<div dir="ltr">I share most of Johanna complaints. My experience is that a lot of people are starving putting "Owasp" as keyword on linkedin... of course we're also full of strong committers but sometimes the overall feeling is so boring and frustrating :-(</div><div class="gmail_extra"><br><div class="gmail_quote">On Tue, Dec 1, 2015 at 12:39 PM, Abdullahi Arabo <span dir="ltr"><<a href="mailto:abdullahi.arabo@owasp.org" target="_blank">abdullahi.arabo@owasp.org</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Thanks for your contributions <font size="2"><span style="background-color:rgba(255,255,255,0)">Johanna. I think some steps and measures should be taken to stop frustrating our volunteers</span></font><div class="HOEnZb"><div class="h5"><br><br>On Tuesday, 1 December 2015, Arturo 'Buanzo' Busleiman <<a href="mailto:buanzo@buanzo.com.ar" target="_blank">buanzo@buanzo.com.ar</a>> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><p dir="ltr">Just to clarify, because I received a horrible off-list comment from someone that will remain anonymous:</p>
<p dir="ltr">*I am NOT attacking Mr. Josh Sokol.*</p>
<p dir="ltr">I made a comment about a specific statement about 'the Board' and about my perception of human relationships in a big organization.</p>
<p dir="ltr">If I were attacking someone, I would do it off list, and in a clear, respectful way, as human beings deserve, and it would be called a diacussion/argument.</p>
<p dir="ltr">Or better yet in person, with a beer. Some of you know what kind of person I am. </p>
<p dir="ltr">I write this as Arturo Busleiman, aka Buanzo, former OWASP project leader, that in spite of everything and some-ones, still reads what goes on here, because he does not forget OWASP. And frackin' cares about it.</p>
<p dir="ltr">Should I?</p>
<p dir="ltr">Oh, the drama :)<br></p>
<div class="gmail_quote">On 30 Nov 2015 8:14 pm, "Arturo 'Buanzo' Busleiman" <<a>buanzo@buanzo.com.ar</a>> wrote:<br type="attribution"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><p dir="ltr">Is the strategic vision failing? Stop focusing on Johanna, and focus on what she and others are saying. And feeling.</p>
<p dir="ltr">Maybe that will help OWASP remember its driving force, its motivation: open web application security.</p>
<div class="gmail_quote">On 30 Nov 2015 8:06 pm, "Josh Sokol" <<a>josh.sokol@owasp.org</a>> wrote:<br type="attribution"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><div><div><div>Johanna,<br><br></div>I'm sorry if you feel that I have been "stinging" you.  Certainly not my intent.  My intent was only to show that the Board has been analyzing the situation and is in the process of taking action, even if it isn't as rapid as some people in our community would like, or the exact actions that they desire.  As a Board, we have entrusted our ED, staff, and volunteers with the daily operations of the OWASP Foundation.  Sometimes people forget that we are volunteers as well who spend hundreds, if not thousands, of hours trying to make OWASP a better place for everyone involved.  Technically, I have just as much power in OWASP as you or any other volunteer.  I can state my opinion, I can bring my ideas to the Board, and they can be voted on.  The "bureaucracy" that you talk about in your document can also be viewed as "governance" depending on the lens you are looking through.  Yes, it can make things move slowly, I've been frustrated by it too, but it ensures that everyone at OWASP has a seat at the table if they want it and they will be treated fairly.  It's actually quite the opposite of discrimination.  <br><br>Our job as Board members is to help with strategic vision, not to wade into operational issues.  We have an Executive Director and Staff for that.  In this particular situation, the Board has stepped in to help provide the guidance on how to resolve not only this situation, but future situations like it.  The determination was made that we lack the policies and procedures today to do so and we have asked Paul and Noreen to provide those based on the Board's recommendations.  Considering that the rest of us have full time jobs, and these individuals are paid by OWASP for these types of activities, this seems like a reasonable action to me.  