   The uncertainty of the Israel community to attend a paid conference, due
   to most events there being free
   -

   The Israel chapter was planning to continue with its annual and very
   successful free AppSec-Il conference, potentially competing with AppSec EU.
   -

   The budget planning was estimating that 80% of the attendees to come
   from outside of Israel, in contrast to previous conferences, which  roughly
   50% of the attendees where from the local community. We would lose the
   grass roots attendees.
   -

   Some global OWASP sponsors indicated an unwillingness to sponsor a
   conference in Israel, citing a poor ROI of sponsoring in that area.


Note:

   -

   There have been many discussions with the Israel chapter about the above
   issues. Their responses indicated that they did not have the statistics
   that would counter any of the above risks, as they have never organized a
   paid conference in Israel.
   -

   Some of the above is based on assumptions, as always when you are trying
   to predict the future.
   -

   Some points might have been negotiable, but seen the timeframe we just
   did not have the time.


With the above considerations, and the financial problems with OWASP now,
our ED felt that the only responsible course of action to guarantee the
financial health of OWASP was to move the conference.

We hope that everyone understands the reasoning behind this difficult
decision. We extend, once again, our sincere thanks to the Israel community
for their efforts to date, but also our apologies, and hope of a future
event in Israel. We also again apologize for not explaining all of this
earlier. It would most certainly have avoided some of the frustration and
disappointment that some community members have experienced.

On behalf of the OWASP Board of directors,

  Martin Knobloch

___________________

OWASP Chairman of the BOD
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20180416/5f252401/attachment-0001.html>


More information about the OWASP-Leaders mailing list