OWASP - User contributions [en]

OWASP Classic ASP Security Project - Assessment Frame

2009-04-24T06:41:35Z

Kisero:

[[:Classic ASP Security Project|Click here to return to project's main page]].
{| style="width:100%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white"|'''PROJECT IDENTIFICATION'''
|-
| style="width:15%; background:#7B8ABD" align="center"|'''Project Name'''
| colspan="1" style="width:85%; background:#cccccc" align="left"|'''OWASP Classic ASP Security Project'''
|}
{| style="width:100%" border="0" align="center"
! colspan="5" align="center" style="background:#4058A0; color:white"|ASSESSMENT AND REVIEW PROCESS - OWASP Summer of Code 2008
|-
| style="width:15%; background:#6C82B5" align="center"|'''Review/Reviewer'''
| style="width:21%; background:#b3b3b3" align="center"|'''Author's Self Evaluation''' [[User:Jcmax|'''Juan Carlos Calderon''']]
| style="width:21%; background:#b3b3b3" align="center"|'''First Reviewer''' [[User:Kisero|'''Esteban Ribičić''']]
| style="width:21%; background:#b3b3b3" align="center"|'''Second Reviewer''' [[User:Aandreu|'''Andres Andreu''']]
| style="width:22%; background:#b3b3b3" align="center"|'''OWASP Board Member''' (applicable just for Release Quality)
|-
{| style="width:100%" border="0" align="center"
! colspan="5" align="center" style="background:#4058A0; color:white"|ASSESSMENT AND REVIEW PROCESS
|-
| style="width:15%; background:#6C82B5" align="center"|'''Review/Reviewer'''
| style="width:21%; background:#b3b3b3" align="center"|'''Author's Self Evaluation''' (applicable for Alpha Quality & further)
| style="width:21%; background:#b3b3b3" align="center"|'''First Reviewer''' (applicable for Alpha Quality & further)
| style="width:21%; background:#b3b3b3" align="center"|'''Second Reviewer''' (applicable for Beta Quality & further)
| style="width:22%; background:#b3b3b3" align="center"|'''OWASP Board Member''' (applicable just for Release Quality)
|-
| style="width:15%; background:#7B8ABD" align="center"|'''50% Review'''
| style="width:21%; background:#C2C2C2" align="center"|Objectives & Deliveries reached? '''Yes''' --------- [[Project Information:template Classic ASP Security Project - 50 Review - Self Evaluation - A|Self-Evaluation (A)]]
| style="width:21%; background:#C2C2C2" align="center"|Objectives & Deliveries reached? '''Yes''' --------- [[Project Information:template Classic ASP Security Project - 50 Review - First Reviewer - C|First Reviewer (C)]]
| style="width:21%; background:#C2C2C2" align="center"|Objectives & Deliveries reached? '''Yes''' --------- [[Project Information:template Classic ASP Security Project 50 Review Second Review E|Second Reviewer (E)]]
| style="width:22%; background:#C2C2C2" align="center"|X
|-
| style="width:15%; background:#7B8ABD" align="center"|'''Final Review'''
| style="width:21%; background:#C2C2C2" align="center"|Objectives & Deliveries reached? '''Yes''' --------- Which status has been reached? '''Alpha Quality''' --------- [[Project Information:template Classic ASP Security Project - Final Review - Self Evaluation - B|Self-Evaluation (B)]]
| style="width:21%; background:#C2C2C2" align="center"|Objectives & Deliveries reached? '''Yes''' --------- Which status has been reached? '''Alpha Quality''' --------- [[Project Information:template Classic ASP Security Project - Final Review - First Reviewer - D|First Reviewer (D)]]
| style="width:21%; background:#C2C2C2" align="center"|Objectives & Deliveries reached? '''Yes''' --------- Which status has been reached? '''Season of Code - (To update)''' - --------- [[Project Information:template Classic ASP Security Project - Final Review - Second Reviewer - F|Second Reviewer (F)]]
| style="width:22%; background:#C2C2C2" align="center"|X
|-
|}

OWASP Classic ASP Security Project - Assessment Frame

2009-04-24T06:40:53Z

Kisero:

[[:Classic ASP Security Project|Click here to return to project's main page]].
{| style="width:100%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white"|'''PROJECT IDENTIFICATION'''
|-
| style="width:15%; background:#7B8ABD" align="center"|'''Project Name'''
| colspan="1" style="width:85%; background:#cccccc" align="left"|'''OWASP Classic ASP Security Project'''
|}
{| style="width:100%" border="0" align="center"
! colspan="5" align="center" style="background:#4058A0; color:white"|ASSESSMENT AND REVIEW PROCESS - OWASP Summer of Code 2008
|-
| style="width:15%; background:#6C82B5" align="center"|'''Review/Reviewer'''
| style="width:21%; background:#b3b3b3" align="center"|'''Author's Self Evaluation''' [[User:Jcmax|'''Juan Carlos Calderon''']]
| style="width:21%; background:#b3b3b3" align="center"|'''First Reviewer''' [[User:Kisero|'''Esteban Ribičić''']]
| style="width:21%; background:#b3b3b3" align="center"|'''Second Reviewer''' [[User:Aandreu|'''Andres Andreu''']]
| style="width:22%; background:#b3b3b3" align="center"|'''OWASP Board Member''' (applicable just for Release Quality)
|-
{| style="width:100%" border="0" align="center"
! colspan="5" align="center" style="background:#4058A0; color:white"|ASSESSMENT AND REVIEW PROCESS
|-
| style="width:15%; background:#6C82B5" align="center"|'''Review/Reviewer'''
| style="width:21%; background:#b3b3b3" align="center"|'''Author's Self Evaluation''' (applicable for Alpha Quality & further)
| style="width:21%; background:#b3b3b3" align="center"|'''First Reviewer''' (applicable for Alpha Quality & further)
| style="width:21%; background:#b3b3b3" align="center"|'''Second Reviewer''' (applicable for Beta Quality & further)
| style="width:22%; background:#b3b3b3" align="center"|'''OWASP Board Member''' (applicable just for Release Quality)
|-
| style="width:15%; background:#7B8ABD" align="center"|'''50% Review'''
| style="width:21%; background:#C2C2C2" align="center"|Objectives & Deliveries reached? '''Yes''' --------- [[Project Information:template Classic ASP Security Project - 50 Review - Self Evaluation - A|Self-Evaluation (A)]]
| style="width:21%; background:#C2C2C2" align="center"|Objectives & Deliveries reached? '''Yes''' --------- [[Project Information:template Classic ASP Security Project - 50 Review - First Reviewer - C|First Reviewer (C)]]
| style="width:21%; background:#C2C2C2" align="center"|Objectives & Deliveries reached? '''Yes''' --------- [[Project Information:template Classic ASP Security Project 50 Review Second Review E|Second Reviewer (E)]]
| style="width:22%; background:#C2C2C2" align="center"|X
|-
| style="width:15%; background:#7B8ABD" align="center"|'''Final Review'''
| style="width:21%; background:#C2C2C2" align="center"|Objectives & Deliveries reached? '''Yes''' --------- Which status has been reached? '''Alpha Quality''' --------- [[Project Information:template Classic ASP Security Project - Final Review - Self Evaluation - B|Self-Evaluation (B)]]
| style="width:21%; background:#C2C2C2" align="center"|Objectives & Deliveries reached? '''Yes''' --------- Which status has been reached? '''Season of Code''' - (To update) --------- [[Project Information:template Classic ASP Security Project - Final Review - First Reviewer - D|First Reviewer (D)]]
| style="width:21%; background:#C2C2C2" align="center"|Objectives & Deliveries reached? '''Yes''' --------- Which status has been reached? '''Alpha Quality''' - --------- [[Project Information:template Classic ASP Security Project - Final Review - Second Reviewer - F|Second Reviewer (F)]]
| style="width:22%; background:#C2C2C2" align="center"|X
|-
|}

OWASP Classic ASP Security Project - Assessment Frame

2009-04-24T06:38:24Z

Kisero:

[[:Classic ASP Security Project|Click here to return to project's main page]].
{| style="width:100%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white"|'''PROJECT IDENTIFICATION'''
|-
| style="width:15%; background:#7B8ABD" align="center"|'''Project Name'''
| colspan="1" style="width:85%; background:#cccccc" align="left"|'''OWASP Classic ASP Security Project'''
|}
{| style="width:100%" border="0" align="center"
! colspan="5" align="center" style="background:#4058A0; color:white"|ASSESSMENT AND REVIEW PROCESS - OWASP Summer of Code 2008
|-
| style="width:15%; background:#6C82B5" align="center"|'''Review/Reviewer'''
| style="width:21%; background:#b3b3b3" align="center"|'''Author's Self Evaluation''' [[User:Jcmax|'''Juan Carlos Calderon''']]
| style="width:21%; background:#b3b3b3" align="center"|'''First Reviewer''' [[User:Kisero|'''Esteban Ribičić''']]
| style="width:21%; background:#b3b3b3" align="center"|'''Second Reviewer''' [[User:Aandreu|'''Andres Andreu''']]
| style="width:22%; background:#b3b3b3" align="center"|'''OWASP Board Member''' (applicable just for Release Quality)
|-
{| style="width:100%" border="0" align="center"
! colspan="5" align="center" style="background:#4058A0; color:white"|ASSESSMENT AND REVIEW PROCESS
|-
| style="width:15%; background:#6C82B5" align="center"|'''Review/Reviewer'''
| style="width:21%; background:#b3b3b3" align="center"|'''Author's Self Evaluation''' (applicable for Alpha Quality & further)
| style="width:21%; background:#b3b3b3" align="center"|'''First Reviewer''' (applicable for Alpha Quality & further)
| style="width:21%; background:#b3b3b3" align="center"|'''Second Reviewer''' (applicable for Beta Quality & further)
| style="width:22%; background:#b3b3b3" align="center"|'''OWASP Board Member''' (applicable just for Release Quality)
|-
| style="width:15%; background:#7B8ABD" align="center"|'''50% Review'''
| style="width:21%; background:#C2C2C2" align="center"|Objectives & Deliveries reached? '''Yes''' --------- [[Project Information:template Classic ASP Security Project - 50 Review - Self Evaluation - A|Self-Evaluation (A)]]
| style="width:21%; background:#C2C2C2" align="center"|Objectives & Deliveries reached? '''Yes''' --------- [[Project Information:template Classic ASP Security Project - 50 Review - First Reviewer - C|First Reviewer (C)]]
| style="width:21%; background:#C2C2C2" align="center"|Objectives & Deliveries reached? '''Yes''' --------- [[Project Information:template Classic ASP Security Project 50 Review Second Review E|Second Reviewer (E)]]
| style="width:22%; background:#C2C2C2" align="center"|X
|-
| style="width:15%; background:#7B8ABD" align="center"|'''Final Review'''
| style="width:21%; background:#C2C2C2" align="center"|Objectives & Deliveries reached? '''Yes''' --------- Which status has been reached? '''Alpha Quality''' --------- [[Project Information:template Classic ASP Security Project - Final Review - Self Evaluation - B|Self-Evaluation (B)]]
| style="width:21%; background:#C2C2C2" align="center"|Objectives & Deliveries reached? '''Yes''' --------- Which status has been reached? '''Season of Code''' - (To update) --------- [[Project Information:template Classic ASP Security Project - Final Review - First Reviewer - D|First Reviewer (D)]]
| style="width:21%; background:#C2C2C2" align="center"|Objectives & Deliveries reached? '''Yes''' --------- Which status has been reached? '''Season of Code''' - (To update) --------- [[Project Information:template Classic ASP Security Project - Final Review - Second Reviewer - F|Second Reviewer (F)]]
| style="width:22%; background:#C2C2C2" align="center"|X
|-
|}

Project Information:template Classic ASP Security Project - Final Review - First Reviewer - D

2009-04-17T14:41:13Z

Kisero:

[[Project Information:template Classic ASP Security Project|Clik here to return to the previous page]].

{| style="width:100%" border="0" align="center"
! colspan="3" align="center" style="background:#4058A0; color:white"|'''FINAL REVIEW'''
|-
| style="width:25%; background:white" align="center"|'''PART I'''
| colspan="2" style="width:75%; background:white" align="left"|
|-
| style="width:25%; background:#7B8ABD" align="center"|
Project Deliveries & Objectives
| colspan="2" style="width:75%; background:#cccccc" align="left"|
[[OWASP Summer of Code 2008 Applications#OWASP Classic ASP Security Project|OWASP Classic ASP Security Project's Deliveries & Objectives]]
|-
| style="width:25%; background:#4058A0" align="center"|'''QUESTIONS'''
| colspan="2" style="width:75%; background:#4058A0" align="left"|'''ANSWERS'''
|-
| style="width:25%; background:#7B8ABD" align="center"|
1. At what extent have the project deliveries & objectives been accomplished? Having in consideration [[OWASP Summer of Code 2008 Applications#OWASP Classic ASP Security Project|'''the assumed ones''']], please exemplify writing down those of them that haven't been realised.
| colspan="2" style="width:75%; background:#cccccc" align="left"|Looks like all objectives have been meet (documents seems there and some of them were even tested), i was unable to test all of them in deep in order to verify full functionality. I dont have the full platform needed to test it at this point in time.
|-
| style="width:25%; background:#7B8ABD" align="center"|
2. At what extent have the project deliveries & objectives been accomplished? Having in consideration [[OWASP Summer of Code 2008 Applications#OWASP Classic ASP Security Project|'''the assumed ones''']], please quantify in terms of percentage.
| colspan="2" style="width:75%; background:#cccccc" align="left"| The tool itself looks like on the right path, altough as the author mentions it's not ready to be deployed.
|-
| style="width:25%; background:#7B8ABD" align="center"|
3. Please do use the right hand side column to provide advice and make work suggestions.
| colspan="2" style="width:75%; background:#cccccc" align="left"| Documentation (user manual and installation tool) would be a big step to jump into a proper Beta release. I hope Juan can find some help out there to finish this good looking project!
|-
| style="width:25%; background:white" align="center"|'''PART II'''
| colspan="2" style="width:75%; background:white" align="left"|
|-
| style="width:25%; background:#7B8ABD" align="center"|
Assessment Criteria
| colspan="2" style="width:75%; background:#cccccc" align="left"|
[[:Category:OWASP Project Assessment|OWASP Project Assessment Criteria]]
|-
| style="width:25%; background:#4058A0" align="center"|'''QUESTIONS'''
| colspan="2" style="width:75%; background:#4058A0" align="left"|'''ANSWERS'''
|-
| style="width:25%; background:#7B8ABD" align="center"|
1. Having into consideration the [[:Category:OWASP Project Assessment|OWASP Project Assessment Methodology]] which criteria, if any, haven’t been fulfilled in terms of '''Alpha Quality''' status?
| colspan="2" style="width:75%; background:#cccccc" align="left"| The repository in google, the rest seems done (although not in deep level of detail)
|-
| style="width:25%; background:#7B8ABD" align="center"|
2. Having into consideration the [[:Category:OWASP Project Assessment|OWASP Project Assessment Methodology]] which criteria, if any, haven’t been fulfilled in terms of '''Beta Quality''' status?
| colspan="2" style="width:75%; background:#cccccc" align="left"| More work is needed to achieve beta quality. It would look to me, documentation is minimum and could be a bit more elaborated, gaining pretty much of a beta quality (installer are not applicable on this tool).
|-
| style="width:25%; background:#7B8ABD" align="center"|
3. Having into consideration the [[:Category:OWASP Project Assessment|OWASP Project Assessment Methodology]] which criteria, if any, haven’t been fulfilled in terms of '''Release Quality''' status?
| colspan="2" style="width:75%; background:#cccccc" align="left"| N/A since Beta has not been reached.
|-
| style="width:25%; background:#7B8ABD" align="center"|
4. Please do use the right hand side column to provide advice and make work suggestions.
| colspan="2" style="width:75%; background:#cccccc" align="left"| My suggestion is to try to find people who would like to work on the project, since it's not much what is missing to finalize it.
|}

Project Information:template Classic ASP Security Project - Final Review - First Reviewer - D

2009-04-17T14:40:46Z

Kisero:

[[Project Information:template Classic ASP Security Project|Clik here to return to the previous page]].