Once the new policies are in place, then we can work on enforcing them.  I understand that this process is not as quick as you would like, but again, it isn't meant to be quick, it is meant to be fair.<br><br></div><div>In terms of taking the time to speak with you, I have done so many times on many topics.  I made it a point to find you at the BlackHat Arsenal a couple years ago and introduce myself.  I thanked you for everything that you have done for OWASP.  If you are questioning why nobody talked to you for this one issue, I don't know.  That said, I think we've heard your opinion on the issue loud and clear.  You have every right to be upset.  You have every right to leave OWASP.  I don't think any of us want those things, but you are a grown woman who can do what you'd like.  My last e-mail was only meant to show that there are processes in place that would allow our leaders to act in ways that they see fit, irrespective of the Board.  I was aware that you had resigned your post, but you also said that you were leaving OWASP then, and then came back, so I was unsure of your status.  I made some suggestions on how to use the "bureaucracy" that you hate so much in order to get what you want.  Is that really me "stinging" you?<br></div><div><br></div>Regarding LASCON, I understand that you are trying to imply that I am somehow "bought" by Contrast.  The fact is that my only communication with Contrast, outside of the meeting the Board asked me to have with Jeff, was in asking their marketing to remove me from their list...twice.  My involvement with LASCON this year was in creating the badge game, providing a free one-day training to ~100 people, and as an attendee.  Honestly, I haven't been very involved in LASCON planning since Co-Chairing OWASP AppSec 2012 in Austin.  I can honestly say that I have never had any business dealings with Dave, Jeff, Aspect, or Contrast.  Frankly, I feel as though I'm about as unbiased as you can get in this situation.  But, again, I'm only one voice and my original intention was only to let Simon and others know that the Board and our Executive Director have been actively working on this issue behind the scenes.  I sincerely apologize for any heartache that this situation has caused you.  We are all nothing if not passionate, but that doesn't make one view more right than another.  You may not see it, but we are working as best we can given the resources available to us.  In any case, I wish you the best of luck going forward.<br><br></div>~josh<br></div><div class="gmail_extra"><br><div class="gmail_quote">On Mon, Nov 30, 2015 at 3:52 PM, johanna curiel curiel <span dir="ltr"><<a>johanna.curiel@owasp.org</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><span><span style="font-size:13px">>>We also are too sensitive to offending offenders.</span><div><br></div></span><div>But very insensitive with volunteers.<br><div><span style="font-size:13px"><br></span></div><div>I have to say that I feel quite offended how I have been treated with all these questioning and even at the last moment when I'm leaving this hornet.Littlery HORNET and keep on being stung by board members</div><div><span style="font-size:13px"><br></span></div><div><span style="font-size:13px">In the first place Simon has made a complain.</span></div><div><span style="font-size:13px"><br></span></div><div>I provided feedback and made recommendations to the board including the review. The entire community reacts on twitter including SWAMP , and other vendors.</div><div><span style="font-size:13px"><br></span></div><div>Then what happens? Josh & Matt 'take the time' to talk to Jeff who has basically demean the entire DAST/SAST industry...no actions are taken</div><div><br></div><div>After 2 MONTHS LATER questions are risen AGAIN by Simon and then we stir up the hornet again.</div><div><br></div><div>That  is how you wanted to keep volunteers?</div><div><br></div><div>To me this feels and writes DISCRIMINATION.</div><div><br></div><div>Yes I'm not Jeff Williams owner of Contrast and sponsor of LASCON, just a third world woman leaving in a Caribbean Island. </div><div><br></div><div>Josh when did you and Matt take the time to speak with me not even using Skype?