OWASP - User contributions [en]

OWASP Project Summit 2014/Working Sessions

2014-06-06T23:27:38Z

Samantha Groves:

We are currently looking for more working session ideas for the summit. If you're interested in adding a Working Session for the 2014 Summit, please contact Samantha Groves (Samantha.Groves@owasp.org). Please review the [[Working Sessions Methodology|Working Session methodology]] for Working Session rules.

'''Keep checking back, as we will be adding more working sessions every week.'''

==Current Daily Schedule==

===Monday: June 23===
# ??? [https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/002 OWASP Media Project] ???
#[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/001 OWASP Education Project]
#[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/003 OWASP 24/7 Podcast Series]
#[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/005 OWASP Code Review Guide]
#[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/009 OWASP OpenSAMM Session]

===Tuesday: June 24===
# [https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/002 OWASP Media Project]
#[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/003 OWASP 24/7 Podcast Series]
#[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/004 OWASP Developer Guide]
#[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/010 OWASP Cyber Security Startup Initiative]
#[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/006 OWASP PCI Toolkit]
#[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/007 OWASP PHP Security Framework]
#[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/008 OWASP NinjaPingU]
#[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/011 OWASP Google Summer of Code]
#[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/008 OWASP PHPSEC and WebGoatPHP]
{| class="wikitable"
|-
!
! Monday 9:00am - 1:00pm
! Monday 2:00pm - 6:00pm
! Tuesday 9:00am - 1:00pm
! Tuesday 2:00pm - 6:00pm
|-
| '''Room 1''' || ??? [https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/002 OWASP Media Project] ??? This spot can be free, please feel free to edit and take it! || [https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/005 OWASP Code Review Guide] || [https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/002 OWASP Media Project] ||
[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/007 OWASP Toolkit Session]
|-
| '''Room 2''' || [https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/003 OWASP 24/7 Podcast Series] || [https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/009 OWASP OpenSAMM Session: 4pm - 6pm] ||[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/003 OWASP 24/7 Podcast Series] ||
[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/010 OWASP Cyber Security Startup Initiative]
|-
| '''Room 3''' || [https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/001 OWASP Education Project] || ||[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/004 OWASP Developer Guide] ||
[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/004 OWASP Developer Guide]
|-
|}

Category:OWASP Project

2014-06-06T22:12:48Z

Samantha Groves:

__NOTOC__
{|
|-
! width="700" align="center" | 
! width="500" align="center" | 
|-
| align="right" | [[Image:Owasp_banner_web_pro.jpg|800px| link=https://www.owasp.org/index.php/Category:OWASP_Project]]
| align="right" |

|}

= Welcome =
{| style="width: 100%;"
|-
| style="width: 100%; color: rgb(0, 0, 0);" |
{| style="border: 0px solid ; background: transparent none repeat scroll 0% 0%; width: 100%; -moz-background-clip: border; -moz-background-origin: padding; -moz-background-inline-policy: continuous;"
|-
| style="width: 95%; color: rgb(0, 0, 0);" |


=== OWASP Project Inventory ===

All OWASP tools, document, and code library projects are organized into the following [https://www.owasp.org/index.php/OWASP_Project_Stages categories:]

* '''[https://www.owasp.org/index.php/OWASP_Project_Inventory#Flagship_Projects Flagship Projects:]''' The OWASP Flagship designation is given to projects that have demonstrated strategic value to OWASP and application security as a whole.

* '''[https://www.owasp.org/index.php/OWASP_Project_Inventory#Labs_Projects Lab Projects:]''' OWASP Labs projects represent projects that have produced an OWASP reviewed deliverable of value.

* '''[https://www.owasp.org/index.php/OWASP_Project_Inventory#Incubator_Projects Incubator Projects:]''' OWASP Incubator projects represent the experimental playground where projects are still being fleshed out, ideas are still being proven, and development is still underway.

=== Welcome to the OWASP Global Projects Page ===

An OWASP project is a collection of related tasks that have a defined roadmap and team members. OWASP project leaders are responsible for defining the vision, roadmap, and tasks for the project. The project leader also promotes the project and builds the team. OWASP currently has over 142 active projects, and new project applications are submitted every week.

This is one of the most popular divisions of OWASP as it gives members an opportunity to freely test theories and ideas with the professional advice and support of the OWASP community. Every project has an associated mail list. You can view all the lists, examine their archives, and subscribe to any project by visiting the [http://lists.owasp.org/mailman/listinfo OWASP Project Mailing Lists] page. A summary of recent project announcements is available on the [[OWASP Updates]] page.

'''[https://www.owasp.org/images/d/d8/PROJECT_LEADER-HANDBOOK_2014.pdf Download the OWASP Project Handbook 2014]'''

'''[https://www.owasp.org/index.php/OWASP_2014_Project_Handbook OWASP Project Handbook Wiki 2014]'''

'''[https://www.owasp.org/images/6/6a/OWASP_Projects_Handbook_2013.pdf Download the OWASP Projects Handbook 2013]'''

'''[http://www.tfaforms.com/263506 Start a New OWASP Project]'''

'''[https://www.owasp.org/index.php/Project_Online_Resources Project Online Resources]'''

=== Who Should Start an OWASP Project? ===

*Application Developers.
*Software Architects.
* Information Security Authors.
*Those who would like the support of a world wide professional community to develop or test an idea.
*Anyone wishing to take advantage of the professional body of knowledge OWASP has to offer.

=== Contact Us===

If you have any questions, please do not hesitate to contact the [http://owasp4.owasp.org/contactus.html OWASP Projects Manager, Samantha Groves] by using the form provided here. Please allow five working days for your question or comment to be answered. This is due to the large amount of queries the foundation staff receive every day. We thank you for your patience.

=== Social Media ===

We recommend using the links below to find our official OWASP social media channels. These are a great way to keep in touch with the different initiatives going on at OWASP throughout the world. They are all updated regularly by chapter leaders, project leaders, the OWASP Board Members, and our OWASP Staff. If you have any questions or concerns about any of these accounts, please drop us a line using our [http://www.tfaforms.com/308703 "Contact Us"] form found above.

[[Image:Blogger-32x32.png|32px|link=http://owasp.blogspot.co.uk/]] [[Image:Twitter-32x32.png|32px|link=https://twitter.com/OWASP]] [[Image:Facebook-32x32.png|32px|link=https://www.facebook.com/groups/172892372831444/]] [[Image:Linkedin-32x32.png|32px|link=http://www.linkedin.com/groups/Global-OWASP-Foundation-36874]] [[Image:Google-32x32.png|32px|link=https://plus.google.com/u/0/communities/105181517914716500346?cfem=1]] [[Image:Ning-32x32.png|32px|link=http://myowasp.ning.com/]]





 

|}



| style="border: 3px solid rgb(204, 204, 204); vertical-align: top; width: 95%; font-size: 95%; color: rgb(0, 0, 0);" | 

                                                                                                                              [[Image:Education-project.png‎|center|300px| link=https://www.owasp.org/index.php/Category:OWASP_Education_Project]]

[[Image:AppSecEU_2014.jpg|center|300px| link=https://2014.appsec.eu/]]

[[Image:New_initiatives.png|center|300px| link=http://owasp.force.com/volunteers/GW_Volunteers__VolunteersJobListing]]

[[Image:Donate_here_banner.png|center|300px| link=http://www.regonline.com/Register/Checkin.aspx?EventID=1044369]]

{|

| style="width: 110px; font-size: 95%; color: rgb(0, 0, 0);" |
|}

| style="width: 110px; font-size: 95%; color: rgb(0, 0, 0);" |
|}


= Project Inventory =


==Flagship Projects==

The OWASP Flagship designation is given to projects that have demonstrated strategic value to OWASP and application security as a whole.

'''Code'''

'''Tools'''

'''Documentation'''

==Labs Projects==

OWASP Labs projects represent projects that have produced a deliverable of value. While these projects are typically not production ready, the OWASP community expects that an OWASP Labs project leader is producing releases that are at least ready for mainstream usage.

'''Tools'''
* [https://www.owasp.org/index.php/OWASP_Broken_Web_Applications_Project OWASP Broken Web Applications Project]
* [https://www.owasp.org/index.php/Category:OWASP_CSRFTester_Project OWASP CSRFTester Project]
* [https://www.owasp.org/index.php/Category:OWASP_EnDe OWASP EnDe Project]
* [https://www.owasp.org/index.php/OWASP_Hackademic_Challenges_Project OWASP Hackademic Challenges Project]
* [https://www.owasp.org/index.php/OWASP_Mantra_-_Security_Framework OWASP Mantra Security Framework]
* [https://www.owasp.org/index.php/Category:OWASP_Mutillidae OWASP Mutillidae Project]
* [https://www.owasp.org/index.php/OWASP_O2_Platform OWASP O2 Platform]
* [https://www.owasp.org/index.php/Project_Information:template_Vicnum_Project OWASP Vicnum Project]
* [https://www.owasp.org/index.php/Category:OWASP_Wapiti_Project OWASP Wapiti Project]
* [https://www.owasp.org/index.php/Project_Information:template_Yasca_Project OWASP Yasca Project]
* [https://www.owasp.org/index.php/OWASP_OWTF OWASP OWTF]
* [https://www.owasp.org/index.php?title=OWASP_Web_Testing_Environment_Project OWASP Web Testing Environment Project]
* [https://www.owasp.org/index.php/Webgoat OWASP WebGoat Project]
* [https://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Project OWASP Zed Attack Proxy]

'''Documentation'''
* [https://www.owasp.org/index.php/OWASP_Appsec_Tutorial_Series OWASP AppSec Tutorial Series]
* [https://www.owasp.org/index.php/OWASP_AppSensor_Project OWASP AppSensor Project]
* [https://www.owasp.org/index.php/Category:OWASP_CTF_Project OWASP CTF Project]
* [https://www.owasp.org/index.php/Category:OWASP_Legal_Project OWASP Legal Project]
* [https://www.owasp.org/index.php/OWASP_Podcast OWASP Podcast Project]
* [https://www.owasp.org/index.php/Virtual_Patching_Best_Practices Virtual Patching Best Practices]
* [https://www.owasp.org/index.php/Category:OWASP_Application_Security_Verification_Standard_Project OWASP Application Security Verification Standard Project]
* [https://www.owasp.org/index.php/Category:OWASP_Code_Review_Project OWASP Code Review Guide Project]
* [https://www.owasp.org/index.php/OWASP_Codes_of_Conduct OWASP Codes of Conduct]
* [https://www.owasp.org/index.php/Category:OWASP_Guide_Project OWASP Development Guide Project]
* [https://www.owasp.org/index.php/OWASP_Secure_Coding_Practices_-_Quick_Reference_Guide OWASP Secure Coding Practices - Quick Reference Guide]
* [https://www.owasp.org/index.php/Category:Software_Assurance_Maturity_Model OWASP Software Assurance Maturity Model (SAMM)]
* [https://www.owasp.org/index.php/OWASP_Testing_Project OWASP Testing Guide Project]
* [https://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project OWASP Top Ten Project]

'''Code'''
* [https://www.owasp.org/index.php/Category:OWASP_AntiSamy_Project OWASP AntiSamy Project]
* [https://www.owasp.org/index.php/Category:OWASP_Enterprise_Security_API OWASP Enterprise Security API]
* [https://www.owasp.org/index.php/Projects/OWASP_ModSecurity_Core_Rule_Set_Project OWASP ModSecurity Core Rule Set Project]
* [https://www.owasp.org/index.php/Category:OWASP_CSRFGuard_Project OWASP CSRFGuard Project]

<div id="sammysam"></div>

==Incubator Projects==

OWASP Incubator projects represent the experimental playground where projects are still being fleshed out, ideas are still being proven, and development is still underway. The “OWASP Incubator” label allows OWASP consumers to readily identify a project’s maturity. The label also allows project leaders to leverage the OWASP name while their project is still maturing.

'''Code'''
* [https://www.owasp.org/index.php/Opa OWASP OPA]
* [https://www.owasp.org/index.php/OWASP_Java_Encoder_Project OWASP Java Encoder Project]
* [https://www.owasp.org/index.php/OWASP_JSON_Sanitizer OWASP JSON Sanitizer]
* [https://www.owasp.org/index.php/OWASP_Java_HTML_Sanitizer OWASP Java HTML Sanitizer Project]
* [https://www.owasp.org/index.php/OWASP_Java_XML_Templates_Project OWASP Java XML Templates Project]
* [https://www.owasp.org/index.php/OWASP_Passfault OWASP Passfault]
* [https://www.owasp.org/index.php/OWASP_Java_File_I_O_Security_Project OWASP Java File I/O Security Project]
* [https://www.owasp.org/index.php/OWASP_Security_Research_and_Development_Framework OWASP Security Research and Development Framework]
* [https://www.owasp.org/index.php/OWASP_Focus OWASP Focus]
* [https://www.owasp.org/index.php/OWASP_PHPRBAC_Project OWASP PHPRBAC Project]
* [https://www.owasp.org/index.php/OWASP_EJSF_Project OWASP EJSF Project]
* [https://www.owasp.org/index.php/OWASP_iMAS_iOS_Mobile_Application_Security_Project OWASP iMAS - iOS Mobile Application Security Project]
* [https://www.owasp.org/index.php/OWASP_RBAC_Project OWASP RBAC Project]
* [https://www.owasp.org/index.php/OWASP_PHP_Security_Project OWASP PHP Security Project]
* [https://www.owasp.org/index.php/OWASP_File_Format_Validation_Project OWASP File Format Validation Project]
* [https://www.owasp.org/index.php/OWASP_JAWS_Project OWASP JAWS Project]
* [https://www.owasp.org/index.php/OWASP_Node_js_Goat_Project OWASP Node.js Goat Project]
* [https://www.owasp.org/index.php/OWASP_System_Vulnerable_Code_Project OWASP System Vulnerable Code Project]
* [https://www.owasp.org/index.php/OWASP_ISO_IEC_27034_Application_Security_Controls_Project OWASP ISO/IEC 27034 Application Security Controls Project]
* [https://www.owasp.org/index.php/OWASP_Secure_Headers_Project OWASP Secure Headers Project]
* [https://www.owasp.org/index.php/OWASP_Hardened_Phalcon_Project OWASP Hardened Phalcon Project]
* [https://www.owasp.org/index.php/OWASP_Barbarus OWASP Barbarus]

'''Tools'''
* [https://www.owasp.org/index.php/OWASP_NAXSI_Project OWASP NAXSI Project]
* [https://www.owasp.org/index.php/OWASP_Passw3rd_Project OWASP Passw3rd Project]
* [https://www.owasp.org/index.php/Category:OWASP_WebGoat.NET OWASP WebGoat.NET]
* [https://www.owasp.org/index.php/OWASP_Path_Traverser OWASP Path Traverser]
* [https://www.owasp.org/index.php/OWASP_Watiqay OWASP Watiqay]
* [https://www.owasp.org/index.php/Projects/OWASP_Security_Shepherd/Roadmap OWASP Security Shepherd]
* [https://www.owasp.org/index.php/OWASP_Xenotix_XSS_Exploit_Framework OWASP Xenotix XSS Exploit Framework]
* [https://www.owasp.org/index.php/OWASP_Mantra_OS OWASP Mantra OS]
* [https://www.owasp.org/index.php/OWASP_XSSER OWASP XSSER]
* [https://www.owasp.org/index.php/OWASP_Academy_Portal_Project OWASP Academy Portal Project]
* [https://www.owasp.org/index.php/OWASP_ASIDE_Project OWASP ASIDE Project]
* [https://www.owasp.org/index.php/OWASP_iGoat_Project OWASP iGoat Project]
* [https://www.owasp.org/index.php/OWASP_SamuraiWTF_Project OWASP SamuraiWTF]
* [https://www.owasp.org/index.php/O-Saft O-Saft]
* [https://www.owasp.org/index.php/OWASP_OpenStack_Security_Project OWASP OpenStack Security Project]
* [https://www.owasp.org/index.php/OWASP_Bricks OWASP Bricks]
* [https://www.owasp.org/index.php/OWASP_Dependency_Check OWASP Dependency Check]
* [https://www.owasp.org/index.php/OWASP_Hive_Project OWASP Hive Project]
* [https://www.owasp.org/index.php/OWASP_Rails_Goat_Project OWASP Rails Goat Project]
* [https://www.owasp.org/index.php/OWASP_Bywaf_Project OWASP Bywaf Project]
* [https://www.owasp.org/index.php/OWASP_S.T.I.N.G_Project OWASP S.T.I.N.G Project]
* [https://www.owasp.org/index.php/OWASP_VaultDB_Project OWASP VaultDB Project]
* [https://www.owasp.org/index.php/OWASP_Mutillidae_2_Project OWASP Mutillidae 2 Project]
* [https://www.owasp.org/index.php/OWASP_Skanda_SSRF_Exploitation_Framework OWASP Skanda - SSRF Exploitation Framework]
* [https://www.owasp.org/index.php/OWASP_SeraphimDroid_Project OWASP SeraphimDroid Project]
* [https://www.owasp.org/index.php/OWASP_Androick_Project OWASP Androïck Project]
* [https://www.owasp.org/index.php/OWASP_SafeNuGet_Project OWASP SafeNuGet Project]
* [https://www.owasp.org/index.php/OWASP_WebSandBox_Project OWASP WebSandBox Project]
* [https://www.owasp.org/index.php/OWASP_Dependency_Track_Project OWASP Dependency Track Project]
* [https://www.owasp.org/index.php/OWASP_PHP_Portscanner_Project OWASP PHP Portscaner Project]
* [https://www.owasp.org/index.php/OWASP_Python_Security_Project OWASP Python Security Project]
* [https://www.owasp.org/index.php/OWASP_WebSpa_Project OWASP WebSpa Project]
* [https://www.owasp.org/index.php/OWASP_Financial_Information_Exchange_Security_Project OWASP Financial Information Exchange Security Project]
* [https://www.owasp.org/index.php/OWASP_NINJA_PingU_Project OWASP NINJA PingU Project]
* [https://www.owasp.org/index.php/OWASP_Encoder_Comparison_Reference_Project OWASP Encoder Comparison Reference Project]
* [https://www.owasp.org/index.php/Category:OWASP_SQLiX_Project OWASP sqliX Project]
* [https://www.owasp.org/index.php/OWASP_LAPSE_Project OWASP LAPSE Project]
* [https://www.owasp.org/index.php/Category:OWASP_Orizon_Project OWASP Orizon Project]
* [https://www.owasp.org/index.php/OWASP_WASC_Distributed_Web_Honeypots_Project OWASP WASC Distributed Web Honeypots Project]
* [https://www.owasp.org/index.php/OWASP_Click_Me_Project OWASP Click Me Project]
* [https://www.owasp.org/index.php/OWASP_Secure_TDD_Project OWASP Secure TDD Project]
* [https://www.owasp.org/index.php/OWASP_XSecurity_Project OWASP XSecurity Project]
* [https://www.owasp.org/index.php/OWASP_Pyttacker_Project OWASP Pyttacker Project]
* [https://www.owasp.org/index.php/OWASP_Code_Pulse_Project OWASP Code Pulse Project]
* [https://www.owasp.org/index.php/OWASP_HTTP_Post_Tool OWASP HTTP POST Tool]
*[https://www.owasp.org/index.php/OWASP_PHP_Security_Training_Project OWASP PHP Security Training Project]
*[https://www.owasp.org/index.php/Projects/OWASP_iOSForensic OWASP iOSForensic]
*[https://www.owasp.org/index.php/OWASP_Project_Metrics OWASP Project Metrics]
'''Documentation'''
* [https://www.owasp.org/index.php/OWASP_Data_Exchange_Format_Project OWASP Data Exchange Format Project]
* [https://www.owasp.org/index.php/Cheat_Sheets OWASP Cheat Sheets Project]
* [https://www.owasp.org/index.php/OWASP_Proactive_Controls OWASP Proactive Controls]
* [https://www.owasp.org/index.php/OWASP_Security_Baseline_Project OWASP Security Baseline Project]
* [https://www.owasp.org/index.php/Category:OWASP_Application_Security_Requirements_Project OWASP Application Security Requirements Project]
* [https://www.owasp.org/index.php/Category:OWASP_Application_Security_Assessment_Standards_Project OWASP Application Security Assessment Standards Project]
* [https://www.owasp.org/index.php/Category:OWASP_CBT_Project OWASP Computer Based Training Project (OWASP CBT Project)]
* [https://www.owasp.org/index.php/OWASP_Enterprise_Application_Security_Project OWASP Enterprise Application Security Project]
* [https://www.owasp.org/index.php/OWASP_Exams_Project OWASP Exams Project]
* [https://www.owasp.org/index.php/Projects/OWASP_GoatDroid_Project OWASP GoatDroid Project]
* [https://www.owasp.org/index.php/OWASP_RFP-Criteria OWASP Request For Proposal]
* [https://www.owasp.org/index.php/OWASP_University_Challenge OWASP University Challenge]
* [https://www.owasp.org/index.php/OWASP_Hacking_Lab OWASP Hacking-Lab]
* [https://www.owasp.org/index.php/OWASP_Application_Security_Awareness_Top_10_E-learning_Project OWASP Application Security Awareness Top 10 E-learning Project]
* [https://www.owasp.org/index.php/WASC_OWASP_Web_Application_Firewall_Evaluation_Criteria_Project WASC/OWASP Web Application Firewall Evaluation Criteria (WAFEC)]
* [https://www.owasp.org/index.php/ESAPI_Swingset OWASP ESAPI Swingset Project]
* [https://www.owasp.org/index.php/OWASP_Press OWASP Press]
* [https://www.owasp.org/index.php/OWASP_CISO_Survey OWASP CISO Survey]
* [https://www.owasp.org/index.php/OWASP_Application_Security_Guide_For_CISOs_Project OWASP Application Security Guide For CISOs]
* [https://www.owasp.org/index.php/OWASP_Scada_Security_Project OWASP Scada Security Project]
* [https://www.owasp.org/index.php/OWASP_Cornucopia OWASP Cornucopia]
* [https://www.owasp.org/index.php/OWASP_Secure_Application_Design_Project OWASP Secure Application Design Project]
* [https://www.owasp.org/index.php/OWASP_Top_10_Fuer_Entwickler_Project OWASP Top 10 Fuer Entwickler Project]
* [https://www.owasp.org/index.php/OWASP_Web_Application_Security_Quick_Reference_Guide_Project OWASP Web Application Security Quick Reference Guide Project]
* [https://www.owasp.org/index.php/OWASP_Supporting_Legacy_Web_Applications_in_the_Current_Environment_Project OWASP Supporting Legacy Web Applications in the Current Environment Project]
* [https://www.owasp.org/index.php/OWASP_Security_Principles_Project OWASP Security Principles Project]
* [https://www.owasp.org/index.php/OWASP_Media_Project OWASP Media Project]
* [https://www.owasp.org/index.php/OWASP_Global_Chapter_Meetings_Project OWASP Global Chapter Meetings Project]
* [https://www.owasp.org/index.php/OWASP_Vulnerable_Web_Applications_Directory_Project OWASP Vulnerable Web Applications Directory Project]
* [https://www.owasp.org/index.php/OWASP_Game_Security_Framework_Project OWASP Game Security Framework Project]
* [https://www.owasp.org/index.php/OWASP_Insecure_Web_Components_Project OWASP Insecure Web Components Project]
* [https://www.owasp.org/index.php/OWASP_Reverse_Engineering_and_Code_Modification_Prevention_Project OWASP Reverse Engineering and Code Modification Prevention Project]
* [https://www.owasp.org/index.php/OWASP_Student_Chapters_Program OWASP Student Chapters Project]
* [https://www.owasp.org/index.php/Category:OWASP_Education_Project OWASP Education Project]
* [https://www.owasp.org/index.php/Category:OWASP_Speakers_Project OWASP Speakers Project]
* [https://www.owasp.org/index.php/OWASP_Internet_of_Things_Top_Ten_Project OWASP Internet of Things Top Ten Project]
* [https://www.owasp.org/index.php/Category:OWASP_.NET_Project OWASP .NET Project]
* [https://www.owasp.org/index.php/OWASP_Research_Book_Project OWASP Research Book Project]
* [https://www.owasp.org/index.php/OWASP_Open_Cyber_Security_Framework_Project OWASP Open Cyber Security Framework Project]
* [https://www.owasp.org/index.php/OWASP_Top_10_Privacy_Risks_Project OWASP Top 10 Privacy Risks Project]
* [https://www.owasp.org/index.php/OWASP_WASC_Web_Hacking_Incidents_Database_Project OWASP WASC Web Hacking Incidents Database Project]
* [https://www.owasp.org/index.php/OWASP_Security_Frameworks_Project OWASP Security Frameworks Project]
* [https://www.owasp.org/index.php/OWASP_Incident_Response_Project OWASP Incident Response Project]
* [https://www.owasp.org/index.php/OWASP_Embedded_Application_Security OWASP Embedded Application Security]
* [https://www.owasp.org/index.php/OWASP_STING_Game_Project OWASP STING Game Project]
*[https://www.owasp.org/index.php/Projects/OWASP_Ruby_on_Rails_and_friends_Security_Guide OWASP Ruby on Rails and Friends Security Guide]
*[https://www.owasp.org/index.php/OWASP_Secure_Development_Training OWASP Secure Development Training]