{| style="width:100%" border="0" align="center"
! colspan="3" align="center" style="background:#4058A0; color:white"|'''FINAL REVIEW'''
|-
| style="width:25%; background:white" align="center"|'''PART I'''
| colspan="2" style="width:75%; background:white" align="left"|
|-
| style="width:25%; background:#7B8ABD" align="center"|
Project Deliveries & Objectives
| colspan="2" style="width:75%; background:#cccccc" align="left"|
[[OWASP Summer of Code 2008 Applications#OWASP Classic ASP Security Project|OWASP Classic ASP Security Project's Deliveries & Objectives]]
|-
| style="width:25%; background:#4058A0" align="center"|'''QUESTIONS'''
| colspan="2" style="width:75%; background:#4058A0" align="left"|'''ANSWERS'''
|-
| style="width:25%; background:#7B8ABD" align="center"|
1. At what extent have the project deliveries & objectives been accomplished? Having in consideration [[OWASP Summer of Code 2008 Applications#OWASP Classic ASP Security Project|'''the assumed ones''']], please exemplify writing down those of them that haven't been realised.
| colspan="2" style="width:75%; background:#cccccc" align="left"|Looks like all objectives have been meet (documents seems there and some of them were even tested), i was unable to test all of them in deep in order to verify full functionality. I dont have the full platform needed to test it at this point in time.
|-
| style="width:25%; background:#7B8ABD" align="center"|
2. At what extent have the project deliveries & objectives been accomplished? Having in consideration [[OWASP Summer of Code 2008 Applications#OWASP Classic ASP Security Project|'''the assumed ones''']], please quantify in terms of percentage.
| colspan="2" style="width:75%; background:#cccccc" align="left"| The tool itself looks like on the right path, altough as the author mentions it's not ready to be deployed. Documentation (user manual and installation tool) would be a big step to jump into a proper Beta release. I hope Juan can find some help out there to finish this good looking project!
|-
| style="width:25%; background:#7B8ABD" align="center"|
3. Please do use the right hand side column to provide advice and make work suggestions.
| colspan="2" style="width:75%; background:#cccccc" align="left"|
|-
| style="width:25%; background:white" align="center"|'''PART II'''
| colspan="2" style="width:75%; background:white" align="left"|
|-
| style="width:25%; background:#7B8ABD" align="center"|
Assessment Criteria
| colspan="2" style="width:75%; background:#cccccc" align="left"|
[[:Category:OWASP Project Assessment|OWASP Project Assessment Criteria]]
|-
| style="width:25%; background:#4058A0" align="center"|'''QUESTIONS'''
| colspan="2" style="width:75%; background:#4058A0" align="left"|'''ANSWERS'''
|-
| style="width:25%; background:#7B8ABD" align="center"|
1. Having into consideration the [[:Category:OWASP Project Assessment|OWASP Project Assessment Methodology]] which criteria, if any, haven’t been fulfilled in terms of '''Alpha Quality''' status?
| colspan="2" style="width:75%; background:#cccccc" align="left"| The repository in google, the rest seems done (although not in deep level of detail)
|-
| style="width:25%; background:#7B8ABD" align="center"|
2. Having into consideration the [[:Category:OWASP Project Assessment|OWASP Project Assessment Methodology]] which criteria, if any, haven’t been fulfilled in terms of '''Beta Quality''' status?
| colspan="2" style="width:75%; background:#cccccc" align="left"| More work is needed to achieve beta quality. It would look to me, documentation is minimum and could be a bit more elaborated, gaining pretty much of a beta quality (installer are not applicable on this tool).
|-
| style="width:25%; background:#7B8ABD" align="center"|
3. Having into consideration the [[:Category:OWASP Project Assessment|OWASP Project Assessment Methodology]] which criteria, if any, haven’t been fulfilled in terms of '''Release Quality''' status?
| colspan="2" style="width:75%; background:#cccccc" align="left"| N/A since Beta has not been reached.
|-
| style="width:25%; background:#7B8ABD" align="center"|
4. Please do use the right hand side column to provide advice and make work suggestions.
| colspan="2" style="width:75%; background:#cccccc" align="left"| My suggestion is to try to find people who would like to work on the project, since it's not much what is missing to finalize it.
|}

Project Information:template Classic ASP Security Project - Final Review - First Reviewer - D

2009-04-17T14:38:54Z

Kisero:

[[Project Information:template Classic ASP Security Project|Clik here to return to the previous page]].

{| style="width:100%" border="0" align="center"
! colspan="3" align="center" style="background:#4058A0; color:white"|'''FINAL REVIEW'''
|-
| style="width:25%; background:white" align="center"|'''PART I'''
| colspan="2" style="width:75%; background:white" align="left"|
|-
| style="width:25%; background:#7B8ABD" align="center"|
Project Deliveries & Objectives
| colspan="2" style="width:75%; background:#cccccc" align="left"|
[[OWASP Summer of Code 2008 Applications#OWASP Classic ASP Security Project|OWASP Classic ASP Security Project's Deliveries & Objectives]]
|-
| style="width:25%; background:#4058A0" align="center"|'''QUESTIONS'''
| colspan="2" style="width:75%; background:#4058A0" align="left"|'''ANSWERS'''
|-
| style="width:25%; background:#7B8ABD" align="center"|
1. At what extent have the project deliveries & objectives been accomplished? Having in consideration [[OWASP Summer of Code 2008 Applications#OWASP Classic ASP Security Project|'''the assumed ones''']], please exemplify writing down those of them that haven't been realised.
| colspan="2" style="width:75%; background:#cccccc" align="left"|Looks like all objectives have been meet (documents seems there and some of them were even tested), i was unable to test all of them in deep in order to verify full functionality. I dont have the full platform needed to test it at this point in time.
|-
| style="width:25%; background:#7B8ABD" align="center"|
2. At what extent have the project deliveries & objectives been accomplished? Having in consideration [[OWASP Summer of Code 2008 Applications#OWASP Classic ASP Security Project|'''the assumed ones''']], please quantify in terms of percentage.
| colspan="2" style="width:75%; background:#cccccc" align="left"| %100
|-
| style="width:25%; background:#7B8ABD" align="center"|
3. Please do use the right hand side column to provide advice and make work suggestions.
| colspan="2" style="width:75%; background:#cccccc" align="left"|
|-
| style="width:25%; background:white" align="center"|'''PART II'''
| colspan="2" style="width:75%; background:white" align="left"|
|-
| style="width:25%; background:#7B8ABD" align="center"|
Assessment Criteria
| colspan="2" style="width:75%; background:#cccccc" align="left"|
[[:Category:OWASP Project Assessment|OWASP Project Assessment Criteria]]
|-
| style="width:25%; background:#4058A0" align="center"|'''QUESTIONS'''
| colspan="2" style="width:75%; background:#4058A0" align="left"|'''ANSWERS'''
|-
| style="width:25%; background:#7B8ABD" align="center"|
1. Having into consideration the [[:Category:OWASP Project Assessment|OWASP Project Assessment Methodology]] which criteria, if any, haven’t been fulfilled in terms of '''Alpha Quality''' status?
| colspan="2" style="width:75%; background:#cccccc" align="left"| The repository in google, the rest seems done (although not in deep level of detail)
|-
| style="width:25%; background:#7B8ABD" align="center"|
2. Having into consideration the [[:Category:OWASP Project Assessment|OWASP Project Assessment Methodology]] which criteria, if any, haven’t been fulfilled in terms of '''Beta Quality''' status?
| colspan="2" style="width:75%; background:#cccccc" align="left"| More work is needed to achieve beta quality. It would look to me, documentation is minimum and could be a bit more elaborated, gaining pretty much of a beta quality (installer are not applicable on this tool).
|-
| style="width:25%; background:#7B8ABD" align="center"|
3. Having into consideration the [[:Category:OWASP Project Assessment|OWASP Project Assessment Methodology]] which criteria, if any, haven’t been fulfilled in terms of '''Release Quality''' status?
| colspan="2" style="width:75%; background:#cccccc" align="left"| N/A since Beta has not been reached.
|-
| style="width:25%; background:#7B8ABD" align="center"|
4. Please do use the right hand side column to provide advice and make work suggestions.
| colspan="2" style="width:75%; background:#cccccc" align="left"| My suggestion is to try to find people who would like to work on the project, since it's not much what is missing to finalize it.
|}

Project Information:template Backend Security Project - Final Review - First Reviewer - D

2008-11-05T09:36:22Z

Kisero:

[[Project Information:template Backend Security Project|Clik here to return to the previous page]].

{| style="width:100%" border="0" align="center"
! colspan="3" align="center" style="background:#4058A0; color:white"|'''FINAL REVIEW'''
|-
| style="width:25%; background:white" align="center"|'''PART I'''
| colspan="2" style="width:75%; background:white" align="left"|
|-
| style="width:25%; background:#7B8ABD" align="center"|
Project Deliveries & Objectives
| colspan="2" style="width:75%; background:#cccccc" align="left"|
[[OWASP Summer of Code 2008 Applications - Need Futher Clarifications#OWASP Backend Security Project|OWASP Backend Security Project's Deliveries & Objectives]]
|-
| style="width:25%; background:#4058A0" align="center"|'''QUESTIONS'''
| colspan="2" style="width:75%; background:#4058A0" align="left"|'''ANSWERS'''
|-
| style="width:25%; background:#7B8ABD" align="center"|
1. At what extent have the project deliveries & objectives been accomplished? Having in consideration [[OWASP Summer of Code 2008 Applications - Need Futher Clarifications#OWASP Backend Security Project|'''the assumed ones''']], please exemplify writing down those of them that haven't been realised.
| colspan="2" style="width:75%; background:#cccccc" align="left"| All the project's goals have been completed and formatted in a PDF document.
|-
| style="width:25%; background:#7B8ABD" align="center"|
2. At what extent have the project deliveries & objectives been accomplished? Having in consideration [[OWASP Summer of Code 2008 Applications - Need Futher Clarifications#OWASP Backend Security Project|'''the assumed ones''']], please quantify in terms of percentage.
| colspan="2" style="width:75%; background:#cccccc" align="left"| All the goals have been accomplished, a quick sumup is: all DB engines (including db2 and oracle) and ldap. All this is covered in the three coding languages pre-defined: php, .net and java.
|-
| style="width:25%; background:#7B8ABD" align="center"|
3. Please do use the right hand side column to provide advice and make work suggestions.
| colspan="2" style="width:75%; background:#cccccc" align="left"| Discussed with Carlo about re-formating the index of the document for easy reading. The project output is a 180 pages document and takes some time to go trough it.
|-
| style="width:25%; background:white" align="center"|'''PART II'''
| colspan="2" style="width:75%; background:white" align="left"|
|-
| style="width:25%; background:#7B8ABD" align="center"|
Assessment Criteria
| colspan="2" style="width:75%; background:#cccccc" align="left"|
[[:Category:OWASP Project Assessment|OWASP Project Assessment Criteria]]
|-
| style="width:25%; background:#4058A0" align="center"|'''QUESTIONS'''
| colspan="2" style="width:75%; background:#4058A0" align="left"|'''ANSWERS'''
|-
| style="width:25%; background:#7B8ABD" align="center"|
1. Having into consideration the [[:Category:OWASP Project Assessment|OWASP Project Assessment Methodology]] which criteria, if any, haven’t been fulfilled in terms of '''Alpha Quality''' status?
| colspan="2" style="width:75%; background:#cccccc" align="left"| OWASP License (TBC), Project has been documented on the OWASP Website, Code in Googlecode / SourceForge (TBC if it's on this systems. The code (example code is provided) can be found on the PDF), Mailing list (done), Sovles a Core application security...of course!
|-
| style="width:25%; background:#7B8ABD" align="center"|
2. Having into consideration the [[:Category:OWASP Project Assessment|OWASP Project Assessment Methodology]] which criteria, if any, haven’t been fulfilled in terms of '''Beta Quality''' status?
| colspan="2" style="width:75%; background:#cccccc" align="left"| As per the author, all has been achieved.
|-
| style="width:25%; background:#7B8ABD" align="center"|
3. Having into consideration the [[:Category:OWASP Project Assessment|OWASP Project Assessment Methodology]] which criteria, if any, haven’t been fulfilled in terms of '''Release Quality''' status?
| colspan="2" style="width:75%; background:#cccccc" align="left"| Not needed at for this project.
|-
| style="width:25%; background:#7B8ABD" align="center"|
4. Please do use the right hand side column to provide advice and make work suggestions.
| colspan="2" style="width:75%; background:#cccccc" align="left"| Discussed with Carlo about reformating the doument and maybe use an alternative filetype than PDF for easy reading (altough on the owasp project website you can find the html).
|}

Project Information:template Backend Security Project - Final Review - First Reviewer - D

2008-11-05T08:59:41Z

Kisero:

[[Project Information:template Backend Security Project|Clik here to return to the previous page]].

{| style="width:100%" border="0" align="center"
! colspan="3" align="center" style="background:#4058A0; color:white"|'''FINAL REVIEW'''
|-
| style="width:25%; background:white" align="center"|'''PART I'''
| colspan="2" style="width:75%; background:white" align="left"|
|-
| style="width:25%; background:#7B8ABD" align="center"|
Project Deliveries & Objectives
| colspan="2" style="width:75%; background:#cccccc" align="left"|
[[OWASP Summer of Code 2008 Applications - Need Futher Clarifications#OWASP Backend Security Project|OWASP Backend Security Project's Deliveries & Objectives]]
|-
| style="width:25%; background:#4058A0" align="center"|'''QUESTIONS'''
| colspan="2" style="width:75%; background:#4058A0" align="left"|'''ANSWERS'''
|-
| style="width:25%; background:#7B8ABD" align="center"|
1. At what extent have the project deliveries & objectives been accomplished? Having in consideration [[OWASP Summer of Code 2008 Applications - Need Futher Clarifications#OWASP Backend Security Project|'''the assumed ones''']], please exemplify writing down those of them that haven't been realised.
| colspan="2" style="width:75%; background:#cccccc" align="left"| All the project's goals have been completed and formatted in a PDF document.
|-
| style="width:25%; background:#7B8ABD" align="center"|
2. At what extent have the project deliveries & objectives been accomplished? Having in consideration [[OWASP Summer of Code 2008 Applications - Need Futher Clarifications#OWASP Backend Security Project|'''the assumed ones''']], please quantify in terms of percentage.
| colspan="2" style="width:75%; background:#cccccc" align="left"| All the goals have been accomplished, a quick sumup is: all DB engines (including db2 and oracle) and ldap. All this is covered in the three coding languages pre-defined: php, .net and java.
|-
| style="width:25%; background:#7B8ABD" align="center"|
3. Please do use the right hand side column to provide advice and make work suggestions.
| colspan="2" style="width:75%; background:#cccccc" align="left"| Discussed with Carlo about re-formating the index of the document for easy reading. The project output is a 180 pages document and takes some time to go trough it.
|-
| style="width:25%; background:white" align="center"|'''PART II'''
| colspan="2" style="width:75%; background:white" align="left"|
|-
| style="width:25%; background:#7B8ABD" align="center"|
Assessment Criteria
| colspan="2" style="width:75%; background:#cccccc" align="left"|
[[:Category:OWASP Project Assessment|OWASP Project Assessment Criteria]]
|-
| style="width:25%; background:#4058A0" align="center"|'''QUESTIONS'''
| colspan="2" style="width:75%; background:#4058A0" align="left"|'''ANSWERS'''
|-
| style="width:25%; background:#7B8ABD" align="center"|
1. Having into consideration the [[:Category:OWASP Project Assessment|OWASP Project Assessment Methodology]] which criteria, if any, haven’t been fulfilled in terms of '''Alpha Quality''' status?
| colspan="2" style="width:75%; background:#cccccc" align="left"| OWASP License (TBC), Project has been documented on the OWASP Website, Code in Googlecode / SourceForge (TBC if it's on this systems. The code (example code is provided) can be found on the PDF), Mailing list (done), Sovles a Core application security...of course!
|-
| style="width:25%; background:#7B8ABD" align="center"|
2. Having into consideration the [[:Category:OWASP Project Assessment|OWASP Project Assessment Methodology]] which criteria, if any, haven’t been fulfilled in terms of '''Beta Quality''' status?
| colspan="2" style="width:75%; background:#cccccc" align="left"|
|-
| style="width:25%; background:#7B8ABD" align="center"|
3. Having into consideration the [[:Category:OWASP Project Assessment|OWASP Project Assessment Methodology]] which criteria, if any, haven’t been fulfilled in terms of '''Release Quality''' status?
| colspan="2" style="width:75%; background:#cccccc" align="left"|
|-
| style="width:25%; background:#7B8ABD" align="center"|
4. Please do use the right hand side column to provide advice and make work suggestions.
| colspan="2" style="width:75%; background:#cccccc" align="left"| Discussed with Carlo about reformating the doument and maybe use an alternative filetype than PDF for easy reading (altough on the owasp project website you can find the html).
|}

OWASP Working Session - OWASP Certification

2008-10-23T15:38:36Z

Kisero:

{| style="width:100%" border="0" align="center"
! colspan="7" align="center" style="background:#b3b3b3; color:white"|'''Working Sessions Operational Rules''' - [[:Working Sessions Methodology|'''Please see here the general frame of rules''']].
|}
{| style="width:100%" border="0" align="center"
! colspan="7" align="center" style="background:#4058A0; color:white"|'''WORKING SESSION IDENTIFICATION'''
|-
| style="width:15%; background:#7B8ABD" align="center"|'''Work Session Name'''
| colspan="6" style="width:85%; background:#cccccc" align="left"|'''OWASP Certification'''
|-
| style="width:15%; background:#7B8ABD" align="center"| '''Short Work Session Description'''
| colspan="6" style="width:85%; background:#cccccc" align="left"|TBD
|-
| style="width:15%; background:#7B8ABD" align="center"| '''Related Projects (if any)'''
| colspan="6" style="width:85%; background:#cccccc" align="left"|
* [[:Category:OWASP Certification Requirements|OWASP Certification Requirements]]
* [[:Category:OWASP Certification Project|OWASP Certification Project]]
|-
| style="width:25%; background:#7B8ABD" align="center"|'''Email Contacts & Roles'''
| style="width:25%; background:#cccccc" align="center"|'''Chair''' [mailto:name(at)name '''TBD''']
| style="width:25%; background:#cccccc" align="center"|'''Secretary''' TBD
| style="width:25%; background:#cccccc" align="center"|'''Mailing list''' [https://lists.owasp.org/mailman/listinfo/OWASP-cert '''Subscription Page''']
|}
{| style="width:100%" border="0" align="center"
! colspan="7" align="center" style="background:#4058A0; color:white"|'''WORKING SESSION SPECIFICS'''
|-
| style="width:15%; background:#7B8ABD" align="center"|'''Objectives'''
| colspan="6" style="width:85%; background:#cccccc" align="left"|
* Discuss and review current proposal and survey results,
* Identify risks of offering a certification program.
|-
| style="width:25%; background:#7B8ABD" align="center"|'''Venue/Date&Time/Model'''
| style="width:25%; background:#cccccc" align="center"|'''Venue''' [[:OWASP EU Summit 2008|OWASP EU Summit Portugal 2008]]
| style="width:25%; background:#cccccc" align="center"|'''Date&Time''' November 5 & 7, 2008 Time TBD
| style="width:25%; background:#cccccc" align="center"|'''Discussion Model''' "Everybody is a Participant"
|}
{| style="width:100%" border="0" align="center"
! colspan="7" align="center" style="background:white; color:white"|
|}

{|style="width:100%" border="0" align="center"
! colspan="7" align="center" style="background:#4058A0; color:white"|'''WORKING SESSION OPERATIONAL RESOURCES'''
|-
| style="width:100%; background:#cccccc" align="center"|Please add here, ASAP, any needed relevant resources, e.g. data-show, boards, laptops, etc.
|}
{| style="width:100%" border="0" align="center"
! colspan="7" align="center" style="background:white; color:white"|
|}
{| style="width:100%" border="0" align="center"
! colspan="7" align="center" style="background:#4058A0; color:white"|'''WORKING SESSION ADDITIONAL DETAILS'''
|-
| style="width:100%; background:#cccccc" align="left"|
Please add here, any additional notes, links, ideas, guidelines, etc... The objective is to help the working sessions participants and attendees to prepare their participation/contribution.
|}
{| style="width:100%" border="0" align="center"
! colspan="3" align="center" style="background:#4058A0; color:white"|'''WORKING SESSION OUTCOMES'''
|-
| style="width:7%; background:#6C82B5" align="center"|Statements, Initiatives or Decisions
| style="width:46%; background:#b3b3b3" align="center"|'''Proposed by Working Group'''
| style="width:47%; background:#b3b3b3" align="center"|'''Approved by OWASP Board'''
|-
| style="width:7%; background:#7B8ABD" align="center"|
| style="width:46%; background:#C2C2C2" align="center"|Fill in here.
| style="width:47%; background:#C2C2C2" align="center"|After the Board Meeting - fill in here.
|-
| style="width:7%; background:#7B8ABD" align="center"|
| style="width:46%; background:#C2C2C2" align="center"|Fill in here.
| style="width:47%; background:#C2C2C2" align="center"|After the Board Meeting - fill in here.
|}
== Working Session Participants ==
(Add you name by editing this table. On your the right, just above the this frame, you have the option to edit)
{| style="width:100%" border="0" align="center"
! colspan="7" align="center" style="background:#4058A0; color:white"|'''WORKING SESSION PARTICIPANTS'''
|-
| style="width:7%; background:#7B8ABD" align="center"|
| style="width:15%; background:#cccccc" align="center"|'''Name'''
| style="width:15%; background:#cccccc" align="center"|'''Company'''
| style="width:63%; background:#cccccc" align="center"|'''Notes & reason for participating, issues to be discussed/addressed'''
|-
| style="width:7%; background:#7B8ABD" align="center"|1
| style="width:15%; background:#cccccc" align="center"| Dinis Cruz
| style="width:15%; background:#cccccc" align="center"| OWASP
| style="width:63%; background:#cccccc" align="center"| Want to share a number of ideas and see how I can help to make this happen
|-
| style="width:7%; background:#7B8ABD" align="center"|2
| style="width:15%; background:#cccccc" align="center"| Matteo Meucci
| style="width:15%; background:#cccccc" align="center"| Minded Security
| style="width:63%; background:#cccccc" align="center"| Thinking at the OWASP Certifications from many time. Would like to understand which kind of certification is better for the OWASP Community.
|-
| style="width:7%; background:#7B8ABD" align="center"|3
| style="width:15%; background:#cccccc" align="center"| Rex Booth
| style="width:15%; background:#cccccc" align="center"| Grant Thornton
| style="width:63%; background:#cccccc" align="center"| Interest in the cert topic.
|-
| style="width:7%; background:#7B8ABD" align="center"|4
| style="width:15%; background:#cccccc" align="center"| Pavol Luptak
| style="width:15%; background:#cccccc" align="center"| Nethemba s.r.o.
| style="width:63%; background:#cccccc" align="center"| Interest in the cert topic.
|-
| style="width:7%; background:#7B8ABD" align="center"|5
| style="width:15%; background:#cccccc" align="center"|David Campbell
| style="width:15%; background:#cccccc" align="center"|OWASP
| style="width:63%; background:#cccccc" align="center"|Cert skeptic
|-
| style="width:7%; background:#7B8ABD" align="center"|6
| style="width:15%; background:#cccccc" align="center"|Andrzej Targosz
| style="width:15%; background:#cccccc" align="center"|PROIDEA
| style="width:63%; background:#cccccc" align="center"|Interest in the topic.
|-
| style="width:7%; background:#7B8ABD" align="center"|7
| style="width:15%; background:#cccccc" align="center"|Giorgio Fedon
| style="width:15%; background:#cccccc" align="center"|Minded Security
| style="width:63%; background:#cccccc" align="center"|Share Ideas and talking about the need for a Certification
|-
| style="width:7%; background:#7B8ABD" align="center"|8
| style="width:15%; background:#cccccc" align="center"|Esteban Ribicic
| style="width:15%; background:#cccccc" align="center"|HP
| style="width:63%; background:#cccccc" align="center"|Interested on the topic
|-
| style="width:7%; background:#7B8ABD" align="center"|9
| style="width:15%; background:#cccccc" align="center"|
| style="width:15%; background:#cccccc" align="center"|
| style="width:63%; background:#cccccc" align="center"|
|-
| style="width:7%; background:#7B8ABD" align="center"|10
| style="width:15%; background:#cccccc" align="center"|
| style="width:15%; background:#cccccc" align="center"|
| style="width:63%; background:#cccccc" align="center"|
|}
If needed add here more lines.

OWASP Working Session - Browser Security

2008-10-23T15:33:55Z

Kisero:

{| style="width:100%" border="0" align="center"
! colspan="7" align="center" style="background:#b3b3b3; color:white"|'''Working Sessions Operational Rules''' - [[:Working Sessions Methodology|'''Please see here the general frame of rules''']].
|}
{| style="width:100%" border="0" align="center"
! colspan="7" align="center" style="background:#4058A0; color:white"|'''WORKING SESSION IDENTIFICATION'''
|-
| style="width:15%; background:#7B8ABD" align="center"|'''Work Session Name'''
| colspan="6" style="width:85%; background:#cccccc" align="left"|'''ISWG Browser Security'''
|-
| style="width:15%; background:#7B8ABD" align="center"| '''Short Work Session Description'''
| colspan="6" style="width:85%; background:#cccccc" align="left"|Brainstorming on how to introduce more useful security into our browsers
|-
| style="width:15%; background:#7B8ABD" align="center"| '''Related Projects (if any)'''
| colspan="6" style="width:85%; background:#cccccc" align="left"|
OWASP ISWG (Intrinsic Security Working Group) = OWASP Intrinsic Security Working Group - Browser Security
|-
| style="width:25%; background:#7B8ABD" align="center"|'''Email Contacts & Roles'''
| style="width:25%; background:#cccccc" align="center"|'''Chair''' [mailto:arshan.dabirsiaghi(at)aspectsecurity.com '''Arshan Dabirsiaghi''']
| style="width:25%; background:#cccccc" align="center"|'''Secretary''' [mailto:kuai.hinojosa(at)owasp.org '''Kuai Hinojosa''']
| style="width:25%; background:#cccccc" align="center"|'''Mailing list''' [https://lists.owasp.org/mailman/listinfo/owasp-browser-security-wg '''Subscription Page''']
|}
{| style="width:100%" border="0" align="center"
! colspan="7" align="center" style="background:#4058A0; color:white"|'''WORKING SESSION SPECIFICS'''
|-
| style="width:15%; background:#7B8ABD" align="center"|'''Objectives'''
| colspan="6" style="width:85%; background:#cccccc" align="left"|
* Discuss ongoing HTML5 security research,
* Discuss further ramifications of HTML5 (cross-site XHR, Access-Control, client storage, etc.),
* Take a look at security critical areas and discuss possible browser improvements.
|-
| style="width:25%; background:#7B8ABD" align="center"|'''Venue/Date&Time/Model'''
| style="width:25%; background:#cccccc" align="center"|'''Venue''' [[:OWASP EU Summit 2008|OWASP EU Summit Portugal 2008]]
| style="width:25%; background:#cccccc" align="center"|'''Date&Time''' November 4, 2008 9:00
| style="width:25%; background:#cccccc" align="center"|'''Discussion Model''' Everybody is a Participant
|}
{| style="width:100%" border="0" align="center"
! colspan="7" align="center" style="background:white; color:white"|
|}

{|style="width:100%" border="0" align="center"
! colspan="7" align="center" style="background:#4058A0; color:white"|'''WORKING SESSION OPERATIONAL RESOURCES'''
|-
| style="width:100%; background:#cccccc" align="center"|Projector, whiteboards, markers, Internet connectivity, power
|}
{| style="width:100%" border="0" align="center"
! colspan="7" align="center" style="background:white; color:white"|
|}
{| style="width:100%" border="0" align="center"
! colspan="7" align="center" style="background:#4058A0; color:white"|'''WORKING SESSION ADDITIONAL DETAILS'''
|-
| style="width:100%; background:#cccccc" align="left"|
* '''Browsers to invite''': IE, FF, Safari, Opera and Chrome.
* '''Agenda''':
- Time: 30 mins
Introduction

- Time: 2 hrs 30 mins
Action Item: Identify 5 Key Browser Risks and select the top 3

- Time: 2 hrs 30 mins
Address issues in the current HTML 5 specifications

- Time: 1 hr 30 mins
Build a proposal to target key players in the industry and ask for their support

- Time: 30 mins
Assign point leads, roles and responsibilities

'''Related resources:'''
* [[OWASP_Working_Session_-_Browser_Security_Letters]]
|}
{| style="width:100%" border="0" align="center"
! colspan="3" align="center" style="background:#4058A0; color:white"|'''WORKING SESSION OUTCOMES'''
|-
| style="width:7%; background:#6C82B5" align="center"|Statements, Initiatives or Decisions
| style="width:46%; background:#b3b3b3" align="center"|'''Proposed by Working Group'''
| style="width:47%; background:#b3b3b3" align="center"|'''Approved by OWASP Board'''
|-
| style="width:7%; background:#7B8ABD" align="center"|
| style="width:46%; background:#C2C2C2" align="center"|OWASP Top 10 Browser Wishlist.
| style="width:47%; background:#C2C2C2" align="center"|After the Board Meeting - fill in here.
|-
| style="width:7%; background:#7B8ABD" align="center"|
| style="width:46%; background:#C2C2C2" align="center"|Actionable advice and technical arguments for HTML5 feature set.
| style="width:47%; background:#C2C2C2" align="center"|After the Board Meeting - fill in here.
|-
| style="width:7%; background:#7B8ABD" align="center"|
| style="width:46%; background:#C2C2C2" align="center"|Establish OWASP points-of-contact for W3C.
| style="width:47%; background:#C2C2C2" align="center"|After the Board Meeting - fill in here.
|-
| style="width:7%; background:#7B8ABD" align="center"|
| style="width:46%; background:#C2C2C2" align="center"|Fill in here.
| style="width:47%; background:#C2C2C2" align="center"|After the Board Meeting - fill in here.
|}
== Working Session Participants ==
(Add you name by editing this table. On your the right, just above the this frame, you have the option to edit)
{| style="width:100%" border="0" align="center"
! colspan="7" align="center" style="background:#4058A0; color:white"|'''WORKING SESSION PARTICIPANTS'''
|-
| style="width:7%; background:#7B8ABD" align="center"|
| style="width:15%; background:#cccccc" align="center"|'''Name'''
| style="width:15%; background:#cccccc" align="center"|'''Company'''
| style="width:63%; background:#cccccc" align="center"|'''Notes & reason for participating, issues to be discussed/addressed'''
|-
| style="width:7%; background:#7B8ABD" align="center"| -
| style="width:15%; background:#cccccc" align="center"| TDB (Officially Invited by OWASP)
| style="width:15%; background:#cccccc" align="center"| http://www.microsoft.com/philippines/smallbusiness/images/prodsol/GetOpenContent_002.png
| style="width:63%; background:#cccccc" align="center"| Official Representative from Microsoft's IE team
|-
| style="width:7%; background:#7B8ABD" align="center"|-
| style="width:15%; background:#cccccc" align="center"| TDB (Officially Invited by OWASP)
| style="width:15%; background:#cccccc" align="center"| http://www.mozilla.org/images/product-firefox-50.png
| style="width:63%; background:#cccccc" align="center"| Official Representative from Mozilla Foundation's Firefox team
|-
| style="width:7%; background:#7B8ABD" align="center"|-
| style="width:15%; background:#cccccc" align="center"| TDB (Officially Invited by OWASP)
| style="width:15%; background:#cccccc" align="center"| http://upload.wikimedia.org/wikipedia/commons/thumb/5/53/Opera_O.png/43px-Opera_O.png
| style="width:63%; background:#cccccc" align="center"| Official Representative from Opera's team
|-
| style="width:7%; background:#7B8ABD" align="center"|-
| style="width:15%; background:#cccccc" align="center"| TDB (Officially Invited by OWASP)
| style="width:15%; background:#cccccc" align="center"| http://images.apple.com/ca/rss/images/safarirss.gif
| style="width:63%; background:#cccccc" align="center"| Official Representative from Apple's Safari team
|-
| style="width:7%; background:#7B8ABD" align="center"|-
| style="width:15%; background:#cccccc" align="center"| TDB (Officially Invited by OWASP)
| style="width:15%; background:#cccccc" align="center"| http://www.google.com/options/icons/chrome.gif
| style="width:63%; background:#cccccc" align="center"| Official Representative from Google's Chrome team
|-
| style="width:7%; background:#7B8ABD" align="center"|1
| style="width:15%; background:#cccccc" align="center"|Mario Heiderich
| style="width:15%; background:#cccccc" align="center"|Independent
| style="width:63%; background:#cccccc" align="center"|General Expertise
|-
| style="width:7%; background:#7B8ABD" align="center"|2
| style="width:15%; background:#cccccc" align="center"|Gareth Heyes
| style="width:15%; background:#cccccc" align="center"|Independent
| style="width:63%; background:#cccccc" align="center"|General Expertise
|-
| style="width:7%; background:#7B8ABD" align="center"|3
| style="width:15%; background:#cccccc" align="center"|Marcin Wielgoszewski
| style="width:15%; background:#cccccc" align="center"|Protiviti
| style="width:63%; background:#cccccc" align="center"|Participant
|-
| style="width:7%; background:#7B8ABD" align="center"|4
| style="width:15%; background:#cccccc" align="center"|Adam Baso
| style="width:15%; background:#cccccc" align="center"|Symantec
| style="width:63%; background:#cccccc" align="center"|Participant
|-
| style="width:7%; background:#7B8ABD" align="center"|5
| style="width:15%; background:#cccccc" align="center"|Achim Hoffmann
| style="width:15%; background:#cccccc" align="center"|Independent
| style="width:63%; background:#cccccc" align="center"|Participant
|-
| style="width:7%; background:#7B8ABD" align="center"|6
| style="width:15%; background:#cccccc" align="center"|David Rook
| style="width:15%; background:#cccccc" align="center"|Realex Payments
| style="width:63%; background:#cccccc" align="center"|General Expertise
|-
| style="width:7%; background:#7B8ABD" align="center"|7
| style="width:15%; background:#cccccc" align="center"|Peleus Uhley
| style="width:15%; background:#cccccc" align="center"|Adobe Systems
| style="width:63%; background:#cccccc" align="center"|General Expertise
|-
| style="width:7%; background:#7B8ABD" align="center"|8
| style="width:15%; background:#cccccc" align="center"|Giorgio Fedon
| style="width:15%; background:#cccccc" align="center"|Minded Security
| style="width:63%; background:#cccccc" align="center"|Participant
|-
| style="width:7%; background:#7B8ABD" align="center"|9
| style="width:15%; background:#cccccc" align="center"|Esteban ribicic
| style="width:15%; background:#cccccc" align="center"|HP
| style="width:63%; background:#cccccc" align="center"|Participant
|-
| style="width:7%; background:#7B8ABD" align="center"|10
| style="width:15%; background:#cccccc" align="center"|
| style="width:15%; background:#cccccc" align="center"|
| style="width:63%; background:#cccccc" align="center"|
|}