</div><div><br></div><div><br></div><div><a href="http://lascon.org" target="_blank">http://lascon.org</a><br></div></div><div><br></div><div>Check the big Contrast logo!</div></div><div><div><div class="gmail_extra"><br><div class="gmail_quote">On Mon, Nov 30, 2015 at 5:20 PM, Eoin Keary <span dir="ltr"><<a>eoin.keary@owasp.org</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="auto"><div>Much of our decisions must be based on "doing what feels right" and "wisdom of crowds". We need to call foul when we see it and deal with it decisively.</div><div>We currently do neither. Gut feeling is normally right. </div><div><br></div><div>We also are too sensitive to offending offenders. Many many times since 2013 bad, unethical stuff has occurred and little was done even ignoring our compliance officer, whom I guess has not been asked to look at the benchmark project?</div><div><br></div><div>This is crucial for OWASP to hold together , nevermind survive. </div><span><div> <br><br>Eoin Keary<div>OWASP Volunteer</div><div>@eoinkeary</div><div><span style="font-size:13pt"><br></span></div><div><br></div></div></span><div><div><div><br>On 30 Nov 2015, at 8:59 p.m., Jim Manico <<a>jim.manico@owasp.org</a>> wrote:<br><br></div><blockquote type="cite"><div>
  
    
  
  
    > If you need to write rules for everything you won't have
    volunteers doing anything.<br>
    <br>
    I think this is a super important point. We cannot set policy to
    cover every situation. Our community is full of hackers who exploit
    weakness in policy for a living. Sometimes policy will fail, at
    OWASP more often than not.<br>
    <br>
    The board and other members of leadership need to step in and be
    sensible during times of crisis.<br>
    <br>
    If you look at social media, various OWASP email lists, the history
    of the participants and many other facts around this disaster, I
    think the best choice for the foundation is:<br>
    <br>
    1) Demote or remove this project from the OWASP project inventory<br>
    2) Make a clear public statement at our disapproval of this obvious
    brand abuse<br>
    3) As best we can, try to adjust OWASP brand use guidelines and
    project review criteria<br>
    <br>
    But please note, I am not king and I never was. I am just one
    volunteer speaking for myself. The board is still discussing this
    issue and is weighing the pros and cons between supporting
    innovation and protecting the brand. <br>
    <br>
    Whatever happens, there is no winner here. I think this is yet
    another poisonous episode that will diminish the OWASP brand,
    discourage innovation and harm collaboration in our industry. It's a
    very sad situation and I wish I could do more to help. <br>
    <br>
    I also think the board members who I disagree with are trying their
    best to make good decisions. This is just a very tough one to
    handle. No one wants to set a precedent where the board steps in and
    demotes or removes projects. There will be no winners here.<br>
    <br>
    - Jim<br>
    <br>
    <br>
    <div>On 11/30/15 10:43 PM, johanna curiel
      curiel wrote:<br>
    </div>
    <blockquote type="cite">
      <div dir="ltr">
        <div><span style="font-size:13px">>>If you are no longer
            involved with the Project Task Force, then perhaps you could
            pass that note along to whoever is still involved with it,
            if anyone.</span></div>
        <div><span style="font-size:13px"><br>
          </span></div>
        <div>I'm not your employee, I'm a volunteer. I already took the
          time to pass over the info to Claudia.I explained to her what
          I used to do even what an ex-employee like Kait-Disney used to
          do and maintain and support the Project Task Review with.</div>
        <div><br>
        </div>
        <div>>.J<span style="font-size:13px">ust thought that as the
            one who initiated the Committee 2.0 framework, it might help
            to answer that "who" question you had.</span></div>
        <div><span style="font-size:13px"><br>
          </span></div>
        <div>Josh. You make this more complicated that it needs to be.