==Donated Projects==

OWASP Donated Projects are inactive projects that have been donated to the OWASP Projects Infrastructure.

'''Tools'''

* [https://www.owasp.org/index.php/OWASP_Excess_XSS_Project OWASP Excess XSS Project]
* [https://www.owasp.org/index.php/OWASP_JOTP_Project OWASP jOTP Project]

==Inactive Projects==

'''Archived Projects'''

OWASP Archived Projects are inactive Labs projects. If you are interested in pursuing any of the projects below, please contact us and let us know of your interest.

* [https://www.owasp.org/index.php/Category:OWASP_Access_Control_Rules_Tester_Project OWASP Access Control Rules Tester Project]
* [https://www.owasp.org/index.php/Category:OWASP_Application_Security_Metrics_Project OWASP Application Security Metrics Project]
* [https://www.owasp.org/index.php/Category:OWASP_AppSec_FAQ_Project OWASP AppSec FAQ Project]
* [https://www.owasp.org/index.php/Asdr OWASP ASDR Project]
* [https://www.owasp.org/index.php/Category:OWASP_Backend_Security_Project OWASP Backend Security Project]
* [https://www.owasp.org/index.php/Category:OWASP_Best_Practices:_Use_of_Web_Application_Firewalls OWASP Best Practices: Use of Web Application Firewalls]
* [https://www.owasp.org/index.php/Category:OWASP_CAL9000_Project OWASP CAL9000 Project]
* [https://www.owasp.org/index.php/Category:OWASP_CLASP_Project OWASP CLASP Project]
* [https://www.owasp.org/index.php/Category:OWASP_Code_Crawler OWASP CodeCrawler Project]
* [https://www.owasp.org/index.php/Category:OWASP_Content_Validation_using_Java_Annotations_Project OWASP Content Validation using Java Annotations Project]
* [https://www.owasp.org/index.php/Category:OWASP_DirBuster_Project OWASP DirBuster Project]
* [https://www.owasp.org/index.php/Category:OWASP_Encoding_Project OWASP Encoding Project]
* [https://www.owasp.org/index.php/Category:OWASP_Google_Hacking_Project OWASP Google Hacking Project]
* [https://www.owasp.org/index.php/Category:OWASP_Insecure_Web_App_Project OWASP Insecure Web App Project]
* [https://www.owasp.org/index.php/Category:OWASP_Interceptor_Project OWASP Interceptor Project]
* [https://www.owasp.org/index.php/Category:OWASP_JSP_Testing_Tool_Project OWASP JSP Testing Tool Project]
* [https://www.owasp.org/index.php/Category:OWASP_LiveCD_Education_Project OWASP LiveCD Education Project]
* [https://www.owasp.org/index.php/Category:OWASP_Logging_Project OWASP Logging Guide]
* [https://www.owasp.org/index.php/Category:OWASP_NetBouncer_Project OWASP NetBouncer Project]
* [https://www.owasp.org/index.php/Category:OWASP_OpenPGP_Extensions_for_HTTP_-_Enigform_and_mod_openpgp OWASP OpenPGP Extensions for HTTP - Enigform and mod_openpgp Project]
* [https://www.owasp.org/index.php/Category:OWASP_OpenSign_Server_Project OWASP OpenSign Server Project]
* [https://www.owasp.org/index.php/Category:OWASP_Pantera_Web_Assessment_Studio_Project OWASP Pantera Web Assessment Studio Project]
* [https://www.owasp.org/index.php/Category:OWASP_PHP_Project OWASP PHP Project]
* [https://www.owasp.org/index.php/ORG_%28OWASP_Report_Generator%29 OWASP Report Generator]
* [https://www.owasp.org/index.php/Category:OWASP_SASAP_Project OWASP Scholastic Application Security Assessment Project]
* [https://www.owasp.org/index.php/Category:OWASP_Security_Analysis_of_Core_J2EE_Design_Patterns_Project OWASP Security Analysis of Core J2EE Design Patterns Project]
* [https://www.owasp.org/index.php/Category:OWASP_Security_Spending_Benchmarks OWASP Security Spending Benchmarks Project]
* [https://www.owasp.org/index.php/OWASP_SiteGenerator OWASP Site Generator Project]
* [https://www.owasp.org/index.php/Category:OWASP_Skavenger_Project OWASP Skavenger Project]
* [https://www.owasp.org/index.php/Category:OWASP_Source_Code_Flaws_Top_10_Project OWASP Source Code Flaws Top 10 Project]
* [https://www.owasp.org/index.php/Category:OWASP_Sprajax_Project OWASP Sprajax Project]
* [https://www.owasp.org/index.php/Category:OWASP_Sqlibench_Project OWASP Sqlibench Project]
* [https://www.owasp.org/index.php/Category:OWASP_Stinger_Project OWASP Stinger Project]
* [https://www.owasp.org/index.php/Category:OWASP_Teachable_Static_Analysis_Workbench_Project OWASP Teachable Static Analysis Workbench Project]
* [https://www.owasp.org/index.php/OWASP_Tiger OWASP Tiger]
* [https://www.owasp.org/index.php/Category:OWASP_Tools_Project OWASP Tools Project]
* [https://www.owasp.org/index.php/Projects/OWASP_Uniform_Reporting_Guidelines OWASP Uniform Reporting Guidelines]
* [https://www.owasp.org/index.php/Category:OWASP_WeBekci_Project OWASP Webekci Project]
* [https://www.owasp.org/index.php/JBroFuzz JBroFuzz]
* [https://owasp.org/index.php/Category:OWASP_SWAAT_Project OWASP SWAAT Project]
* [https://www.owasp.org/index.php/OWASP_Secure_Web_Application_Framework_Manifesto OWASP Secure Web Application Framework Manifesto]
* [https://www.owasp.org/index.php/Scrubbr OWASP Scrubbr]
* [https://www.owasp.org/index.php/OWASP_JavaScript_Sandboxes OWASP JavaScript Sandboxes Project]
* [https://www.owasp.org/index.php/Category:OWASP_Joomla_Vulnerability_Scanner_Project OWASP Joomla Vulnerability Scanner Project]
* [https://www.owasp.org/index.php/OWASP_Hatkit_Datafiddler_Project OWASP Hatkit Datafiddler Project]
* [https://www.owasp.org/index.php/OWASP_Hatkit_Proxy_Project OWASP Hatkit Proxy Project]
* [https://www.owasp.org/index.php/OWASP_Fiddler_Addons_for_Security_Testing_Project OWASP Fiddler Addons for Security Testing Project]
* [https://www.owasp.org/index.php/OWASP_Forward_Exploit_Tool_Project OWASP Forward Exploit Tool Project]
* [https://www.owasp.org/index.php/Category:OWASP_Fuzzing_Code_Database OWASP Fuzzing Code Database]
* [https://www.owasp.org/index.php/Category:OWASP_Cloud_‐_10_Project OWASP Cloud ‐ 10 Project]
* [https://www.owasp.org/index.php/OWASP_Web_Browser_Testing_System_Project OWASP Web Browser Testing System Project]
* [https://www.owasp.org/index.php/Webscarab OWASP WebScarab Project]
* [https://www.owasp.org/index.php/Project_Information:template_Webslayer_Project OWASP Webslayer Project]
* [https://www.owasp.org/index.php/Project_Information:template_WSFuzzer_Project OWASP WSFuzzer Project]
* [http://owasp.com/index.php/Category:OWASP_Security_Assurance_Testing_of_Virtual_Worlds_Project OWASP Security Assurance Testing of Virtual Worlds Project]
* [https://www.owasp.org/index.php/OWASP_WAF_Project OWASP WAF Project]
* [https://www.owasp.org/index.php/OWASP_VFW_Project OWASP VFW Project]
* [https://www.owasp.org/index.php/OWASP_SIMBA_Project OWASP SIMBA Project]
* [https://www.owasp.org/index.php/OWASP_ONYX OWASP ONYX]
* [https://www.owasp.org/index.php/OWASP_Java_Uncertain_Form_Submit_Prevention OWASP Java Uncertain Form Submit Prevention]
* [https://www.owasp.org/index.php/OWASP_Ecuador OWASP Ecuador]
* [https://www.owasp.org/index.php/OWASP_ESOP_Framework OWASP ESOP Framework]
* [https://www.owasp.org/index.php/OWASP_Alchemist_Project OWASP Alchemist Project]
* [https://www.owasp.org/index.php/OWASP_Secure_the_Flag_Competition_Project OWASP Secure the Flag Project]
* [https://www.owasp.org/index.php/OWASP_Browser_Security_ACID_Tests_Project OWASP Browser Security ACID Test Project]
* [https://www.owasp.org/index.php/OWASP_AJAX_Crawling_Tool OWASP AJAX Crawling Tool]
* [https://www.owasp.org/index.php/OWASP_Threat_Modelling_Project OWASP Threat Modeling Project]
* [https://www.owasp.org/index.php/OWASP_Crossword_of_the_Month OWASP Crossword of the Month]
* [https://www.owasp.org/index.php/OWASP_Secure_Password_Project OWASP Secure Password Project]
* [https://www.owasp.org/index.php/OWASP_Myth_Breakers_Project OWASP Myth Breakers Project]
* [http://owasp.com/index.php/OWASP_Project_Partnership_Model OWASP Project Partnership Model]
* [https://www.owasp.org/index.php/OWASP_Browser_Security_Project OWASP Browser Security Project]
* [https://www.owasp.org/index.php/OWASP_Application_Security_Program_for_Managers OWASP Application Security Program for Managers]
* [https://www.owasp.org/index.php/Category:OWASP_Favicon_Database_Project OWASP Favicon Database Project]
* [https://www.owasp.org/index.php/OWASP_Security_JDIs_Project OWASP Security JDIs Project]
* [https://www.owasp.org/index.php/OWASP_File_Hash_Repository OWASP File Hash Repository]
* [https://www.owasp.org/index.php/OWASP_Crowdtesting OWASP Crowdtesting]
* [https://www.owasp.org/index.php/OWASP_Application_Security_Skills_Assessment OWASP Application Security Skills Assessment]
* [https://www.owasp.org/index.php/OWASP_Common_Numbering_Project OWASP Common Numbering Project]
* [https://www.owasp.org/index.php/OWASP_WhatTheFuzz_Project#tab=Project_About OWASP WhatTheFuzz Project]
* [https://www.owasp.org/index.php/OWASP_Security_Tools_for_Developers_Project OWASP Security Tools for Developers Project]
* [https://www.owasp.org/index.php/Category:OWASP_Proxy OWASP Proxy Project]
* [https://www.owasp.org/index.php/OWASP_AW00T OWASP AW00t]
* [https://www.owasp.org/index.php/OWASP_Framework_Security_Project OWASP Framework Security Project]
* [https://www.owasp.org/index.php/OWASP_Desktop_Goat_and_Top_5_Project OWASP Desktop Goat and Top 5 Project]
* [https://www.owasp.org/index.php/OWASP_OVAL_Content_Project OWASP OVAL Content Project]
* [https://www.owasp.org/index.php/OWASP_Software_Security_Assurance_Process OWASP Software Security Assurance Process]
* [https://www.owasp.org/index.php/OWASP_Application_Fuzzing_Framework_Project OWASP Application Fuzzing Framework Project]
* [https://www.owasp.org/index.php/OWASP_Good_Component_Practices_Project OWASP Good Component Practices Project]
* [https://www.owasp.org/index.php/OWASP_1-Liner OWASP 1-Liner]
* [https://www.owasp.org/index.php/Category:OWASP_Java_Project OWASP Java Project]
* [https://www.owasp.org/index.php/OWASP_Web_Application_Security_Accessibility_Project#tab=Project_About OWASP Web Application Security Accessibility Project]
* [https://www.owasp.org/index.php/OWASP_OctoMS OWASP OctoMS]
* [https://www.owasp.org/index.php/OWASP_Java_J2EE_Secure_Development_Curriculum OWASP Java/J2EE Secure Development Curriculum]
* [https://www.owasp.org/index.php/OWASP_Periodic_Table_of_Vulnerabilities OWASP Periodic Table of Vulnerabilities]
* [https://www.owasp.org/index.php/OWASP_Droid_Fusion OWASP Droid Fusion]
* [https://www.owasp.org/index.php/OWASP_iSABEL_Proxy_Server OWASP iSABEL Proxy Server]
* [https://www.owasp.org/index.php/OWASP_WS_Amplification_DoS_Project OWASP WS-Amplification DoS Project]
* [https://www.owasp.org/index.php/OWASP_Windows_Binary_Executable_Files_Security_Checks_Project OWASP Windows Binary Executable Files Security Checks Project]
* [https://www.owasp.org/index.php/OWASP_Wordpress_Security_Checklist_Project OWASP Wordpress Security Checklist Project]
* [https://www.owasp.org/index.php/OWASP_Simple_Host_Base_Incidence_Detection_System_Project OWASP Simple Host Base Incidence Detection System Project]
* [https://www.owasp.org/index.php/OWASP_Unmaskme_Project OWASP Unmaskme Project]
* [https://www.owasp.org/index.php/OWASP_HA_Vulnerability_Scanner_Project OWASP HA Vulnerability Scanner Project]
* [https://www.owasp.org/index.php/OWASP_Pygoat_Project OWASP Pygoat Project]
* [https://www.owasp.org/index.php/OWASP_Security_Labeling_System_Project OWASP Security Labeling System Project]
* [https://www.owasp.org/index.php/OWASP_IoTs_Project OWASP IoTs Project]
* [https://www.owasp.org/index.php/OWASP_STeBB_Project OWASP STeBB Project]
* [https://www.owasp.org/index.php/OWASP_Ultimatum_Project OWASP Ultimatum Project]

= Project Task Force =

===OWASP Project Task Force===

{{:Task_Force/OWASP_Projects}}

= Online Resources =

===Project Online Resources===

{{:Project_Online_Resources}}

= Starting a New Project =

== So you want to start a project... ==

Starting an OWASP Project is easy. You don't have to be an application security expert. You just have to have the drive and desire to make a contribution to the application security community.

Here are some of the guidelines for running a successful OWASP project:

* The best OWASP projects are strategic - they make it easier to produce secure applications by filling a gap in the application security knowledge-base or technology support.

* You ''can'' run a single person project, but it's usually best to get the community involved. You should be prepared to support a mailing list, build a team, speak at conferences, and promote your project.

* You can contribute existing documents or tools to OWASP! Assuming you have the intellectual property rights to a work, you can open it to the world as an OWASP Project. Please coordinate this with OWASP by contacting owasp(at)owasp.org.

* Available Grants to consider if you need funding - [https://www.owasp.org/index.php/Grants Click Here]

* You should promote your project through the OWASP channels as well as by outside means. Get people to blog about it!

== Creating a new project ==
The first thing you have to do if you want to start a new project is submit a new OWASP Project application. [http://www.tfaforms.com/263506 Please submit a new project application here].

* You will need to gather the following information together for your application:
A - PROJECT
# Project Name,
# Project purpose / overview,
# Project Roadmap,
# Project links (if any) to external sites,
# [http://www.owasp.org/index.php/Guidelines_for_OWASP_Projects#Project_Licensing Project License],
# Project Leader name,
# Project Leader email address,
# Project Leader wiki account - the username (you'll need this to edit the wiki),
# Project Contributor(s) (if any) - name email and wiki account (if any),
# Project Main Links (if any).