[[Category:OWASP_Working_Session]]

OWASP Working Session - Web Application Framework Security

2008-10-23T15:22:46Z

Kisero:

{| style="width:100%" border="0" align="center"
! colspan="7" align="center" style="background:#b3b3b3; color:white"|'''Working Sessions Operational Rules''' - [[:Working Sessions Methodology|'''Please see here the general frame of rules''']].
|}
{| style="width:100%" border="0" align="center"
! colspan="7" align="center" style="background:#4058A0; color:white"|'''WORKING SESSION IDENTIFICATION'''
|-
| style="width:15%; background:#7B8ABD" align="center"|'''Work Session Name'''
| colspan="6" style="width:85%; background:#cccccc" align="left"|'''ISWG Web Application Framework Security'''
|-
| style="width:15%; background:#7B8ABD" align="center"| '''Short Work Session Description'''
| colspan="6" style="width:85%; background:#cccccc" align="left"|Generate
|-
| style="width:15%; background:#7B8ABD" align="center"| '''Related Projects (if any)'''
| colspan="6" style="width:85%; background:#cccccc" align="left"|Brainstorming on how to introduce more useful security into our web application frameworks
OWASP ISWG (Intrinsic Security Working Group) - Web Application Framework Security
|-
| style="width:25%; background:#7B8ABD" align="center"|'''Email Contacts & Roles'''
| style="width:25%; background:#cccccc" align="center"|'''Chair''' [mailto:arshan.dabirsiaghi(at)aspectsecurity.com '''Arshan Dabirsiaghi''']
| style="width:25%; background:#cccccc" align="center"|'''Secretary''' [mailto:kuai.hinojosa(at)owasp.org '''Kuai Hinojosa''']
| style="width:25%; background:#cccccc" align="center"|'''Mailing list''' [https://lists.owasp.org/mailman/listinfo/owasp-iswg-web-application-framework-security '''Subscription Page''']
|}
{| style="width:100%" border="0" align="center"
! colspan="7" align="center" style="background:#4058A0; color:white"|'''WORKING SESSION SPECIFICS'''
|-
| style="width:15%; background:#7B8ABD" align="center"|'''Objectives'''
| colspan="6" style="width:85%; background:#cccccc" align="left"|
* Discuss gaps and patterns in gaps in security coverage across frameworks,
* Discuss possible solutions for security areas.
|-
| style="width:25%; background:#7B8ABD" align="center"|'''Venue/Date&Time/Model'''
| style="width:25%; background:#cccccc" align="center"|'''Venue''' [[:OWASP EU Summit 2008|OWASP EU Summit Portugal 2008]]
| style="width:25%; background:#cccccc" align="center"|'''Date&Time''' November 5, 2008 Time 9:00AM
| style="width:25%; background:#cccccc" align="center"|'''Discussion Model''' "Participants + Attendees"
|}
{| style="width:100%" border="0" align="center"
! colspan="7" align="center" style="background:white; color:white"|
|}

{|style="width:100%" border="0" align="center"
! colspan="7" align="center" style="background:#4058A0; color:white"|'''WORKING SESSION OPERATIONAL RESOURCES'''
|-
| style="width:100%; background:#cccccc" align="center"|Projector, whiteboards, markers, Internet connectivity, power
|}
{| style="width:100%" border="0" align="center"
! colspan="7" align="center" style="background:white; color:white"|
|}
{| style="width:100%" border="0" align="center"
! colspan="7" align="center" style="background:#4058A0; color:white"|'''WORKING SESSION ADDITIONAL DETAILS'''
|-
| style="width:100%; background:#cccccc" align="left"|
* '''Related resources:''' [[OWASP_Working_Session_-_Browser_Security_Letters]]
* '''Frameworks to invite:''' .NET, J2EE, Spring, Struts, ASP.NET MVC, RoR, PHP, etc.
** 10 Oct: "Open Letter to Frameworks (version for open mailing lists)" sent to
*** Ruby-on-Rails Core mailing list
*** Springnet Developer mailing list
*** Struts Dev mailing list

|}
{| style="width:100%" border="0" align="center"
! colspan="3" align="center" style="background:#4058A0; color:white"|'''WORKING SESSION OUTCOMES'''
|-
| style="width:7%; background:#6C82B5" align="center"|Statements, Initiatives or Decisions
| style="width:46%; background:#b3b3b3" align="center"|'''Proposed by Working Group'''
| style="width:47%; background:#b3b3b3" align="center"|'''Approved by OWASP Board'''
|-
| style="width:7%; background:#7B8ABD" align="center"|
| style="width:46%; background:#C2C2C2" align="center"|Actionable advice for each individual frameworks .
| style="width:47%; background:#C2C2C2" align="center"|After the Board Meeting - fill in here.
|-
| style="width:7%; background:#7B8ABD" align="center"|
| style="width:46%; background:#C2C2C2" align="center"|Identify points-of-contact for frameworks.
| style="width:47%; background:#C2C2C2" align="center"|After the Board Meeting - fill in here.
|}
== Working Session Participants ==
(Add you name by editing this table. On your the right, just above the this frame, you have the option to edit)
{| style="width:100%" border="0" align="center"
! colspan="7" align="center" style="background:#4058A0; color:white"|'''WORKING SESSION PARTICIPANTS'''
|-
| style="width:7%; background:#7B8ABD" align="center"|
| style="width:15%; background:#cccccc" align="center"|'''Name'''
| style="width:15%; background:#cccccc" align="center"|'''Company'''
| style="width:63%; background:#cccccc" align="center"|'''Notes & reason for participating, issues to be discussed/addressed'''
|-
| style="width:7%; background:#7B8ABD" align="center"| -
| style="width:15%; background:#cccccc" align="center"| TDB (Officially Invited by OWASP)
| style="width:15%; background:#cccccc" align="center"| http://forums.asp.net/Themes/fan/images/roleicons/dff6f773-6732-4cd8-addf-42a8ab367d22.gif
| style="width:63%; background:#cccccc" align="center"| Official Representative from Microsoft's ASP.NET team
|-
| style="width:7%; background:#7B8ABD" align="center"| -
| style="width:15%; background:#cccccc" align="center"| TDB (Officially Invited by OWASP)
| style="width:15%; background:#cccccc" align="center"| http://metawidget.sourceforge.net/media/logo-struts.gif
| style="width:63%; background:#cccccc" align="center"| Official Representative from Apache Struts team
|-
| style="width:7%; background:#7B8ABD" align="center"| -
| style="width:15%; background:#cccccc" align="center"| TDB (Officially Invited by OWASP)
| style="width:15%; background:#cccccc" align="center"| http://boedesign.com/wp-content/themes/bd5/images/cakephp.gif
| style="width:63%; background:#cccccc" align="center"| Official Representative from CakePHP team
|-
| style="width:7%; background:#7B8ABD" align="center"| -
| style="width:15%; background:#cccccc" align="center"| TDB (Officially Invited by OWASP)
| style="width:15%; background:#cccccc" align="center"| http://www.tutorialized.com/upload/20070625154105_rails.jpg
| style="width:63%; background:#cccccc" align="center"| Official Representative from Ruby-on-Rails team
|-
| style="width:7%; background:#7B8ABD" align="center"| -
| style="width:15%; background:#cccccc" align="center"| TDB (Officially Invited by OWASP)
| style="width:15%; background:#cccccc" align="center"| http://www.springframework.net/doc-1.1-M1/reference/html/images/xdev-spring_logo.jpg
| style="width:63%; background:#cccccc" align="center"| Official Representative from Spring.NET team
|-
| style="width:7%; background:#7B8ABD" align="center"|1
| style="width:15%; background:#cccccc" align="center"|Mario Heiderich
| style="width:15%; background:#cccccc" align="center"|Independent
| style="width:63%; background:#cccccc" align="center"|General Expertise
|-
| style="width:7%; background:#7B8ABD" align="center"|2
| style="width:15%; background:#cccccc" align="center"|Gareth Heyes
| style="width:15%; background:#cccccc" align="center"|Independent
| style="width:63%; background:#cccccc" align="center"|General Expertise
|-
| style="width:7%; background:#7B8ABD" align="center"|3
| style="width:15%; background:#cccccc" align="center"|Marcin Wielgoszewski
| style="width:15%; background:#cccccc" align="center"|Protiviti
| style="width:63%; background:#cccccc" align="center"|Participant
|-
| style="width:7%; background:#7B8ABD" align="center"|4
| style="width:15%; background:#cccccc" align="center"|Adam Baso
| style="width:15%; background:#cccccc" align="center"|Symantec
| style="width:63%; background:#cccccc" align="center"|Participant
|-
| style="width:7%; background:#7B8ABD" align="center"|5
| style="width:15%; background:#cccccc" align="center"|Giorgio Fedon
| style="width:15%; background:#cccccc" align="center"|Minded Security
| style="width:63%; background:#cccccc" align="center"|Participant
|-
| style="width:7%; background:#7B8ABD" align="center"|6
| style="width:15%; background:#cccccc" align="center"|Colin Watson
| style="width:15%; background:#cccccc" align="center"| Watson Hall
| style="width:63%; background:#cccccc" align="center"|Participant
|-
| style="width:7%; background:#7B8ABD" align="center"|7
| style="width:15%; background:#cccccc" align="center"|Esteban Ribicic
| style="width:15%; background:#cccccc" align="center"|HP
| style="width:63%; background:#cccccc" align="center"|Participant
|-
| style="width:7%; background:#7B8ABD" align="center"|8
| style="width:15%; background:#cccccc" align="center"|
| style="width:15%; background:#cccccc" align="center"|
| style="width:63%; background:#cccccc" align="center"|
|-
| style="width:7%; background:#7B8ABD" align="center"|9
| style="width:15%; background:#cccccc" align="center"|
| style="width:15%; background:#cccccc" align="center"|
| style="width:63%; background:#cccccc" align="center"|
|-
| style="width:7%; background:#7B8ABD" align="center"|10
| style="width:15%; background:#cccccc" align="center"|
| style="width:15%; background:#cccccc" align="center"|
| style="width:63%; background:#cccccc" align="center"|
|}
If needed add here more lines.

[[Category:OWASP_Working_Session]]

Project Information:template AntiSamy Project - Final Review - First Reviewer - D

2008-08-29T11:04:47Z

Kisero:

[[Project Information:template AntiSamy Project|Clik here to return to the previous page]].

{| style="width:100%" border="0" align="center"
! colspan="3" align="center" style="background:#4058A0; color:white"|'''FINAL REVIEW'''
|-
| style="width:25%; background:white" align="center"|'''PART I'''
| colspan="2" style="width:75%; background:white" align="left"|
|-
| style="width:25%; background:#7B8ABD" align="center"|
Project Deliveries & Objectives
| colspan="2" style="width:75%; background:#cccccc" align="left"|
[[OWASP Summer of Code 2008 Applications#OWASP AntiSamy .NET| OWASP AntiSamy .NET Project's Deliveries & Objectives]]
|-
| style="width:25%; background:#4058A0" align="center"|'''QUESTIONS'''
| colspan="2" style="width:75%; background:#4058A0" align="left"|'''ANSWERS'''
|-
| style="width:25%; background:#7B8ABD" align="center"|
1. At what extent have the project deliveries & objectives been accomplished? Having in consideration [[OWASP Summer of Code 2008 Applications#OWASP AntiSamy .NET|'''the assumed ones''']], please exemplify writing down those of them that haven't been realised.
| colspan="2" style="width:75%; background:#cccccc" align="left"|
All task has been acomplished (refer to source: [http://code.google.com/p/owaspantisamy/source/browse/#svn/trunk/dotNet/current/source/%20owaspantisamy Google Code] )
|-
| style="width:25%; background:#7B8ABD" align="center"|
2. At what extent have the project deliveries & objectives been accomplished? Having in consideration [[OWASP Summer of Code 2008 Applications#OWASP AntiSamy .NET|'''the assumed ones''']], please quantify in terms of percentage.
| colspan="2" style="width:75%; background:#cccccc" align="left"|
Project has been fully completed
|-
| style="width:25%; background:#7B8ABD" align="center"|
3. Please do use the right hand side column to provide advice and make work suggestions.
| colspan="2" style="width:75%; background:#cccccc" align="left"|
All is in the svn, personally it took me some time to track down all the code and doc. Most probably due my non-coder profile.
|-
| style="width:25%; background:white" align="center"|'''PART II'''
| colspan="2" style="width:75%; background:white" align="left"|
|-
| style="width:25%; background:#7B8ABD" align="center"|
Assessment Criteria
| colspan="2" style="width:75%; background:#cccccc" align="left"|
[[:Category:OWASP Project Assessment|OWASP Project Assessment Criteria]]
|-
| style="width:25%; background:#4058A0" align="center"|'''QUESTIONS'''
| colspan="2" style="width:75%; background:#4058A0" align="left"|'''ANSWERS'''
|-
| style="width:25%; background:#7B8ABD" align="center"|
1. Having into consideration the [[:Category:OWASP Project Assessment|OWASP Project Assessment Methodology]] which criteria, if any, haven’t been fulfilled in terms of '''Alpha Quality''' status?
| colspan="2" style="width:75%; background:#cccccc" align="left"|
All seems to be completed, project page too at [https://www.owasp.org/index.php/Project_Information:template_AntiSamy_Project_-_Final_Review_-_First_Reviewer_-_D AntiSamy]
|-
| style="width:25%; background:#7B8ABD" align="center"|
2. Having into consideration the [[:Category:OWASP Project Assessment|OWASP Project Assessment Methodology]] which criteria, if any, haven’t been fulfilled in terms of '''Beta Quality''' status?
| colspan="2" style="width:75%; background:#cccccc" align="left"|
Documentation is on the project site and google code site too. There's no gui for this tool since it's an API. Numerous examples applications are in the site.
|-
| style="width:25%; background:#7B8ABD" align="center"|
3. Having into consideration the [[:Category:OWASP Project Assessment|OWASP Project Assessment Methodology]] which criteria, if any, haven’t been fulfilled in terms of '''Release Quality''' status?
| colspan="2" style="width:75%; background:#cccccc" align="left"|
All seems to be fine
|-
| style="width:25%; background:#7B8ABD" align="center"|
4. Please do use the right hand side column to provide advice and make work suggestions.
| colspan="2" style="width:75%; background:#cccccc" align="left"|
I would reinforce documentation, but this is probably due my lack of knowledge on coding.
|}

Project Information:template AntiSamy Project - Final Review - First Reviewer - D

2008-08-29T11:03:20Z

Kisero:

Project Information:template AntiSamy Project - Final Review - First Reviewer - D

2008-08-29T10:57:10Z

Kisero:

[[Project Information:template AntiSamy Project|Clik here to return to the previous page]].

