2019 - What question would you like to ask the candidates in the OWASP Global Board election?

[hblankenship]

Please post your questions as comments to this issue. For questions you like, you can 'upvote' them by clicking the 'thumbs up' icon. This call or questions will begin on July 3rd, 2019 and end on July 31st, 2019.

Please submit only one question per comment so that the individual questions may be upvoted.

[anantshri]

anyone re applying for elections can we get a clarification on what they aimed to achieve and how much of it they actually ended up achieving. We always ask questions before never after. How about asking this as an optional question specially for those applying for reelection.

[omerlh]

What are the 3 biggest challenge you think OWASP is facing and how do you think we can solve them?

[andylew-github]

What is the number one thing to get achieved this year? Why?

[smhabdoli]

1. What are your visions for the Future of OWASP and how do you think it will improve the lives of people?
2. What problems does OWASP currently address and What should OWASP address in future?
3. What are the important characteristics of OWASP that make it a good / better choice? How would you improve those aspects?
4. Define an ideal schedule for OWASP meetups and why does that appeal to you?
5. What are the things you want to see in meetups and why do you think they are beneficial to the group?
6. How are you going to influence the team mood and experience of others?
7. Are you a creative open-minded solution seeker, or a minimalist who avoids taking chances?
8. How committed are you going to be to your role and how much effort are you going to put in to make sure things improve?
9. How are you going to communicate your ideas with others?
10. How decisive are you, and are you able to make touch choices in short amounts of time?

[thombrem]

1. Why do you want this job?
2. Do you REALLY think you can make a difference, and why you?
3. What code of ETHICS do you prescribe to?
4. Are you guilty of Ethical violations in the past?
5. Are there any open accusations or prosecutions against you either in a court of law or other bodies?
6. What programs would you run in INDIA to improve the visibility of OWASP and OWASP tools in the future, in addition to the current chapters?

[thombrem]

7. What tools would you be investing energies in?
8. What programs would you do away with?
9. Do you have a trustworthy TEAM or PANEL that you belong to?

[appsecwarriors]

What are your Intrest and passion? What is the difference between Ego and Attitude? How do you Implement your idea? Why you wanna join us? What do you know about us? How do you spread security importance in society?

[zbraiterman]

Describe your view of the optimal combination of technical, community and organizational development knowledge and experience that an OWASP Board members should hold. Explain why the combination is optimal, and provide some examples that prove that you possess such knowledge and experience.

[shehackspurple]

How do you hope/plan to improve OWASP's financial situation?

[shehackspurple]

How do you hope/plan to improve OWASP's community? We have had some angry chapters, projects and community members, how do you hope/plan to improve community relations and relationships?

[shehackspurple]

How do you hope/plan to improve OWASP's reputation within our industry? In the past we have had what some would call "drama" and others would call "unprofessional situations" that have damaged our reputation. How do you hope/plan to improve our reputation?

[shehackspurple]

How to you hope/plan to draw a more diverse group of newcomers to OWASP? Women, people of colour, non-binary, students, second-career, LGBT, people with disabilities, and other groups that are under represented both in our industry and in our community. How do you hope/plan to attract them to our community, events, foundation, projects and chapters?

[shehackspurple]

How do you hope/plan to improve the AppSec Global events? Do you feel they need improving?

[shehackspurple]

How do you hope/plan to better support and encourage the OWASP projects?

[shehackspurple]

How do you hope/plan to better support and encourage the OWASP chapters?

[shehackspurple]

How do you hope/plan to better support, train and encourage the OWASP staff?

[shehackspurple]

What is your main motivation to run for the OWASP Board of Directors? Any answer is a valid answer. Thank you for running.

[shehackspurple]

Many say the "O" in OWASP stands for "Open", and that we must remain "open" at all costs. In the past this has resulted in allowing known-bullies to persist within our community. Do you feel that remaining "open" is more/less/equally important to ensuring a safe, respectful and harassment free community? And why. This is my most important question.

[colesmj]

Currently the "W" in OWASP stands for "Web", yet the organization has supported non-web security projects for many years now. While it is rare I'm sure there are some who look at OWASP as intruding into areas for which they are not chartered. Dropping the W is not practically for many reasons, and replacing "W" with "G" (for General) would be awkward - OGASP... How might you as a board member align the brand image and/or mission of the organization with its actual functional and financial efforts? Alternately, would you wish to take the organization back to its roots and divest of projects unrelated to web-based application security?