* Check out the '''[[Guidelines for OWASP Projects]]'''.
* [https://www.owasp.org/index.php/Grant_Spending_Policy Grant Spending Policy]
* [https://www.owasp.org/index.php/Project_Spending_Policy Project Spending Policy]
* [https://www.owasp.org/index.php/Project_Sponsorship_Operational_Guidelines Project Sponsorship Operational Guidelines]

==OWASP Recommended Licenses==

{{Recommended_Licenses}}

==Funding your Project==
An OWASP project does not receive any funding for development at project inception; however, a new project does have the opportunity to submit a request to receive funds if they are available for the year. Additionally, project leaders have the option of seeking sponsorship from outside organizations, but project leaders are required to seek funding through their own initiative. Please contact the OWASP Projects Manager for more information.

== Project Release ==

As your project reaches a point that you'd like OWASP to assist in its promotion, the will need the following information to help spread the word about your project:

# Short 5 sentence paragraph outlining what your project is about, what you hope to accomplish with your project, what value your project brings to software security, and contributor and project leader names and contact information.
# Link to your wiki page.
# Link to your code repository or a link to where readers can download your project.
# Latest Release description answering the following questions: What is it?, What does it do?, Where can I get it?, Who should I contact if something goes wrong?.

==Project Process Forms==
These forms were created to help project leaders, and those interested in a going through a process in the OWASP projects infrastructure. They facilitate the management of each query based on the specific task an applicant will need help with. The forms are described below, and they are linked with their designated online application form.

* [http://www.tfaforms.com/264422 Project Transition Application]:The OWASP project transition form gives current project leaders an easy way of handing over project administration information to individuals wishing to take over a project.

* [http://www.tfaforms.com/264413 Project Review Application]:This form is for current project leaders to request a review of their project based on OWASP graduation criteria. The aim is to designate an OWASP volunteer to review these projects within 3 months time.

* [http://www.tfaforms.com/264418 Project Donation Application]:This form is for projects outside of the OWASP project infrastructure. Project Leaders for these open source projects can choose to partner or give their project to OWASP directly through this form.

* [http://www.tfaforms.com/264428 Project Adoption Request]:This form is used when someone is interested in adopting an archived project.

* [http://www.tfaforms.com/264426 Project Abandonment Request]:The OWASP project abandonment form gives current project leaders an easy way of letting the OWASP Foundation know that they wish to resign their project leader duties. This form should be used when no replacement project leader exists to take over these duties.

* [http://www.tfaforms.com/264392 Incubator Project Graduation Application]:This application form is for Incubator Projects to apply for Labs Project status.

= Project Assessments =

==OWASP Project Lifecycle==
The OWASP Projects Lifecycle represents a balance between keeping a very loose structure around OWASP projects, and ensuring that OWASP consumers are not confused about a project’s maturity and quality. The lifecycle stage allows consumers to easily identify mature projects, and projects that are proofs of concept, experimental, and classified as prototypes in their current state. The greater the maturity of the project, the greater the level of responsibility for the project leader. These responsibilities are not trivial as OWASP provides incentives and benefits (Section 7) for projects who take on these added responsibilities.

'''The OWASP Project Lifecycle is broken down into the following stages:'''

'''Incubator Projects:''' OWASP Incubator projects represent the experimental playground where projects are still being designed, ideas are still being proven, and development is still underway. The “OWASP Incubator” label allows OWASP consumers to readily identify a project’s maturity; moreover, the label allows project leaders to leverage the OWASP name while their project is still maturing. OWASP Incubator projects are given a place on the OWASP Projects Portal to leverage the organizations' infrastructure, and establish their presence and project history.

'''Labs Projects:''' OWASP Labs projects represent projects that have produced a deliverable of significant value. Leaders of OWASP Labs projects are expected to stand behind the quality of their projects as these projects have matured to the point where they are accepted by a significant portion of the OWASP community. While these projects are typically not production ready, the OWASP community expects that an OWASP Labs project leader is producing releases that are ready for mainstream usage. OWASP Labs Projects are meant to be the collection of established projects that have gained community support and acclaim by undergoing the project review process.

'''Flagship Projects:''' The OWASP Flagship designation is given to projects that have demonstrated superior maturity, established quality, and strategic value to OWASP and application security as a whole. Eligible projects are selected from the OWASP Labs project pool. This selection process generally ensures that there is only one project of each type covering any particular security space. OWASP Flagship projects represent projects that are not only mature, but are also projects that OWASP as an organization provides direct support to maintaining. The core mission of OWASP is to make application security visible and so as an organization, OWASP has a vested interest in the success of its Flagship projects. Since Flagship projects have such high visibility, these projects are expected to uphold the most stringent requirements of all OWASP Projects.

== OWASP Project Stage Benefits==
This section outlines the benefits of starting an OWASP project, and the benefits of being at each different stage in the projects lifecycle. In my short time here at OWASP as the PM, I have had several potential project leaders ask me what the benefits are of starting their project with OWASP. Below is my proposal for each Stage’s benefits.

'''Incubator'''
* Financial Donation Management Assistance
* Project Review Support
* WASPY Awards Nominations
* OWASP OSS and OPT Participation
* Opportunity to submit proposal: $500 for Development.
* Community Engagement and Support
* Recognition and visibility of being associated with the OWASP Brand.

'''Labs'''
* All benefits given to Incubator Projects
* Technical Writing Support
* Graphic Design Support
* Project Promotion Support
* OWASP OSS and OPT: Preference

'''Flagship'''
* All benefits given to Incubator & Labs Projects
* Grant finding and proposal writing help
* Yearly marketing plan development
* OWASP OSS and OPT participation preference

For more detailed information on OWASP Project Stage Benefits, please see the 2013 Project Handbook.

== OWASP Project Graduation==
The Project Graduation Process is an optional process undertaken at the request of a project leader using the Incubator Graduation Form. The purpose of this process is to move a project from the OWASP Incubator into the OWASP Labs. In order to be considered for OWASP Labs, an Incubator project must have submitted an OWASP reviewed deliverable, and obtained at least two (2) positive responses for each of the core criteria project health questions.

The review centers around the following core questions. Each core question has three (3) specific questions made up of binary queries. A project must receive at least two (2) positive responses from each reviewer in two of the binary questions, to warrant a postive response for the core question. Each core question must receive a positive response from both project reviewers to pass the Project Health Assessment for Incubator Projects.

* [https://docs.google.com/spreadsheet/ccc?key=0AllOCxlYdf1AdG5NZGhzTjZpT1RDcnRibjd0aXhfOUE Project Graduation Criteria Checklist]

==OWASP Project Health Assessment==
The Project Health Assessment is an optional process undertaken at the request of a project leader when he/she applies for Project Graduation The purpose of this assessment is to determine whether a project meets the minimum criteria of an OWASP Project outlined in the [https://docs.google.com/spreadsheet/ccc?key=0AllOCxlYdf1AdG5NZGhzTjZpT1RDcnRibjd0aXhfOUE Project Health Assessment Criteria Document]. If a project passes the assessment, it then becomes eligible to graduate into the OWASP Labs Project stage. In order to be considered for OWASP Labs, an Incubator project must have submitted an OWASP reviewed deliverable, and obtained at least two (2) positive responses for each of the core criteria project health questions.

==OWASP Project Deliverable/Release Assessment==
The Project Deliverable/Release Review is an optional process undertaken at the request of a project leader using the Project Deliverable Review Form. The purpose of this process is to review a project’s progress, and to make sure the project is heading in the right direction based on the roadmap they provided at project inception.

Reviews must be performed by two (2) OWASP Chapter or Project Leaders, and their review must answer affirmatively to at least the first two (2) core Project Deliverable/Release Review questions. A project must pass the OWASP Project Deliverable/Release Assessment in order to graduate into the OWASP Labs Project stage.

* [https://docs.google.com/spreadsheet/ccc?key=0AllOCxlYdf1AdG5NZGhzTjZpT1RDcnRibjd0aXhfOUE Project Deliverable/Release Assessment Criteria Checklist]

= Brand Resources =


==The Brand Usage Rules==
OWASP's philosophy is that achieving security involves all parts of an organization, including people, process, and technology. We support the use of our brand consistent with this philosophy. However, we cannot allow the use of our brand when it implies something inconsistent with OWASP's comprehensive and balanced approach to application security. Therefore, we have defined these brand usage rules to clarify appropriate and inappropriate uses of the OWASP brand, including our name, domain, logos, project names, and other trademarks.

The Brand Guideline documents and rules below provide details and instruction on how to use the OWASP logo and brand. The quick reference sheet goes over the basics of the OWASP brand logo and a brief overview of customizable options. The Brand Guidelines document gives the entire description of the OWASP brand, its public use, and the options to customize the logo based on personal desire. The guidelines cover the OWASP signature, size and spacing, colors, imagery, and typefaces.

==Rules==

The following rules make reference to the OWASP Materials, meaning any tools, documentation, or other content from OWASP. The rules also make reference to "OWASP Published Standards" which are currently in the process of being developed and released. Currently there are no OWASP Published Standards.

#The OWASP Brand may be used to direct people to the OWASP website for information about application security.
#The OWASP Brand may be used in commentary about the materials found on the OWASP website.
#The OWASP Brand may be used by OWASP Members in good standing to promote a person or company's involvement in OWASP.
#The OWASP Brand may be used in association with an application security assessment only if a complete and detailed methodology, sufficient to reproduce the results, is disclosed.
#The OWASP Brand must not be used in a manner that suggests that The OWASP Foundation supports, advocates, or recommends any particular product or technology.
#The OWASP Brand must not be used in a manner that suggests that a product or technology is compliant with any OWASP Materials other than an OWASP Published Standard.
#The OWASP Brand must not be used in a manner that suggests that a product or technology can enable compliance with any OWASP Materials other than an OWASP Published Standard.
#The OWASP Brand must not be used in any materials that could mislead readers by narrowly interpreting a broad application security category. For example, a vendor product that can find or protect against forced browsing must not claim that they address all of the access control category.
#The OWASP Brand may be used by special arrangement with The OWASP Foundation.

==Project Icons & Templates==

The templates and icons below are the files used for our OWASP Projects. Here you will find icons that you can place on your wiki template to let viewers know what type of project they are looking at, and what stage the project is in. The operational OWASP Project wiki template can be copied onto another project page. If you require more assistance with these files and/or templates, please contact the OWASP staff for assistance

'''[https://www.owasp.org/index.php/OWASP_Operations_Project_Template OWASP Operational Wiki Template]'''

'''[https://www.owasp.org/index.php/OWASP_Documentation_Project_Template OWASP Example Template: DO NOT EDIT]'''

[[Image:OWASP_Project_Header.jpg|Owasp logo|500px]]

[[Image:Project_Type_Files_TOOL.jpg|Owasp logo|200px]] [[Image:Project_Type_Files_DOC.jpg||Owasp logo 1c|200px]]

[[Image:Project_Type_Files_CODE.jpg|Owasp logo|200px]] [[Image:Owasp-defenders-small.png|Owasp logo|100px]] [[Image:Owasp-builders-small.png|Owasp logo|100px]] [[Image:Owasp-breakers-small.png|Owasp logo|100px]]

[[Image:Owasp-incubator-trans-200.png|Owasp logo rev icon|100px]] [[Image:Owasp-labs-trans-85.png|Owasp logo flat|100px]] [[Image:Owasp-flagship-trans-85.png|Owasp logo icon|100px]]

===OpenSAMM===
'''[https://owasp.org/images/5/53/OpenSAMM_icons.zip OpenSAMM Icons]'''

'''Construction:'''

[[Image:Construction black.png| Construction black| 100px]] [[Image:Construction blue.png| Construction blue| 100px]] [[image:Construction olive.png |construction olive|100px]]

'''Deployment:'''

[[image:Deployment black.png| Deployment black| 100px]] [[image:Deployment blue.png| Deployment blue| 100px]] [[image:Deployment olive.png | Deployment olive| 100px]]

'''Governance:'''

[[image:Governance black.png| governance black| 100px]] [[image:Governance blue.png | governance blue | 100px]] [[image:Governance olive.png | governance olive| 100px]]

'''Verification:'''

[[image:Verification black.png | Verification black | 100px]] [[image:Verification blue.png | verification blue | 100px]] [[image: Verification olive.png | Verification olive | 100px]]

==Book Cover Files==

[https://www.owasp.org/images/d/d3/Lulu-guide.pdf Lulu Guide]

Below you will find the Adobe Illustrator, Photoshop, and In-Design files for past OWASP Documentation books. You will need a copy of Adobe Creative Suite to edit these files. If you want to use these templates, but do not have Adobe Creative Suite, please contact the OWASP staff for assistance.

'''[https://www.dropbox.com/s/h27gsbe5m7idg0y/Finished%20Covers.zip Download the Book Cover Zip File]'''
{|
|-
! width="500" align="center" | 
! width="300" align="center" | 
|-
| align="center" | [[Image:BookImage_01.jpg‎|500px| link=https://www.dropbox.com/s/h27gsbe5m7idg0y/Finished%20Covers.zip]]
| align="center" |

|}

= Terminology =

== OWASP Project Infrastructure ==

*'''OWASP Project Lifecycle:''' The OWASP Projects Lifecycle represents a balance between keeping a very loose structure around OWASP projects, and ensuring that OWASP consumers are not confused about a project’s maturity and quality. The lifecycle stage allows consumers to easily identify mature projects, and projects that are proofs of concept, experimental, and classified as prototypes in their current state.

*'''Incubator Project:''' OWASP Incubator projects represent the experimental playground where projects are still being fleshed out, ideas are still being proven, and development is still underway. The “OWASP Incubator” label allows OWASP consumers to readily identify a project’s maturity. The label also allows project leaders to leverage the OWASP name while their project is still maturing.

*'''Labs Project:''' OWASP Labs projects represent projects that have produced a deliverable of value. While these projects are typically not production ready, the OWASP community expects that an OWASP Labs project leader is producing releases that are at least ready for mainstream usage.

*'''Flagship Project:''' The OWASP Flagship designation is given to projects that have demonstrated strategic value to OWASP and application security as a whole.

*'''Project Benefits:''' The standard list of resources and incentives made available to project leaders based on their project's current maturity level.

== OWASP Project Reviews ==

*'''Project Reviews:''' Project reviews are the method OWASP uses to establish a minimal baseline of project characteristics and release quality. Reviews are not mandatory, but they are necessary if a project leader wishes to graduate to the next level of maturity within the OWASP Global Projects infrastructure. Projects can be reviewed when an Incubator project wishes to graduate into the OWASP Labs designation, and project releases can be reviewed if they want the quality of their deliverable to be vouched for by OWASP.

*'''Project Reviewer Pool:''' The project reviewer pool is made up of veteran reviewers who have proven themselves dedicated to executing quality reviews of projects.

*'''Project Graduation:''' The Project Graduation Process is an optional process undertaken at the request of a project leader using the Incubator Graduation Form. The purpose of this process is to move a project from the OWASP Incubator into the OWASP Labs.

*'''Project Health Assessment:''' The Project Health Assessment is an optional process undertaken at the request of a project leader when he/she applies for Project Graduation The purpose of this assessment is to determine whether a project meets the minimum criteria of an OWASP Project outlined in the [https://docs.google.com/a/owasp.org/spreadsheet/ccc?key=0AllOCxlYdf1AdG5NZGhzTjZpT1RDcnRibjd0aXhfOUE#gid=1 Project Health Assessment Criteria Document].

*'''Project Release:''' A project release refers to the final deliverable a project produces. It is the final product of the project.

*'''Project Deliverable/Release Review:''' The Project Deliverable/Release Review is an optional process undertaken at the request of a project leader using the Project Deliverable Review Form. The purpose of this process is to review a project’s progress, and to make sure the project is heading in the right direction based on the roadmap they provided at project inception.

== OWASP Projects Processes ==

*'''Project Processes:''' The set of streamlined processes that exist to help projects move smoothly through the OWASP Project Lifecycle.

*'''Project Inception Process:''' The Project Inception Process is how a brand new idea becomes an OWASP Project. Such projects are labeled as OWASP Incubator projects. The process involves submitting the proposed project name, project leader information, project description, project roadmap, and selecting an appropriate open-source license for the project using the New Project Form on the Projects Portal.

*'''Project Donation Process:''' The Project Donation Process is used for a project that has an existing functional release, but is not currently associated with OWASP. This process is the primary mechanism by which individuals or organizations can transfer the ownership of their project’s copyright to OWASP.

*'''Project Transition Process:''' The Project Transition Process is used to transition leadership of a project to a new project leader. This is a simple automated process to transfer the relevant accounts, mailing lists, and other project resources to the new project leader.

*'''Project Abandonment Process:''' The Project Abandonment Process was put in place for those occasions in which a project leader is no longer able to manage their project, and has not been able to find a suitable replacement for the leader role. Project Abandonment can also occur when the project leader feels his/her project has become obsolete. Under these circumstances, the acting project leader is encourage do submit the Project Abandonment Form found in the Projects Portal.

*'''Incubator Graduation Process:''' The Incubator Graduation Process is an optional process undertaken at the request of a project leader using the Incubator Graduation Form. The purpose of this process is to move a project from the OWASP Incubator into the OWASP Labs.

== Projects at Conferences ==

*'''AppSec Conferences:''' OWASP AppSec conferences bring together industry, government, security researchers, and practitioners to discuss the state of the art in application security. This series was launched in the United States in 2004 and Europe in 2005. Global AppSec conferences are held annually in North America, Latin America, Europe, and Asia Pacific.

*'''Open Source Showcase:''' The Open Source Showcase is an OWASP AppSec Conference event module designed to give Open Source project leaders the opportunity to demo their projects.

*'''OWASP Project Track:''' The OWASP Project Track is an OWASP AppSec Conference event module designed to give OWASP Project leaders the opportunity to showcase their projects as an official conference presenter.

== OWASP Projects General ==

*'''OWASP Code of Ethics:''' The OWASP Code of Ethics are the set of guidelines and principles that the OWASP Foundation expects all of its members and conference attendees to abide by. A copy of the Code of Ethics can be found here in the [https://www.owasp.org/index.php/About_The_Open_Web_Application_Security_Project#Code_of_Ethics OWASP About page].

= Sponsorships and Donations =


==Donate to OWASP Global Projects ==
OWASP Projects, a global division of the OWASP Foundation, is run under the same world wide not-for-profit charitable status as all the foundation strategic groups. OWASP provides a platform for contributors to share their work while providing them with the project and community support they need throughout their project development. All OWASP Projects are run by volunteers and they rely on personal donations and sponsorship to continue their development. Donate to OWASP Projects, and we promise to spend your money wisely on open source initiatives.

'''This is how your money can help:'''

* $20 could help us spread the word on the importance of open source initiatives in the Application Security industry.
* $100 could help fund OWASP project demos at major conferences.
* $250 could help get our volunteer Project Leaders to speaking engagements.

[[Image:Donate_Button.jpg | link=http://www.regonline.com/Register/Checkin.aspx?EventID=1044369]]

= PM Information =

{{:OWASP_PM_Information_Samantha_Groves}}

= Contact US =


==OWASP Representation==
* [[User:Samantha Groves|Samantha Groves]]: OWASP Program Manager: OWASP Projects

If you need any help with anything projects related, or if you simply need some more information, please do not hesitate to contact the [http://owasp4.owasp.org/contactus.html OWASP Projects Manager, Samantha Groves].


<headertabs />

OWASP PM Information Samantha Groves

2014-06-06T22:09:36Z

Samantha Groves:

==Samantha Groves: OWASP Program Manager: OWASP Projects==
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Sam3.jpg|100px]]
| align="justify" |Samantha Groves is the Program Manager at OWASP for our Global Projects. Samantha has led many projects in her career, some of which include website development, brand development, sustainability and socio-behavioral research projects, competitor analysis, event organization and management, volunteer engagement projects, staff recruitment and training, and marketing department organization and strategy implementation projects for a variety of commercial and not-for-profit organizations. She is eager to begin her work at OWASP and help the organization reach its project completion goals.

Samantha earned her MBA in International Management with a concentration in sustainability from Royal Holloway, University of London. She earned her Bachelor's degree majoring in Multimedia from The University of Advancing Technology in Mesa, Arizona, and she earned her Associate's degree from Scottsdale Community College in Scottsdale, Arizona. Additionally, Samantha attained her Prince2 (Foundation) project management certification, and she undertook executive management training in Intellectual Property Strategy from Harvard Business School. [https://www.owasp.org/index.php/Test2test .]

