Thanks as always for the insightful input, Jeff! A lot of this I definitely agree with, and other excellent discussion points as well. Of course projects are a huge part of OWASP - but also not the only part, e.g. chapters, education, guidance, etc. Lots to talk about!

Chapters are great. Education and guidance are projects….unless you mean paid training (which I’m suggesting doesn’t match well with OWASP values or mission). I want an OWASP that is squarely focused on ideas that have a chance to change the trajectory of app/API security.

Thanks Jeff. Your two suggestions, boost fundraising and recruit new projects, fall into two committees, Funding (new) and Projects. Maybe you can bring your ideas and join one or both of those committees?

My suggestions can’t be implemented by committees. These are board level strategic decisions about the way OWASP works.

Are these strategic decisions a motion we pass? Or something else?

If I was on the board, I’d want a 3 year strategic plan detailing how OWASP achieves the mission and thrives. It’s not about the formalities. The board should be thinking, writing, asking, arguing, synthesizing, analyzing, creating….and ultimately agreeing and committing.

We just finished our strategic meetings where we did just that. Not a 3-year plan, but rather a reorganization around our core services. Write-ups are coming in the near future about the outcome.

Does the new structure include an experienced fundraising team?

To be determined by the new funding committee. We discussed getting an experienced grant writer.

Honestly it sounds like business as usual. I hope the board is hearing the pleas for real change from folks that care. Again, thanks for all you and the board do.