[jomonthomaslobo]

Whats your view on GDPR and Government censorship ?

[anantshri]

Given the cash/funding situation. If you have to choose between running chapters, funding projects or doing more appsec (global or regional) conferences. what would you focus more on.

[webdevguy32]

In an ever-growing field of security domain silos, how will you guide and differentiate OWASP?

How will you help grow knowledge transfer for the members of OWASP?

[kingthorin]

What do you plan to do to promote and support project contribution? (Both work effort from the community and financially from OWASP/sponsors.)

Edit: basically a duplicate of @SheHacksPurple's question vote that one up :+1:

[kingthorin]

How do you plan to encourage contribution to existing projects vs. people simply creating more and more projects?

[kingthorin]

How do you plan to ensure that project "leaders" are actually sufficiently involved and productive with the projects (or put another way: actually leading)?

[siebzehn-17]

Recently, Senator Richard Blumenthal (D-CT) asked General Mark Milley during his nomination hearing for Chairman of Joint Chiefs of Staff, what "set of criteria would define and constitute an Act of War" with regard to the realm of cybersecurity. Should the U.S. government rely solely on a military response setforth by the Congress without holding a public hearing, or, should only the President declare military action against the threat, or, should the burden of proof to confirm reason to commit to war be delivered unanimously by all active intelligence agencies?

[righettod]

Which experience of your current or past personal/pro life will give you the expected technical+management skills to leading the OWASP foundation?

[righettod]

What you will do concretely to get out political action/battle from the foundation?

[righettod]

What you will do concretely to ensure that focus will be set on projects content delivery/productivity and stop endless debate?

[righettod]

What you will do concretely to ensure that OWASP projects (like the Top 10 for example) will not be abused by product vendors to sell software surfing on the OWASP images/reputation?

[Abdelkrim]

what do you miss to peform your duties?

[zbraiterman]

What do you see as some of the greatest value opportunities of OWASP committees to OWASP (both currently existing and new)? How would you, as an OWASP Board member, benefit from sharing some of the responsibilities and decision-making processes (and decision rights) from new committee opportunities? See OWASP Committees 2.0 governance model, as follows: https://www.owasp.org/index.php/Governance/OWASP_Committees

[zbraiterman]

How would you personally define “diversity”, and its significance for the sustainable development of industry best practices, as well as the OWASP Foundation and community?

[RG-OWASP]

What type of experience do you have running an organization, chapter, or being on a management committee that has responsibilities? In other words, what makes you qualified to be a board member?

[zbraiterman]

In your opinion, how do OWASP AppSec ticket sponsorships (diversity and other first-time attendees) add the OWASP community and ecosystem?

[zbraiterman]

In what ways would you, as an OWASP Board member, support currently existing diversity initiatives led by volunteers within the community? Some examples:

• OWASP Women in AppSec Committee: https://www.owasp.org/index.php/Women_In_AppSec
• DefCon / hacker community outreach: https://www.owasp.org/index.php/Staff-Projects/DefCon_27_Event#Goals
• OWASP Community Docs: https://github.com/OWASP/community-docs

[zbraiterman]

What are some important new ways that long-standing OWASP community members can contribute to diversity and inclusion efforts, and how would you, as an OWASP Board member, support them?

[jmanico]

How to you hope/plan to draw a more diverse group of newcomers to OWASP? Women, people of colour, non-binary, students, second-career, LGBT, people with disabilities, and other groups that are under represented both in our industry and in our community. How do you hope/plan to attract them to our community, events, foundation, projects and chapters?

While this is a good question, I think it ignores the massive diversity and inclusion efforts already underway at OWASP.

[jmanico]

How do you plan the handle massive stress, time and responsibility of being an OWASP Board member on top of your other professional duties? How many hours a week do you plan to dedicate specifically to the role of OWASP board member?

[Jaggermeist3r]

Which region has the lowest membership penetration rate per capita and what are you plans to drive the numbers?

[siebzehn-17]

Interesting. Perhaps addressing lowest regional OWASP membership numbers could also lubricate the "development of industry best practices" in its attempt to sponsor a more "diverse community".

[Mcford-cn]

Do you think there's an increasing trend toward management than technology, resulting in Docs getting shallower?

[Shrutirupa]

How do you think you will help younger generation to contribute towards Appsec Community? and what platform would you create for such generations as many younger people are after bounty and money but not into actual learning the fundamentals of Appsec. Also how do you propose to spread awareness of secure development and deployment to the young developers out there?