Please see the [https://www.owasp.org/index.php/OwaspPM OWASP Program Manager: Projects Role Description] for more information.

|}
 

==Program Reports==

'''2014'''

*[https://www.owasp.org/index.php/Projects/Reports/2014-10-01 Project Manager Report: January 10 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-17-01 Project Manager Report: January 17 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-25-01 Project Manager Report: January 25 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-31-01 Project Manager Report: January 31 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-07-02 Project Manager Report: February 07 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-16-02 Project Manager Report: February 16 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-21-02 Project Manager Report: February 21 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-28-02 Project Manager Report: February 28 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-07-03 Project Manager Report: March 07 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-14-03 Project Manager Report: March 14 2014]
*Project Manager Report: March 21 2014 - No Report this week. PM was away at AppSec APAC 2014.
*[https://www.owasp.org/index.php/Projects/Reports/2014-28-03 Project Manager Report: March 28 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-04-04 Project Manager Report: April 04 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-11-04 Project Manager Report: April 11 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-18-04 Project Manager Report: April 18 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-25-04 Project Manager Report: April 25 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-02-05 Project Manager Report: May 02 2014]
*Project Manager Report: May 09 2013 - No Report this week. On Holiday.
*Project Manager Report: May 16 2013 - No Report this week. On Holiday.
*[https://www.owasp.org/index.php/Projects/Reports/2014-23-05 Program Manager Report: May 23 2014]
*Project Manager Report: May 30 2013 - No Report this week. On Holiday.
*[https://www.owasp.org/index.php/Projects/Reports/2014-06-06 Program Manager Report: June 06 2014]

'''2013'''

*[https://www.owasp.org/index.php/GPC/Meetings/2013-04-01 GPC Meeting: January 04 2013 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-11-01 GPC Meeting: January 11 2013 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-18-01 GPC Meeting: January 18 2013 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-25-01 GPC Meeting: January 25 2013 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-01-02 GPC Meeting: February 01 2013 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-08-02 GPC Meeting: February 08 2013 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-15-02 GPC Meeting: February 15 2013 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-22-02 GPC Meeting: February 22 2013 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-01-03 Project Manager Report: March 01 2013]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-08-03 Project Manager Report: March 08 2013]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-15-03 Project Manager Report: March 15 2013]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-22-03 Project Manager Report: March 22 2013]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-29-03 Project Manager Report: March 29 2013]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-05-04 Project Manager Report: April 05 2013]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-12-04 Project Manager Report: April 12 2013]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-19-04 Project Manager Report: April 19 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-26-04 Project Manager Report: April 26 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-03-05 Project Manager Report: May 03 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-10-05 Project Manager Report: May 10 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-17-05 Project Manager Report: May 17 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-24-05 Project Manager Report: May 24 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-31-05 Project Manager Report: May 31 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-07-06 Project Manager Report: June 07 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-14-06 Project Manager Report: June 14 2013]
*Project Manager Report: June 21 2013 - No Report this week. PM was away at a week long course.
*[https://www.owasp.org/index.php/Projects/Reports/2013-28-06 Project Manager Report: June 28 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-05-07 Project Manager Report: July 05 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-12-07 Project Manager Report: July 12 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-19-07 Project Manager Report: July 19 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-26-07 Project Manager Report: July 26 2013]
*Project Manager Report: August 02 2013 - No Report this week. PM was away at Black Hat & DEFCON 2013.
*[https://www.owasp.org/index.php/Projects/Reports/2013-09-08 Project Manager Report: August 09 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-16-08 Project Manager Report: August 16 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-23-08 Project Manager Report: August 23 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-30-08 Project Manager Report: August 30 2013]
*Project Manager Report: September 06 2013 - No Report this week. PM was away.
*[https://www.owasp.org/index.php/Projects/Reports/2013-13-09 Project Manager Report: September 13 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-20-09 Project Manager Report: September 20 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-27-09 Project Manager Report: September 27 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-04-10 Project Manager Report: October 04 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-12-10 Project Manager Report: October 12 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-18-10 Project Manager Report: October 18 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-25-10 Project Manager Report: October 25 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-01-11 Project Manager Report: November 01 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-08-11 Project Manager Report: November 08 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-15-11 Project Manager Report: November 15 2013]
*Project Manager Report: November 22 2013 - No Report this week. PM was away at AppSec USA 2013.
*Project Manager Report: November 29 2013 - No Report this week. National Holiday.
*[https://www.owasp.org/index.php/Projects/Reports/2013-06-12 Project Manager Report: December 06 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-13-12 Project Manager Report: December 13 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-20-12 Project Manager Report: December 20 2013]

'''2012'''

*[https://www.owasp.org/index.php/GPC/Meetings/2012-24-08 GPC Meeting: August 24 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-07-09 GPC Meeting: September 07 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-14-09 GPC Meeting: September 14 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-21-09 GPC Meeting: September 21 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-28-09 GPC Meeting: September 28 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-05-10 GPC Meeting: October 05 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-12-10 GPC Meeting: October 12 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-19-10 GPC Meeting: October 19 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-09-11 GPC Meeting: November 09 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-16-11 GPC Meeting: November 16 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-30-11 GPC Meeting: November 30 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-07-12 GPC Meeting: December 07 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-14-12 GPC Meeting: December 14 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-21-12 GPC Meeting: December 21 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-27-12 GPC Meeting: December 27 2012 Project Manager Report]

==Board Meeting Reports==

*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/August_13_2012 Board Meeting: August 2012 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/September_10_2012 Board Meeting: September 2012 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/October_08_2012 Board Meeting: October 2012 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/November_12_2012 Board Meeting: November 2012 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/December_10_2012 Board Meeting: December 2012 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/January_14_2013 Board Meeting: January 2013 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/February_11_2013 Board Meeting: February 2013 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/March_11_2013 Board Meeting: March 2013 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/April_05_2013 Board Meeting: April 2013 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/May_13_2013 Board Meeting: May 2013 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/June_10_2013 Board Meeting: June 2013 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/July_08_2013 Board Meeting: July 2013 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/August_06_2013 Board Meeting: August 2013 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/September_09_2013 Board Meeting: September 2013 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/November_06_2013 Board Meeting: November 2013 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/December_03_2013 Board Meeting: December 2013 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/February_18_2013 Board Meeting: February 2014 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/April_18_2014 Board Meeting: April 2014 Project Manager Report]

==Project Funds==

* [https://docs.google.com/a/owasp.org/spreadsheet/pub?hl=en_US&hl=en_US&key=0Atu4kyR3ljftdEdQWTczbUxoMUFnWmlTODZ2ZFZvaXc&output=html Chapter and Individual Project Funds]
* [https://www.owasp.org/index.php/Projects_Reboot_2012 Project Reboot 2012 Information]
* [https://www.owasp.org/images/a/ae/Project_Funds-Q1_2013.pdf Q1 2013: Funds Allocated to Projects]
* [https://www.owasp.org/images/a/a0/PROJECT_FUNDS_Q2_2013.pdf Q2 2013: Funds Allocated to Projects]
* [https://www.owasp.org/images/c/ce/Due_To_Projects_Q3.pdf Q3 2013: Funds Allocated to Projects]
* [https://www.owasp.org/images/b/b3/Due_To_Projects_Q4_2013.pdf Q4 2013: Funds Allocated to Projects]

==Program Grants: Proposals Awarded==

*'''[https://docs.google.com/document/d/1MA3TI5ssclxvheV8At_ffu2Fuic55SDpOokS3AOvBUc/edit?usp=sharing OWASP Guidebooks Proposal]'''
# Amount: $25,000 USD
# Status: Awarded. The first payment has been allocated to our project budgets. The second invoice has now been sent to Georgia Tech and payment has been received.
# [https://www.owasp.org/images/1/18/Development_Guide_Project_Gantt.pdf OWASP Development Guide Plan]
# [https://www.owasp.org/images/e/e9/Testing_Guide_Project_Gantt.pdf OWASP Testing Guide Plan]
# [https://www.owasp.org/images/d/da/Code_Review_Project_Gantt.pdf OWASP Code Review Guide Plan]

*'''Google Grants Proposal'''
#Amount: $120,000 USD in Adwords Funds
#Status: Awarded.
#Note: There is no link to show the proposal for this grant. There was a form that was submitted to Google, and we did not receive a record of this form.

*'''Google Summer of Code'''
#Amount: $5,500
#Status: Awarded

*'''Projects breakdown:'''
**4 ZAP Projects: $2,000
**4 OWTF Projects: $2,000
**1 PHP Security Project: $500
**1 Hackademics Project: $500
**1 Modsecurity Project: $500
**Note: Big thank you to Fabio Cerullo for coordinating and managing this award.

*'''[https://docs.google.com/document/d/1cFbmOLqEQQG8eXPrMTlU6JUivgRIacUeL7D599bZm_E/edit?usp=sharing OWASP AppSensor Grant Proposal]'''
# Amount: $15,000 USD
# Status: Awarded.

*'''Total Funds Awarded: $172,170 USD for 2013.'''

==Proposals Denied==

*'''European Commission Grant Proposal'''
#Amount: €250,000
#Status: Denied.

*'''[https://docs.google.com/document/d/1Vz7BLFdt1h5AhmW-Zc2B_KlqhzsSkSAaEASML5U4VQs/edit?usp=sharing OWASP OpenSAMM Grant Proposal]'''
# Amount: $112,000 USD
# Status: Denied

*'''[https://docs.google.com/document/d/16ZFXaML8C7aDAZdyTMDDg4BzLr1vUTOz9eqmYE8ZW8U/edit?usp=sharing OWASP ESAPI Grant Proposal]'''
# Amount: $25,000 USD
# Status: Denied

*'''[https://docs.google.com/document/d/1dBTaRr-yl8wGhGKxacWACznZhCZnJ_sZeAdN-b2xPlw/edit?usp=sharing OWASP ModSecurity CRS Proposal]'''
#Amount: $30,000 USD
#Status: Denied

*'''[https://docs.google.com/file/d/0B1lOCxlYdf1AQm52T2xjX215M28/edit?usp=sharing OWASP OWTF Grant Proposal]'''
# Amount: $55,800 USD
# Status: Denied

==Program Presentations: Projects==

* [https://www.owasp.org/images/f/fb/OWASP_GLOBAL_PROJECTS.pdf OWASP Projects Presentation: Phoenix Chapter Talk]
* [https://www.owasp.org/images/b/bb/OWASP_Projects_Webinar.pdf OWASP Projects Webinar]
* [https://www.owasp.org/images/1/19/OWASP_PROJECTS_SOLUTIONS.pdf OWASP Project Infrastructure: Solutions]

==Program Manger's Quarterly Strategic Objectives==

'''[https://docs.google.com/document/d/1g9jJImMr0p6fLqixOJIXtrNvGtycmI7-ofT54vWExwo/edit?usp=sharing Goals and Objectives: 2013 Q4]'''
#Finish planning Project Summit & Execute Summit at AppSec USA.
#Develop & Finish Global Projects Strategy for 2014: Includes Budget
#Finish Fundraising Strategy for 2014: Includes Budget

*'''Ongoing Objectives for 2013'''
**Quarterly Report to DHS
**Continue helping leaders reach their grant required milestones
**Finalise graphic design delivery from Patrick: 2 pieces to go.

'''[https://docs.google.com/a/owasp.org/document/d/1wziu7cIMmnYZQ_fMxjNd614e0OWNacZLmcyQl7zWnZU/edit?usp=sharing Goals and Objectives: 2013 Q3]'''
#Marketing: Work with Sarah to solicit feedback from community on Marketing deliverables and finalize relationship with Patrick and Denita.
#Project Review Process - Work with new Technical Project advisors to finalize project review criteria and process.
#Grants: Develop a grant strategy for rest of 2013 and 2014, utilizing fundraising intern(s) as part of this strategy.

*'''Ongoing Objectives for 2013'''
**Work with Project leaders to reach grant required milestones - ONGOING
**Develop a project charter outlining appropriate grant revenue spending and grant required milestones. - DUE IN SEPTEMBER - ONGOING
**Oversight of Marketing and Graphic Design deliverables (Phase 2/Phase 3) provided by 3rd party contractor

==Contact the Program Manager==

If you need any help with anything projects related, or if you simply need some more information, please do not hesitate to contact the [http://owasp4.owasp.org/contactus.html OWASP Projects Manager, Samantha Groves].

OWASP PM Information Samantha Groves

2014-06-06T22:09:16Z

Samantha Groves: Created page with "= PM Information = ==Samantha Groves: OWASP Program Manager: OWASP Projects== {| style="background-color: transparent" |- ! width="200" align="center" | ..."

= PM Information =


==Samantha Groves: OWASP Program Manager: OWASP Projects==
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Sam3.jpg|100px]]
| align="justify" |Samantha Groves is the Program Manager at OWASP for our Global Projects. Samantha has led many projects in her career, some of which include website development, brand development, sustainability and socio-behavioral research projects, competitor analysis, event organization and management, volunteer engagement projects, staff recruitment and training, and marketing department organization and strategy implementation projects for a variety of commercial and not-for-profit organizations. She is eager to begin her work at OWASP and help the organization reach its project completion goals.

Samantha earned her MBA in International Management with a concentration in sustainability from Royal Holloway, University of London. She earned her Bachelor's degree majoring in Multimedia from The University of Advancing Technology in Mesa, Arizona, and she earned her Associate's degree from Scottsdale Community College in Scottsdale, Arizona. Additionally, Samantha attained her Prince2 (Foundation) project management certification, and she undertook executive management training in Intellectual Property Strategy from Harvard Business School. [https://www.owasp.org/index.php/Test2test .]

Please see the [https://www.owasp.org/index.php/OwaspPM OWASP Program Manager: Projects Role Description] for more information.

|}
 

==Program Reports==

'''2014'''

*[https://www.owasp.org/index.php/Projects/Reports/2014-10-01 Project Manager Report: January 10 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-17-01 Project Manager Report: January 17 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-25-01 Project Manager Report: January 25 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-31-01 Project Manager Report: January 31 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-07-02 Project Manager Report: February 07 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-16-02 Project Manager Report: February 16 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-21-02 Project Manager Report: February 21 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-28-02 Project Manager Report: February 28 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-07-03 Project Manager Report: March 07 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-14-03 Project Manager Report: March 14 2014]
*Project Manager Report: March 21 2014 - No Report this week. PM was away at AppSec APAC 2014.
*[https://www.owasp.org/index.php/Projects/Reports/2014-28-03 Project Manager Report: March 28 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-04-04 Project Manager Report: April 04 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-11-04 Project Manager Report: April 11 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-18-04 Project Manager Report: April 18 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-25-04 Project Manager Report: April 25 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-02-05 Project Manager Report: May 02 2014]
*Project Manager Report: May 09 2013 - No Report this week. On Holiday.
*Project Manager Report: May 16 2013 - No Report this week. On Holiday.
*[https://www.owasp.org/index.php/Projects/Reports/2014-23-05 Program Manager Report: May 23 2014]
*Project Manager Report: May 30 2013 - No Report this week. On Holiday.
*[https://www.owasp.org/index.php/Projects/Reports/2014-06-06 Program Manager Report: June 06 2014]

'''2013'''

*[https://www.owasp.org/index.php/GPC/Meetings/2013-04-01 GPC Meeting: January 04 2013 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-11-01 GPC Meeting: January 11 2013 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-18-01 GPC Meeting: January 18 2013 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-25-01 GPC Meeting: January 25 2013 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-01-02 GPC Meeting: February 01 2013 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-08-02 GPC Meeting: February 08 2013 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-15-02 GPC Meeting: February 15 2013 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-22-02 GPC Meeting: February 22 2013 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-01-03 Project Manager Report: March 01 2013]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-08-03 Project Manager Report: March 08 2013]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-15-03 Project Manager Report: March 15 2013]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-22-03 Project Manager Report: March 22 2013]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-29-03 Project Manager Report: March 29 2013]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-05-04 Project Manager Report: April 05 2013]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-12-04 Project Manager Report: April 12 2013]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-19-04 Project Manager Report: April 19 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-26-04 Project Manager Report: April 26 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-03-05 Project Manager Report: May 03 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-10-05 Project Manager Report: May 10 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-17-05 Project Manager Report: May 17 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-24-05 Project Manager Report: May 24 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-31-05 Project Manager Report: May 31 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-07-06 Project Manager Report: June 07 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-14-06 Project Manager Report: June 14 2013]
*Project Manager Report: June 21 2013 - No Report this week. PM was away at a week long course.
*[https://www.owasp.org/index.php/Projects/Reports/2013-28-06 Project Manager Report: June 28 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-05-07 Project Manager Report: July 05 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-12-07 Project Manager Report: July 12 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-19-07 Project Manager Report: July 19 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-26-07 Project Manager Report: July 26 2013]
*Project Manager Report: August 02 2013 - No Report this week. PM was away at Black Hat & DEFCON 2013.
*[https://www.owasp.org/index.php/Projects/Reports/2013-09-08 Project Manager Report: August 09 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-16-08 Project Manager Report: August 16 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-23-08 Project Manager Report: August 23 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-30-08 Project Manager Report: August 30 2013]
*Project Manager Report: September 06 2013 - No Report this week. PM was away.
*[https://www.owasp.org/index.php/Projects/Reports/2013-13-09 Project Manager Report: September 13 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-20-09 Project Manager Report: September 20 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-27-09 Project Manager Report: September 27 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-04-10 Project Manager Report: October 04 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-12-10 Project Manager Report: October 12 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-18-10 Project Manager Report: October 18 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-25-10 Project Manager Report: October 25 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-01-11 Project Manager Report: November 01 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-08-11 Project Manager Report: November 08 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-15-11 Project Manager Report: November 15 2013]
*Project Manager Report: November 22 2013 - No Report this week. PM was away at AppSec USA 2013.
*Project Manager Report: November 29 2013 - No Report this week. National Holiday.
*[https://www.owasp.org/index.php/Projects/Reports/2013-06-12 Project Manager Report: December 06 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-13-12 Project Manager Report: December 13 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-20-12 Project Manager Report: December 20 2013]

'''2012'''

*[https://www.owasp.org/index.php/GPC/Meetings/2012-24-08 GPC Meeting: August 24 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-07-09 GPC Meeting: September 07 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-14-09 GPC Meeting: September 14 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-21-09 GPC Meeting: September 21 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-28-09 GPC Meeting: September 28 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-05-10 GPC Meeting: October 05 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-12-10 GPC Meeting: October 12 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-19-10 GPC Meeting: October 19 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-09-11 GPC Meeting: November 09 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-16-11 GPC Meeting: November 16 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-30-11 GPC Meeting: November 30 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-07-12 GPC Meeting: December 07 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-14-12 GPC Meeting: December 14 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-21-12 GPC Meeting: December 21 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-27-12 GPC Meeting: December 27 2012 Project Manager Report]

==Board Meeting Reports==

*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/August_13_2012 Board Meeting: August 2012 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/September_10_2012 Board Meeting: September 2012 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/October_08_2012 Board Meeting: October 2012 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/November_12_2012 Board Meeting: November 2012 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/December_10_2012 Board Meeting: December 2012 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/January_14_2013 Board Meeting: January 2013 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/February_11_2013 Board Meeting: February 2013 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/March_11_2013 Board Meeting: March 2013 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/April_05_2013 Board Meeting: April 2013 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/May_13_2013 Board Meeting: May 2013 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/June_10_2013 Board Meeting: June 2013 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/July_08_2013 Board Meeting: July 2013 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/August_06_2013 Board Meeting: August 2013 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/September_09_2013 Board Meeting: September 2013 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/November_06_2013 Board Meeting: November 2013 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/December_03_2013 Board Meeting: December 2013 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/February_18_2013 Board Meeting: February 2014 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/April_18_2014 Board Meeting: April 2014 Project Manager Report]

==Project Funds==

* [https://docs.google.com/a/owasp.org/spreadsheet/pub?hl=en_US&hl=en_US&key=0Atu4kyR3ljftdEdQWTczbUxoMUFnWmlTODZ2ZFZvaXc&output=html Chapter and Individual Project Funds]
* [https://www.owasp.org/index.php/Projects_Reboot_2012 Project Reboot 2012 Information]
* [https://www.owasp.org/images/a/ae/Project_Funds-Q1_2013.pdf Q1 2013: Funds Allocated to Projects]
* [https://www.owasp.org/images/a/a0/PROJECT_FUNDS_Q2_2013.pdf Q2 2013: Funds Allocated to Projects]
* [https://www.owasp.org/images/c/ce/Due_To_Projects_Q3.pdf Q3 2013: Funds Allocated to Projects]
* [https://www.owasp.org/images/b/b3/Due_To_Projects_Q4_2013.pdf Q4 2013: Funds Allocated to Projects]

==Program Grants: Proposals Awarded==

*'''[https://docs.google.com/document/d/1MA3TI5ssclxvheV8At_ffu2Fuic55SDpOokS3AOvBUc/edit?usp=sharing OWASP Guidebooks Proposal]'''
# Amount: $25,000 USD
# Status: Awarded. The first payment has been allocated to our project budgets. The second invoice has now been sent to Georgia Tech and payment has been received.
# [https://www.owasp.org/images/1/18/Development_Guide_Project_Gantt.pdf OWASP Development Guide Plan]
# [https://www.owasp.org/images/e/e9/Testing_Guide_Project_Gantt.pdf OWASP Testing Guide Plan]
# [https://www.owasp.org/images/d/da/Code_Review_Project_Gantt.pdf OWASP Code Review Guide Plan]

*'''Google Grants Proposal'''
#Amount: $120,000 USD in Adwords Funds
#Status: Awarded.
#Note: There is no link to show the proposal for this grant. There was a form that was submitted to Google, and we did not receive a record of this form.