          The committee I formed was just to do reviews:</div>
        <div><br>
        </div>
        <div><a href="https://groups.google.com/a/owasp.org/forum/?hl=en#%21searchin/projects-task-force/committee$20project$20review/projects-task-force/-UB_wQmtNO8/qlVnAQbMsjkJ" target="_blank">https://groups.google.com/a/owasp.org/forum/?hl=en#!searchin/projects-task-force/committee$20project$20review/projects-task-force/-UB_wQmtNO8/qlVnAQbMsjkJ</a><br>
        </div>
        <div><br>
        </div>
        <div>If you need to write rules for everything you won't have
          volunteers doing anything.</div>
        <div>Keep it simple. When we think overcomplicated we end up
          thinking just like Monty Python Football...😁</div>
        <div>All you need to do is kick the ball...</div>
        <div><br>
        </div>
        <div>For me is obvious. I just have the feeling that the board
          does hardly read and pay attention to what I have been saying,
          writing etc.</div>
        <div><br>
        </div>
        <div>Have you though how exhausting is to keep repeating the
          same story over again? Explaining myself every time with all
          your questioning? Providing links, proofs, writing these
          email...exhausting and waste of time.</div>
        <div><br>
        </div>
        <div><br>
        </div>
        <div><a href="https://www.youtube.com/watch?v=ur5fGSBsfq8" target="_blank">https://www.youtube.com/watch?v=ur5fGSBsfq8</a><br>
        </div>
        <div><br>
        </div>
        <div>People have fun watching, this video is really funny.</div>
        <div><br>
        </div>
        <div>Have a nice week.</div>
        <div><br>
        </div>
        <div>regards</div>
        <div><br>
        </div>
        <div>Johanna</div>
      </div>
      <div class="gmail_extra"><br>
        <div class="gmail_quote">On Mon, Nov 30, 2015 at 4:12 PM, Josh
          Sokol <span dir="ltr"><<a>josh.sokol@owasp.org</a>></span>
          wrote:<br>
          <blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
            <p dir="ltr">If you are no longer involved with the Project
              Task Force, then perhaps you could pass that note along to
              whoever is still involved with it, if anyone.  The option
              is there to revise the guidelines which I would consider
              to be in scope for this committee.  But, to your point,
              the marketing with respect to Contrast around the project
              appears to be outside the stated scope of the committee. 
              Thus, it is the domain of the Board and we are working on
              it.  I just thought that as the one who initiated the
              Committee 2.0 framework, it might help to answer that
              "who" question you had.</p>
            <span><font color="#888888">
                <p dir="ltr">~josh</p>
              </font></span>
            <div>
              <div>
                <div class="gmail_quote">On Nov 30, 2015 1:41 PM,
                  "johanna curiel curiel" <<a>johanna.curiel@owasp.org</a>>
                  wrote:<br type="attribution">
                  <blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
                    <div dir="ltr">Josh
                      <div><br>
                      </div>
                      <div>A stepped down of the Project Review task
                        force on 2nd September 2015</div>
                      <div><a href="http://lists.owasp.org/pipermail/owasp-board/2015-September/016044.html" target="_blank">http://lists.owasp.org/pipermail/owasp-board/2015-September/016044.html</a><br>
                      </div>
                      <div><br>
                      </div>
                      <div><span style="font-size:13px">>>The
                          Board will still need to provide action on the
                          abuse of the OWASP brand as there is no
                          committee in place currently to handle these
                          concerns</span><br>
                      </div>
                      <div><span style="font-size:13px"><br>
                        </span></div>
                      <div>I handled these concerns very clearly when
                        I sent to you and the entire community the
                        project review done. I even reacted to Jeff
                        Williams on the DarkReading website.</div>
                      <div><br>
                      </div>
                      <div>BTW that was my last review done with
                        Abbas.We both concluded the same things and all
                        of these reviews are publicly available on the
                        Project Task Force email list.</div>
                      <div><br>
                      </div>
                      <div>The problems with all the bureaucracy and
                        guidelines and Committees is, that it is very
                        unclear <b>who</b> should take action when
                        brand abuses occur. That was never
                        responsibility of the PROJECT REVIEW team. Just
                        to made reviews and advice.</div>
                      <div><br>
                      </div>
