June 2023 Agenda/Minutes

Meeting Details

• Date: 27 June 2023
• Time: 12PM US Eastern, UTC 1600 convert
• Location: Remote
• Call-in: Meeting Recording

Agenda

CALL TO ORDER

Board Members

• Grant Ongers
• Avi Douglen (arrived at 12.37 PM US Eastern with apologies)
• Bil Corry
• Matt Tesauro
• Glenn ten Cate
• Ricardo Griffith
• Vandana Verma Sehgal

Guests

• Andrew van der Stock
• Shelby Graham
• Dawn Aitken
• Harold Blankenship
• Kelly Santalucia
• Lauren Thomas

CONFLICT OF INTEREST AND ANTI-TRUST STATEMENT

As the Board consists of individuals from many competing organizations, OWASP and its Board shall abide by all applicable anti-trust and competition laws. To avoid any perceived or actual conflict of interest, or anti-trust concerns under US federal, state, or regulations, only the published agenda shall be discussed or voted upon, or amended as below. If there are any conflicts of interest, Board members are expected to disclose the conflict of interest and must recuse themselves from discussion and voting.

• OWASP Conflict of Interest Policy
• Director’s Commitment Agreement

CHANGES TO THE AGENDA

Changes to the agenda - unless otherwise prohibited by anti-trust or competition laws - including adding, altering, or tabling of motions is permitted by following Roberts Rules of Order (RONR 12th Ed) 41:63, which requires an affirmative two-thirds vote.

APPROVAL OF MINUTES

• Previous Meeting Minutes - May 2023

PRE-READING MATERIAL

• Executive Director Board Summary
• Finance Board Narrative
• Finance Board Package

NEW BUSINESS

Project Funding Discussion

The Project Committee wishes to speak to the Board about the current funding model, and how to better support projects.

OWASP Enterprise Advisory Report Discussion

A discussion on the OWASP Enterprise Advisory Report, and how to better support existing and new corporate members.

Diversity / Outreach Committee Discussion

The Diversity and Outreach Committee have not yet had a formal charter approved. A discussion on whether the Board should resume their duties until such time as a new charter is finalized.

Compliance Committee Discussion

After many years, Fiona Collins has stepped down as the Compliance Committee Chair. The Board will need to discuss options for the compliance committee, to ensure independence of operation in perception and actuality.

Motion to Simplify Startup corporate supporter

Background The OWASP Foundation would like to simplify the startup level to better reflect the costs involved.

The following changes are proposed:

• Extend the startup duration to 3 years to take COVID into account, and allow firms one extra year to become profitable before becoming standard members
• Fees to remain at $2000 per year for any startup, anywhere in the world
• Remove the $800 regional startup level as this is unprofitable as it currently stands
• Remove the monthly social media benefit to just be a once off thank you
• Remove the trademark license benefit

The reality is that we are starting to get a lot more startups and we need to streamline the offering and provide a reason to go to the full level, but also give startups an additional year to become profitable.

Motion: “Resolved, that the cutoff for the Startup Corporate Supporter level be changed to 3 years, the fees to remain at $2000 per year for any startup anywhere in the world, remove the $800 regional startup level, remove the monthly social media benefit, and remove the trademark license benefit.”

Sponsor: Grant Ongers Second: Bil Corry

Bil - Yes Avi - Yes Glenn - Yes Louis - Yes Vandana - Yes Grant - Yes Matt - Yes

PASSES 7-0

Motion to repeal a Project Summit Operational Vote

Background The OWASP Foundation would like to have a 2017 Board vote repealed as the motion is operational in nature, and prevents innovation and experimentation around the Project Summit model, location, and timing. For example, we would like to support regional or standalone summits, and run them with a variety of formats, including hack-a-thons, work-a-thons, and more.

The request is to repeal the following vote:

2017-09-19 Motion: All OWASP Summits are to be attached to an AppSec event and managed as a global event. Tom Brennan motions, Andrew van der Stock, seconds.. Pass: 5-1. In Favor: 5 (Tom Brennan, Andrew van der Stock, Michael Coates, Josh Sokol and Matt Konda) Against: 1 (Martin Knobloch).

The 2017 motion ties the hands of the Foundation and volunteers, and we would like to repeal it. This does not mean no more Project Summits at Global Events, it just means that funding would be allocated at the start of the year by the Board. The Foundation - in consultation with the community - will decide on how best to hold them as an operational matter.

Motion: “Resolved, that 2017-09-17 Board decision on attaching Summits to an AppSec event is repealed, effective immediately.”

Sponsor: Avi Douglen Second: Grant Ongers

Bil - Yes Avi - Yes Glenn - Yes Louis - Yes Vandana - Yes Grant - Yes Matt - Yes

PASSES 7-0

Executive Session

Meeting Details

• Date: 27 June 2023
• Time: 1 PM US Eastern, UTC 1700 convert
• Location: Remote

COMMENTS, ANNOUNCEMENTS, AND OTHER BUSINESS

ADJOURNMENT

Adjournment motion

The next general Board meeting is on 25 July 2023, at 12 pm US Eastern Time.

• July 2023

“It is moved, and seconded to adjourn. Those in favor, say “aye””

Sponsor: Grant Ongers Second: Vandana Verma