*'''Google Summer of Code'''
#Amount: $5,500
#Status: Awarded

*'''Projects breakdown:'''
**4 ZAP Projects: $2,000
**4 OWTF Projects: $2,000
**1 PHP Security Project: $500
**1 Hackademics Project: $500
**1 Modsecurity Project: $500
**Note: Big thank you to Fabio Cerullo for coordinating and managing this award.

*'''[https://docs.google.com/document/d/1cFbmOLqEQQG8eXPrMTlU6JUivgRIacUeL7D599bZm_E/edit?usp=sharing OWASP AppSensor Grant Proposal]'''
# Amount: $15,000 USD
# Status: Awarded.

*'''Total Funds Awarded: $172,170 USD for 2013.'''

==Proposals Denied==

*'''European Commission Grant Proposal'''
#Amount: €250,000
#Status: Denied.

*'''[https://docs.google.com/document/d/1Vz7BLFdt1h5AhmW-Zc2B_KlqhzsSkSAaEASML5U4VQs/edit?usp=sharing OWASP OpenSAMM Grant Proposal]'''
# Amount: $112,000 USD
# Status: Denied

*'''[https://docs.google.com/document/d/16ZFXaML8C7aDAZdyTMDDg4BzLr1vUTOz9eqmYE8ZW8U/edit?usp=sharing OWASP ESAPI Grant Proposal]'''
# Amount: $25,000 USD
# Status: Denied

*'''[https://docs.google.com/document/d/1dBTaRr-yl8wGhGKxacWACznZhCZnJ_sZeAdN-b2xPlw/edit?usp=sharing OWASP ModSecurity CRS Proposal]'''
#Amount: $30,000 USD
#Status: Denied

*'''[https://docs.google.com/file/d/0B1lOCxlYdf1AQm52T2xjX215M28/edit?usp=sharing OWASP OWTF Grant Proposal]'''
# Amount: $55,800 USD
# Status: Denied

==Program Presentations: Projects==

* [https://www.owasp.org/images/f/fb/OWASP_GLOBAL_PROJECTS.pdf OWASP Projects Presentation: Phoenix Chapter Talk]
* [https://www.owasp.org/images/b/bb/OWASP_Projects_Webinar.pdf OWASP Projects Webinar]
* [https://www.owasp.org/images/1/19/OWASP_PROJECTS_SOLUTIONS.pdf OWASP Project Infrastructure: Solutions]

==Program Manger's Quarterly Strategic Objectives==

'''[https://docs.google.com/document/d/1g9jJImMr0p6fLqixOJIXtrNvGtycmI7-ofT54vWExwo/edit?usp=sharing Goals and Objectives: 2013 Q4]'''
#Finish planning Project Summit & Execute Summit at AppSec USA.
#Develop & Finish Global Projects Strategy for 2014: Includes Budget
#Finish Fundraising Strategy for 2014: Includes Budget

*'''Ongoing Objectives for 2013'''
**Quarterly Report to DHS
**Continue helping leaders reach their grant required milestones
**Finalise graphic design delivery from Patrick: 2 pieces to go.

'''[https://docs.google.com/a/owasp.org/document/d/1wziu7cIMmnYZQ_fMxjNd614e0OWNacZLmcyQl7zWnZU/edit?usp=sharing Goals and Objectives: 2013 Q3]'''
#Marketing: Work with Sarah to solicit feedback from community on Marketing deliverables and finalize relationship with Patrick and Denita.
#Project Review Process - Work with new Technical Project advisors to finalize project review criteria and process.
#Grants: Develop a grant strategy for rest of 2013 and 2014, utilizing fundraising intern(s) as part of this strategy.

*'''Ongoing Objectives for 2013'''
**Work with Project leaders to reach grant required milestones - ONGOING
**Develop a project charter outlining appropriate grant revenue spending and grant required milestones. - DUE IN SEPTEMBER - ONGOING
**Oversight of Marketing and Graphic Design deliverables (Phase 2/Phase 3) provided by 3rd party contractor

==Contact the Program Manager==

If you need any help with anything projects related, or if you simply need some more information, please do not hesitate to contact the [http://owasp4.owasp.org/contactus.html OWASP Projects Manager, Samantha Groves].

Projects/Reports/2014-06-06

2014-06-06T22:00:16Z

Samantha Groves:

=PROJECT METRICS=

<div style="width:100%;height:160px;border:0,margin:0;overflow: hidden;">[[File:OWASP_Project_Header.jpg|link=]]</div>

==Metrics==

*'''[https://docs.google.com/spreadsheet/ccc?key=0AllOCxlYdf1AdGU4MlNpOWZsLWM2YXhpQzZLbnpndkE&usp=sharing Project Numbers]'''

*Active Projects: 157
*Inactive Projects: 131
*Incubator Projects: 124
*Lab Projects: 33
*Flagship Projects: 0

==OWASP Project of the Month ==

{|
|-
! width="400" align="left" |
! width="400" align="left" |
|-
| align="left" | [[Image:Education-project.png|left|300px|link=https://www.owasp.org/index.php/Category:OWASP_Education_Project]] 
| align="left" | [[Image:AppSecEU_2014.jpg|left|300px|link=https://2014.appsec.eu/]] 

|}

=CURRENTLY WORKING ON=

*'''Project Activity Modules in Cambridge UK'''
**The AppSec EU event is coming up fast.
**We are working hard to prepare for the activities scheduled for the conference.
**The project leaders are working hard to make sure everything goes according to plan.
**I will no longer be able to attend the event so they will need to pick up the on-site management during the conference.

*'''AppSec EU and 2014 Summit'''
**I will no longer be able to attend the AppSec EU conference.
**This means that I will no longer be involved in the 2014 Project Summit.
**I will be having 2 hand-off meetings today to guide volunteers on what is left to be done for the Summit, and what to expect during the event.
**Dinis Cruz and Matt Tesauro have kindly agreed to do the planning and on-site management after next Tuesday.
**I wish the team the best of luck at the event! Rock it, Summit team! :-)

*'''Staff Hand-off'''
**Hugo, Kait, Sarah and I had a hand-off call this week to discuss how the team will be moving forward after my departure.
**There will be many challenges ahead, but I am confident that the team will thrive despite my absence.
**We successfully developed a plan and reporting structure for all future project administration and design/marketing work.
**After Tuesday, June 10th, Sarah will be taking on this extra responsibility.

*'''Off-boarding'''
**I have been working all week to try and consolidate everything I do for the staff and community.
**I have resigned my post, and my last day on the job is Tuesday, June 10th 2014.
**I have made a list of daily/weekly tasks I work on, and current projects I am managing.
**Additionally, I have made a list of Summit needs that will need to be taken on before the June 23/24 event.

*'''Daily Project based queries and requests'''
**This has not changed much since I began the post: questions are very similar in nature.
**Global AppSec questions.
**Funding queries.
**Travel availability.
**Project based administrative help.
**Project status information.
**Several project donation questions.
**Marketing questions.
**Grant funding questions.
**OWASP social media updates.
**What's happening with projects, questions.
**Managing Salesforce cases.

=PROJECT GRANTS & FUNDING UPDATES=

==General Awards==

*'''OWASP OWTF Project: Brucon 5x5 Award'''
# Amount: €5,000.00 (Approx. $6,670.00)
# Status: Awarded. Congratulations, Abraham Aranguren and all involved in the project, for your award.

==Proposals Awarded==

*'''[https://docs.google.com/document/d/1MA3TI5ssclxvheV8At_ffu2Fuic55SDpOokS3AOvBUc/edit?usp=sharing OWASP Guidebooks Proposal]'''
# Amount: $25,000 USD
# Status: Awarded. The first payment has been allocated to our project budgets. The second invoice has now been sent to Georgia Tech and payment has been received.
# [https://www.owasp.org/images/1/18/Development_Guide_Project_Gantt.pdf OWASP Development Guide Plan]
# [https://www.owasp.org/images/e/e9/Testing_Guide_Project_Gantt.pdf OWASP Testing Guide Plan]
# [https://www.owasp.org/images/d/da/Code_Review_Project_Gantt.pdf OWASP Code Review Guide Plan]

*'''Google Grants Proposal'''
#Amount: $120,000 USD in Adwords Funds
#Status: Awarded.
#Note: There is no link to show the proposal for this grant. There was a form that was submitted to Google, and we did not receive a record of this form.
#[https://www.owasp.org/images/e/ed/2013_Campaign_Report.pdf Google Grants Usage Report]

*'''Google Summer of Code'''
#Amount: $5,500
#Status: Awarded

*'''Projects breakdown:'''
**4 ZAP Projects: $2,000
**4 OWTF Projects: $2,000
**1 PHP Security Project: $500
**1 Hackademics Project: $500
**1 Modsecurity Project: $500
**Travel Expenses: $1,896.38 (Reimbursement)
**Note: Big thank you to Fabio Cerullo for coordinating and managing this award.

*'''[https://docs.google.com/document/d/1cFbmOLqEQQG8eXPrMTlU6JUivgRIacUeL7D599bZm_E/edit?usp=sharing OWASP AppSensor Grant Proposal]'''
# Amount: $15,000 USD
# Status: Awarded.

*'''Total Funds Awarded: $172,170 USD for 2013.'''

==Proposals Denied==

*'''European Commission Grant Proposal'''
#Amount: €250,000
#Status: Denied.

*'''[https://docs.google.com/document/d/1Vz7BLFdt1h5AhmW-Zc2B_KlqhzsSkSAaEASML5U4VQs/edit?usp=sharing OWASP OpenSAMM Grant Proposal]'''
# Amount: $112,000 USD
# Status: Denied

*'''[https://docs.google.com/document/d/16ZFXaML8C7aDAZdyTMDDg4BzLr1vUTOz9eqmYE8ZW8U/edit?usp=sharing OWASP ESAPI Grant Proposal]'''
# Amount: $25,000 USD
# Status: Denied

*'''[https://docs.google.com/document/d/1dBTaRr-yl8wGhGKxacWACznZhCZnJ_sZeAdN-b2xPlw/edit?usp=sharing OWASP ModSecurity CRS Proposal]'''
#Amount: $30,000 USD
#Status: Denied

*'''[https://docs.google.com/file/d/0B1lOCxlYdf1AQm52T2xjX215M28/edit?usp=sharing OWASP OWTF Grant Proposal]'''
# Amount: $55,800 USD
# Status: Denied

==Current Project Funds==

* [https://docs.google.com/a/owasp.org/spreadsheet/pub?hl=en_US&hl=en_US&key=0Atu4kyR3ljftdEdQWTczbUxoMUFnWmlTODZ2ZFZvaXc&output=html Chapter and Individual Project Funds]
* [https://www.owasp.org/index.php/Projects_Reboot_2012 Project Reboot 2012 Information]
* [https://www.owasp.org/images/a/ae/Project_Funds-Q1_2013.pdf Q1 2013: Funds Allocated to Projects]
* [https://www.owasp.org/images/a/a0/PROJECT_FUNDS_Q2_2013.pdf Q2 2013: Funds Allocated to Projects]
* [https://www.owasp.org/images/c/ce/Due_To_Projects_Q3.pdf Q3 2013: Funds Allocated to Projects]
* [https://www.owasp.org/images/b/b3/Due_To_Projects_Q4_2013.pdf Q4 2013: Funds Allocated to Projects]

=PROJECT ANNOUNCEMENTS=

==OWASP Program Manager leaving OWASP: Last Project Report from Samantha Groves==

Dear OWASP Leaders,

I am writing to inform you that I have resigned my post, and I will be concluding my staff work with OWASP on Tuesday, June 10th, 2014. My original last day was meant to be August 8th, 2014, but circumstances have changed and I have had to depart sooner.

I feel sad to leave OWASP as this is one of the best communities I have ever had the pleasure of working with. I consider many of you, family, and I am truly sad to be leaving.

I am confident that this is the best decision for me, and I wish you all the best of luck. If you need me, you know where to find me. :-)

Thank you for the opportunity to get to know you. Keep being amazing! :-)

Best Regards,

Samantha Groves

==OWASP 2014 Project Summit Handoff==

'''Agenda for Pre-Summit Handover Meeting'''

1. New Roles for the Summit
*Dinis Cruz: On-site Planner Dinis.Cruz@owasp.org
*Matt Tesauro: On-site Planner, Pre-Planning Manager Matt.Tesauro@owasp.org
*Johanna Curiel: Budget Administrator Johanna.Curiel@owasp.org

2. Conference Planners:
*Laura Grau: Global Conferences Manager Laura.Grau@owasp.org
*GK: Community Manager gksouthwick@owasp.org
*Adrian Winckles: On-Site Conference Manager Adrian.Winckles@owasp.org
*Justin Clarke: On-Site Conference Manager Justin.Clarke@owasp.org
*Heather Hutchens: Senior Administrator heather.hutchens@anglia.ac.uk

3. Additional Staff
*Hugo Costa: In-house Graphic Designer Hugo.Costa@owasp.org
*Kelly Santalucia: Memberships and Business Liaison Kelly.Santalucia@owasp.org
*Kate Hartmann: Operations Director Kate.Hartmann@owasp.org
*Sarah Baso: Executive Director Sarah.Baso@owasp.org

4. Pre-Summit Planning
*Schedule: https://www.owasp.org/index.php/OWASP_Project_Summit_2014/Home#tab=Tracks_and_Sessions
*Neill: Change session to Tuesday afternoon
*Catering
*Beers/Wine (Important make sure this is in budget)
*Wiki edits: https://www.owasp.org/index.php/OWASP_Project_Summit_2014/Home
*Sched Edits: http://appseceurope2014.sched.org/
*Budgets Explanation: https://docs.google.com/spreadsheets/d/1i2o0quhmtBn3mc2i3ebQn9tkeoey5DH0PQZCZmKCnQU/edit?usp=sharing
• Manage budgets and expense tracking for Leader travel and hotel expenses.
• Manage budgets and expense tracking for summit overall expenses.
*Volunteer recruitment
*AV/Wireless/Equipment needs (Minimum: free wifi for all, at least 2 printers for all to use, Projectors for every room, Monitors for every room.
*Marketing plan to promote summit
*Photographer needs to be sourced
*Film crew if wanted.
*Make sure each session has at least 4 goals they want to accomplish at the Summit.

5. On-Site Planning
*Staffing: Make sure all staff know what they need to do, where they need to be, and at what time.
*Catering: Make sure the catering is set to go (You will need to monitor this every day and make adjustments as the day goes on)
*AV/Wireless: Make sure the rooms are ready to go with AV/Wireless (This may go smoothly or you will have to deal with this for 4 days straight as it happened in 2013.
*Travel Mishaps: Make sure the session leaders have made it to the venue
*Creative Direction: Manage the photography and filming. Communicate the direction of this with the staff for these items. What do you want to visually represent?
*Matt and Dinis: Make sure you have a second in command that acts as a second you in case you are called away. This person should know everything you do about the Summit and should be able to make decisions in your absence. (I’m sure you got this).

6. Just breathe and have fun! Have a beer for me on Tuesday evening. I will miss you guys. ;-)

'''Registration: Make sure to register!'''

=OWASP PROGRAM MANAGER RESPONSIBILITIES=

I have put together a comprehensive list of the items I work on regularly for OWASP. Now that I will no longer be doing this work after Friday, volunteers will need to be taking this on. Let me know if you have questions. Here it is:

'''Project Operations'''

*Writing of the yearly Project Leader Handbook. This includes adding the content to the wiki.

*Six month editing of the project leader handbook, in case there are any changes in policy.

*Keep the following inventories updated:

*https://www.owasp.org/index.php/Category:OWASP_Project#tab=Project_Inventory

*https://www.owasp.org/index.php/OWASP_Project_Inventory

*https://docs.google.com/spreadsheet/ccc?key=0AllOCxlYdf1AdGU4MlNpOWZsLWM2YXhpQzZLbnpndkE&usp=sharing

*Salesforce Infrastructure Inventory: Need to ask for access.

*Someone will need to be on every weekly conference call for every region an AppSec is going on.

*Someone will need to process new project requests.

*Someone will need to process project cases and e-mails.

*Someone will need to manage the project task force: https://www.owasp.org/index.php/Category:OWASP_Project#tab=Project_Task_Force

*Someone will need to manage the budgets for each grant we have awarded to us.

*Someone will need to manage the grant relationships we currently have.

*Someone will need to manage the design staff and the marketing requests for all of the foundation.

*Someone will need to manage the payment of our design staff.

*Someone will need to approve all project expenses, and keep track of these expenses in the appropriate sections.

*Every 6 months there will need to be a project audit that removes inactive projects.

*Someone will need to manage long-term volunteer initiatives.

*During conference, someone will need to manage the implementation of event modules, on-site.

*Someone will need to manage the social media, because I have been doing a lot of it.

*Manage wiki project template edits and questions.

'''Event Module Management'''

1. Project Event Modules: https://www.owasp.org/index.php/How_to_Host_an_OWASP_Projects_Event_Module

*There are several project event modules you can have at your conference. Please look at the link above for more info.

*Generally, you have to do the following to plan for each event.

*Module pre-planning

*Regular weekly communication with the volunteers

*Monthly and quarterly communications with community about module dates

*Application process to gather volunteer help.

*Selection process for demos, talks and sessions.

*On-site management of module.

*Budgeting, expense tracking, and reporting

*Project module closure process.

2. Women in AppSec (WIAS): https://www.owasp.org/index.php/Women_In_AppSec

*Volunteers will need to take this on if they want this at their conference.

*First you have to raise funds for the Women in AppSec award. Typically, you want 2 sponsors of $3K each.

*Offer them a mention on the website and the conference program and other materials the WIAS award is mentioned.

*Develop selection criteria and choose a selection committee of at least 3 people.

*Develop a marketing plan and execute it: Focus on getting sponsors, getting submissions, and pre/post conference promotion.

*Select your winner, announce the winner, and make sure her travel, training, and hotel are sorted.

*Make sure there is someone there to greet the winner and introduce her to other fellow OWASPers.

*Get her bio and picture to put up on the Women in AppSec Website.

'''Foundation Grants'''

I locate grant opportunities for project leaders come to me for advice on an opportunity they have encountered. If the project leader wishes to proceed with a grant opportunity, then I would initiate the grant writing and management process. This is what would occur.

1. Adwords Account

*Someone will have to go in there and manage it every month.

*Guidelines: https://www.owasp.org/index.php/Google_Adwords_Grant_User_Guidelines

*Someone will need to take on the responsibility of helping Leaders set this up for their project, chapters, initiatives, etc.

2. Guidebooks

* We have three projects with grants here: Code Review Guide, Testing Guide, Development Guide

* Testing Guide is in the Editing phase, The next phase is design.