{| style="width:100%" border="0" align="center"
! colspan="3" align="center" style="background:#4058A0; color:white"|'''FINAL REVIEW'''
|-
| style="width:25%; background:white" align="center"|'''PART I'''
| colspan="2" style="width:75%; background:white" align="left"|
|-
| style="width:25%; background:#7B8ABD" align="center"|
Project Deliveries & Objectives
| colspan="2" style="width:75%; background:#cccccc" align="left"|
[[OWASP Summer of Code 2008 Applications#OWASP AntiSamy .NET| OWASP AntiSamy .NET Project's Deliveries & Objectives]]
|-
| style="width:25%; background:#4058A0" align="center"|'''QUESTIONS'''
| colspan="2" style="width:75%; background:#4058A0" align="left"|'''ANSWERS'''
|-
| style="width:25%; background:#7B8ABD" align="center"|
1. At what extent have the project deliveries & objectives been accomplished? Having in consideration [[OWASP Summer of Code 2008 Applications#OWASP AntiSamy .NET|'''the assumed ones''']], please exemplify writing down those of them that haven't been realised.
| colspan="2" style="width:75%; background:#cccccc" align="left"|
All task has been acomplished (refer to source: [http://code.google.com/p/owaspantisamy/source/browse/#svn/trunk/dotNet/current/source/%20owaspantisamy Google Code] )
|-
| style="width:25%; background:#7B8ABD" align="center"|
2. At what extent have the project deliveries & objectives been accomplished? Having in consideration [[OWASP Summer of Code 2008 Applications#OWASP AntiSamy .NET|'''the assumed ones''']], please quantify in terms of percentage.
| colspan="2" style="width:75%; background:#cccccc" align="left"|
Project has been fully completed
|-
| style="width:25%; background:#7B8ABD" align="center"|
3. Please do use the right hand side column to provide advice and make work suggestions.
| colspan="2" style="width:75%; background:#cccccc" align="left"|
All is in the svn, personally it took me some time to track down all the code and doc. Most probably due my non-coder profile.
|-
| style="width:25%; background:white" align="center"|'''PART II'''
| colspan="2" style="width:75%; background:white" align="left"|
|-
| style="width:25%; background:#7B8ABD" align="center"|
Assessment Criteria
| colspan="2" style="width:75%; background:#cccccc" align="left"|
[[:Category:OWASP Project Assessment|OWASP Project Assessment Criteria]]
|-
| style="width:25%; background:#4058A0" align="center"|'''QUESTIONS'''
| colspan="2" style="width:75%; background:#4058A0" align="left"|'''ANSWERS'''
|-
| style="width:25%; background:#7B8ABD" align="center"|
1. Having into consideration the [[:Category:OWASP Project Assessment|OWASP Project Assessment Methodology]] which criteria, if any, haven’t been fulfilled in terms of '''Alpha Quality''' status?
| colspan="2" style="width:75%; background:#cccccc" align="left"|
|-
| style="width:25%; background:#7B8ABD" align="center"|
2. Having into consideration the [[:Category:OWASP Project Assessment|OWASP Project Assessment Methodology]] which criteria, if any, haven’t been fulfilled in terms of '''Beta Quality''' status?
| colspan="2" style="width:75%; background:#cccccc" align="left"|
|-
| style="width:25%; background:#7B8ABD" align="center"|
3. Having into consideration the [[:Category:OWASP Project Assessment|OWASP Project Assessment Methodology]] which criteria, if any, haven’t been fulfilled in terms of '''Release Quality''' status?
| colspan="2" style="width:75%; background:#cccccc" align="left"|
|-
| style="width:25%; background:#7B8ABD" align="center"|
4. Please do use the right hand side column to provide advice and make work suggestions.
| colspan="2" style="width:75%; background:#cccccc" align="left"|
|}

OWASP EU Summit 2008

2008-08-25T11:07:27Z

Kisero:

(WORK IN PROGRESS /UNDER DISCUSSION)
== UPDATES ==
*[[OWASP EU Summit 2008 - updates|'''OWASP EU Summit 2008 - updates''']]

== What: OWASP Summit, a conference about OWASP and for OWASP's community ==
=== When: 4 to 7 Nov 2008 (4 & 5: Meetings and Training, 6 & 7: Conference) ===
=== Where: Portugal ===
Faro or Lisbon
=== Organization===
Dinis Cruz, Paulo Coimbra and the OWASP Summit Team - Eduardo Neves, Leonardo Cavallari Militelli, Mark Roxberry, Michael Coates, Arturo 'Buanzo' Busleiman.

== Agenda ==
Theme: Present OWASP's projects, community and activities ..... '....Connecting the dots.... "

'''Day 1 & 2'''
*Training sessions (similar to what happens at the moment at the other OWASP conferences)
*OWASP Working Group sessions (1/2 day each) on:
** OWASP Governance, "What is OWASP's position on ...." & Action Plan for 2009
** ESAPI
** Browser Security
** OWASP Top 10 2009

'''Day 3 & 4 Agenda:'''
* Presentations from AoC, SpoC and SoC Participants
* Presentations from 'Release' Quality OWASP projects (not included in the list above) or Key OWASP projects (like ESAPI)
* Presentations about OWASP : How it works, Financial reports, OotM (OWASP on the Move), new project management guidelines, local chapter finances, OWASP governance
* Presentation from Chapter leaders on the activities developed on their project
* Discussion on next steps for OWASP and focus of next OWASP financial investment plans

Other ideas:

* vote on 6th OWASP board member (Candidates to Apply)

== other details==

'''Projected Attendees:450 '''
* 200 with some (or all) expenses covered by OWASP
** 33 SoC participants
** 70 SoC reviewers
** 10 SoC Collaborators
** 15 AoC & SpoC participants
** 15 Chapter Leaders
** 8 OWASP Board & Employees
** 49 OWASP non-individual members (2x per 9k Corporate? 1x for the others?)

=== Financial details ===
'''Expenses'''
* Accommodation & meals: 80,000 USD = 400 USD per person (200x) for 3 nights accommodation and 5 meals (3 dinners and 2 lunches)
* Flights & Trains : 70,000 USD

'''Revenue sources'''
* Tickets (for the 250 non 'OWASP invited' attendees)
* Training Sessions
* Conference sponsors

== Provisory list of 'expenses paid' participants ==

{| style="width:100%" border="0" align="center"
! colspan="7" align="center" style="background:#4058A0; color:white"|'''PROJECTED CONFERENCE PAID ATTENDEES AND/OR SPEAKERS - NEEDS OWASP BOARD CONFIRMATION'''
|-
| style="width:20%; background:#b3b3b3" align="center"|'''NAME'''
| style="width:40%; background:#b3b3b3" align="center"|'''POSITION/REASON OF ATTENDANCE'''
| style="width:20%; background:#b3b3b3" align="center"|'''COUNTRY'''
| style="width:20%; background:#b3b3b3" align="center"|'''DEPARTURE (AIRPORT/CITY)'''
|-
! colspan="7" align="left" style="background:white; color:black"|'''OWASP BOARD MEMBERS & EMPLOYEES'''
|-
| style="width:20%; background:#cccccc" align="center"|Williams
| style="width:40%; background:#cccccc" align="center"|Board, Chair, Wiki, Management
| style="width:20%; background:#cccccc" align="center"|USA
| style="width:20%; background:#cccccc" align="center"|?
|-
| style="width:20%; background:#cccccc" align="center"|Dave Wichers
| style="width:40%; background:#cccccc" align="center"|Board, Conferences, Financials
| style="width:20%; background:#cccccc" align="center"|USA
| style="width:20%; background:#cccccc" align="center"|?
|-
| style="width:20%; background:#cccccc" align="center"|Dinis Cruz
| style="width:40%; background:#cccccc" align="center"|Board, Firehose of Ideas and Money spender
| style="width:20%; background:#cccccc" align="center"|UK
| style="width:20%; background:#cccccc" align="center"|London
|-
| style="width:20%; background:#cccccc" align="center"|Tom Brennan
| style="width:40%; background:#cccccc" align="center"|Board, OWASP Governance
| style="width:20%; background:#cccccc" align="center"|USA
| style="width:20%; background:#cccccc" align="center"|?
|-
| style="width:20%; background:#cccccc" align="center"|Sebastien Deleersnyder
| style="width:40%; background:#cccccc" align="center"|Board, OWASP Chapters and Projects
| style="width:20%; background:#cccccc" align="center"|Belgium
| style="width:20%; background:#cccccc" align="center"|?
|-
| style="width:20%; background:#cccccc" align="center"|Paulo Coimbra
| style="width:40%; background:#cccccc" align="center"|Employee, Project Manager
| style="width:20%; background:#cccccc" align="center"|UK
| style="width:20%; background:#cccccc" align="center"|London
|-
| style="width:20%; background:#cccccc" align="center"|Kate Hartmann
| style="width:40%; background:#cccccc" align="center"|Employee, Operations Director
| style="width:20%; background:#cccccc" align="center"|USA
| style="width:20%; background:#cccccc" align="center"|?
|-
| style="width:20%; background:#cccccc" align="center"|Alison McNamee
| style="width:40%; background:#cccccc" align="center"|Employee, Accounting
| style="width:20%; background:#cccccc" align="center"|USA
| style="width:20%; background:#cccccc" align="center"|?
|-
| style="width:20%; background:#cccccc" align="center"|Larry Casey
| style="width:40%; background:#cccccc" align="center"|Employee, Director of Information Technology
| style="width:20%; background:#cccccc" align="center"|USA
| style="width:20%; background:#cccccc" align="center"|?
|-
! colspan="7" align="left" style="background:white; color:black"|'''OWASP SUMMER OF CODE 2008 PROJECT LEADERS & REVIEWERS'''
|-
| style="width:20%; background:#cccccc" align="center"|Achim Hoffmann
| style="width:40%; background:#cccccc" align="center"|Reviewer, OWASP Skavenger Project, OWASP w3af Project
| style="width:20%; background:#cccccc" align="center"|Germany
| style="width:20%; background:#cccccc" align="center"|Frankfurt or Munich
|-
| style="width:20%; background:#cccccc" align="center"|Alexander Fry
| style="width:40%; background:#cccccc" align="center"|Reviewer, OWASP Source Code Review OWASP Projects OWASP Teachable Static Analysis Workbench OWASP WeBekci Project
| style="width:20%; background:#cccccc" align="center"|USA
| style="width:20%; background:#cccccc" align="center"|?
|-
| style="width:20%; background:#cccccc" align="center"|Andrew Petukhov
| style="width:40%; background:#cccccc" align="center"|Project leader, OWASP Access Control Rules Tester Project
| style="width:20%; background:#cccccc" align="center"|Russia
| style="width:20%; background:#cccccc" align="center"|Moscow
|-
| style="width:20%; background:#cccccc" align="center"|Arturo Alberto Busleiman
| style="width:40%; background:#cccccc" align="center"|Project leader, OWASP Enigform and mod_Openpgp
| style="width:20%; background:#cccccc" align="center"|Argentina
| style="width:20%; background:#cccccc" align="center"|?
|-
| style="width:20%; background:#cccccc" align="center"|Carlo Pelliccioni
| style="width:40%; background:#cccccc" align="center"|Project leader, OWASP Backend Security Project
| style="width:20%; background:#cccccc" align="center"|Italy
| style="width:20%; background:#cccccc" align="center"|?
|-
| style="width:20%; background:#cccccc" align="center"|Eduardo Vianna de Camargo Neves
| style="width:40%; background:#cccccc" align="center"|Project leader, OWASP Positive Security
| style="width:20%; background:#cccccc" align="center"|Brazil
| style="width:20%; background:#cccccc" align="center"|?
|-
| style="width:20%; background:#cccccc" align="center"|Eoin Keary
| style="width:40%; background:#cccccc" align="center"|Project leader, OWASP Code Review Guide
| style="width:20%; background:#cccccc" align="center"|Ireland
| style="width:20%; background:#cccccc" align="center"|?
|-
| style="width:20%; background:#cccccc" align="center"|Esteban Ribicic
| style="width:40%; background:#cccccc" align="center"|Reviewer, OWASP Backend Security Project OWASP Classic ASP Security Project OWASP AntiSamy .NET OWASP Interceptor Project - 2008 Update
| style="width:20%; background:#cccccc" align="center"|Croatia
| style="width:20%; background:#cccccc" align="center"|Wien
|-
| style="width:20%; background:#cccccc" align="center"|Fabio Cerullo
| style="width:40%; background:#cccccc" align="center"|Reviewer, OWASP Internationalization Guidelines Project OWASP Spanish Project
| style="width:20%; background:#cccccc" align="center"|Ireland
| style="width:20%; background:#cccccc" align="center"|?
|-
| style="width:20%; background:#cccccc" align="center"|Frederick Donovan
| style="width:40%; background:#cccccc" align="center"|Reviewer, OWASP Application Security Desk Reference (ASDR)
| style="width:20%; background:#cccccc" align="center"|United States
| style="width:20%; background:#cccccc" align="center"|?
|-
| style="width:20%; background:#cccccc" align="center"|Heiko Webers
| style="width:40%; background:#cccccc" align="center"|Project leader, OWASP Ruby on Rails Security Project
| style="width:20%; background:#cccccc" align="center"|Germany
| style="width:20%; background:#cccccc" align="center"|Frankfurt
|-
| style="width:20%; background:#cccccc" align="center"|Juan Carlos Calderon
| style="width:40%; background:#cccccc" align="center"|Project leader, OWASP Internationalization Guidelines OWASP Spanish Project OWASP Classic ASP Security Project
| style="width:20%; background:#cccccc" align="center"|Mexico
| style="width:20%; background:#cccccc" align="center"|?
|-
| style="width:20%; background:#cccccc" align="center"|Justin Derry
| style="width:40%; background:#cccccc" align="center"|Chapter leader & Project Leader, OWASP Interceptor Project
| style="width:20%; background:#cccccc" align="center"|Sydney Australia
| style="width:20%; background:#cccccc" align="center"|Sydney Australia
|-
| style="width:20%; background:#cccccc" align="center"|Kevin Fuller
| style="width:40%; background:#cccccc" align="center"|Reviewer, OWASP Testing Guide v3 OWASP SQL Injector Benchmarking Project (SQLiBENCH)
| style="width:20%; background:#cccccc" align="center"|USA
| style="width:20%; background:#cccccc" align="center"|Sacramento Ca
|-
| style="width:20%; background:#cccccc" align="center"|Leonardo Cavallari Militelli
| style="width:40%; background:#cccccc" align="center"|Project leader, OWASP Application Security Desk Reference (ASDR)
| style="width:20%; background:#cccccc" align="center"|Brazil
| style="width:20%; background:#cccccc" align="center"|?
|-
| style="width:20%; background:#cccccc" align="center"|Mark Roxberry
| style="width:40%; background:#cccccc" align="center"|Leader, OWASP .NET Project
| style="width:20%; background:#cccccc" align="center"|USA
| style="width:20%; background:#cccccc" align="center"|?
|-
| style="width:20%; background:#cccccc" align="center"|Matt Tesauro
| style="width:40%; background:#cccccc" align="center"|Project Leader, OWASP Live CD 2008
| style="width:20%; background:#cccccc" align="center"|USA
| style="width:20%; background:#cccccc" align="center"|Austin
|-
| style="width:20%; background:#cccccc" align="center"|Matthias Rohr
| style="width:40%; background:#cccccc" align="center"|Project leader, OWASP Skavenger Project
| style="width:20%; background:#cccccc" align="center"|Germany
| style="width:20%; background:#cccccc" align="center"|?
|-
| style="width:20%; background:#cccccc" align="center"|Michael Coates
| style="width:40%; background:#cccccc" align="center"|Project leader, OWASP AppSensor
| style="width:20%; background:#cccccc" align="center"|USA
| style="width:20%; background:#cccccc" align="center"|Chicago
|-
| style="width:20%; background:#cccccc" align="center"|Nam Nguyen
| style="width:40%; background:#cccccc" align="center"|Reviewer, OWASP Testing Guide v3, Python Static Analysis, OWASP Education
| style="width:20%; background:#cccccc" align="center"|Vietnam
| style="width:20%; background:#cccccc" align="center"|Ho Chi Minh City
|-
| style="width:20%; background:#cccccc" align="center"|P.Satish Kumar
| style="width:40%; background:#cccccc" align="center"|Reviewer, OWASP Code Review Guide
| style="width:20%; background:#cccccc" align="center"|India
| style="width:20%; background:#cccccc" align="center"|Hyderabad
|-
| style="width:20%; background:#cccccc" align="center"|Paolo Perego
| style="width:40%; background:#cccccc" align="center"|Project Leader, OWASP Orizon Project
| style="width:20%; background:#cccccc" align="center"|Italy
| style="width:20%; background:#cccccc" align="center"|?
|-
| style="width:20%; background:#cccccc" align="center"|Parvathy Iyer
| style="width:40%; background:#cccccc" align="center"|OWASP Corporate Application Security Guide
| style="width:20%; background:#cccccc" align="center"|USA
| style="width:20%; background:#cccccc" align="center"|?
|-
| style="width:20%; background:#cccccc" align="center"|Pierre Parrend
| style="width:40%; background:#cccccc" align="center"|Reviewer, OWASP OpenSign Server Project OWASP Application Security Verification Standard
| style="width:20%; background:#cccccc" align="center"|France
| style="width:20%; background:#cccccc" align="center"|?
|-
| style="width:20%; background:#cccccc" align="center"|Stephen Craig Evans
| style="width:40%; background:#cccccc" align="center"|Project leader, OWASP Securing WebGoat using ModSecurity
| style="width:20%; background:#cccccc" align="center"|Singapore
| style="width:20%; background:#cccccc" align="center"|Singapore
|-
| style="width:20%; background:#cccccc" align="center"|Name
| style="width:40%; background:#cccccc" align="center"|
| style="width:20%; background:#cccccc" align="center"|
| style="width:20%; background:#cccccc" align="center"|
|-
! colspan="7" align="left" style="background:white; color:black"|'''OWASP SUMMER OF CODE 2008 SPECIAL PROJECT CONTRIBUTORS'''
|-
| style="width:20%; background:#cccccc" align="center"|Name
| style="width:40%; background:#cccccc" align="center"|
| style="width:20%; background:#cccccc" align="center"|
| style="width:20%; background:#cccccc" align="center"|
|-
| style="width:20%; background:#cccccc" align="center"|Name
| style="width:40%; background:#cccccc" align="center"|
| style="width:20%; background:#cccccc" align="center"|
| style="width:20%; background:#cccccc" align="center"|
|-
! colspan="7" align="left" style="background:white; color:black"|'''OWASP SUMMER OF CODE 2008/LOGISTICS'''
|-
| style="width:20%; background:#cccccc" align="center"|Sarah Cruz
| style="width:40%; background:#cccccc" align="center"|Project leader, Graphic Design
| style="width:20%; background:#cccccc" align="center"|UK
| style="width:20%; background:#cccccc" align="center"|London
|-
| style="width:20%; background:#cccccc" align="center"|Name
| style="width:40%; background:#cccccc" align="center"|
| style="width:20%; background:#cccccc" align="center"|
| style="width:20%; background:#cccccc" align="center"|
|-
! colspan="7" align="left" style="background:white; color:black"|'''OWASP SPRING OF CODE 2007 PROJECT LEADERS & REVIEWERS'''
|-
| style="width:20%; background:#cccccc" align="center"|Przemyslaw Skowron
| style="width:40%; background:#cccccc" align="center"|Project Leader, Refresh Attacks List
| style="width:20%; background:#cccccc" align="center"|Poland
| style="width:20%; background:#cccccc" align="center"|?
|-
| style="width:20%; background:#cccccc" align="center"|Name
| style="width:40%; background:#cccccc" align="center"|
| style="width:20%; background:#cccccc" align="center"|
| style="width:20%; background:#cccccc" align="center"|
|-
! colspan="7" align="left" style="background:white; color:black"|'''OWASP AUTUMN OF CODE 2006 PROJECT LEADERS & REVIEWERS'''
|-
| style="width:20%; background:#cccccc" align="center"|Rogan Dawes
| style="width:40%; background:#cccccc" align="center"|Project leader, WebScarab-NG
| style="width:20%; background:#cccccc" align="center"|South Africa
| style="width:20%; background:#cccccc" align="center"|?
|-
| style="width:20%; background:#cccccc" align="center"|Simon Roses Femerling
| style="width:40%; background:#cccccc" align="center"|Project leader, OWASP Pantera
| style="width:20%; background:#cccccc" align="center"|Spain
| style="width:20%; background:#cccccc" align="center"|?
|-
| style="width:20%; background:#cccccc" align="center"|Name
| style="width:40%; background:#cccccc" align="center"|
| style="width:20%; background:#cccccc" align="center"|
| style="width:20%; background:#cccccc" align="center"|
|-
! colspan="7" align="left" style="background:white; color:black"|'''ACTIVE PROJECT LEADERS (NOT CURRENTLY PARTICIPATING ON SOC 08)'''
|-
| style="width:20%; background:#cccccc" align="center"|Alex Smolen
| style="width:40%; background:#cccccc" align="center"| Project leader, .NET ESAPI
| style="width:20%; background:#cccccc" align="center"|USA
| style="width:20%; background:#cccccc" align="center"|?
|-
| style="width:20%; background:#cccccc" align="center"|Name
| style="width:40%; background:#cccccc" align="center"|
| style="width:20%; background:#cccccc" align="center"|
| style="width:20%; background:#cccccc" align="center"|
|-
! colspan="7" align="left" style="background:white; color:black"|'''ACTIVE CHAPTER LEADERS (NOT CURRENTLY PARTICIPATING ON SOC 08)'''
|-
| style="width:20%; background:#cccccc" align="center"|Antti Laulajainen
| style="width:40%; background:#cccccc" align="center"|Chapter leader, Helsinki
| style="width:20%; background:#cccccc" align="center"|Finland
| style="width:20%; background:#cccccc" align="center"|?
|-
| style="width:20%; background:#cccccc" align="center"|Steve Antoniewicz
| style="width:40%; background:#cccccc" align="center"|Chapter Board Member, NY/NJ Metro
| style="width:20%; background:#cccccc" align="center"|USA
| style="width:20%; background:#cccccc" align="center"|?
|-
| style="width:20%; background:#cccccc" align="center"|Kuai Hinojosa
| style="width:40%; background:#cccccc" align="center"|Chapter leader, Twin-Cities
| style="width:20%; background:#cccccc" align="center"|USA
| style="width:20%; background:#cccccc" align="center"|?
|-
| style="width:20%; background:#cccccc" align="center"|Jim Manico
| style="width:40%; background:#cccccc" align="center"|Chapter leader/founder, Hawaii
| style="width:20%; background:#cccccc" align="center"|Hawaii, USA
| style="width:20%; background:#cccccc" align="center"|Anahola, Island of Kauai
|-
| style="width:20%; background:#cccccc" align="center"|Rex Booth
| style="width:40%; background:#cccccc" align="center"|Chapter leader, Washington DC
| style="width:20%; background:#cccccc" align="center"|USA
| style="width:20%; background:#cccccc" align="center"|?
|-
| style="width:20%; background:#cccccc" align="center"|Name
| style="width:40%; background:#cccccc" align="center"|
| style="width:20%; background:#cccccc" align="center"|
| style="width:20%; background:#cccccc" align="center"|
|-
! colspan="7" align="left" style="background:white; color:black"|'''SIGNIFICANT PAST OWASP CONTRIBUTOR (THAT IS NOT ALREADY COVERED BY ONE OF THE ABOVE CATEGORIES)'''
|-
| style="width:20%; background:#cccccc" align="center"|Name
| style="width:40%; background:#cccccc" align="center"|
| style="width:20%; background:#cccccc" align="center"|
| style="width:20%; background:#cccccc" align="center"|
|-
! colspan="7" align="left" style="background:white; color:black"|'''OWASP NON-INDIVIDUAL MEMBERS'''
|-
| style="width:20%; background:#cccccc" align="center"|Name
| style="width:40%; background:#cccccc" align="center"|
| style="width:20%; background:#cccccc" align="center"|
| style="width:20%; background:#cccccc" align="center"|
|-
|}

