This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit

September 16, 2014

Revision as of 04:21, 12 September 2014 by Paul Ritchie (talk | contribs) (Reports)

Jump to: navigation, search

Dial In Info

Notice of Recording

  • Notice to all attendees - board meetings are recorded and publicly available as of March, 2013
  • Joining the call acknowledges your awareness of recording and consent to be recorded and public dissemination of the recording.
  • [link:addme Meeting Recording]


6:00pm - 9:00pm Mountain Standard Time (US)


In person at AppSec USA, Denver CO - add meeting room location

Teleconference Information:

International Toll Free Calling Information

Attendance Tracker

Board Meeting Attendance Tracker

Meeting Minutes

[link:addme Meeting Minutes]

Reading Material

It is a requirement as a board member to fully read all material prior to the start of the meeting

Meeting Agenda

Call to Order /OWASP Mission

  • Administrative (List of attendees and Agenda bashing (only if last-minute changes to the agenda are needed) (5 min)


Chairmain's Report - Michael Coates

Vice Chairmain's Report - Tom Brennan

Treasurer Report - Josh Sokol

Secretary Report- Tobias Gondrom

Updated from Members at Large - Fabio Cerullo, Eoin Keary, & Jim Manico


  • Matt Tesauro/IT Director Update - [link:addme IT Directors Report]
    • Financial Update - [link:August 2014 Financials][1]
    • Director Update - Kate Hartmann - [link:addme Kate Hartmann Update]
    • Project Manager Update - [link:addme Samantha Groves Project Manager Report]
    • Membership Update - [link:addme Membership Report]
    • IT Update - [link:addme Matt Tesauro Report]

Community Initiative Reports

Old Business

All active board proposals are listed here

  • add items

New Business

All active board proposals are listed here

  • [ Michael] Strategic Goals 2015
  • [Tobias] - Project Review committee proposal from Johanna
    • possibly a vote that there are no conflicts and we proceed as outlined in committee 2.0 policy.
  • [Tobias] - Profit Share models for AppSec conferences and other OWASP events
    • I would like to talk about profit share for chapters from AppSec conferences and OWASP tour events and chapter days:
      In particular about rules for "profit goal thresholds" and sharing of the profit with chapter budgets.
      The reason for this topic is that over the last few months I received several feedback from chapters that some of the side-effects of the "rules" are confusing or do sound very unfair....
      For that I would like to ask Paul or Laura if you could attend and provide an update on how we currently do this - or if there is a documentation link on the wiki, it would be nice if you could send this round beforehand so people can read it before the meeting. As an alternative, I am also happy to talk with Paul off-list, but I think conferences and events are very important
  • [Josh] - Default allocation of membership at conferences
    • Going with the topic of profit share, I would also like to discuss the allocation of membership fees at conferences. With the move to Salesforce as the conference platform, the allocation changed from defaulting to the chapters to defaulting to the Foundation. As an example, the LASCON registration now reads "If you choose membership, and wish to have 40% of your fee allocated to your local chapter, please indicate which Chapter". Under the RegOnline system, however, this was a drop-down box with a list of the Foundation, all chapters, and projects with the local chapter organizing the event being the default selection. I'm not sure why we are taking money away from the chapters like this when these members are clearly being recruited by events organized by the local chapters.
  • [Tobias] - handling of speakers for conferences
    • AppSec conferences - handling of speakers: Someone has brought to my attention the following topic for discussion:
      the question being:
      should we allow the conference team to provide accomodation support to non-keynote speakers?
      (the recommendation I received: "If OWASP wants the AppSec conferences to grow in size I believe that also the hotel expenses for 'normal' speakers should be covered. The current model does not attract better speakers to register as they have to cover all expenses themselves to give a talk, the current model only provides keynote speakers with accommodation. It should not only be an honour to speak at an OWASP conference, we as OWASP should actively support this knowledge sharing by stimulating speakers and meet them with their expenses and take care of the hotel for them. I am aware that in the current model the Appsec conferences are used to generate revenue for the foundation, but I believe that you have to spend money to make money: to invest into the speakers, which in turn will attract more attendees and therefore generate more income.")

  • [name of person adding topic] - topic
    • [vote needed | discussion topic]

Action Items



  • Next meeting date/time:

Motion to close meeting