* Code Review Guide is in the writing phase. The book is half complete.

* Development Guide requires more support and management and contributors. Focus here if you want to help.

3. Someone will need to do the following for all of these projects:

* Project Planning

* Regular weekly communication with the volunteers

* Monthly and quarterly communications with the HOST team on project status

* Talent resourcing for Editing, Design, publishing, etc.

* Managing the individual editing, design, and publishing project deliverables for each.

* Budgeting, expense tracking, and reporting

* Project closure process.

4. AppSensor

* The award has been granted for this project, but funds have not been transferred. However, HOST is now in a position where this is going to occur very shortly. Someone will need to manage the following:

* Project Planning

* Regular weekly communication with the volunteers

* Monthly and quarterly communications with the HOST team on project status

* Talent resourcing for Editing, Design, publishing, etc.

* Budgeting, expense tracking, and reporting

* Project closure process.

'''OWASP Mini Summits'''

This involves getting project leaders together to participate working sessions. This is a very brief list of what generally occurs, and what needs to be done to put one together. For more detailed information, see the 2013 Project Summit Report: https://www.owasp.org/images/c/c3/OWASP_2013_PROJECT_SUMMIT_REPORT.pdf

Generally these are the tasks involved:

1. Pre-Summit Planning

*Secure a budget of no less than $20,000

*Make sure to offer sponsorship opportunities: $5,000k per sponsor (mention in the conference program, and website, and banner at the event.

*Locate a venue (book for 2-4 days, make sure it is no more than 20% of your budget)

*Develop a floor plan with the space you have

*Allocate time slots for each session so you know how much space you can offer Leaders

* Sort out Catering: This will be your most expensive cost next to the venue

*Make sure to remember beer/wine at 5pm each day

*AV/Wireless/Equipment needs (Minimum: free wifi for all, at least 2 printers for all to use, Projectors for every room, Monitors for every room.

*Summit on-site staffing (please see 2013 report for detailed staffing needs)

*Marketing plan to promote summit

*Get wiki page to promote the summit finished. Update with relevant information.

*Photographer needs to be sourced

*Film crew (can be volunteer: contact Jonathan Marcil and cover his travel expenses. He is great at this)

*You will need to create a visual identity for the summit (Contact Hugo Costa) Make sure your summit visual identity is similar to the conference it is running next to if it is happening at the same time as an AppSec.

*Gather the summit sessions Leaders want to participate in.

*Make sure each session has at least 4 goals they want to accomplish at the Summit.

*Manage budgets and expense tracking for Leader travel and hotel expenses.

*Manage budgets and expense tracking for summit overall expenses.

2. During the Summit

*Make sure all staff know what they need to do, where they need to be, and at what time.

*Make sure the catering is set to go (You will need to monitor this every day and make adjustments as the day goes on)

*Make sure the rooms are ready to go with AV/Wireless (This may go smoothly or you will have to deal with this for 4 days straight as it happened in 2013.

*Make sure the session leaders have made it to the venue

*Manage the photography and filming. Communicate the direction of this with the staff for these items. What do you want to visually represent?

*Make sure you have a second in command that acts as a second you in case you are called away. This person should know everything you do about the Summit and should be able to make decisions in your absence.

'''Marketing and Design'''

This involves all of the work Hugo is doing, along with helping build a bridge between our “client” and the designer. Being the buffer, if you will. For this role, I did the following:

*Developed job description

*Promote Opportunity via our Marketing Channels

*Process applications

*Interview Candidates

*Pick top 5 for a second interview

*2nd Interview

*Pick a top candidate and make an offer

*On-boarding process: Guide through OWASP, set up of accounts, explanation of responsibilities, first tasks

1. Ongoing

*Set Up system to manage workload and workflow in Salesforce

*Developed menu of services.

*Ensured that the creative briefs had the appropriate specifications for Hugo

*Daily communication with Hugo about projects.

*Daily interaction with design clients from our community.

*Use expertise to get projects completed by providing appropriate specs to Hugo based on client needs and agreements.

'''Interns'''

I am not sure if you will want to continue running this program. I recommend that it does not continue to run as this team’s work load is going to increase by 50% if the roles are not replaced. For this role, I did the following:

*Write intern job description

*Promote Opportunity via our Marketing Channels

*Process applications

*Interview Candidates

*Pick top 5 for a second interview

*2nd Interview

*Pick a top candidate and make an offer

*On-boarding process: Guide through OWASP, set up of accounts, explanation of responsibilities, first tasks

1. Ongoing

*Closely monitor progress, workload, educational milestones, weekly reports.

*Weekly calls for progress report

*Daily communication with intern and daily tasks and milestones

There is probably more, but that is what I can think of at the moment. Let me know if you have questions. It has been an amazing journey. :-)

__NOTOC__ <headertabs />

Projects/Reports/2014-06-06

2014-06-06T21:57:24Z

Samantha Groves:

Projects/Reports/2014-06-06

2014-06-06T21:56:29Z

Samantha Groves:

=PROJECT METRICS=

<div style="width:100%;height:160px;border:0,margin:0;overflow: hidden;">[[File:OWASP_Project_Header.jpg|link=]]</div>

==Metrics==

*'''[https://docs.google.com/spreadsheet/ccc?key=0AllOCxlYdf1AdGU4MlNpOWZsLWM2YXhpQzZLbnpndkE&usp=sharing Project Numbers]'''

*Active Projects: 157
*Inactive Projects: 131
*Incubator Projects: 124
*Lab Projects: 33
*Flagship Projects: 0

==OWASP Project of the Month ==

{|
|-
! width="400" align="left" |
! width="400" align="left" |
|-
| align="left" | [[Image:Education-project.png|left|300px|link=https://www.owasp.org/index.php/Category:OWASP_Education_Project]] 
| align="left" | [[Image:AppSecEU_2014.jpg|left|300px|link=https://2014.appsec.eu/]] 

|}

=CURRENTLY WORKING ON=

*'''Project Activity Modules in Cambridge UK'''
**The AppSec EU event is coming up fast.
**We are working hard to prepare for the activities scheduled for the conference.
**The project leaders are working hard to make sure everything goes according to plan.
**I will no longer be able to attend the event so they will need to pick up the on-site management during the conference.

*'''AppSec EU and 2014 Summit'''
**I will no longer be able to attend the AppSec EU conference.
**This means that I will no longer be involved in the 2014 Project Summit.
**I will be having 2 hand-off meetings today to guide volunteers on what is left to be done for the Summit, and what to expect during the event.
**Dinis Cruz and Matt Tesauro have kindly agreed to do the planning and on-site management after next Tuesday.
**I wish the team the best of luck at the event! Rock it, Summit team! :-)

*'''Staff Hand-off'''
**Hugo, Kait, Sarah and I had a hand-off call this week to discuss how the team will be moving forward after my departure.
**There will be many challenges ahead, but I am confident that the team will thrive despite my absence.
**We successfully developed a plan and reporting structure for all future project administration and design/marketing work.
**After Tuesday, June 10th, Sarah will be taking on this extra responsibility.

*'''Off-boarding'''
**I have been working all week to try and consolidate everything I do for the staff and community.
**I have resigned my post, and my last day on the job is Tuesday, June 10th 2014.
**I have made a list of daily/weekly tasks I work on, and current projects I am managing.
**Additionally, I have made a list of Summit needs that will need to be taken on before the June 23/24 event.

*'''Daily Project based queries and requests'''
**This has not changed much since I began the post: questions are very similar in nature.
**Global AppSec questions.
**Funding queries.
**Travel availability.
**Project based administrative help.
**Project status information.
**Several project donation questions.
**Marketing questions.
**Grant funding questions.
**OWASP social media updates.
**What's happening with projects, questions.
**Managing Salesforce cases.

=PROJECT GRANTS & FUNDING UPDATES=

==General Awards==

*'''OWASP OWTF Project: Brucon 5x5 Award'''
# Amount: €5,000.00 (Approx. $6,670.00)
# Status: Awarded. Congratulations, Abraham Aranguren and all involved in the project, for your award.

==Proposals Awarded==

*'''[https://docs.google.com/document/d/1MA3TI5ssclxvheV8At_ffu2Fuic55SDpOokS3AOvBUc/edit?usp=sharing OWASP Guidebooks Proposal]'''
# Amount: $25,000 USD
# Status: Awarded. The first payment has been allocated to our project budgets. The second invoice has now been sent to Georgia Tech and payment has been received.
# [https://www.owasp.org/images/1/18/Development_Guide_Project_Gantt.pdf OWASP Development Guide Plan]
# [https://www.owasp.org/images/e/e9/Testing_Guide_Project_Gantt.pdf OWASP Testing Guide Plan]
# [https://www.owasp.org/images/d/da/Code_Review_Project_Gantt.pdf OWASP Code Review Guide Plan]

*'''Google Grants Proposal'''
#Amount: $120,000 USD in Adwords Funds
#Status: Awarded.
#Note: There is no link to show the proposal for this grant. There was a form that was submitted to Google, and we did not receive a record of this form.
#[https://www.owasp.org/images/e/ed/2013_Campaign_Report.pdf Google Grants Usage Report]

*'''Google Summer of Code'''
#Amount: $5,500
#Status: Awarded

*'''Projects breakdown:'''
**4 ZAP Projects: $2,000
**4 OWTF Projects: $2,000
**1 PHP Security Project: $500
**1 Hackademics Project: $500
**1 Modsecurity Project: $500
**Travel Expenses: $1,896.38 (Reimbursement)
**Note: Big thank you to Fabio Cerullo for coordinating and managing this award.

*'''[https://docs.google.com/document/d/1cFbmOLqEQQG8eXPrMTlU6JUivgRIacUeL7D599bZm_E/edit?usp=sharing OWASP AppSensor Grant Proposal]'''
# Amount: $15,000 USD
# Status: Awarded.

*'''Total Funds Awarded: $172,170 USD for 2013.'''

==Proposals Denied==

*'''European Commission Grant Proposal'''
#Amount: €250,000
#Status: Denied.

*'''[https://docs.google.com/document/d/1Vz7BLFdt1h5AhmW-Zc2B_KlqhzsSkSAaEASML5U4VQs/edit?usp=sharing OWASP OpenSAMM Grant Proposal]'''
# Amount: $112,000 USD
# Status: Denied

*'''[https://docs.google.com/document/d/16ZFXaML8C7aDAZdyTMDDg4BzLr1vUTOz9eqmYE8ZW8U/edit?usp=sharing OWASP ESAPI Grant Proposal]'''
# Amount: $25,000 USD
# Status: Denied

*'''[https://docs.google.com/document/d/1dBTaRr-yl8wGhGKxacWACznZhCZnJ_sZeAdN-b2xPlw/edit?usp=sharing OWASP ModSecurity CRS Proposal]'''
#Amount: $30,000 USD
#Status: Denied

*'''[https://docs.google.com/file/d/0B1lOCxlYdf1AQm52T2xjX215M28/edit?usp=sharing OWASP OWTF Grant Proposal]'''
# Amount: $55,800 USD
# Status: Denied

==Current Project Funds==

* [https://docs.google.com/a/owasp.org/spreadsheet/pub?hl=en_US&hl=en_US&key=0Atu4kyR3ljftdEdQWTczbUxoMUFnWmlTODZ2ZFZvaXc&output=html Chapter and Individual Project Funds]
* [https://www.owasp.org/index.php/Projects_Reboot_2012 Project Reboot 2012 Information]
* [https://www.owasp.org/images/a/ae/Project_Funds-Q1_2013.pdf Q1 2013: Funds Allocated to Projects]
* [https://www.owasp.org/images/a/a0/PROJECT_FUNDS_Q2_2013.pdf Q2 2013: Funds Allocated to Projects]
* [https://www.owasp.org/images/c/ce/Due_To_Projects_Q3.pdf Q3 2013: Funds Allocated to Projects]
* [https://www.owasp.org/images/b/b3/Due_To_Projects_Q4_2013.pdf Q4 2013: Funds Allocated to Projects]

=PROJECT ANNOUNCEMENTS=

==OWASP Program Manager leaving OWASP==

Dear OWASP Leaders,

I am writing to inform you that I have resigned my post, and I will be concluding my staff work with OWASP on Tuesday, June 10th, 2014. My original last day was meant to be August 8th, 2014, but circumstances have changed and I have had to depart sooner.

I feel sad to leave OWASP as this is one of the best communities I have ever had the pleasure of working with. I consider many of you, family, and I am truly sad to be leaving.

I am confident that this is the best decision for me, and I wish you all the best of luck. If you need me, you know where to find me. :-)

Thank you for the opportunity to get to know you. Keep being amazing! :-)

Best Regards,

Samantha Groves

==OWASP 2014 Project Summit Handoff==

'''Agenda for Pre-Summit Handover Meeting'''

1. New Roles for the Summit
*Dinis Cruz: On-site Planner Dinis.Cruz@owasp.org
*Matt Tesauro: On-site Planner, Pre-Planning Manager Matt.Tesauro@owasp.org
*Johanna Curiel: Budget Administrator Johanna.Curiel@owasp.org

2. Conference Planners:
*Laura Grau: Global Conferences Manager Laura.Grau@owasp.org
*GK: Community Manager gksouthwick@owasp.org
*Adrian Winckles: On-Site Conference Manager Adrian.Winckles@owasp.org
*Justin Clarke: On-Site Conference Manager Justin.Clarke@owasp.org
*Heather Hutchens: Senior Administrator heather.hutchens@anglia.ac.uk

3. Additional Staff
*Hugo Costa: In-house Graphic Designer Hugo.Costa@owasp.org
*Kelly Santalucia: Memberships and Business Liaison Kelly.Santalucia@owasp.org
*Kate Hartmann: Operations Director Kate.Hartmann@owasp.org
*Sarah Baso: Executive Director Sarah.Baso@owasp.org

4. Pre-Summit Planning
*Schedule: https://www.owasp.org/index.php/OWASP_Project_Summit_2014/Home#tab=Tracks_and_Sessions
*Neill: Change session to Tuesday afternoon
*Catering
*Beers/Wine (Important make sure this is in budget)
*Wiki edits: https://www.owasp.org/index.php/OWASP_Project_Summit_2014/Home
*Sched Edits: http://appseceurope2014.sched.org/
*Budgets Explanation: https://docs.google.com/spreadsheets/d/1i2o0quhmtBn3mc2i3ebQn9tkeoey5DH0PQZCZmKCnQU/edit?usp=sharing
• Manage budgets and expense tracking for Leader travel and hotel expenses.
• Manage budgets and expense tracking for summit overall expenses.
*Volunteer recruitment
*AV/Wireless/Equipment needs (Minimum: free wifi for all, at least 2 printers for all to use, Projectors for every room, Monitors for every room.
*Marketing plan to promote summit
*Photographer needs to be sourced
*Film crew if wanted.
*Make sure each session has at least 4 goals they want to accomplish at the Summit.

5. On-Site Planning
*Staffing: Make sure all staff know what they need to do, where they need to be, and at what time.
*Catering: Make sure the catering is set to go (You will need to monitor this every day and make adjustments as the day goes on)
*AV/Wireless: Make sure the rooms are ready to go with AV/Wireless (This may go smoothly or you will have to deal with this for 4 days straight as it happened in 2013.
*Travel Mishaps: Make sure the session leaders have made it to the venue
*Creative Direction: Manage the photography and filming. Communicate the direction of this with the staff for these items. What do you want to visually represent?
*Matt and Dinis: Make sure you have a second in command that acts as a second you in case you are called away. This person should know everything you do about the Summit and should be able to make decisions in your absence. (I’m sure you got this).

6. Just breathe and have fun! Have a beer for me on Tuesday evening. I will miss you guys. ;-)

'''Registration: Make sure to register!'''

=OWASP PROGRAM MANAGER RESPONSIBILITIES=

I have put together a comprehensive list of the items I work on regularly for OWASP. Now that I will no longer be doing this work after Friday, volunteers will need to be taking this on. Let me know if you have questions. Here it is:

'''Project Operations'''

*Writing of the yearly Project Leader Handbook. This includes adding the content to the wiki.

*Six month editing of the project leader handbook, in case there are any changes in policy.

*Keep the following inventories updated:

*https://www.owasp.org/index.php/Category:OWASP_Project#tab=Project_Inventory

*https://www.owasp.org/index.php/OWASP_Project_Inventory

*https://docs.google.com/spreadsheet/ccc?key=0AllOCxlYdf1AdGU4MlNpOWZsLWM2YXhpQzZLbnpndkE&usp=sharing

*Salesforce Infrastructure Inventory: Need to ask for access.

*Someone will need to be on every weekly conference call for every region an AppSec is going on.

*Someone will need to process new project requests.

*Someone will need to process project cases and e-mails.

*Someone will need to manage the project task force: https://www.owasp.org/index.php/Category:OWASP_Project#tab=Project_Task_Force

*Someone will need to manage the budgets for each grant we have awarded to us.

*Someone will need to manage the grant relationships we currently have.

*Someone will need to manage the design staff and the marketing requests for all of the foundation.

*Someone will need to manage the payment of our design staff.

*Someone will need to approve all project expenses, and keep track of these expenses in the appropriate sections.

*Every 6 months there will need to be a project audit that removes inactive projects.

*Someone will need to manage long-term volunteer initiatives.

*During conference, someone will need to manage the implementation of event modules, on-site.

*Someone will need to manage the social media, because I have been doing a lot of it.

*Manage wiki project template edits and questions.

'''Event Module Management'''

1. Project Event Modules: https://www.owasp.org/index.php/How_to_Host_an_OWASP_Projects_Event_Module

*There are several project event modules you can have at your conference. Please look at the link above for more info.

*Generally, you have to do the following to plan for each event.

*Module pre-planning

*Regular weekly communication with the volunteers

*Monthly and quarterly communications with community about module dates

*Application process to gather volunteer help.

*Selection process for demos, talks and sessions.

*On-site management of module.

*Budgeting, expense tracking, and reporting

*Project module closure process.

2. Women in AppSec (WIAS): https://www.owasp.org/index.php/Women_In_AppSec

*Volunteers will need to take this on if they want this at their conference.

*First you have to raise funds for the Women in AppSec award. Typically, you want 2 sponsors of $3K each.

*Offer them a mention on the website and the conference program and other materials the WIAS award is mentioned.

*Develop selection criteria and choose a selection committee of at least 3 people.

*Develop a marketing plan and execute it: Focus on getting sponsors, getting submissions, and pre/post conference promotion.

*Select your winner, announce the winner, and make sure her travel, training, and hotel are sorted.

*Make sure there is someone there to greet the winner and introduce her to other fellow OWASPers.

*Get her bio and picture to put up on the Women in AppSec Website.

'''Foundation Grants'''

I locate grant opportunities for project leaders come to me for advice on an opportunity they have encountered. If the project leader wishes to proceed with a grant opportunity, then I would initiate the grant writing and management process. This is what would occur.

1. Adwords Account

*Someone will have to go in there and manage it every month.

*Guidelines: https://www.owasp.org/index.php/Google_Adwords_Grant_User_Guidelines

*Someone will need to take on the responsibility of helping Leaders set this up for their project, chapters, initiatives, etc.

2. Guidebooks

* We have three projects with grants here: Code Review Guide, Testing Guide, Development Guide

* Testing Guide is in the Editing phase, The next phase is design.

* Code Review Guide is in the writing phase. The book is half complete.

* Development Guide requires more support and management and contributors. Focus here if you want to help.

3. Someone will need to do the following for all of these projects:

* Project Planning

* Regular weekly communication with the volunteers

* Monthly and quarterly communications with the HOST team on project status

* Talent resourcing for Editing, Design, publishing, etc.

* Managing the individual editing, design, and publishing project deliverables for each.

* Budgeting, expense tracking, and reporting

* Project closure process.

4. AppSensor

* The award has been granted for this project, but funds have not been transferred. However, HOST is now in a position where this is going to occur very shortly. Someone will need to manage the following:

* Project Planning

* Regular weekly communication with the volunteers

* Monthly and quarterly communications with the HOST team on project status

* Talent resourcing for Editing, Design, publishing, etc.

* Budgeting, expense tracking, and reporting

* Project closure process.