                      <div>I requested the board to take action , a
                        statement that's what I recommended, to make
                        clear that OWASP does not endorse the opinions
                        of the vendor(Contrast) with regard the claims
                        done using OWASP Benchmark.</div>
                      <div><br>
                      </div>
                      <div>
                        <ul>
                          <li>My issue here is that Contrast has misused
                            OWASP Benchmark using false claims.<br>
                          </li>
                          <li>Dave Wichers is in a position of Conflict
                            of Interest<br>
                          </li>
                        </ul>
                      </div>
                      <div><br>
                      </div>
                      <div>And these false claims are also demeaning
                        against SAST/DAST tools as if IAST is more
                        superior. The arguments are false, nothing can
                        be concluded for this project as it is in Beta
                        stage, as also experts such as Kevin Wall has
                        made it clear.</div>
                      <div><br>
                      </div>
                      <div>BTW Contrast just changed slightly his
                        website by taking down the demeaning false
                        statements against DAST/SAST:</div>
                      <div><a href="https://docs.google.com/document/d/1G3u34fxhgnbbYY8VsBmceLUjQPKax0Go1HwlphLK7lw/edit?usp=sharing" target="_blank">https://docs.google.com/document/d/1G3u34fxhgnbbYY8VsBmceLUjQPKax0Go1HwlphLK7lw/edit?usp=sharing</a><br>
                      </div>
                      <div><br>
                      </div>
                      <div>
                        <ul>
                          <li>"Contrast Dominates SAST & DAST in
                            Speed and Accuracy "<br>
                          </li>
                          <li><span style="color:rgb(0,0,0);font-family:arial,helvetica,sans-serif">"</span><span style="color:rgb(0,0,0);font-family:arial,helvetica,sans-serif">SAST
                              & DAST Leave Businesses Vulnerable"</span><br>
                          </li>
                          <li><span style="color:rgb(0,0,0);font-family:arial,helvetica,sans-serif">"</span><span style="color:rgb(0,0,0);font-family:arial,helvetica,sans-serif">As </span><i style="color:rgb(0,0,0);font-family:arial,helvetica,sans-serif">clearly
                              demonstrated by the OWASP Benchmark</i><span style="color:rgb(0,0,0);font-family:arial,helvetica,sans-serif">, this
                              approach is not only many times more
                              accurate, but is faster and easier to
                              deploy as well."</span><br>
                          </li>
                        </ul>
                      </div>
                      <div><br>
                      </div>
                      <div>All this is FALSE FALSE FALSE. Contrast needs
                        to take down all these statements by using
                        Benchmark as if is true. </div>
                      <div><br>
                      </div>
                      <div>Do you need more brand guidelines to take
                        action?</div>
                      <div><br>
                      </div>
                      <div>Regards</div>
                      <div><br>
                      </div>
                      <div>Johanna</div>
                      <div><br>
                      </div>
                      <div><a href="https://docs.google.com/document/d/1G3u34fxhgnbbYY8VsBmceLUjQPKax0Go1HwlphLK7lw/edit?usp=sharing" target="_blank">https://docs.google.com/document/d/1G3u34fxhgnbbYY8VsBmceLUjQPKax0Go1HwlphLK7lw/edit?usp=sharing</a><br>
                      </div>
                    </div>
                    <div class="gmail_extra"><br>
                      <div class="gmail_quote">On Mon, Nov 30, 2015 at
                        2:46 PM, Josh Sokol <span dir="ltr"><<a></a><a>josh.sokol@owasp.org</a>></span>
                        wrote:<br>
                        <blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
                          <div dir="ltr">
                            <div>I am sad to see you go, Johanna.  Your
                              efforts with respect to OWASP projects has
                              been an inspiration to many, including
                              myself.  Thank you for all your hard work
                              and dedication.<br>
                              <br>
                            </div>
                            Before you go (assuming you haven't
                            abandoned yet), I would like to make a
                            suggestion here.  You are currently leading
                            the Project Task Force, which is empowered
                            to act under the OWASP Committees 2.0
                            framework (<a href="https://owasp.org/index.php/Committees_2.0" target="_blank">https://owasp.org/index.php/Committees_2.0</a>). 
