August 2023 Agenda/Minutes

Meeting Details

  • Date: 22 August 2023
  • Time: 12PM US Eastern, UTC 1600 convert
  • Location: Remote
  • Meeting Recording: Recording

Agenda

CALL TO ORDER

Board Members

  • Vandana Verma Sehgal
  • Grant Ongers
  • Avi Douglen
  • Glenn ten Cate
  • Matt Tesauro
  • Bil Corry
  • Ricardo Griffith

Guests

  • Andrew van der Stock
  • Shelby Graham
  • Dawn Aitken
  • Harold Blankenship
  • Kelly Santalucia
  • Lauren Thomas

CONFLICT OF INTEREST AND ANTI-TRUST STATEMENT

As the Board consists of individuals from many competing organizations, OWASP and its Board shall abide by all applicable anti-trust and competition laws. To avoid any perceived or actual conflict of interest, or anti-trust concerns under US federal, state, or regulations, only the published agenda shall be discussed or voted upon, or amended as below. If there are any conflicts of interest, Board members are expected to disclose the conflict of interest and must recuse themselves from discussion and voting.

CHANGES TO THE AGENDA

Changes to the agenda - unless otherwise prohibited by anti-trust or competition laws - including adding, altering, or tabling of motions is permitted by following Roberts Rules of Order (RONR 12th Ed) 41:63, which requires an affirmative two-thirds vote.

Avi Douglen raised a Point of Order to add an agenda item to the meeting.

Motion: Add the agenda item “Conflict of Interest and Censure of Glenn ten Cate” to this meeting agenda Sponsor: Avi Douglen Seconded: Ricardo Griffith

Vote:

  • Vandana Verma Sehgal- Yes
  • Bil Corry - Yes
  • Avi Douglen - Yes
  • Matt Tesauro - Yes
  • Ricardo Griffith - Yes
  • Grant Ongers - Yes

Passed: 6-0

APPROVAL OF MINUTES

Vote:

  • Vandana Verma Sehgal- Yes
  • Bil Corry - Yes
  • Avi Douglen - Yes
  • Matt Tesauro - Yes
  • Ricardo Griffith - Yes
  • Grant Ongers - Yes
  • Glen ten Cate - Yes

Passed: 7-0

PRE-READING MATERIAL

REPORTS

Staff reports

  • Executive Director
  • Finance
  • Operations - see Board Summary
  • Chapters and Membership - see Board Summary
  • Projects and Technology - see Board Summary
  • Events and Corporate Support - see Board Summary

NEW BUSINESS

Conflict of Interest and Censure of Glenn ten Cate

Motion “That the OWASP Global Board officially reprimands and censures Glenn Ten Cate for this failure to disclose a conflict of interest when discussing matters concerning projects potentially moving to the Linux Foundation and for failing to disclose his own relationship with the LF as a paid employee.” Sponsor: Avi Douglen Seconded: Grant Ongers

Vote:

  • Avi Douglen - yes
  • Glen ten Cate - abstain
  • Bil Corry - yes
  • Ricardo Griffith - yes
  • Matt Tesauro - yes
  • Vandana Verma Sehgal - no
  • Grant Ongers - yes

Passed: 5-1

Discussion on the bylaws

Background Update from Andrew van der Stock on the state of the new bylaws.

Discussion on the state of Projects

Background With the recent formation of the Software Security Project, and the migration of multiple OWASP projects to the Software Security Project and the Linux Foundation, there is a need to discuss the state of projects, and how to better support them.

Discussion on Developer Outreach / Black Hat / Defcon

Background Volunteers wish to run the DefCon booth in 2024. A short update on Black Hat / Defcon, along with some post event recommendations. The main issue is the lack of developer outreach, and the make up of conferences OWASP should attend versus what we have traditionally attended.

Motion: Table for the in-preson board meeting in September. Sponsor: Grant Ongers Second: Avi Douglen

Vote:

  • Avi Douglen - Yes
  • Matt Tesauro - Yes
  • Ricardo Griffith - Yes
  • Glen ten Cate - Yes
  • Bil Corry - Yes
  • Vandana Verma Sehgal - Yes
  • Grant Ongers - Yes

Passed: 7-0

Reforming the Diversity Committee

Background The Diversity Committee voted to dissolve and join forces with the Outreach Committee in September 2022, but no new Charter was received by the Board to approve, so the new Committees never came into effect. The Outreach and Diversity Committee was formally dissolved by the Board in June 2023. However, there is still a need for a Diversity Committee. This is a discussion to reform the Diversity Committee, and any necessary reforms to make it possible.

Discussion:

  • Avi called upon his fellow board members to help find people to run the committee

Motion to strengthen the diversity of the Board and protect it’s independence

Background The context is that it would not be impossible (or particularly difficult/expensive) to fund an overwhelming number of paid OWASP members to effectively “take over” the board at the next election.This might be done by corporate interests, self-interested parties, malicious actors, etc. And once that happens, they would be able to unilaterally (via their board proxies) change policies, remove term limits, fundamentally change how the organization works, etc.

Finalized motions will be run by legal advice prior to adoption.

First motion would be requiring a supermajority (or unanimous vote?) for certain changes – I think anything on the structure of the BoD (term limits, requirements, independence, etc), as well as overturning previous Board decisions. This would make it harder to immediately cause substantial and lasting damage.

Second motion: preventing multiple board members from any single company/entity, and to increase diversity of representation.

In particular: “Resolved, no two Directors may serve on the Board of Directors while employed at the same company, corporation, or other employer. No two Directors may serve on the Board of Directors while associated with the same external organization, project, or chapter.

In the event of a second Director being elected while in conflict of this Resolution, the Director will not be permitted to take office while in conflict. In the event a Director changes their association whilst serving in office and becomes a conflict, they will be required to resign from their position on the Board of Directors as long as they are in conflict with this Resolution.”

Discussion:

  • Much discussion on this topic occured and will be continued during the September in-person meeting.

COMMENTS, ANNOUNCEMENTS, AND OTHER BUSINESS

ADJOURNMENT

Adjournment motion

The next general Board meeting is on 26 September 2023, at 12 pm US Eastern Time.

“It is moved, and seconded to adjourn. Those in favor, say “aye””

Sponsor: Grant Ongers Second: Matt Tesauro