'''OWASP Mini Summits'''

This involves getting project leaders together to participate working sessions. This is a very brief list of what generally occurs, and what needs to be done to put one together. For more detailed information, see the 2013 Project Summit Report: https://www.owasp.org/images/c/c3/OWASP_2013_PROJECT_SUMMIT_REPORT.pdf

Generally these are the tasks involved:

1. Pre-Summit Planning

*Secure a budget of no less than $20,000

*Make sure to offer sponsorship opportunities: $5,000k per sponsor (mention in the conference program, and website, and banner at the event.

*Locate a venue (book for 2-4 days, make sure it is no more than 20% of your budget)

*Develop a floor plan with the space you have

*Allocate time slots for each session so you know how much space you can offer Leaders

* Sort out Catering: This will be your most expensive cost next to the venue

*Make sure to remember beer/wine at 5pm each day

*AV/Wireless/Equipment needs (Minimum: free wifi for all, at least 2 printers for all to use, Projectors for every room, Monitors for every room.

*Summit on-site staffing (please see 2013 report for detailed staffing needs)

*Marketing plan to promote summit

*Get wiki page to promote the summit finished. Update with relevant information.

*Photographer needs to be sourced

*Film crew (can be volunteer: contact Jonathan Marcil and cover his travel expenses. He is great at this)

*You will need to create a visual identity for the summit (Contact Hugo Costa) Make sure your summit visual identity is similar to the conference it is running next to if it is happening at the same time as an AppSec.

*Gather the summit sessions Leaders want to participate in.

*Make sure each session has at least 4 goals they want to accomplish at the Summit.

*Manage budgets and expense tracking for Leader travel and hotel expenses.

*Manage budgets and expense tracking for summit overall expenses.

2. During the Summit

*Make sure all staff know what they need to do, where they need to be, and at what time.

*Make sure the catering is set to go (You will need to monitor this every day and make adjustments as the day goes on)

*Make sure the rooms are ready to go with AV/Wireless (This may go smoothly or you will have to deal with this for 4 days straight as it happened in 2013.

*Make sure the session leaders have made it to the venue

*Manage the photography and filming. Communicate the direction of this with the staff for these items. What do you want to visually represent?

*Make sure you have a second in command that acts as a second you in case you are called away. This person should know everything you do about the Summit and should be able to make decisions in your absence.

'''Marketing and Design'''

This involves all of the work Hugo is doing, along with helping build a bridge between our “client” and the designer. Being the buffer, if you will. For this role, I did the following:

*Developed job description

*Promote Opportunity via our Marketing Channels

*Process applications

*Interview Candidates

*Pick top 5 for a second interview

*2nd Interview

*Pick a top candidate and make an offer

*On-boarding process: Guide through OWASP, set up of accounts, explanation of responsibilities, first tasks

1. Ongoing

*Set Up system to manage workload and workflow in Salesforce

*Developed menu of services.

*Ensured that the creative briefs had the appropriate specifications for Hugo

*Daily communication with Hugo about projects.

*Daily interaction with design clients from our community.

*Use expertise to get projects completed by providing appropriate specs to Hugo based on client needs and agreements.

'''Interns'''

I am not sure if you will want to continue running this program. I recommend that it does not continue to run as this team’s work load is going to increase by 50% if the roles are not replaced. For this role, I did the following:

*Write intern job description

*Promote Opportunity via our Marketing Channels

*Process applications

*Interview Candidates

*Pick top 5 for a second interview

*2nd Interview

*Pick a top candidate and make an offer

*On-boarding process: Guide through OWASP, set up of accounts, explanation of responsibilities, first tasks

1. Ongoing

*Closely monitor progress, workload, educational milestones, weekly reports.

*Weekly calls for progress report

*Daily communication with intern and daily tasks and milestones

There is probably more, but that is what I can think of at the moment. Let me know if you have questions.

__NOTOC__ <headertabs />

Projects/Reports/2014-06-06

2014-06-06T21:55:47Z

Samantha Groves:

=PROJECT METRICS=

<div style="width:100%;height:160px;border:0,margin:0;overflow: hidden;">[[File:OWASP_Project_Header.jpg|link=]]</div>

==Metrics==

*'''[https://docs.google.com/spreadsheet/ccc?key=0AllOCxlYdf1AdGU4MlNpOWZsLWM2YXhpQzZLbnpndkE&usp=sharing Project Numbers]'''

*Active Projects: 157
*Inactive Projects: 131
*Incubator Projects: 124
*Lab Projects: 33
*Flagship Projects: 0

==OWASP Project of the Month ==

{|
|-
! width="400" align="left" |
! width="400" align="left" |
|-
| align="left" | [[Image:Education-project.png|left|300px|link=https://www.owasp.org/index.php/Category:OWASP_Education_Project]] 
| align="left" | [[Image:AppSecEU_2014.jpg|left|300px|link=https://2014.appsec.eu/]] 

|}

=CURRENTLY WORKING ON=

*'''Project Activity Modules in Cambridge UK'''
**The AppSec EU event is coming up fast.
**We are working hard to prepare for the activities scheduled for the conference.
**The project leaders are working hard to make sure everything goes according to plan.
**I will no longer be able to attend the event so they will need to pick up the on-site management during the conference.

*'''AppSec EU and 2014 Summit'''
**I will no longer be able to attend the AppSec EU conference.
**This means that I will no longer be involved in the 2014 Project Summit.
**I will be having 2 hand-off meetings today to guide volunteers on what is left to be done for the Summit, and what to expect during the event.
**Dinis Cruz and Matt Tesauro have kindly agreed to do the planning and on-site management after next Tuesday.
**I wish the team the best of luck at the event! Rock it, Summit team! :-)

*'''Staff Hand-off'''
**Hugo, Kait, Sarah and I had a hand-off call this week to discuss how the team will be moving forward after my departure.
**There will be many challenges ahead, but I am confident that the team will thrive despite my absence.
**We successfully developed a plan and reporting structure for all future project administration and design/marketing work.
**After Tuesday, June 10th, Sarah will be taking on this extra responsibility.

*'''Off-boarding'''
**I have been working all week to try and consolidate everything I do for the staff and community.
**I have resigned my post, and my last day on the job is Tuesday, June 10th 2014.
**I have made a list of daily/weekly tasks I work on, and current projects I am managing.
**Additionally, I have made a list of Summit needs that will need to be taken on before the June 23/24 event.

*'''Daily Project based queries and requests'''
**This has not changed much since I began the post: questions are very similar in nature.
**Global AppSec questions.
**Funding queries.
**Travel availability.
**Project based administrative help.
**Project status information.
**Several project donation questions.
**Marketing questions.
**Grant funding questions.
**OWASP social media updates.
**What's happening with projects, questions.
**Managing Salesforce cases.

=PROJECT GRANTS & FUNDING UPDATES=

==General Awards==

*'''OWASP OWTF Project: Brucon 5x5 Award'''
# Amount: €5,000.00 (Approx. $6,670.00)
# Status: Awarded. Congratulations, Abraham Aranguren and all involved in the project, for your award.

==Proposals Awarded==

*'''[https://docs.google.com/document/d/1MA3TI5ssclxvheV8At_ffu2Fuic55SDpOokS3AOvBUc/edit?usp=sharing OWASP Guidebooks Proposal]'''
# Amount: $25,000 USD
# Status: Awarded. The first payment has been allocated to our project budgets. The second invoice has now been sent to Georgia Tech and payment has been received.
# [https://www.owasp.org/images/1/18/Development_Guide_Project_Gantt.pdf OWASP Development Guide Plan]
# [https://www.owasp.org/images/e/e9/Testing_Guide_Project_Gantt.pdf OWASP Testing Guide Plan]
# [https://www.owasp.org/images/d/da/Code_Review_Project_Gantt.pdf OWASP Code Review Guide Plan]

*'''Google Grants Proposal'''
#Amount: $120,000 USD in Adwords Funds
#Status: Awarded.
#Note: There is no link to show the proposal for this grant. There was a form that was submitted to Google, and we did not receive a record of this form.
#[https://www.owasp.org/images/e/ed/2013_Campaign_Report.pdf Google Grants Usage Report]

*'''Google Summer of Code'''
#Amount: $5,500
#Status: Awarded

*'''Projects breakdown:'''
**4 ZAP Projects: $2,000
**4 OWTF Projects: $2,000
**1 PHP Security Project: $500
**1 Hackademics Project: $500
**1 Modsecurity Project: $500
**Travel Expenses: $1,896.38 (Reimbursement)
**Note: Big thank you to Fabio Cerullo for coordinating and managing this award.

*'''[https://docs.google.com/document/d/1cFbmOLqEQQG8eXPrMTlU6JUivgRIacUeL7D599bZm_E/edit?usp=sharing OWASP AppSensor Grant Proposal]'''
# Amount: $15,000 USD
# Status: Awarded.

*'''Total Funds Awarded: $172,170 USD for 2013.'''

==Proposals Denied==

*'''European Commission Grant Proposal'''
#Amount: €250,000
#Status: Denied.

*'''[https://docs.google.com/document/d/1Vz7BLFdt1h5AhmW-Zc2B_KlqhzsSkSAaEASML5U4VQs/edit?usp=sharing OWASP OpenSAMM Grant Proposal]'''
# Amount: $112,000 USD
# Status: Denied

*'''[https://docs.google.com/document/d/16ZFXaML8C7aDAZdyTMDDg4BzLr1vUTOz9eqmYE8ZW8U/edit?usp=sharing OWASP ESAPI Grant Proposal]'''
# Amount: $25,000 USD
# Status: Denied

*'''[https://docs.google.com/document/d/1dBTaRr-yl8wGhGKxacWACznZhCZnJ_sZeAdN-b2xPlw/edit?usp=sharing OWASP ModSecurity CRS Proposal]'''
#Amount: $30,000 USD
#Status: Denied

*'''[https://docs.google.com/file/d/0B1lOCxlYdf1AQm52T2xjX215M28/edit?usp=sharing OWASP OWTF Grant Proposal]'''
# Amount: $55,800 USD
# Status: Denied

==Current Project Funds==

* [https://docs.google.com/a/owasp.org/spreadsheet/pub?hl=en_US&hl=en_US&key=0Atu4kyR3ljftdEdQWTczbUxoMUFnWmlTODZ2ZFZvaXc&output=html Chapter and Individual Project Funds]
* [https://www.owasp.org/index.php/Projects_Reboot_2012 Project Reboot 2012 Information]
* [https://www.owasp.org/images/a/ae/Project_Funds-Q1_2013.pdf Q1 2013: Funds Allocated to Projects]
* [https://www.owasp.org/images/a/a0/PROJECT_FUNDS_Q2_2013.pdf Q2 2013: Funds Allocated to Projects]
* [https://www.owasp.org/images/c/ce/Due_To_Projects_Q3.pdf Q3 2013: Funds Allocated to Projects]
* [https://www.owasp.org/images/b/b3/Due_To_Projects_Q4_2013.pdf Q4 2013: Funds Allocated to Projects]

=PROJECT ANNOUNCEMENTS=

==OWASP Program Manager leaving OWASP==

Dear OWASP Leaders,

I am writing to inform you that I have resigned my post, and I will be concluding my staff work with OWASP on Tuesday, June 10th, 2014. My original last day was meant to be August 8th, 2014, but circumstances have changed and I have had to depart sooner.

I feel sad to leave OWASP as this is one of the best communities I have ever had the pleasure of working with. I consider many of you, family, and I am truly sad to be leaving.

I am confident that this is the best decision for me, and I wish you all the best of luck. If you need me, you know where to find me. :-)

Thank you for the opportunity to get to know you. Keep being amazing! :-)

Best Regards,

Samantha Groves

==OWASP 2014 Project Summit Handoff==

'''Agenda for Pre-Summit Handover Meeting'''

1. New Roles for the Summit
*Dinis Cruz: On-site Planner Dinis.Cruz@owasp.org
*Matt Tesauro: On-site Planner, Pre-Planning Manager Matt.Tesauro@owasp.org
*Johanna Curiel: Budget Administrator Johanna.Curiel@owasp.org

2. Conference Planners:
*Laura Grau: Global Conferences Manager Laura.Grau@owasp.org
*GK: Community Manager gksouthwick@owasp.org
*Adrian Winckles: On-Site Conference Manager Adrian.Winckles@owasp.org
*Justin Clarke: On-Site Conference Manager Justin.Clarke@owasp.org
*Heather Hutchens: Senior Administrator heather.hutchens@anglia.ac.uk

3. Additional Staff
*Hugo Costa: In-house Graphic Designer Hugo.Costa@owasp.org
*Kelly Santalucia: Memberships and Business Liaison Kelly.Santalucia@owasp.org
*Kate Hartmann: Operations Director Kate.Hartmann@owasp.org
*Sarah Baso: Executive Director Sarah.Baso@owasp.org

4. Pre-Summit Planning
*Schedule: https://www.owasp.org/index.php/OWASP_Project_Summit_2014/Home#tab=Tracks_and_Sessions
*Neill: Change session to Tuesday afternoon
*Catering
*Beers/Wine (Important make sure this is in budget)
*Wiki edits: https://www.owasp.org/index.php/OWASP_Project_Summit_2014/Home
*Sched Edits: http://appseceurope2014.sched.org/
*Budgets Explanation: https://docs.google.com/spreadsheets/d/1i2o0quhmtBn3mc2i3ebQn9tkeoey5DH0PQZCZmKCnQU/edit?usp=sharing
• Manage budgets and expense tracking for Leader travel and hotel expenses.
• Manage budgets and expense tracking for summit overall expenses.
*Volunteer recruitment
*AV/Wireless/Equipment needs (Minimum: free wifi for all, at least 2 printers for all to use, Projectors for every room, Monitors for every room.
*Marketing plan to promote summit
*Photographer needs to be sourced
*Film crew if wanted.
*Make sure each session has at least 4 goals they want to accomplish at the Summit.

5. On-Site Planning
*Staffing: Make sure all staff know what they need to do, where they need to be, and at what time.
*Catering: Make sure the catering is set to go (You will need to monitor this every day and make adjustments as the day goes on)
*AV/Wireless: Make sure the rooms are ready to go with AV/Wireless (This may go smoothly or you will have to deal with this for 4 days straight as it happened in 2013.
*Travel Mishaps: Make sure the session leaders have made it to the venue
*Creative Direction: Manage the photography and filming. Communicate the direction of this with the staff for these items. What do you want to visually represent?
*Matt and Dinis: Make sure you have a second in command that acts as a second you in case you are called away. This person should know everything you do about the Summit and should be able to make decisions in your absence. (I’m sure you got this).

6. Just breathe and have fun! Have a beer for me on Tuesday evening. I will miss you guys. ;-)

'''Registration: Make sure to register!'''

=OWASP PROGRAM MANAGER RESPONSIBILITIES=

I have put together a comprehensive list of the items I work on regularly for OWASP. Now that I will no longer be doing this work after Friday, volunteers will need to be taking this on. Let me know if you have questions. Here it is:

#################################

'''Project Operations'''

*Writing of the yearly Project Leader Handbook. This includes adding the content to the wiki.

*Six month editing of the project leader handbook, in case there are any changes in policy.

*Keep the following inventories updated:

*https://www.owasp.org/index.php/Category:OWASP_Project#tab=Project_Inventory

*https://www.owasp.org/index.php/OWASP_Project_Inventory

*https://docs.google.com/spreadsheet/ccc?key=0AllOCxlYdf1AdGU4MlNpOWZsLWM2YXhpQzZLbnpndkE&usp=sharing

*Salesforce Infrastructure Inventory: Need to ask for access.

*Someone will need to be on every weekly conference call for every region an AppSec is going on.

*Someone will need to process new project requests.

*Someone will need to process project cases and e-mails.

*Someone will need to manage the project task force: https://www.owasp.org/index.php/Category:OWASP_Project#tab=Project_Task_Force

*Someone will need to manage the budgets for each grant we have awarded to us.

*Someone will need to manage the grant relationships we currently have.

*Someone will need to manage the design staff and the marketing requests for all of the foundation.

*Someone will need to manage the payment of our design staff.

*Someone will need to approve all project expenses, and keep track of these expenses in the appropriate sections.

*Every 6 months there will need to be a project audit that removes inactive projects.

*Someone will need to manage long-term volunteer initiatives.

*During conference, someone will need to manage the implementation of event modules, on-site.

*Someone will need to manage the social media, because I have been doing a lot of it.

*Manage wiki project template edits and questions.

'''Event Module Management'''

1. Project Event Modules: https://www.owasp.org/index.php/How_to_Host_an_OWASP_Projects_Event_Module

*There are several project event modules you can have at your conference. Please look at the link above for more info.

*Generally, you have to do the following to plan for each event.

*Module pre-planning

*Regular weekly communication with the volunteers

*Monthly and quarterly communications with community about module dates

*Application process to gather volunteer help.

*Selection process for demos, talks and sessions.

*On-site management of module.

*Budgeting, expense tracking, and reporting

*Project module closure process.

2. Women in AppSec (WIAS): https://www.owasp.org/index.php/Women_In_AppSec

*Volunteers will need to take this on if they want this at their conference.

*First you have to raise funds for the Women in AppSec award. Typically, you want 2 sponsors of $3K each.

*Offer them a mention on the website and the conference program and other materials the WIAS award is mentioned.

*Develop selection criteria and choose a selection committee of at least 3 people.

*Develop a marketing plan and execute it: Focus on getting sponsors, getting submissions, and pre/post conference promotion.

*Select your winner, announce the winner, and make sure her travel, training, and hotel are sorted.

*Make sure there is someone there to greet the winner and introduce her to other fellow OWASPers.

*Get her bio and picture to put up on the Women in AppSec Website.

'''Foundation Grants'''

I locate grant opportunities for project leaders come to me for advice on an opportunity they have encountered. If the project leader wishes to proceed with a grant opportunity, then I would initiate the grant writing and management process. This is what would occur.

1. Adwords Account

*Someone will have to go in there and manage it every month.

*Guidelines: https://www.owasp.org/index.php/Google_Adwords_Grant_User_Guidelines

*Someone will need to take on the responsibility of helping Leaders set this up for their project, chapters, initiatives, etc.

2. Guidebooks

* We have three projects with grants here: Code Review Guide, Testing Guide, Development Guide

* Testing Guide is in the Editing phase, The next phase is design.

* Code Review Guide is in the writing phase. The book is half complete.

* Development Guide requires more support and management and contributors. Focus here if you want to help.

3. Someone will need to do the following for all of these projects:

* Project Planning

* Regular weekly communication with the volunteers

* Monthly and quarterly communications with the HOST team on project status

* Talent resourcing for Editing, Design, publishing, etc.

* Managing the individual editing, design, and publishing project deliverables for each.

* Budgeting, expense tracking, and reporting

* Project closure process.

4. AppSensor

* The award has been granted for this project, but funds have not been transferred. However, HOST is now in a position where this is going to occur very shortly. Someone will need to manage the following:

* Project Planning

* Regular weekly communication with the volunteers

* Monthly and quarterly communications with the HOST team on project status

* Talent resourcing for Editing, Design, publishing, etc.

* Budgeting, expense tracking, and reporting

* Project closure process.

'''OWASP Mini Summits'''

This involves getting project leaders together to participate working sessions. This is a very brief list of what generally occurs, and what needs to be done to put one together. For more detailed information, see the 2013 Project Summit Report: https://www.owasp.org/images/c/c3/OWASP_2013_PROJECT_SUMMIT_REPORT.pdf

Generally these are the tasks involved:

1. Pre-Summit Planning

*Secure a budget of no less than $20,000

*Make sure to offer sponsorship opportunities: $5,000k per sponsor (mention in the conference program, and website, and banner at the event.

*Locate a venue (book for 2-4 days, make sure it is no more than 20% of your budget)

*Develop a floor plan with the space you have

*Allocate time slots for each session so you know how much space you can offer Leaders

* Sort out Catering: This will be your most expensive cost next to the venue

*Make sure to remember beer/wine at 5pm each day

*AV/Wireless/Equipment needs (Minimum: free wifi for all, at least 2 printers for all to use, Projectors for every room, Monitors for every room.

*Summit on-site staffing (please see 2013 report for detailed staffing needs)

*Marketing plan to promote summit

*Get wiki page to promote the summit finished. Update with relevant information.

*Photographer needs to be sourced

*Film crew (can be volunteer: contact Jonathan Marcil and cover his travel expenses. He is great at this)

*You will need to create a visual identity for the summit (Contact Hugo Costa) Make sure your summit visual identity is similar to the conference it is running next to if it is happening at the same time as an AppSec.

