[Owasp-leaders] Statement about the AppSec-EU 2018 and related events

Martin Knobloch martin.knobloch at owasp.org
Tue Jan 23 23:33:21 UTC 2018

Dear OWASP community,

As there have been quite a number of changes over the last number of
months, the Global OWASP Foundation has faced a number of challenges. As
you may be aware, three of our staff members have left the foundation,
leaving a big gap in our day to day operations. This is not an excuse, but
a reason why some processes both slowing down or even came to a complete
halt. We are very happy to have found an Executive Director (ED) in Karen
Staley. Since joining, Karen has been working hard to turn these challenges
into opportunities and to allow OWASP to increase our organizational
maturity and professionalism. I think it’s safe to say that the four newly
elected board members and new ED, have had the most memorable start in
their new position.

We are all extremely passionate about OWASP and with this passion comes
frustrations. Your frustration in relation to the lack of information/
communication is understandable. As most of you were celebrating the
Christmas and New Year holidays, the board were blindsided by these events.
To this end the newly elected and sitting board members, together with our
ED, were busy with the matters at hand. Given the time of year and the
nature of the matter at hand, it’s easy to forget to communicate. We
understand that the lack of communication on our part can make you assume
nothing is happening.

Even though there was no communication with the OWASP community at large,
we want to ensure you that we were in constant communications with those
involved and are working towards an acceptable path forward.

As per previous mailing list communications, the AppSec-EU 2018 conference
will take place in the UK. Operational challenges are currently being
resolved and information about the conference venue, location will be
available as soon possible.

Volunteers who have been working hard on organizing the AppSec-EU 2018
conference in Tel Aviv and the OWASP Israel chapter especially, felt
frustrated with the decision to move the conference and way it had been
communicated. Those that have previously organized a global OWASP AppSec
conference in the past know how much more complex it is to organize
compared to a local event, even if the numbers of attendees are more of
less the same. The decision to move the AppSec-EU 2018 conference to the UK
has been made. We would like to acknowledge the effort of the organizing
team, while realizing the required level of support from the foundation was
not achieved.

As OWASP board and staff, we see the huge burden it puts on the local
chapter and leading volunteers. The OWASP board and staff recognizes the
necessity of providing more professional support to the local chapter and
volunteers to justify the expectations of our community and sponsors. With
her extensive experience in organizing international conferences, our ED is
working hard to do so.

As you are aware, the board members are volunteers too and we do our best
to act in the best interest of the OWASP community. OWASP is bigger than
individuals or the board, OWASP is a community which is driven by it
volunteers and we welcome your input in how we can improve OWASP to further
our mission. Please be invited to the OWASP Board meetings
<https://www.owasp.org/index.php/Board>, the first meeting of the current
board is January 24th <https://www.owasp.org/index.php/January_24,_2018>.

Many times, those who shout the loudest are perceived in representing the
community’s opinion. In the succession of the announcement the AppSec-EU to
be moved from Tel Aviv to the UK, and the public statement that has been
made articulating the frustrations about this decision, people from inside
and outside the OWASP community felt the need to vent their opinions. As we
are an open organization, I appreciate how forthcoming our community was.

Nevertheless, in OWASP we have a clear policy of ethics, stating the
expected professionalism in communication and respect towards each other.
We as a community of professionals are required to set an example to the
next generation and should therefore lead by example in respecting these
ethics when communicating both privately and in the public domain.

We will endeavor to improve our communications going forward and hope that
this has not deterred any of the great OWASP community that have spent a
countless number of hours volunteering to improve software security as a

Kind regards,

Martin Knobloch
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20180124/a58ee08c/attachment.html>

More information about the OWASP-Leaders mailing list