==Agenda and Presentations - November 4-7 ==

Under development. Please contact michael.coates{at}aspectsecurity.com with any questions or feedback.

The agenda follows the successful OWASP conference two tracks format, with opening keynotes and presentations in the main auditorium, split tracks in the middle of the day, and closing pannel discussions back in the main auditorium both days.

{| style="width:80%" border="0" align="center"
! colspan="3" align="center" style="background:#4058A0; color:white" | Day 3 - November 6, 2008
|-
| style="width:10%; background:#7B8ABD" | || style="width:40%; background:#BC857A" | Track 1: <Room 1>
| style="width:40%; background:#BCA57A" | Track 2: Council Room
|-
| style="width:10%; background:#7B8ABD" | 08:00-09:00 || colspan="2" style="width:80%; background:#C2C2C2" align="left" | Registration and Coffee <Diamond Sponsor>
|-
| style="width:10%; background:#7B8ABD" | 09:00-09:05 || colspan="2" style="width:80%; background:#F2F2F2" align="center" | Welcome to OWASP Summit Europe 2008
''speaker, company''
|-
| style="width:10%; background:#7B8ABD" | 09:05-09:45 || colspan="2" style="width:80%; background:#F2F2F2" align="center" | Keynote: text [https://www.owasp.org/ link]
''speaker, company''
|-
| style="width:10%; background:#7B8ABD" | 09:45-10:20 || colspan="2" style="width:80%; background:#F2F2F2" align="center" | OWASP State of the Union
''Dinis Cruz''
|-
| style="width:10%; background:#7B8ABD" | 10:20-10:40 || colspan="2" style="width:80%; background:#C2C2C2" align="left" | Break - Expo - CTF
|-
| style="width:10%; background:#7B8ABD" | 10:40-10:55 || style="width:40%; background:#BC857A" align="left" | [[SummitEU08_link | OWASP Classic ASP Security Project
]]
''[[user link | Speaker]], Company''
| style="width:40%; background:#BCA57A" align="left" | [[SummitEU08_link | OWASP Enigform and mod_Openpgp]]
''[[user link | Speaker]], Company''
|-
| style="width:10%; background:#7B8ABD" | 11:00-11:15 || style="width:40%; background:#BC857A" align="left" | [[SummitEU08_link | OWASP Corporate Application security guide
]]
''[[user link | Speaker]], Company''
| style="width:40%; background:#BCA57A" align="left" | [[SummitEU08_link | OWASP OpenSign Server Project]]
''[[user link | Speaker]], Company''
|-
| style="width:10%; background:#7B8ABD" | 11:20-11:35 || style="width:40%; background:#BC857A" align="left" | [[SummitEU08_link | OWASP Internationalization Guidelines
]]
''[[user link | Speaker]], Company''
| style="width:40%; background:#BCA57A" align="left" | [[SummitEU08_link | OWASP Access Control Rules Tester Project]]
''[[user link | Speaker]], Company''
|-
| style="width:10%; background:#7B8ABD" | 11:40-11:55 || style="width:40%; background:#BC857A" align="left" | [[SummitEU08_link | OWASP ASDR
]]
''[[user link | Speaker]], Company''
| style="width:40%; background:#BCA57A" align="left" | [[SummitEU08_link | OWASP Orizon Project]]
''[[user link | Speaker]], Company''
|-
| style="width:10%; background:#7B8ABD" | 12:00-12:15 || style="width:40%; background:#BC857A" align="left" | [[SummitEU08_link | Refresh Attacks list
]]
''[[user link | Speaker]], Company''
| style="width:40%; background:#BCA57A" align="left" | [[SummitEU08_link | OWASP Skavenger Project]]
''[[user link | Speaker]], Company''
|-
| style="width:10%; background:#7B8ABD" | 12:20-12:35 || style="width:40%; background:#BC857A" align="left" | [[SummitEU08_link | OWASP Spanish Project
]]
''[[user link | Speaker]], Company''
| style="width:40%; background:#BCA57A" align="left" | [[SummitEU08_link | WebScarab-NG]]
''[[user link | Speaker]], Company''
|-
| style="width:10%; background:#7B8ABD" | 12:35-14:00 || colspan="2" style="width:80%; background:#C2C2C2" align="left" | Lunch - Expo - CTF
|-
| style="width:10%; background:#7B8ABD" | 14:00-14:15 || style="width:40%; background:#BC857A" align="left" | [[SummitEU08_link | OWASP Code Review Guide Lead
]]
''[[user link | Speaker]], Company''
| style="width:40%; background:#BCA57A" align="left" | [[SummitEU08_link | OWASP Pantera]]
''[[user link | Speaker]], Company''
|-
| style="width:10%; background:#7B8ABD" | 14:20-14:35 || style="width:40%; background:#BC857A" align="left" | [[SummitEU08_link | OWASP Ruby on Rails Security Project
]]
''[[user link | Speaker]], Company''
| style="width:40%; background:#BCA57A" align="left" | [[SummitEU08_link | OWASP Live CD 2008]]
''[[user link | Speaker]], Company''
|-
| style="width:10%; background:#7B8ABD" | 14:40-14:55 || style="width:40%; background:#BC857A" align="left" | [[SummitEU08_link | OWASP AppSensor
]]
''[[user link | Speaker]], Company''
| style="width:40%; background:#BCA57A" align="left" | [[SummitEU08_link | OWASP Teachable Static Analysis Workbench]]
''[[user link | Speaker]], Company''
|-
| style="width:10%; background:#7B8ABD" | 15:00-15:15 || style="width:40%; background:#BC857A" align="left" | [[SummitEU08_link | OWASP Securing WebGoat using ModSecurity
]]
''[[user link | Speaker]], Company''
| style="width:40%; background:#BCA57A" align="left" | [[SummitEU08_link | OWASP WeBekci Project]]
''[[user link | Speaker]], Company''
|-
| style="width:10%; background:#7B8ABD" | 15:20-15:35 || style="width:40%; background:#BC857A" align="left" | [[SummitEU08_link | OWASP Positive Security
]]
''[[user link | Speaker]], Company''
| style="width:40%; background:#BCA57A" align="left" | [[SummitEU08_link | OWASP Source Code Review OWASP Projects]]
''[[user link | Speaker]], Company''
|-
| style="width:10%; background:#7B8ABD" | 15:35-15:55 || colspan="2" style="width:80%; background:#C2C2C2" align="left" | Break - Expo - CTF
|-
| style="width:10%; background:#7B8ABD" | 16:00-16:15 || style="width:40%; background:#BC857A" align="left" | [[SummitEU08_link | OWASP Backend Security Project
]]
''[[user link | Speaker]], Company''
| style="width:40%; background:#BCA57A" align="left" | [[SummitEU08_link | title]]
''[[user link | Speaker]], Company''
|-
| style="width:10%; background:#7B8ABD" | 16:20-16:35 || style="width:40%; background:#BC857A" align="left" | [[SummitEU08_link | TBD]]
''[[user link | Speaker]], Company''
| style="width:40%; background:#BCA57A" align="left" | [[SummitEU08_link | TBD]]
''[[user link | Speaker]], Company''
|-
| style="width:10%; background:#7B8ABD" | 16:40-16:45 || style="width:40%; background:#BC857A" align="left" | [[SummitEU08_link | TBD
]]
''[[user link | Speaker]], Company''
| style="width:40%; background:#BCA57A" align="left" | [[SummitEU08_link | TBD]]
''[[user link | Speaker]], Company''
|-
| style="width:10%; background:#7B8ABD" | 17:00-18:00 || colspan="2" style="width:80%; background:#C2C2C2" align="left" | [[SummitEU08_link | Event Title ]] Organized by
|-
|-
| style="width:10%; background:#7B8ABD" | 19:00-21:00 || colspan="2" style="width:80%; background:#C2C2C2" align="left" | OWASP Social Gathering: Dinner and Drinks at ...
|-
! colspan="3" align="center" style="background:#4058A0; color:white" | Day 4 - November 7, 2008
|-
| style="width:10%; background:#7B8ABD" | || style="width:40%; background:#BC857A" | Track 1: <Room 1>
| style="width:40%; background:#BCA57A" | Track 2: <Room 2 pending>
|-
| style="width:10%; background:#7B8ABD" | 08:00-09:00 || colspan="2" style="width:80%; background:#C2C2C2" align="left" | Registration and Coffee <Diamond Sponsor>
|-
| style="width:10%; background:#7B8ABD" | 09:00-09:45 || colspan="2" style="width:80%; background:#F2F2F2" align="center" | Keynote: text [https://www.owasp.org/ link]
''speaker, company''
|-
| style="width:10%; background:#7B8ABD" | 09:45-10:20 || colspan="2" style="width:80%; background:#F2F2F2" align="center" | OWASP Looking Forward
''speaker, company''
|-
| style="width:10%; background:#7B8ABD" | 10:20-10:40 || colspan="2" style="width:80%; background:#C2C2C2" align="left" | Break - Expo - CTF
|-
| style="width:10%; background:#7B8ABD" | 10:40-11:05 || style="width:40%; background:#BC857A" align="left" | [[SummitEU08_link | Release Quality Project TBD
]]
''[[user link | Speaker]], Company''
| style="width:40%; background:#BCA57A" align="left" | [[SummitEU08_link | ESAPI]]
''[[user link | Speaker]], Company''
|-
| style="width:10%; background:#7B8ABD" | 11:10-11:35 || style="width:40%; background:#BC857A" align="left" | [[SummitEU08_link | Release Quality Project TBD]]
''[[user link | Speaker]], Company''
| style="width:40%; background:#BCA57A" align="left" | [[SummitEU08_link | Key OWASP projects TBD]]
''[[user link | Speaker]], Company''
|-
| style="width:10%; background:#7B8ABD" | 11:40-12:30 || colspan="2" style="width:80%; background:#F2F2F2" align="center" | OWASP Financials & Operations
|-
| style="width:10%; background:#7B8ABD" | 12:30-14:00 || colspan="2" style="width:80%; background:#C2C2C2" align="left" | Lunch - Expo - CTF
|-
| style="width:10%; background:#7B8ABD" | 14:00-14:55 || colspan="2" style="width:80%; background:#F2F2F2" align="center" | OWASP On the Move (OoTM), Project Management, Governance
|-
| style="width:10%; background:#7B8ABD" | 15:00-15:55 || colspan="2" style="width:80%; background:#F2F2F2" align="center" | Chapter Leaders Development Update
|-
| style="width:10%; background:#7B8ABD" | 16:00-16:50 || colspan="2" style="width:80%; background:#F2F2F2" align="center" | OWASP next Steps, Financial Investment Plans
|-
| style="width:10%; background:#7B8ABD" | 15:50-16:05 || colspan="2" style="width:80%; background:#C2C2C2" align="left" | Break - Expo - CTF
|-
| style="width:10%; background:#7B8ABD" | 16:05-16:55 || colspan="2" style="width:80%; background:#F2F2F2" align="center" | TBD
|-
| style="width:10%; background:#7B8ABD" | 18:00-19:00 || colspan="2" style="width:80%; background:#C2C2C2" align="left" | [[SummitEU08_link | Event Title ]] Organized by
|-
| style="width:10%; background:#7B8ABD" | 19:00-21:00 || colspan="2" style="width:80%; background:#C2C2C2" align="left" | OWASP Social Gathering: Dinner and Drinks at ...}
|-
|}

Venue: <address> [http://owasp.org Google Maps Link]

Registration is available via the OWASP Conference Cvent site at: [http://owasp.org Cvent link]

Project Information:template Backend Security Project - 50 Review - First Reviewer - C

2008-07-18T14:18:26Z

Kisero:

[[Project Information:template Backend Security Project|Click here to return to the previous page]].

