[Owasp-leaders] AppSec EU

Tom Brennan - OWASP tomb at owasp.org
Wed Jan 17 20:46:12 UTC 2018


FWIW in prior years (about 10 of them..) , OWASP Board has used the OWASP
List <owasp-board at lists.owasp.org> for communications and for public
documentation.

<goog_1182357559>
http://lists.owasp.org/pipermail/owasp-board/

However note, any legal issues or human resources issues are not put on the
open mailing list.

Since I am NOT on the board of directors anymore and now retired ;) and not
part of the current discussions etc.. the issue does have both HR and Legal
items associated with it.   So, stay tuned for the NEXT Public and OPEN
Board of Directors meeting to be posted here:
https://www.owasp.org/index.php/Board

Just like your local town holding a public meeting, anyone can show up,
anyone can talk and tell elected officials how they feel and it is
encouraged that is a community. P.S. I also highly recommend whomever you
voted for in the last election to represent you by proxy, contact them
directly and give them your input.  Ultimately they represent who voted
them into office.

If you're planning on attending the regional event, AppSec California
https://2018.appseccalifornia.org/  catch up with Karen who will be in
attendance and say hello.

</Brennan>







On Wed, Jan 17, 2018 at 3:00 PM, Frank Catucci <frank.catucci at owasp.org>
wrote:

