Monday, October 29, 2012

The guy who sat in the corner

Last week at AppSecUSA 2012, I was around when the OWASP global board meeting was ongoing. As an official OWASP member (that happen when you pay your annual membership fee), you can be present during the meetings. So I went inside and sat in the corner.

Since the meeting agenda is open to all, I went to the OWASP wiki and looked for it :,_2012
I missed the beginning but saw a large part starting at Sarah's director report.

At first everything was rater serious. Facts where pointed out and notes were taken. Then gradually it went smoother and the tone was going more friendly. As I see it, the board is top notch professional but still have a good chemistry.

Here's some things I learned during the meeting (WARNING: these are by no way official minutes and I could be mistaken because it comes from my memory 5 days after):

  • OWASP 's infrastructure is hosted at Rackspace and some in the cloud. Rackspace actually donate time for OWASP with their charity program. They plan to "virtualize" some servers. Some members of the board have access directly to the server so they can fix and change stuff.
  • OWASP's mediawiki has some work left due to contractor issues. Jim will look for help.
  • Budgets seems to go well on many fronts. Allocated resources were not all used.
  • 70% of something are on travelling (I don't remember exactly 70% of what, but that says to me that travel expenses are a big part of OWASP money flow).
  • OWASP has some basic IT needs. They don't seem to be having many problems since they are using many cloud based solution (Google Apps, Salesforce).
  • Board members took roles such as chair, vice-chair and secretary by their preference and votes of the others. Everything is discussed and some wanted to let go or have some roles and others where flexible about it. You can see this in (not updated yet for me yet as I understood it during the meeting).

If you want to see hows the money flow, take a look at this Google docs :

So as you can see, pretty much everything about the organisation is open and accessible for anyone via the Wiki.

No comments:

Post a Comment