September 21, 2016

Time

 * Date/Time: September,21 2016/7am-8:30am PDT
 * TimeZone Converter

Location
Teleconference Information:

https://www3.gotomeeting.com/join/861328838

International Toll Free Calling Information

Attendance Tracker
Board Meeting Attendance Tracker

Notice of Recording

 * Notice to all attendees - board meetings are recorded and publicly available as of March, 2013
 * Joining the call acknowledges your awareness of recording and consent to be recorded and public dissemination of the recording.

RECORDING

Meeting Minutes

 * - August 23, 2016 Meeting Minutes
 * - July 27, 2016 Meeting Minutes

= Reading Material = It is a requirement as a board member to fully read all material prior to the start of the meeting


 * Treasurer's report
 * - https://drive.google.com/open?id=17kNGo1XSQ7aJyTf67rYZUB-fPr_ZrP__DFKOd0AiSaA

= Meeting Agenda =

Call to Order /OWASP Mission

 * Administrative: List of attendees and Agenda bashing (only if last-minute changes to the agenda are needed) (5 min)

Chair's Report - Matt Konda

 * Staff OKR
 * Staff meetings
 * Bill payments / Contract Approvals (Many)
 * Taxes Filed - 2015 $2.48M (2014 $1.6M) - primarily from programs (conferences + training)
 * Chair Letter for Annual Report (I caused delay here) and for AppSec
 * Redoubled efforts on Glue (DevOps Security Project) - also with revived AppSec Pipeline project (Matt T., Aaron Weaver, Adam Parsons, etc.)
 * Working with Dev summit for AppSec.
 * Hiring Strategy
 * Discussing Partnerships with Media Companies
 * Chasing Sponsors

Vice Chair's Report - Josh Sokol

 * I've got nothing major to report here so let's save the time for some of the bigger discussions that we need to have.

Treasurer Report - Andrew van der Stock
Treasurer's report for September 2016 https://drive.google.com/open?id=17kNGo1XSQ7aJyTf67rYZUB-fPr_ZrP__DFKOd0AiSaA


 * August Financial Package

AUGUST 2016 FINANCIAL REPORT

Financial Analysis

Updated from Members at Large - Tom Brennan, Michael Coates, and Tobias Gondrom

 * Coates - Chapters


 * Carter - Governance


 * Brennan - Projects

Staff Reports

 * Director/Operations Update - Kate
 * Financial Update - Andrew/Tom - See above
 * Conference Manager Report - Laura Grau
 * | Project Coordinator Update - Claudia Casanovas & Matt Tesauro
 * Community Initiative Reports - Tiffany Long - TBA
 * Membership Report - Kelly Santalucia

Old Business
All active board proposals are listed here


 * Motion to invest a portion of unused funds in a ladder CD arrangement (Andrew - Deferred to DC)
 * - https://docs.google.com/document/d/1cZOMYzaRnWW_oQd4ON7kBNQcmlx3V4u33Szm8jH2cgU/edit#


 * Motion to approve changes to FY17 membership rates (Andrew)
 * - https://docs.google.com/a/owasp.org/document/d/1RBy7yRl-qVo49lDL1JeKmhwLElcazrJ7tY4OO5Wwb6U/edit?usp=sharing

New Business

 * OWASP / NYU University, CSAW Co-Marketing Agreement 12k - Motion for Vote for Funding (Tom)
 * CSAW'16 Bronze Level Sponsorship - $12,000
 * Judging opportunity at NYU Tandon CSAW (Nov. 11) and at NYU Abu Dhabi CSAW
 * OWASP branded Travel Award (OWASP funding supports the travel for US Capture the Flag finalists)
 * OWASP collaboration with OSIRIS Lab students on open-source projects in the 16/17 academic year
 * OWASP membership materials included in the CSAW conference bag (NYU Tandon)
 * OWASP table at CSAW Industry Fair (NYU Tandon)
 * OWASP logo on CSAW global website, US conference materials and signage
 * Public recognition at Awards Ceremony
 * 4 free tickets to the Security Open Source Workshop (NYU Tandon, Nov. 10)


 * WEBSITE Project

Status Report (Tom)


 * Projects and external funding - interpretation

Anyone, including OWASP Project Leaders, are able to take OWASP projects and generate revenue for themselves as long as they abide by the license terms of that project. If a project leader can convince others to pay them for something involving their project that doesn't violate the license, then such activity does not negatively impact their project's standing with the OWASP Foundation. As long as the project remains Open Source (FLOSS) and healthy per the OWASP Project Handbook, it can remain an OWASP project. It is recommended that the project name not match any external offering to avoid confusion and, in cases where such a external offering is provided, a disclaimer will be placed on the project page.

Note: This does not change the long standing policy that OWASP Foundation project funds cannot be spent on the project leader directly (aka pay them directly) but must, instead, be spent on items to enhance the project such as graphic art, editing, travel expenses to a project summit, etc.


 * Canadian Cybersecurity Alliance

Should we participate? [Background] (Matt)


 * Proposal to move the November 9th Board Meeting to Tuesday, November 8th (5-7 PM CDT). (Josh)

Adjournment

 * Next meeting date/time: October 11