{| style="width:100%" border="0" align="center"
! colspan="3" align="center" style="background:#4058A0; color:white"|'''50% REVIEW PROCESS'''
|-
| style="width:25%; background:#7B8ABD" align="center"|
Project Deliveries & Objectives
| colspan="2" style="width:75%; background:#cccccc" align="left"|
[[OWASP Summer of Code 2008 Applications - Need Futher Clarifications#OWASP Backend Security Project|OWASP Backend Security Project's Deliveries & Objectives]]
|-
| style="width:25x%; background:#4058A0" align="center"|'''QUESTIONS'''
| colspan="2" style="width:75%; background:#4058A0" align="left"|'''ANSWERS'''
|-
| style="width:25%; background:#7B8ABD" align="center"|
1. At what extent have the project deliveries & objectives been accomplished? Having in consideration [[OWASP Summer of Code 2008 Applications - Need Futher Clarifications#OWASP Backend Security Project|'''the assumed ones''']], please exemplify writing down those of them that haven't been realised.
| colspan="2" style="width:75%; background:#cccccc" align="left"|
Missing/Incomplete task are:
 
 - postgresql hardening and database security testing
 - java security programming
 
|-
| style="width:25%; background:#7B8ABD" align="center"|

2. At what extent have the project deliveries & objectives been accomplished? Having in consideration [[OWASP Summer of Code 2008 Applications - Need Futher Clarifications#OWASP Backend Security Project|'''the assumed ones''']], please quantify in terms of percentage.
| colspan="2" style="width:75%; background:#cccccc" align="left"|
Project has gone up to %70 of completion.
|-
|-
| style="width:25%; background:#7B8ABD" align="center"|
3. Please do use the right hand side column to provide advice and make work suggestions.
| colspan="2" style="width:75%; background:#cccccc" align="left"|
contributor don't write directly on the wiki and that gives the impression the project is not moving forward.
|}

Project Information:template AntiSamy Project - 50 Review - First Reviewer - C

2008-07-18T14:12:57Z

Kisero:

[[Project Information:template AntiSamy Project|Click here to return to the previous page]].

{| style="width:100%" border="0" align="center"
! colspan="3" align="center" style="background:#4058A0; color:white"|'''50% REVIEW PROCESS'''
|-
| style="width:25%; background:#7B8ABD" align="center"|
Project Deliveries & Objectives
| colspan="2" style="width:75%; background:#cccccc" align="left"|
[[OWASP Summer of Code 2008 Applications#OWASP AntiSamy .NET|OWASP AntiSamy .NET Project's Deliveries & Objectives]]
|-
| style="width:25x%; background:#4058A0" align="center"|'''QUESTIONS'''
| colspan="2" style="width:75%; background:#4058A0" align="left"|'''ANSWERS'''
|-
| style="width:25%; background:#7B8ABD" align="center"|
1. At what extent have the project deliveries & objectives been accomplished? Having in consideration [[OWASP Summer of Code 2008 Applications#OWASP AntiSamy .NET|'''the assumed ones''']], please exemplify writing down those of them that haven't been realised.
| colspan="2" style="width:75%; background:#cccccc" align="left"|
The majority of the coding for this project is complete.
|-
| style="width:25%; background:#7B8ABD" align="center"|

2. At what extent have the project deliveries & objectives been accomplished? Having in consideration [[OWASP Summer of Code 2008 Applications#OWASP AntiSamy .NET|'''the assumed ones''']], please quantify in terms of percentage.
| colspan="2" style="width:75%; background:#cccccc" align="left"|
There's 12 products to be delivered, all of them on %100 completion unless one (AntiSamyDOMScanner) on %20. Clearly showing excellent timing!
|-
|-
| style="width:25%; background:#7B8ABD" align="center"|
3. Please do use the right hand side column to provide advice and make work suggestions.
| colspan="2" style="width:75%; background:#cccccc" align="left"|

We will need beta testers within a week or two.
|}

OWASP EU Summit 2008

2008-07-02T09:41:43Z

Kisero:

(WORK IN PROGRESS /UNDER DISCUSSION)

== What: OWASP Summit, a conference about OWASP and for OWASP's community ==
=== When: 4 to 7 Nov 2008 (4 & 5: Meetings and Training, 6 & 7: Conference) ===
=== Where: Portugal ===
Faro or Lisbon
=== Organization===
Paulo Coimbra and Dinis Cruz
== Agenda ==
Theme: Present OWASP's projects, community and activities ..... '....Connecting the dots.... "

'''Day 1 & 2'''
*Training sessions (similar to what happens at the moment at the other OWASP conferences)
*OWASP Working Group sessions (1/2 day each) on:
** OWASP Governance, "What is OWASP's position on ...." & Action Plan for 2009
** ESAPI
** Browser Security
** OWASP Top 10 2009

'''Day 3 & 4 Agenda:'''
* Presentations from AoC, SpoC and SoC Participants
* Presentations from 'Release' Quality OWASP projects (not included in the list above) or Key OWASP projects (like ESAPI)
* Presentations about OWASP : How it works, Financial reports, OotM (OWASP on the Move), new project management guidelines, local chapter finances, OWASP governance
* Presentation from Chapter leaders on the activities developed on their project
* Discussion on next steps for OWASP and focus of next OWASP financial investment plans

Other ideas:

* vote on 6th OWASP board member (Candidates to Apply)

== other details==

'''Projected Attendees:450 '''
* 200 with some (or all) expenses covered by OWASP
** 33 SoC participants
** 70 SoC reviewers
** 10 SoC Collaborators
** 15 AoC & SpoC participants
** 15 Chapter Leaders
** 8 OWASP Board & Employees
** 49 OWASP non-individual members (2x per 9k Corporate? 1x for the others?)

=== Financial details ===
'''Expenses'''
* Accommodation & meals: 80,000 USD = 400 USD per person (200x) for 3 nights accommodation and 5 meals (3 dinners and 2 lunches)
* Flights & Trains : 70,000 USD

'''Revenue sources'''
* Tickets (for the 250 non 'OWASP invited' attendees)
* Training Sessions
* Conference sponsors

== Participants ==
=== OWASP Board members & employees ===
* Jeff Williams
* Dave Wichers
* Dinis Cruz
* Tom Brennan
* Sebastien Deleersnyder
* Paulo Coimbra
* Kate Hartmann (to be confirmed)
* Alison McNamee (to be confirmed)
* Larry Casey (to be confirmed)

=== Summer of Code 08 Participants & Reviewers ===
* (please add your name in the following format)
* OWASP Classic ASP Security Project Reviewer Esteban Ribicic Argentina -living in Croatia/Wien-
* OWASP Internationalization Guidelines Reviewer Project Esteban Ribicic
* OWASP Spanish Project Reviewer Esteban Ribicic

=== Winter of Code 07 Participants (Completed Projects) ===
* (please add your name)
* {Project} {Name} {Origin Country}

=== Autumn of Code 06 Participants ===
* (please add your name)
* {Project} {Name} {Origin Country}

* OWASP Pantera, Simon Roses Femerling, Spain

=== Active Chapter Leaders ===
* (please add your name in the following format)
* {Chapter} {Role} {Name} {Origin Country}

=== Active Project Leaders (not currently participating on SoC 08)===
* (please add your name in the following format)
* {Project} {Role} {Name} {Origin Country}

=== Significant Past OWASP contributor (that is not already covered by one of the above categories) ===
* (please add your name in the following format)
* {Project/Chapter} {Role} {Name} {Origin Country}

=== Logistic and Support team ===
* Summit Graphic Design + Summit organization + on-site logistics support, Sarah Cruz, UK (London)

Project Information:template Spanish Project 50 Review Second Review E

2008-06-30T07:15:45Z

Kisero:

[[Project Information:template Spanish Project|Click here to return to the previous page]].

{| style="width:100%" border="0" align="center"
! colspan="3" align="center" style="background:#4058A0; color:white"|'''50% REVIEW PROCESS'''
|-
| style="width:25%; background:#7B8ABD" align="center"|
Project Deliveries & Objectives
| colspan="2" style="width:75%; background:#cccccc" align="left"|
[[OWASP Summer of Code 2008 Applications#Internationalization Guidelines and OWASP-Spanish Project|OWASP Spanish Project's Deliveries & Objectives]]
|-
| style="width:25x%; background:#4058A0" align="center"|'''QUESTIONS'''
| colspan="2" style="width:75%; background:#4058A0" align="left"|'''ANSWERS'''
|-
| style="width:25%; background:#7B8ABD" align="center"|
1. At what extent have the project deliveries & objectives been accomplished? Having in consideration [[OWASP Summer of Code 2008 Applications#Internationalization Guidelines and OWASP-Spanish Project|'''the assumed ones''']], please exemplify writing down those of them that haven't been realised.
| colspan="2" style="width:75%; background:#cccccc" align="left"|
The project contains 122 work packages grouped in three main elements:
 -Main Elements (15+ tasks)
 -Release Level Project Pages (50+ tasks)
 -Beta Level Project Pages (20+ tasks)
 -Alpha Level Project Pages (30+ tasks)
General alligments between OWASP and Project Author regarding formatting, multilingual support and guidelines have been achieved. Translation of document uses a cross check process with two members per document, this enhance the quality of the products to be delivered. So far we are just under %50 of the overall deliverable.
|-
| style="width:25%; background:#7B8ABD" align="center"|

2. At what extent have the project deliveries & objectives been accomplished? Having in consideration [[OWASP Summer of Code 2008 Applications#Internationalization Guidelines and OWASP-Spanish Project|'''the assumed ones''']], please quantify in terms of percentage.
| colspan="2" style="width:75%; background:#cccccc" align="left"|
Overal site translation is %50 approximately. Tools are being studied on how to perform the translation in accordance to the tools authors and then translation will be required. Alpha level pages are mostly completed. Beta pages is half way to deliver.
|-
|-
| style="width:25%; background:#7B8ABD" align="center"|
3. Please do use the right hand side column to provide advice and make work suggestions.
| colspan="2" style="width:75%; background:#cccccc" align="left"|
Work is being leaded by the author trough a mailing list that has many members already, all looks fine although translation is a hard work and requires extensive reviewing. The work can be forecasted (words/time) and i think that's the approach the leader is taking in order to make sure they will make on time.
|}

Project Information:template Classic ASP Security Project - 50 Review - First Reviewer - C

2008-06-30T07:01:14Z

Kisero:

[[Project Information:template Classic ASP Security Project|Click here to return to the previous page]].

{| style="width:100%" border="0" align="center"
! colspan="3" align="center" style="background:#4058A0; color:white"|'''50% REVIEW PROCESS'''
|-
| style="width:25%; background:#7B8ABD" align="center"|
Project Deliveries & Objectives
| colspan="2" style="width:75%; background:#cccccc" align="left"|
[[OWASP Summer of Code 2008 Applications#OWASP Classic ASP Security Project|OWASP Classic ASP Security Project's Deliveries & Objectives]]
|-
| style="width:25x%; background:#4058A0" align="center"|'''QUESTIONS'''
| colspan="2" style="width:75%; background:#4058A0" align="left"|'''ANSWERS'''
|-
| style="width:25%; background:#7B8ABD" align="center"|
1. At what extent have the project deliveries & objectives been accomplished? Having in consideration [[OWASP Summer of Code 2008 Applications#OWASP Classic ASP Security Project|'''the assumed ones''']], please exemplify writing down those of them that haven't been realised.
| colspan="2" style="width:75%; background:#cccccc" align="left"|
The project has five main tasks, being them:
 - Creation of a Common Object Repository (time consuming task. The author segregated this work package in smaller pieces and offered a detailed overview of the achievements. %50+ of the work has been donde (not uploaded or linked at this time as would be convenient to upload once is finished. Upon requirement and author agreement documents could be disclosed)
 - Create Documentation <snip> providing additional technology-specific checks. (done)
 - Addition of expression for Code Review Tool to support Classic ASP applications. (done)
 - Implementation of Version 1 of Stinger for ASP either by using an installable COM library or ISAPI. (to be done)
 - This same module will compliment the OWASP Validation Documentation Project. (to be done)
|-
| style="width:25%; background:#7B8ABD" align="center"|

2. At what extent have the project deliveries & objectives been accomplished? Having in consideration [[OWASP Summer of Code 2008 Applications#OWASP Classic ASP Security Project|'''the assumed ones''']], please quantify in terms of percentage.
| colspan="2" style="width:75%; background:#cccccc" align="left"|
As stated before, we have five main work packages. Two of them already delivered in June, the first and main completed up to %53. We have missing two full work packages at this stage:
 - Implementation of Version 1 of Stinger for ASP either by using an installable COM library or ISAPI. (to be done)
 - This same module will compliment the OWASP Validation Documentation Project. (to be done)
|-
|-
| style="width:25%; background:#7B8ABD" align="center"|
3. Please do use the right hand side column to provide advice and make work suggestions.
| colspan="2" style="width:75%; background:#cccccc" align="left"|
Project indicators such communication, task assessment, timing and effort has been managed very well. The project author delivered full documentation at all time. We have confidence things will continue the same way: Smooth and controlled.
|}

Project Information:template Classic ASP Security Project - 50 Review - First Reviewer - C

2008-06-30T07:00:04Z

Kisero:

OWASP Summer of Code 2008 Projects Authors Status Target and Reviewers

2008-06-15T17:33:21Z

Kisero: Added my CV (Esteban Ribicic)