                            And as I look to the Guidelines for OWASP
                            Projects (<a href="https://owasp.org/index.php/Guidelines_for_OWASP_Projects" target="_blank">https://owasp.org/index.php/Guidelines_for_OWASP_Projects</a>)
                            I note that these guidelines are maintained
                            under the scope of that committee.  <br>
                            <br>
                            <blockquote style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex" class="gmail_quote">This page is
                              maintained by the OWASP Project Task Force
                              to help assist Project Leaders with
                              information about successfully running an
                              OWASP Project. It will be updated from
                              time to time, and changes will be
                              discussed and announced on the
                              OWASP-Leaders list.<br>
                            </blockquote>
                            <div><br>
                            </div>
                            <div>The Committees 2.0 framework had the
                              goal of empowering our community to
                              effectively delegate power away from the
                              Board and to themselves within a
                              pre-defined scope.  The only question in
                              my mind, at this point, is whether this
                              committee still has the 5 people necessary
                              in order to hold a vote.  If so, I would
                              like to make a few recommendations to the
                              committee:<br>
                              <ol>
                                <li> Amend this guideline to include
                                  verbiage stating that a project leader
                                  must not have a bias that would
                                  prevent them from being objective with
                                  respect to their project.  If such a
                                  bias were to occur, the project leader
                                  would be removed and a new leader
                                  would need to be found in order for
                                  the project to continue as an OWASP
                                  project.</li>
                                <li>Amend the guidelines around project
                                  levels (Incubator, Lab, Flagship)
                                  stating that a mandatory requirement
                                  for Lab and Flagship projects is that
                                  they have a diverse enough set of
                                  contributors to support objective
                                  efforts.</li>
                                <li>Perform a blanket review of projects
                                  against these new criteria and adjust
                                  accordingly for all projects failing
                                  to meet these new requirements.</li>
                              </ol>
                              <p>I believe that these actions are wholly
                                within the stated scope of the committee
                                and is not in violation of our Bylaws
                                Code of Ethics, Mission, etc, and
                                therefore, appropriate for the committee
                                to make.  Committee decisions are
                                considered official once a record has
                                been published to the community.</p>
                              <p>The Board will still need to provide
                                action on the abuse of the OWASP brand
                                as there is no committee in place
                                currently to handle these concerns, but
                                the power to act on the project level is
                                there should you choose to use it.  Just
                                a thought since the Board is trying to
                                manage to policy and you have the
                                ability to change that.<span><font color="#888888"><br>
                                  </font></span></p>
                              <span><font color="#888888">
                                  <p>~josh<br>
                                  </p>
                                </font></span></div>
                          </div>
                          <div class="gmail_extra"><br>
                            <div class="gmail_quote">
                              <div>
                                <div>On Sun, Nov 29, 2015 at 4:24 PM,
                                  johanna curiel curiel <span dir="ltr"><<a></a><a>johanna.curiel@owasp.org</a>></span>
                                  wrote:<br>
                                </div>
                              </div>
                              <blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
                                <div>
                                  <div>
                                    <div dir="ltr">Hi Leaders
                                      <div><br>
                                      </div>
                                      <div>I have decided that I  stop
                                        participating at OWASP as
                                        community member , especially
                                        being involved in any new
                                        activities regarding direct
                                        volunteer efforts. If I ever
                                        considered running to the board
                                        I have definitely desist.</div>
                                      <div><br>
                                      </div>
                                      <div>Someone would like to know my
                                        perspective about my point of
                                        view can take the time to read
                                        this article:</div>
                                      <div><br>
                                      </div>
                                      <div><a href="https://docs.google.com/document/d/1iNeG2lOBTAo8qsMiNZDARLKm4X727OME50CamzY3vn8/edit?usp=sharing" target="_blank">https://docs.google.com/document/d/1iNeG2lOBTAo8qsMiNZDARLKm4X727OME50CamzY3vn8/edit?usp=sharing</a><br>
                                      </div>
                                      <div><br>
                                      </div>
                                      <div>I will keep supporting
                                        certain projects as I have
                                        direct contact with these
                                        project leaders, but I think
                                        OWASP is in a process of decay
                                        as an organisation.</div>
                                      <div><br>
                                      </div>
                                      <div>I stop Curacao Chapter , I
                                        guess there will be no caribbean
                                        region at  OWASP as none of
                                        these countries are active. This
                                        one is stopping right now.
