February 2023 Public Board / Leaders' Meeting - Dublin - Agenda/Minutes

Meeting Details

  • Date: 15 February 2023
  • Time: 3am US Eastern, UTC 0800 7:30pm Central European Time convert
  • Location: Global AppSec Dublin 2023 (Room: Liffey Meeting Room 2, Convention Center of Dublin)
  • Call-in: Recording

Agenda

CALL TO ORDER

Board Members in person:

  • Vandana Verma Sehgal
  • Grant Ongers
  • Avi Douglen
  • Matt Tesauro
  • Bil Corry

Board members remote:

  • Glenn ten Cate

Guests

  • Andrew van der Stock
  • Project / Chapter Leaders
  • Members of the Community

CONFLICT OF INTEREST AND ANTI-TRUST STATEMENT

As the Board consists of individuals from many competing organizations, OWASP and its Board shall abide by all applicable anti-trust and competition laws. To avoid any perceived or actual conflict of interest, or anti-trust concerns under US federal, state, or regulations, only the published agenda shall be discussed or voted upon, or amended as below. If there are any conflicts of interest, Board members are expected to disclose the conflict of interest and must recuse themselves from discussion and voting.

CHANGES TO THE AGENDA

Changes to the agenda - unless otherwise prohibite

NEW BUSINESS

Motion to officially change the backronym OWASP:

Background: Motion: “Resolved that the Foundation will change all current and future references of the ‘Open Web Application Security Project’ to the ‘Open Worldwide Application Security Project.”

Sponsor: Mark Curphey Second: Avi Douglen

Votes: Passed 6-0

  • Vandana Verma Sehgal - YES
  • Grant Ongers - YES
  • Avi Douglen - YES
  • Matt Tesauro - YES
  • Bil Corry - YES
  • Glenn ten Cate - YES

THE OPEN LETTER

Mark and Glenn have co-signed an open letter to the board which high-lights five items that the signatories are asking for. I’d like them to lead the board and leaders in a discussion of the five points high-lighted below, particularly focused on practical approaches they have to meeting the questions raised.

  1. The Foundation should publish and maintain a community plan that should include its prioritized key project initiatives, along with a suitable funding plan to support them. The OSSF plan is a useful example to reference.
  2. The Foundation’s governance structure should better reflect the needs of the entire security community, increasing access and participation for corporate practitioners, governments, major sponsors, and key technology providers. We believe this can be achieved with vendor independence and is particularly necessary to attract financial sponsorship and key industry partnerships.
  3. The Foundation’s funding should reflect the needs of our and other flagship projects to both sustain and improve them. We believe this would likely be in the region of five to ten million dollars per year for our projects alone. The money would be used to pay for dedicated developers, community managers, and other support staff. We would like to work with the foundation to develop project by project plans.
  4. The Foundation should provide improved infrastructure and services to the community so that projects can focus on the projects themselves.
  5. The Foundation should actively manage the project portfolio and local chapters, ensuring that the community is always reflected in the best possible light and that we are able to attract and retain the best talent for the community. A plan, leadership, active community management, mentoring, and better tooling are all needed.

THE OWASP BOARD / LEADERS’ AMA

An open session to allow the Leaders to ask anything of the Board, particularly concerning the open letter but also around the strategy session from the previous day.

ADJOURNMENT

Adjournment motion

The next general Board meeting is on 28 February 2023, at 7:30pm Central European Time convert together with the Leader’s Meeting to be held at that same time.

“It is moved, and seconded to adjourn. Those in favor, say “aye””

Sponsor: Chair Second: Avi


Staff Reports

Executive Director

TBA

Finance

TBA