This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit

September 21, 2016

Revision as of 23:46, 9 October 2016 by KateHartmann (talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search



Teleconference Information:

International Toll Free Calling Information

Attendance Tracker

Board Meeting Attendance Tracker

Notice of Recording

  • Notice to all attendees - board meetings are recorded and publicly available as of March, 2013
  • Joining the call acknowledges your awareness of recording and consent to be recorded and public dissemination of the recording.


Meeting Minutes

- August 23, 2016 Meeting Minutes
- July 27, 2016 Meeting Minutes

Reading Material

It is a requirement as a board member to fully read all material prior to the start of the meeting

  • Treasurer's report

Meeting Agenda

Call to Order /OWASP Mission

  • Administrative: List of attendees and Agenda bashing (only if last-minute changes to the agenda are needed) (5 min)


Chair's Report - Matt Konda

  • Staff OKR
  • Staff meetings
  • Bill payments / Contract Approvals (Many)
  • Taxes Filed - 2015 $2.48M (2014 $1.6M) - primarily from programs (conferences + training)
  • Chair Letter for Annual Report (I caused delay here) and for AppSec
  • Redoubled efforts on Glue (DevOps Security Project) - also with revived AppSec Pipeline project (Matt T., Aaron Weaver, Adam Parsons, etc.)
  • Working with Dev summit for AppSec.
  • Hiring Strategy
  • Discussing Partnerships with Media Companies
  • Chasing Sponsors

Vice Chair's Report - Josh Sokol

  • I've got nothing major to report here so let's save the time for some of the bigger discussions that we need to have.

Treasurer Report - Andrew van der Stock

Treasurer's report for September 2016

  • August Financial Package


Financial Analysis

Secretary Report -Tobias Gondrom

Updated from Members at Large - Tom Brennan, Michael Coates, and Tobias Gondrom

  • Coates - Chapters
  • Carter - Governance
  • Brennan - Projects

Staff Reports

Old Business

All active board proposals are listed here

  • Motion to invest a portion of unused funds in a ladder CD arrangement (Andrew - Deferred to DC)
  • Motion to approve changes to FY17 membership rates (Andrew)

New Business

  • OWASP / NYU University, CSAW Co-Marketing Agreement 12k - Motion for Vote for Funding (Tom)
    • CSAW'16 Bronze Level Sponsorship - $12,000
    • Judging opportunity at NYU Tandon CSAW (Nov. 11) and at NYU Abu Dhabi CSAW
    • OWASP branded Travel Award (OWASP funding supports the travel for US Capture the Flag finalists)
    • OWASP collaboration with OSIRIS Lab students on open-source projects in the 16/17 academic year
    • OWASP membership materials included in the CSAW conference bag (NYU Tandon)
    • OWASP table at CSAW Industry Fair (NYU Tandon)
    • OWASP logo on CSAW global website, US conference materials and signage
    • Public recognition at Awards Ceremony
    • 4 free tickets to the Security Open Source Workshop (NYU Tandon, Nov. 10)
  • WEBSITE Project

Status Report (Tom)

  • Projects and external funding - interpretation

Anyone, including OWASP Project Leaders, are able to take OWASP projects and generate revenue for themselves as long as they abide by the license terms of that project. If a project leader can convince others to pay them for something involving their project that doesn't violate the license, then such activity does not negatively impact their project's standing with the OWASP Foundation. As long as the project remains Open Source (FLOSS) and healthy per the OWASP Project Handbook, it can remain an OWASP project. It is recommended that the project name not match any external offering to avoid confusion and, in cases where such a external offering is provided, a disclaimer will be placed on the project page.

Note: This does not change the long standing policy that OWASP Foundation project funds cannot be spent on the project leader directly (aka pay them directly) but must, instead, be spent on items to enhance the project such as graphic art, editing, travel expenses to a project summit, etc.

  • Canadian Cybersecurity Alliance

Should we participate? [1][Background] (Matt)

  • Proposal to move the November 9th Board Meeting to Tuesday, November 8th (5-7 PM CDT). (Josh)

Action Items



Motion to close meeting