                                        Research initiative too.</div>
                                      <div><br>
                                      </div>
                                      <div>I'll keep my OWASP mail and
                                        I'll be an official member as
                                        many are 'on paper'. So yes, you
                                        want to contact me and I can
                                        help you directly, always
                                        welcome.</div>
                                      <div><br>
                                      </div>
                                      <div>Good luck all to you.</div>
                                      <div><br>
                                      </div>
                                      <div>Regards</div>
                                      <span><font color="#888888">
                                          <div><br>
                                          </div>
                                          <div>Johanna</div>
                                        </font></span></div>
                                    <br>
                                  </div>
                                </div>
                                <span>_______________________________________________<br>
                                  OWASP-Leaders mailing list<br>
                                  <a>OWASP-Leaders@lists.owasp.org</a><br>
                                  <a href="https://lists.owasp.org/mailman/listinfo/owasp-leaders" rel="noreferrer" target="_blank">https://lists.owasp.org/mailman/listinfo/owasp-leaders</a><br>
                                  <br>
                                </span></blockquote>
                            </div>
                            <br>
                          </div>
                        </blockquote>
                      </div>
                      <br>
                    </div>
                  </blockquote>
                </div>
              </div>
            </div>
          </blockquote>
        </div>
        <br>
      </div>
      <br>
      <fieldset></fieldset>
      <br>
      <pre>_______________________________________________
OWASP-Leaders mailing list
<a>OWASP-Leaders@lists.owasp.org</a>
<a href="https://lists.owasp.org/mailman/listinfo/owasp-leaders" target="_blank">https://lists.owasp.org/mailman/listinfo/owasp-leaders</a>
</pre>
    </blockquote>
    <br>
  

</div></blockquote><blockquote type="cite"><div><span>_______________________________________________</span><br><span>OWASP-Leaders mailing list</span><br><span><a>OWASP-Leaders@lists.owasp.org</a></span><br><span><a href="https://lists.owasp.org/mailman/listinfo/owasp-leaders" target="_blank">https://lists.owasp.org/mailman/listinfo/owasp-leaders</a></span><br></div></blockquote></div></div></div></blockquote></div><br></div>
</div></div><br>_______________________________________________<br>
OWASP-Leaders mailing list<br>
<a>OWASP-Leaders@lists.owasp.org</a><br>
<a href="https://lists.owasp.org/mailman/listinfo/owasp-leaders" rel="noreferrer" target="_blank">https://lists.owasp.org/mailman/listinfo/owasp-leaders</a><br>
<br></blockquote></div><br></div>
<br>_______________________________________________<br>
OWASP-Leaders mailing list<br>
<a>OWASP-Leaders@lists.owasp.org</a><br>
<a href="https://lists.owasp.org/mailman/listinfo/owasp-leaders" rel="noreferrer" target="_blank">https://lists.owasp.org/mailman/listinfo/owasp-leaders</a><br>
<br></blockquote></div>
</blockquote></div>
</blockquote><br><br></div></div><span class="HOEnZb"><font color="#888888">-- <br>Dr A Arabo Jr. <br>OWASP Nigerian Chapter<br>
</font></span><br>_______________________________________________<br>
OWASP-Leaders mailing list<br>
<a href="mailto:OWASP-Leaders@lists.owasp.org">OWASP-Leaders@lists.owasp.org</a><br>
<a href="https://lists.owasp.org/mailman/listinfo/owasp-leaders" rel="noreferrer" target="_blank">https://lists.owasp.org/mailman/listinfo/owasp-leaders</a><br>
<br></blockquote></div><br><br clear="all"><div><br></div>-- <br><div class="gmail_signature">"... static analysis is fun, again!"<br><br>OWASP Orizon project leader, <a href="http://github.com/thesp0nge/owasp-orizon" target="_blank">http://github.com/thesp0nge/owasp-orizon</a><br>OWASP Esapi Ruby project leader, <a href="https://github.com/thesp0nge/owasp-esapi-ruby" target="_blank">https://github.com/thesp0nge/owasp-esapi-ruby</a></div>
</div>