> I am with Rory on this perspective and mail list use and the lack of
> communications.
>
> On Wed, Jan 17, 2018 at 2:33 PM, Rory McCune <rory.mccune at owasp.org>
> wrote:
>
>> Hi All,
>>
>> So I'll add one point here, to provide some perspective of where people
>> may be feeling a lack of messaging from the board.  I (and perhaps others)
>> tend to use the mailing lists as a means to periodically catch up with
>> what's happening with various parts of OWASP.
>>
>> So I'll look at the OWASP board mailing list if I want to get information
>> about the board's deliberations on a particular topic.
>>
>> At the moment (and I'm not sure if this is a technical issue or perhaps a
>> decision to deprecate its use) there don't appear to be any messages on the
>> OWASP board mailing list for this year?  Lacking that windows into the
>> board's operations could lead to people feeling somewhat more out of the
>> loop than in previous years, so it might be an idea to make more of use of
>> that.
>>
>> Cheers
>>
>> Rory
>>
>>
>> On Wed, Jan 17, 2018 at 6:22 PM, Sherif Mansour <sherif.mansour at owasp.org
>> > wrote:
>>
>>> Thanks Bjoern,
>>>
>>> I hear you loud and clear.
>>>
>>> I think the foundation is learning about managing the message with the
>>> community & that its a conversation.
>>> I have made a note of it here
>>> <https://docs.google.com/document/d/1HZFGkLBbbLRhhVh0DAcSS8flWOKSu0gJOui9J_PdSn4/edit?usp=sharing>
>>> .
>>>
>>> Equally if anyone has other improvements they would like to see from
>>> OWASP I (personally) added the following google document to discuss.
>>> <https://docs.google.com/document/d/16z59SKXbNEwDi1bLobswye1QxryNNdjOdGHdqZ4t-wQ/edit?usp=sharing>
>>>
>>> On Wed, Jan 17, 2018 at 5:35 PM, Bjoern Kimminich <
>>> bjoern.kimminich at owasp.org> wrote:
>>>
>>>> Hi Sherif,
>>>>
>>>> I think the major point is, that exactly this "we are working on it
>>>> together, please be patient" note should simply have been supplied from the
>>>> board to the community much earlier and deliberately.
>>>>
>>>> Instead, some of us had to keep asking - at least on the mailing list
>>>> and on Slack #appseceu - continously and effortlessly for quite a while
>>>> until this information was "passed down to the people".
>>>>
>>>> That was just an unnecessary delay of information (or at least status
>>>> update) flow for an organization that considers itself open and transparent.
>>>>
>>>> Cheers,
>>>> Björn
>>>>
>>>> Am 18. Januar 2018 00:30:35 GMT+08:00 schrieb Sherif Mansour <
>>>> sherif.mansour at owasp.org>:
>>>>>
>>>>> Hi Patrick,
>>>>>
>>>>> We are close to a way forward, one of the reasons why we haven't
>>>>> responded to individual points is that it's the foundation and the chapters
>>>>> genuinely want to resolve this issue and work as one.
>>>>> Some of the communication (and lack there of) wasn't helpful, but we
>>>>> are choosing to work together on this and have something out fairly soon
>>>>> (this month).
>>>>>
>>>>> -Sherif
>>>>>
>>>>> On Wed, Jan 17, 2018 at 2:18 PM, Patrick Laverty <
>>>>> patrick.laverty at owasp.org> wrote:
>>>>>
>>>>>> Thank you for a response Sherif, but it isn't answering the important
>>>>>> questions. The Israel chapter of OWASP leveled some pretty big accusations
>>>>>> at the board and the executive director. There has been no response to
>>>>>> those accusations. Why? Back on December 26th, Andrew van der Stock said
>>>>>> that the board would likely be meeting within the next day, and have a
>>>>>> response after that. I don't think there has been anything from the board
>>>>>> about this matter.
>>>>>>
>>>>>> In case there is confusion, the accusations are here:
>>>>>> https://www.peerlyst.com/posts/owasp-you-keep-saying-t
>>>>>> hat-word-i-do-not-think-it-means-what-you-think-it-means-avid  I
>>>>>> also see that the http://2018.appsec.eu site still shows the
>>>>>> conference happening in Israel, but the upcoming events page (
>>>>>> https://www.owasp.org/index.php/OWASP_Events/upcoming_events) says
>>>>>> the location is TBA.
>>>>>>
>>>>>> Will there be a response to the statements made in the blog post
>>>>>> linked above?
>>>>>>
>>>>>> Thank you.
>>>>>>
>>>>>> Patrick Laverty
>>>>>> OWASP Rhode Island
>>>>>>
>>>>>> On Wed, Jan 17, 2018 at 1:02 AM, Sherif Mansour <
>>>>>> sherif.mansour at owasp.org> wrote:
>>>>>>
>>>>>>> Hi Everyone,
>>>>>>>
>>>>>>> The foundation and the board has been regularly communicating with
>>>>>>> the chapters and the summit team through out this period, and the new board
>>>>>>> will have their first session at the end of January which is as always open
>>>>>>> to everyone and the recording is made public. In the meantime the
>>>>>>> foundation and our new executive director are working to present 2017
>>>>>>> Year End in Review and a strategy for 2018 during that board
>>>>>>> meeting at the end of January (a couple of weeks away).
>>>>>>>
>>>>>>> Kind regards
