July 9, 2014

Revision as of 09:50, 9 July 2014 by Sarah Baso (Talk | contribs)

Jump to: navigation, search

Dial In Info

Notice of Recording

  • Notice to all attendees - board meetings are recorded and publicly available as of March, 2013
  • Joining the call acknowledges your awareness of recording and consent to be recorded and public dissemination of the recording.
  • [link:addme Meeting Recording]


12:00pm - 1:00pm EST


Teleconference Information:


International Toll Free Calling Information

Attendance Tracker

Board Meeting Attendance Tracker

Meeting Minutes

Meeting Minutes

Reading Material

It is a requirement as a board member to fully read all material prior to the start of the meeting

Meeting Agenda

Call to Order /OWASP Mission

  • Administrative (List of attendees and Agenda bashing (only if last-minute changes to the agenda are needed) (5 min)


Chairman's Report - Michael Coates

  • OWASP Community - Update on Community Updates
  • Operations Team - Update on transition
  • OWASP Mission & structure comments

Vice Chairman's Report - Tom Brennan

Treasurer Report - Josh Sokol

Secretary Report- Tobias Gondrom

Updated from Members at Large - Fabio Cerullo, Eoin Keary, & Jim Manico


Community Initiative Reports

Old Business

All active board proposals are listed here

  • Review Executive Director's corrections to previous board meeting discussions - link
  • Budget Update - any additional budget questions
  • 2014 Board Election - election committee & timeline
  • Committees 2.0 - Proposal Link
  • SalesForce Groups (Kate)

New Business

All active board proposals are listed here

  • Tobias Gondrom raises issue brought to leaders-list from Achim
    • There is a question from Achim Hoffman about user tracking features in our connector.
    • Dear all, why does OWASP send mails to its community which only contain tracking links instead to owasp.org ? Do we (OWASP) need to be tracked by others when visiting ourself? Why are we forced to use *.vresp.com when we want to go to owasp.org? I want to receive the "OWASP Connector" mail, but never opted in at foreign sites. No offence meant according the idea that others (wether persons, companies or organisations) helping OWASP to do whatever. But this mail looks phishy (I believe it's not ;-) As OWASP is about bringing awareness to everyone, i.e. about phishing mails, social engineering, etc. how should we explain our audience that we don't follow our advices ourself? Wondering, Achim
  • Proposal method & call for comment
    • Committees 2.0 approach demonstrates this as a solid way to handle complex topics.
    • Recommend this approach of flushing out ideas and receiving comment for future complex areas (stale chapter funds, owasp summit, scholarship program, etc)
  • [Sarah] - point person on ongoing initiatives/conversations with:
    • OAS

Action Items



  • Next meeting date/time:

Motion to close meeting