== DOCUMENTATION PROJECTS ==
{| class="wikitable" style="text-align:center"
! width="400" height="18" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | Application
! width="120" align="CENTER" | '''Author'''
! width="60" align="CENTER" | [[:Category:OWASP Project Assessment|'''Status Target''']]
! width="108" align="CENTER" | '''1st Reviewer'''
! width="108" align="CENTER" | '''2nd Reviewer '''
! width="108" align="CENTER" | '''OWASP Board
Reviewer
'''
|-
| height="18" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''[[OWASP Summer of Code 2008 Applications#OWASP Application Security Verification Standard|OWASP Application Security Verification Standard]]'''
| align="CENTER" | Mike Boberski
| align="CENTER" | Beta
| align="CENTER" | [mailto:jeff.williams(at)owasp.org Jeff Williams]
| align="CENTER" | [mailto:pierre.parrend(at)insa-lyon.fr Pierre Parrend] [http://www.rzo.free.fr Curriculum]
| align="CENTER" | Not applicable
|-
| height="18" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''[[OWASP Summer of Code 2008 Applications - Need Futher Clarifications#P017 - OWASP AppSensor - Detect and Respond to Attacks from Within the Application|OWASP AppSensor - Detect and Respond to Attacks from Within the Application]]'''
| align="CENTER" | [mailto:michael.coates(at)aspectsecurity.com Michael Coates]
| align="CENTER" | Beta
| align="CENTER" | [mailto:eric.sheridan(at)aspectsecurity.com Eric Sheridan]
| align="CENTER" | [mailto:thrynn404(at)gmail.com Randy Janinda]
| align="CENTER" | Not applicable
|-
| height="18" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''[[OWASP Summer of Code 2008 Applications - Need Futher Clarifications#OWASP Backend Security Project|OWASP Backend Security Project]]'''
| align="CENTER" | Carlo Pelliccioni
| align="CENTER" | Beta
| align="CENTER" |
| align="CENTER" |
| align="CENTER" | Not applicable
|-
| height="18" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''[[OWASP Summer of Code 2008 Applications#OWASP Classic ASP Security Project|OWASP Classic ASP Security Project]]'''
| align="CENTER" | Juan Carlos Calderon
| align="CENTER" | Beta
| align="CENTER" | [mailto:kisero(at)gmail.com Esteban Ribičić] [http://docs.google.com/Doc?id=df9vbj96_120fzfj4kfk Curriculum]
| align="CENTER" | [mailto:rodrigo@rmarcos.com Rodrigo Marcos]
| align="CENTER" | Not applicable
|-
| height="18" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''[[OWASP Summer of Code 2008 Applications#OWASP Code review guide, V1.1|OWASP Code review guide, V1.1]]'''
| align="CENTER" | Eoin Keary
| align="CENTER" | Quality
| align="CENTER" | [mailto:namn(at)bluemoon.com.vn Nam Nguyen]
| align="CENTER" | [mailto:psatishkumar(at)gmail.com P.Satish Kumar] TBC
| align="CENTER" | Jeff Williams
|-
| height="18" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''[[OWASP Summer of Code 2008 Applications - Need Futher Clarifications#P006 - OWASP Corporate Application Security Rating Guide|OWASP Corporate Application Security Rating Guide]]'''
| align="CENTER" | Parvathy Iyer
| align="CENTER" | Quality
| align="CENTER" | Neal Kirschner Email address?
| align="CENTER" | [mailto:Omar.Sherin(at)infosec2.com Omar Sherin] TBC
| align="CENTER" |
|-
| height="18" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''[[OWASP Summer of Code 2008 Applications#OWASP Education Project|OWASP Education Project]]'''
| align="CENTER" | Martin Knobloch
| align="CENTER" | Quality
| align="CENTER" | [mailto:sebastien.gioria@owasp.fr Sebastien Gioria]
| align="CENTER" | [mailto:namn(at)bluemoon.com.vn Nam Nguyen]
| align="CENTER" |
|-
| height="18" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''[[OWASP Summer of Code 2008 Applications#Internationalization Guidelines and OWASP-Spanish Project|OWASP Internationalization Guidelines and OWASP-Spanish Project]]'''
| align="CENTER" | Juan Carlos Calderon
| align="CENTER" | Beta
| align="CENTER" | [mailto:fabio.e.cerullo(at)aib.ie Fabio Cerullo]
| align="CENTER" | [mailto:kisero(at)gmail.com Esteban Ribičić] [http://docs.google.com/Doc?id=df9vbj96_120fzfj4kfk Curriculum]
| align="CENTER" | Not applicable
|-
| height="18" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''[[OWASP Summer of Code 2008 Applications#OWASP .NET Project Leader|OWASP .NET Project Leader]]'''
| align="CENTER" | Mark Roxberry
| align="CENTER" | Quality
| align="CENTER" | [mailto:eoinkeary(at)gmail.com Eoin Keary]
| align="CENTER" | [mailto:dennis.hurst(at)hp.com Dennis Hurst] TBC
| align="CENTER" | Dinis Cruz
|-
| height="18" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''[[OWASP Summer of Code 2008 Applications - Need Futher Clarifications#P025 OWASP Positive Security Project|OWASP Positive Security Project]]'''
| align="CENTER" | Eduardo Vianna de Camargo Neves
| align="CENTER" | Beta
| align="CENTER" | [mailto:welias(at)conviso.com.br Wagner Elias]
| align="CENTER" | [mailto:ken(at)krvw.com Kenneth Wyk] TBC
| align="CENTER" | Not applicable
|-
| height="18" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''[[OWASP Summer of Code 2008 Applications#The Ruby on Rails Security Guide v2|OWASP Ruby on Rails Security Guide v2]]'''
| align="CENTER" | Heiko Webers
| align="CENTER" | Quality
| align="CENTER" | [mailto:steve.jones(at)unf.edu Steve Jones]
| align="CENTER" | [mailto:jeff.cabaniss(at)gmail.com Jeff Cabaniss]
| align="CENTER" |
|-
| height="18" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''[[OWASP Summer of Code 2008 Applications#Securing WebGoat using ModSecurity|OWASP Securing WebGoat using ModSecurity]]'''
| align="CENTER" | Stephen Evans
| align="CENTER" | Beta
| align="CENTER" | [mailto:ivan.ristic(at)breach.com Ivan Ristic] & Breach Group
| align="CENTER" |
| align="CENTER" | Not applicable
|-
| height="18" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''[[OWASP Summer of Code 2008 Applications - Need Futher Clarifications#Source Code Review OWASP Projects|OWASP Source Code Review OWASP Projects]]'''
| align="CENTER" | James Walden
| align="CENTER" | Quality
| align="CENTER" | [mailto:afry(at)strongcrypto.biz Alex Fry]
| align="CENTER" | [mailto:marco.m.morana(at)gmail.com Marco M. Morana]
| align="CENTER" |
|-
| height="18" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''[[OWASP Summer of Code 2008 Applications#The OWASP Testing Guide v3|OWASP Testing Guide v3]]'''
| align="CENTER" | Matteo Meucci
| align="CENTER" | Quality
| align="CENTER" |
| align="CENTER" |
| align="CENTER" |
|}

{| class="wikitable" style="text-align:center"
! width="400" height="18" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | Application
! width="120" align="CENTER" | '''Author'''
! width="60" align="CENTER" | [[:Category:OWASP Project Assessment|'''Status Target''']]
! width="108" align="CENTER" | '''1st Reviewer'''
! width="108" align="CENTER" | '''2nd Reviewer '''
! width="108" align="CENTER" | '''3rd Reviewer '''
! width="108" align="CENTER" | '''4th Reviewer '''
! width="108" align="CENTER" | '''OWASP Board
Reviewer
'''
|-
| height="18" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''[[OWASP Summer of Code 2008 Applications#The Application Security Desk Reference - ASDR|OWASP Application Security Desk Reference (ASDR)]]'''
| align="CENTER" | Leonardo Cavallari Militelli
| align="CENTER" | Quality
| align="CENTER" | [mailto:williamtsmith(at)gmail.com William Smith]
| align="CENTER" | [mailto:ken(at)krvw.com Kenneth Van Wyk]
| align="CENTER" | [mailto:kcfredman(at)gmail.com Frederick Donovan]
| align="CENTER" |
| align="CENTER" | Jeff Williams
|}

== TOOLS PROJECTS ==
{| class="wikitable" style="text-align:center"
! width="400" height="18" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | Application
! width="120" align="CENTER" | '''Author'''
! width="60" align="CENTER" | [[:Category:OWASP Project Assessment|'''Status Target''']]
! width="108" align="CENTER" | '''1st Reviewer'''
! width="108" align="CENTER" | '''2nd Reviewer '''
! width="108" align="CENTER" | '''OWASP Board
Reviewer
'''
|-
| height="18" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''[[OWASP Summer of Code 2008 Applications - Need Futher Clarifications#GTK+ GUI for w3af project|GTK+ GUI for w3af project]]'''
| align="CENTER" | Facundo Batista
| align="CENTER" | Beta
| align="CENTER" | [mailto:andres.riancho(at)gmail.com Andres Riancho]
| align="CENTER" |
| align="CENTER" | Not applicable
|-
| height="18" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''[[OWASP Summer of Code 2008 Applications - Need Futher Clarifications#P022_-_OWASP_Access_Control_Rules_Tester|OWASP Access Control Rules Tester]]'''
| align="CENTER" | Andrew Petukhov
| align="CENTER" | Beta
| align="CENTER" | [mailto:caughron(at)gmail.com Mat Caughron] TBC
| align="CENTER" | [mailto:mg_chen(at)yahoo.com Min Chen] TBC
| align="CENTER" | Not applicable
|-
| height="18" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''[[OWASP Summer of Code 2008 Applications#OWASP AntiSamy .NET| OWASP AntiSamy .NET]]'''
| align="CENTER" | Arshan Dabirsiaghi
| align="CENTER" | Beta
| align="CENTER" | [mailto:dallasspohn(at)sbcglobal.net Dallas Spohn] TBC
| align="CENTER" |
| align="CENTER" | Not applicable
|-
| height="18" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''[[OWASP Summer of Code 2008 Applications - Need Futher Clarifications#P003/P013 - OWASP Application Security Tool Benchmarking Environment and Site Generator refresh.=|OWASP Application Security Tool Benchmarking Environment and Site Generator refresh]]'''
| align="CENTER" | Dmitry Kozlov
| align="CENTER" | Quality
| align="CENTER" | [mailto:mark.roxberry(at)owasp.org Mark Roxberry]
| align="CENTER" | [mailto:medelibero(at)gmail.com Mike de Libero]
| align="CENTER" | Dinis Cruz
|-
| height="18" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''[[OWASP Summer of Code 2008 Applications - Need Futher Clarifications#Code Crawler|OWASP Code Crawler ]]'''
| align="CENTER" | Alessio Marziali
| align="CENTER" | Beta
| align="CENTER" | [mailto:eoinkeary@gmail.com Eoin Keary]
| align="CENTER" | [mailto:dinis.cruz(at)owasp.org Dinis Cruz]
| align="CENTER" | Not applicable
|-
| height="18" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''[[OWASP Summer of Code 2008 Applications - Need Futher Clarifications#OWASP Interceptor Project - 2008 Update|OWASP Interceptor Project - 2008 Update]]'''
| align="CENTER" | Justin Derry
| align="CENTER" | Quality
| align="CENTER" | [mailto:dallasspohn(at)sbcglobal.net Dallas Spohn] TBC
| align="CENTER" |
| align="CENTER" |
|-
| height="18" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''[[OWASP Summer of Code 2008 Applications#P028 - OWASP UI Component Verification Project (a.k.a. OWASP JSP Testing Tool)|OWASP UI Component Verification Project (a.k.a. OWASP JSP Testing Tool)]]'''
| align="CENTER" | Jason Li
| align="CENTER" | Beta
| align="CENTER" | [mailto:markkerzner(at)gmail.com Mark Kerzner]
| align="CENTER" | [mailto:fabricio.fujikawa(at)infoglobo.com.br Fabrício Fujikawa] TBC
| align="CENTER" | Not applicable
|-
| height="18" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''[[OWASP Summer of Code 2008 Applications#OWASP Live CD 2008 Project|OWASP Live CD 2008 Project]]'''
| align="CENTER" | Matt Tesauro
| align="CENTER" | Quality
| align="CENTER" | [mailto:admin@wirefall.com Dustin Dykes] [http://www.linkedin.com/pub/1/607/6b1 Curriculum]
| align="CENTER" | [mailto:jkpoots(at)rogers.com Kent Poots] TBC
| align="CENTER" |
|-
| height="18" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''[[OWASP Summer of Code 2008 Applications#Online code signing and integrity verification service for open source community (OpenSign Server)|OWASP Online code signing and integrity verification service for open source community (OpenSign Server)]]'''
| align="CENTER" | Phil Potisk and Richard Conway
| align="CENTER" | Beta
| align="CENTER" | [mailto:pierre.parrend@insa-lyon.fr Pierre Parrend] [http://www.rzo.free.fr Curriculum]
| align="CENTER" | [mailto:a_campani@yahoo.fr Antonio Campanile]
| align="CENTER" | Not applicable
|-
| height="18" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''[[OWASP Summer of Code 2008 Applications - Need Futher Clarifications#OpenPGP Extensions for HTTP - Enigform and mod_openpgp|OWASP OpenPGP Extensions for HTTP - Enigform and mod_openpgp]]'''
| align="CENTER" | Arturo 'Buanzo' Busleiman
| align="CENTER" | Quality
| align="CENTER" | [mailto:mark.roxberry(at)owasp.org Mark Roxberry]
| align="CENTER" |
| align="CENTER" | [mailto:dinis.cruz(at)owasp.org Dinis Cruz]
|-
| height="18" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''[[OWASP Summer of Code 2008 Applications - Need Futher Clarifications#The Owasp Orizon Project|OWASP Orizon Project]]'''
| align="CENTER" | Paolo Perego
| align="CENTER" | Quality
| align="CENTER" | [mailto:eoinkeary@gmail.com Eoin Keary]
| align="CENTER" | [mailto:seba@deleersnyder.eu Sebastien Deleersnyder] TBC
| align="CENTER" | [mailto:dinis.cruz@owasp.org Dinis Cruz]
|-
| height="18" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''[[OWASP Summer of Code 2008 Applications#Python Static Analysis|OWASP Python Static Analysis]]'''
| align="CENTER" | Georgy Klimov
| align="CENTER" | Beta
| align="CENTER" | [mailto:namn@bluemoon.com.vn Nam Nguyen] [[OWASP Summer of Code 2008 Projects Authors Status Target and Reviewers Nguyen Curriculum|Curriculum]]
| align="CENTER" | [mailto:diepvien00thayh@gmail.com P.Q.Huy]
| align="CENTER" | Not applicable
|-
| height="18" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''[[OWASP Summer of Code 2008 Applications - Need Futher Clarifications#Skavenger|OWASP Skavenger]]'''
| align="CENTER" | [mailto:mro(at)securenet.de Matthias Rohr]
| align="CENTER" | Beta
| align="CENTER" | Rogan Dawes Email address?
| align="CENTER" | [mailto:ah@securenet.de Achim Hoffmann]
| align="CENTER" | Not applicable
|-
| height="18" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''[[OWASP Summer of Code 2008 Applications - Need Futher Clarifications#SQL Injector Benchmarking Project (SQLiBENCH)|OWASP SQL Injector Benchmarking Project (SQLiBENCH)]]'''
| align="CENTER" | [mailto:urgunb@hotmail.com Bedirhan Urgun] [mailto:mesut@h-labs.org Mesut Timur]
| align="CENTER" | Beta
| align="CENTER" | [mailto:ferruh@mavituna.com Ferruh Mavituna] [[Project Information:Sqlibench:Ferruh|background info]]
| align="CENTER" | [mailto:kfuller@dmv.ca.gov Kevin Fuller] [[Project Information:Sqlibench:Kevin|background info]]
| align="CENTER" | Not applicable
|-
| height="18" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''[[OWASP Summer of Code 2008 Applications - Need Futher Clarifications#Teachable Static Analysis Workbench|OWASP Teachable Static Analysis Workbench]]'''
| align="CENTER" | [mailto:ddk(at)cs.msu.su Dmitry Kozlov] Igor Konnov
| align="CENTER" | Beta
| align="CENTER" | [mailto:afry(at)strongcrypto.biz Alex Fry] TBC
| align="CENTER" |
| align="CENTER" | Not applicable
|-
| height="18" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''[[OWASP Summer of Code 2008 Applications - Need Futher Clarifications#OWASP-WeBekci Project|OWASP WeBekci Project]]'''
| align="CENTER" | [mailto:bunyamin@owasp.org Bunyamin Demir]
| align="CENTER" | Beta
| align="CENTER" | [mailto:afry(at)strongcrypto.biz Alex Fry] TBC
| align="CENTER" |
| align="CENTER" | Not applicable
|}

== DESIGN/CORPORATE PROJECTS ==
{| class="wikitable" style="text-align:center"
! width="400" height="18" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | Application
! width="120" align="CENTER" | '''Author'''
! width="60" align="CENTER" | [[:Category:OWASP Project Assessment|'''Status Target''']]
! width="108" align="CENTER" | '''1st Reviewer'''
! width="108" align="CENTER" | '''2nd Reviewer '''
! width="108" align="CENTER" | '''OWASP Board
Reviewer
'''
|-
| height="18" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''[[OWASP Summer of Code 2008 Applications#OWASP_Book_Cover_.26_Sleeve_Design|OWASP Book Cover & Sleeve Design]]'''
| align="CENTER" | LXstudios, [mailto:deb@lxstudios.com Deb Brewer]
| align="CENTER" | Quality
| align="CENTER" | [mailto:yiannis@owasp.org Yiannis Pavlosoglou] 
| align="CENTER" | [mailto:kris_seeburn@utm.intnet.mu Kris Seeburn] (TBC)
| align="CENTER" | Dinis Cruz
|-
| height="18" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''[[OWASP Summer of Code 2008 Applications#OWASP Individual & Corporate Member Packs, Conference Attendee Packs Brief|OWASP Individual & Corporate Member Packs, Conference Attendee Packs Brief]]'''
| align="CENTER" | LXstudios, [mailto:deb@lxstudios.com Deb Brewer]
| align="CENTER" | Quality
| align="CENTER" | [mailto:eoinkeary@gmail.com Eoin Keary]
| align="CENTER" | [mailto:yiannis@owasp.org Yiannis Pavlosoglou]
| align="CENTER" | Dinis Cruz
|-