>>>>>>>
>>>>>>> On Tue, Jan 16, 2018 at 11:55 PM, Brett Gravois <
>>>>>>> brett.gravois at owasp.org> wrote:
>>>>>>>
>>>>>>>> Just to follow up on this, we as leaders and OWASP have been asked
>>>>>>>> about "our response".
>>>>>>>> The post is now almost a month old (since Dec 24th) and it seems
>>>>>>>> like leadership has remained silent on this.
>>>>>>>>
>>>>>>>> Has one been issued and I am not seeing it?
>>>>>>>>
>>>>>>>>
>>>>>>>> On Fri, Jan 5, 2018 at 3:53 PM, Patrick Laverty <
>>>>>>>> patrick.laverty at owasp.org> wrote:
>>>>>>>>
>>>>>>>>> Hi,
>>>>>>>>>
>>>>>>>>> Have there been any updates about this? Does the board have an
>>>>>>>>> approximate idea on when a response may be available?
>>>>>>>>>
>>>>>>>>> Thank you.
>>>>>>>>>
>>>>>>>>> Patrick Laverty
>>>>>>>>> OWASP Rhode Island
>>>>>>>>>
>>>>>>>>> On Dec 26, 2017 5:52 PM, "Andrew van der Stock" <
>>>>>>>>> vanderaj at owasp.org> wrote:
>>>>>>>>>
>>>>>>>>>> As a Board member, we have to speak with one voice, and we are
>>>>>>>>>> about to transition Boards. It would be wrong for us to have 7 or 11
>>>>>>>>>> different positions as it would be very confusing to all.
>>>>>>>>>>
>>>>>>>>>> We are likely to have a call tomorrow (time zones are hard) and
>>>>>>>>>> will likely make a statement after that.
>>>>>>>>>>
>>>>>>>>>> Thanks,
>>>>>>>>>> Andrew
>>>>>>>>>>
>>>>>>>>>> On Dec 26, 2017, at 12:46, Patrick Laverty <
>>>>>>>>>> patrick.laverty at owasp.org> wrote:
>>>>>>>>>>
>>>>>>>>>> I ask this in the literal sense, not in they "why haven't you
>>>>>>>>>> done it already" sense. Will there be an official response from OWASP board
>>>>>>>>>> about the allegations made here:
>>>>>>>>>>
>>>>>>>>>> https://www.peerlyst.com/posts/owasp-you-keep-saying-that-wo
>>>>>>>>>> rd-i-do-not-think-it-means-what-you-think-it-means-avid
>>>>>>>>>>
>>>>>>>>>> It seems some strong allegations are made and I personally never
>>>>>>>>>> like to make a judgement without hearing from at least both sides.
>>>>>>>>>>
>>>>>>>>>> I understand we're in the midst of a holiday season, so there may
>>>>>>>>>> not have been an opportunity for the board to officially respond just yet,
>>>>>>>>>> so I just wanted to inquire as to whether the board does plan to.
>>>>>>>>>>
>>>>>>>>>> Thank you.
>>>>>>>>>>
>>>>>>>>>> Patrick Laverty
>>>>>>>>>> OWASP Rhode Island
>>>>>>>>>>
>>>>>>>>>> _______________________________________________
>>>>>>>>>> OWASP-Leaders mailing list
>>>>>>>>>> OWASP-Leaders at lists.owasp.org
>>>>>>>>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>> _______________________________________________
>>>>>>>>> OWASP-Leaders mailing list
>>>>>>>>> OWASP-Leaders at lists.owasp.org
>>>>>>>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>>>>>>>
>>>>>>>>>
>>>>>>>>
>>>>>>>> _______________________________________________
>>>>>>>> OWASP-Leaders mailing list
>>>>>>>> OWASP-Leaders at lists.owasp.org
>>>>>>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>>>>>>
>>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> --
>>>>>>>
>>>>>>> Sherif Mansour
>>>>>>> OWASP Global Board Member & OWASP London Chapter Leader
>>>>>>> Site: https://www.owasp.org/index.php/London
>>>>>>> Email: sherif.mansour at owasp.org
>>>>>>> Follow OWASP London Chapter on Twitter: @owasplondon  <https://twitter.com/OWASPLondon>
>>>>>>> "Like" us on Facebook: https://www.facebook.com/OWASPLondon
>>>>>>> Subscribe to our (lightweight) mailing list: https://lists.owasp.org/mailman/listinfo/owasp-london
>>>>>>>
>>>>>>>
>>>>>>
>>>>>
>>>>>
>>>>> --
>>>>>
>>>>> Sherif Mansour
>>>>> OWASP Global Board Member & OWASP London Chapter Leader
>>>>> Site: https://www.owasp.org/index.php/London
>>>>> Email: sherif.mansour at owasp.org
>>>>> Follow OWASP London Chapter on Twitter: @owasplondon  <https://twitter.com/OWASPLondon>
>>>>> "Like" us on Facebook: https://www.facebook.com/OWASPLondon
>>>>> Subscribe to our (lightweight) mailing list: https://lists.owasp.org/mailman/listinfo/owasp-london
>>>>>
>>>>>
>>>
>>>
>>> --
>>>
>>> Sherif Mansour
>>> OWASP Global Board Member & OWASP London Chapter Leader
>>> Site: https://www.owasp.org/index.php/London
>>> Email: sherif.mansour at owasp.org
>>> Follow OWASP London Chapter on Twitter: @owasplondon  <https://twitter.com/OWASPLondon>
>>> "Like" us on Facebook: https://www.facebook.com/OWASPLondon
>>> Subscribe to our (lightweight) mailing list: https://lists.owasp.org/mailman/listinfo/owasp-london
>>>
>>>
>>> _______________________________________________
>>> OWASP-Leaders mailing list
>>> OWASP-Leaders at lists.owasp.org
>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>
>>>
>>
>> _______________________________________________
>> OWASP-Leaders mailing list
>> OWASP-Leaders at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>
>>
>
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20180117/382bcbe7/attachment-0001.html>


More information about the OWASP-Leaders mailing list