*Gather the summit sessions Leaders want to participate in.

*Make sure each session has at least 4 goals they want to accomplish at the Summit.

*Manage budgets and expense tracking for Leader travel and hotel expenses.

*Manage budgets and expense tracking for summit overall expenses.

2. During the Summit

*Make sure all staff know what they need to do, where they need to be, and at what time.

*Make sure the catering is set to go (You will need to monitor this every day and make adjustments as the day goes on)

*Make sure the rooms are ready to go with AV/Wireless (This may go smoothly or you will have to deal with this for 4 days straight as it happened in 2013.

*Make sure the session leaders have made it to the venue

*Manage the photography and filming. Communicate the direction of this with the staff for these items. What do you want to visually represent?

*Make sure you have a second in command that acts as a second you in case you are called away. This person should know everything you do about the Summit and should be able to make decisions in your absence.

'''Marketing and Design'''

This involves all of the work Hugo is doing, along with helping build a bridge between our “client” and the designer. Being the buffer, if you will. For this role, I did the following:

*Developed job description

*Promote Opportunity via our Marketing Channels

*Process applications

*Interview Candidates

*Pick top 5 for a second interview

*2nd Interview

*Pick a top candidate and make an offer

*On-boarding process: Guide through OWASP, set up of accounts, explanation of responsibilities, first tasks

1. Ongoing

*Set Up system to manage workload and workflow in Salesforce

*Developed menu of services.

*Ensured that the creative briefs had the appropriate specifications for Hugo

*Daily communication with Hugo about projects.

*Daily interaction with design clients from our community.

*Use expertise to get projects completed by providing appropriate specs to Hugo based on client needs and agreements.

'''Interns'''

I am not sure if you will want to continue running this program. I recommend that it does not continue to run as this team’s work load is going to increase by 50% if the roles are not replaced. For this role, I did the following:

*Write intern job description

*Promote Opportunity via our Marketing Channels

*Process applications

*Interview Candidates

*Pick top 5 for a second interview

*2nd Interview

*Pick a top candidate and make an offer

*On-boarding process: Guide through OWASP, set up of accounts, explanation of responsibilities, first tasks

1. Ongoing

*Closely monitor progress, workload, educational milestones, weekly reports.

*Weekly calls for progress report

*Daily communication with intern and daily tasks and milestones

#################################

There is probably more, but that is what I can think of at the moment. Let me know if you have questions.

__NOTOC__ <headertabs />

Projects/Reports/2014-06-06

2014-06-06T21:45:17Z

Samantha Groves:

Projects/Reports/2014-06-06

2014-06-06T21:44:11Z

Samantha Groves:

Projects/Reports/2014-06-06

2014-06-06T21:38:11Z

Samantha Groves:

Projects/Reports/2014-06-06

2014-06-06T21:11:08Z

Samantha Groves:

Projects/Reports/2014-06-06

2014-06-06T21:10:34Z

Samantha Groves:

Projects/Reports/2014-06-06

2014-06-06T21:08:48Z

Samantha Groves:

Category:OWASP Project

2014-06-06T21:05:42Z

Samantha Groves:

__NOTOC__
{|
|-
! width="700" align="center" | 
! width="500" align="center" | 
|-
| align="right" | [[Image:Owasp_banner_web_pro.jpg|800px| link=https://www.owasp.org/index.php/Category:OWASP_Project]]
| align="right" |

|}

= Welcome =
{| style="width: 100%;"
|-
| style="width: 100%; color: rgb(0, 0, 0);" |
{| style="border: 0px solid ; background: transparent none repeat scroll 0% 0%; width: 100%; -moz-background-clip: border; -moz-background-origin: padding; -moz-background-inline-policy: continuous;"
|-
| style="width: 95%; color: rgb(0, 0, 0);" |


=== OWASP Project Inventory ===

All OWASP tools, document, and code library projects are organized into the following [https://www.owasp.org/index.php/OWASP_Project_Stages categories:]

* '''[https://www.owasp.org/index.php/OWASP_Project_Inventory#Flagship_Projects Flagship Projects:]''' The OWASP Flagship designation is given to projects that have demonstrated strategic value to OWASP and application security as a whole.

* '''[https://www.owasp.org/index.php/OWASP_Project_Inventory#Labs_Projects Lab Projects:]''' OWASP Labs projects represent projects that have produced an OWASP reviewed deliverable of value.

* '''[https://www.owasp.org/index.php/OWASP_Project_Inventory#Incubator_Projects Incubator Projects:]''' OWASP Incubator projects represent the experimental playground where projects are still being fleshed out, ideas are still being proven, and development is still underway.

=== Welcome to the OWASP Global Projects Page ===

An OWASP project is a collection of related tasks that have a defined roadmap and team members. OWASP project leaders are responsible for defining the vision, roadmap, and tasks for the project. The project leader also promotes the project and builds the team. OWASP currently has over 142 active projects, and new project applications are submitted every week.

This is one of the most popular divisions of OWASP as it gives members an opportunity to freely test theories and ideas with the professional advice and support of the OWASP community. Every project has an associated mail list. You can view all the lists, examine their archives, and subscribe to any project by visiting the [http://lists.owasp.org/mailman/listinfo OWASP Project Mailing Lists] page. A summary of recent project announcements is available on the [[OWASP Updates]] page.

'''[https://www.owasp.org/images/d/d8/PROJECT_LEADER-HANDBOOK_2014.pdf Download the OWASP Project Handbook 2014]'''

'''[https://www.owasp.org/index.php/OWASP_2014_Project_Handbook OWASP Project Handbook Wiki 2014]'''

'''[https://www.owasp.org/images/6/6a/OWASP_Projects_Handbook_2013.pdf Download the OWASP Projects Handbook 2013]'''

'''[http://www.tfaforms.com/263506 Start a New OWASP Project]'''

'''[https://www.owasp.org/index.php/Project_Online_Resources Project Online Resources]'''

=== Who Should Start an OWASP Project? ===

*Application Developers.
*Software Architects.
* Information Security Authors.
*Those who would like the support of a world wide professional community to develop or test an idea.
*Anyone wishing to take advantage of the professional body of knowledge OWASP has to offer.

=== Contact Us===

If you have any questions, please do not hesitate to contact the [http://owasp4.owasp.org/contactus.html OWASP Projects Manager, Samantha Groves] by using the form provided here. Please allow five working days for your question or comment to be answered. This is due to the large amount of queries the foundation staff receive every day. We thank you for your patience.

=== Social Media ===

We recommend using the links below to find our official OWASP social media channels. These are a great way to keep in touch with the different initiatives going on at OWASP throughout the world. They are all updated regularly by chapter leaders, project leaders, the OWASP Board Members, and our OWASP Staff. If you have any questions or concerns about any of these accounts, please drop us a line using our [http://www.tfaforms.com/308703 "Contact Us"] form found above.

[[Image:Blogger-32x32.png|32px|link=http://owasp.blogspot.co.uk/]] [[Image:Twitter-32x32.png|32px|link=https://twitter.com/OWASP]] [[Image:Facebook-32x32.png|32px|link=https://www.facebook.com/groups/172892372831444/]] [[Image:Linkedin-32x32.png|32px|link=http://www.linkedin.com/groups/Global-OWASP-Foundation-36874]] [[Image:Google-32x32.png|32px|link=https://plus.google.com/u/0/communities/105181517914716500346?cfem=1]] [[Image:Ning-32x32.png|32px|link=http://myowasp.ning.com/]]





 

|}



| style="border: 3px solid rgb(204, 204, 204); vertical-align: top; width: 95%; font-size: 95%; color: rgb(0, 0, 0);" | 

                                                                                                                              [[Image:Education-project.png‎|center|300px| link=https://www.owasp.org/index.php/Category:OWASP_Education_Project]]

[[Image:AppSecEU_2014.jpg|center|300px| link=https://2014.appsec.eu/]]

[[Image:New_initiatives.png|center|300px| link=http://owasp.force.com/volunteers/GW_Volunteers__VolunteersJobListing]]

[[Image:Donate_here_banner.png|center|300px| link=http://www.regonline.com/Register/Checkin.aspx?EventID=1044369]]

{|

| style="width: 110px; font-size: 95%; color: rgb(0, 0, 0);" |
|}

| style="width: 110px; font-size: 95%; color: rgb(0, 0, 0);" |
|}


= Project Inventory =


==Flagship Projects==

The OWASP Flagship designation is given to projects that have demonstrated strategic value to OWASP and application security as a whole.

'''Code'''

'''Tools'''

'''Documentation'''

==Labs Projects==

OWASP Labs projects represent projects that have produced a deliverable of value. While these projects are typically not production ready, the OWASP community expects that an OWASP Labs project leader is producing releases that are at least ready for mainstream usage.

'''Tools'''
* [https://www.owasp.org/index.php/OWASP_Broken_Web_Applications_Project OWASP Broken Web Applications Project]
* [https://www.owasp.org/index.php/Category:OWASP_CSRFTester_Project OWASP CSRFTester Project]
* [https://www.owasp.org/index.php/Category:OWASP_EnDe OWASP EnDe Project]
* [https://www.owasp.org/index.php/OWASP_Hackademic_Challenges_Project OWASP Hackademic Challenges Project]
* [https://www.owasp.org/index.php/OWASP_Mantra_-_Security_Framework OWASP Mantra Security Framework]
* [https://www.owasp.org/index.php/Category:OWASP_Mutillidae OWASP Mutillidae Project]
* [https://www.owasp.org/index.php/OWASP_O2_Platform OWASP O2 Platform]
* [https://www.owasp.org/index.php/Project_Information:template_Vicnum_Project OWASP Vicnum Project]
* [https://www.owasp.org/index.php/Category:OWASP_Wapiti_Project OWASP Wapiti Project]
* [https://www.owasp.org/index.php/Project_Information:template_Yasca_Project OWASP Yasca Project]
* [https://www.owasp.org/index.php/OWASP_OWTF OWASP OWTF]
* [https://www.owasp.org/index.php?title=OWASP_Web_Testing_Environment_Project OWASP Web Testing Environment Project]
* [https://www.owasp.org/index.php/Webgoat OWASP WebGoat Project]
* [https://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Project OWASP Zed Attack Proxy]

'''Documentation'''
* [https://www.owasp.org/index.php/OWASP_Appsec_Tutorial_Series OWASP AppSec Tutorial Series]
* [https://www.owasp.org/index.php/OWASP_AppSensor_Project OWASP AppSensor Project]
* [https://www.owasp.org/index.php/Category:OWASP_CTF_Project OWASP CTF Project]
* [https://www.owasp.org/index.php/Category:OWASP_Legal_Project OWASP Legal Project]
* [https://www.owasp.org/index.php/OWASP_Podcast OWASP Podcast Project]
* [https://www.owasp.org/index.php/Virtual_Patching_Best_Practices Virtual Patching Best Practices]
* [https://www.owasp.org/index.php/Category:OWASP_Application_Security_Verification_Standard_Project OWASP Application Security Verification Standard Project]
* [https://www.owasp.org/index.php/Category:OWASP_Code_Review_Project OWASP Code Review Guide Project]
* [https://www.owasp.org/index.php/OWASP_Codes_of_Conduct OWASP Codes of Conduct]
* [https://www.owasp.org/index.php/Category:OWASP_Guide_Project OWASP Development Guide Project]
* [https://www.owasp.org/index.php/OWASP_Secure_Coding_Practices_-_Quick_Reference_Guide OWASP Secure Coding Practices - Quick Reference Guide]
* [https://www.owasp.org/index.php/Category:Software_Assurance_Maturity_Model OWASP Software Assurance Maturity Model (SAMM)]
* [https://www.owasp.org/index.php/OWASP_Testing_Project OWASP Testing Guide Project]
* [https://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project OWASP Top Ten Project]

'''Code'''
* [https://www.owasp.org/index.php/Category:OWASP_AntiSamy_Project OWASP AntiSamy Project]
* [https://www.owasp.org/index.php/Category:OWASP_Enterprise_Security_API OWASP Enterprise Security API]
* [https://www.owasp.org/index.php/Projects/OWASP_ModSecurity_Core_Rule_Set_Project OWASP ModSecurity Core Rule Set Project]
* [https://www.owasp.org/index.php/Category:OWASP_CSRFGuard_Project OWASP CSRFGuard Project]

<div id="sammysam"></div>

==Incubator Projects==

OWASP Incubator projects represent the experimental playground where projects are still being fleshed out, ideas are still being proven, and development is still underway. The “OWASP Incubator” label allows OWASP consumers to readily identify a project’s maturity. The label also allows project leaders to leverage the OWASP name while their project is still maturing.

'''Code'''
* [https://www.owasp.org/index.php/Opa OWASP OPA]
* [https://www.owasp.org/index.php/OWASP_Java_Encoder_Project OWASP Java Encoder Project]
* [https://www.owasp.org/index.php/OWASP_JSON_Sanitizer OWASP JSON Sanitizer]
* [https://www.owasp.org/index.php/OWASP_Java_HTML_Sanitizer OWASP Java HTML Sanitizer Project]
* [https://www.owasp.org/index.php/OWASP_Java_XML_Templates_Project OWASP Java XML Templates Project]
* [https://www.owasp.org/index.php/OWASP_Passfault OWASP Passfault]
* [https://www.owasp.org/index.php/OWASP_Java_File_I_O_Security_Project OWASP Java File I/O Security Project]
* [https://www.owasp.org/index.php/OWASP_Security_Research_and_Development_Framework OWASP Security Research and Development Framework]
* [https://www.owasp.org/index.php/OWASP_Focus OWASP Focus]
* [https://www.owasp.org/index.php/OWASP_PHPRBAC_Project OWASP PHPRBAC Project]
* [https://www.owasp.org/index.php/OWASP_EJSF_Project OWASP EJSF Project]
* [https://www.owasp.org/index.php/OWASP_iMAS_iOS_Mobile_Application_Security_Project OWASP iMAS - iOS Mobile Application Security Project]
* [https://www.owasp.org/index.php/OWASP_RBAC_Project OWASP RBAC Project]
* [https://www.owasp.org/index.php/OWASP_PHP_Security_Project OWASP PHP Security Project]
* [https://www.owasp.org/index.php/OWASP_File_Format_Validation_Project OWASP File Format Validation Project]
* [https://www.owasp.org/index.php/OWASP_JAWS_Project OWASP JAWS Project]
* [https://www.owasp.org/index.php/OWASP_Node_js_Goat_Project OWASP Node.js Goat Project]
* [https://www.owasp.org/index.php/OWASP_System_Vulnerable_Code_Project OWASP System Vulnerable Code Project]
* [https://www.owasp.org/index.php/OWASP_ISO_IEC_27034_Application_Security_Controls_Project OWASP ISO/IEC 27034 Application Security Controls Project]
* [https://www.owasp.org/index.php/OWASP_Secure_Headers_Project OWASP Secure Headers Project]
* [https://www.owasp.org/index.php/OWASP_Hardened_Phalcon_Project OWASP Hardened Phalcon Project]
* [https://www.owasp.org/index.php/OWASP_Barbarus OWASP Barbarus]

'''Tools'''
* [https://www.owasp.org/index.php/OWASP_NAXSI_Project OWASP NAXSI Project]
* [https://www.owasp.org/index.php/OWASP_Passw3rd_Project OWASP Passw3rd Project]
* [https://www.owasp.org/index.php/Category:OWASP_WebGoat.NET OWASP WebGoat.NET]
* [https://www.owasp.org/index.php/OWASP_Path_Traverser OWASP Path Traverser]
* [https://www.owasp.org/index.php/OWASP_Watiqay OWASP Watiqay]
* [https://www.owasp.org/index.php/Projects/OWASP_Security_Shepherd/Roadmap OWASP Security Shepherd]
* [https://www.owasp.org/index.php/OWASP_Xenotix_XSS_Exploit_Framework OWASP Xenotix XSS Exploit Framework]
* [https://www.owasp.org/index.php/OWASP_Mantra_OS OWASP Mantra OS]
* [https://www.owasp.org/index.php/OWASP_XSSER OWASP XSSER]
* [https://www.owasp.org/index.php/OWASP_Academy_Portal_Project OWASP Academy Portal Project]
* [https://www.owasp.org/index.php/OWASP_ASIDE_Project OWASP ASIDE Project]
* [https://www.owasp.org/index.php/OWASP_iGoat_Project OWASP iGoat Project]
* [https://www.owasp.org/index.php/OWASP_SamuraiWTF_Project OWASP SamuraiWTF]
* [https://www.owasp.org/index.php/O-Saft O-Saft]
* [https://www.owasp.org/index.php/OWASP_OpenStack_Security_Project OWASP OpenStack Security Project]
* [https://www.owasp.org/index.php/OWASP_Bricks OWASP Bricks]
* [https://www.owasp.org/index.php/OWASP_Dependency_Check OWASP Dependency Check]
* [https://www.owasp.org/index.php/OWASP_Hive_Project OWASP Hive Project]
* [https://www.owasp.org/index.php/OWASP_Rails_Goat_Project OWASP Rails Goat Project]
* [https://www.owasp.org/index.php/OWASP_Bywaf_Project OWASP Bywaf Project]
* [https://www.owasp.org/index.php/OWASP_S.T.I.N.G_Project OWASP S.T.I.N.G Project]
* [https://www.owasp.org/index.php/OWASP_VaultDB_Project OWASP VaultDB Project]
* [https://www.owasp.org/index.php/OWASP_Mutillidae_2_Project OWASP Mutillidae 2 Project]
* [https://www.owasp.org/index.php/OWASP_Skanda_SSRF_Exploitation_Framework OWASP Skanda - SSRF Exploitation Framework]
* [https://www.owasp.org/index.php/OWASP_SeraphimDroid_Project OWASP SeraphimDroid Project]
* [https://www.owasp.org/index.php/OWASP_Androick_Project OWASP Androïck Project]
* [https://www.owasp.org/index.php/OWASP_SafeNuGet_Project OWASP SafeNuGet Project]
* [https://www.owasp.org/index.php/OWASP_WebSandBox_Project OWASP WebSandBox Project]
* [https://www.owasp.org/index.php/OWASP_Dependency_Track_Project OWASP Dependency Track Project]
* [https://www.owasp.org/index.php/OWASP_PHP_Portscanner_Project OWASP PHP Portscaner Project]
* [https://www.owasp.org/index.php/OWASP_Python_Security_Project OWASP Python Security Project]
* [https://www.owasp.org/index.php/OWASP_WebSpa_Project OWASP WebSpa Project]
* [https://www.owasp.org/index.php/OWASP_Financial_Information_Exchange_Security_Project OWASP Financial Information Exchange Security Project]
* [https://www.owasp.org/index.php/OWASP_NINJA_PingU_Project OWASP NINJA PingU Project]
* [https://www.owasp.org/index.php/OWASP_Encoder_Comparison_Reference_Project OWASP Encoder Comparison Reference Project]
* [https://www.owasp.org/index.php/Category:OWASP_SQLiX_Project OWASP sqliX Project]
* [https://www.owasp.org/index.php/OWASP_LAPSE_Project OWASP LAPSE Project]
* [https://www.owasp.org/index.php/Category:OWASP_Orizon_Project OWASP Orizon Project]
* [https://www.owasp.org/index.php/OWASP_WASC_Distributed_Web_Honeypots_Project OWASP WASC Distributed Web Honeypots Project]
* [https://www.owasp.org/index.php/OWASP_Click_Me_Project OWASP Click Me Project]
* [https://www.owasp.org/index.php/OWASP_Secure_TDD_Project OWASP Secure TDD Project]
* [https://www.owasp.org/index.php/OWASP_XSecurity_Project OWASP XSecurity Project]
* [https://www.owasp.org/index.php/OWASP_Pyttacker_Project OWASP Pyttacker Project]
* [https://www.owasp.org/index.php/OWASP_Code_Pulse_Project OWASP Code Pulse Project]
* [https://www.owasp.org/index.php/OWASP_HTTP_Post_Tool OWASP HTTP POST Tool]
*[https://www.owasp.org/index.php/OWASP_PHP_Security_Training_Project OWASP PHP Security Training Project]
*[https://www.owasp.org/index.php/Projects/OWASP_iOSForensic OWASP iOSForensic]
*[https://www.owasp.org/index.php/OWASP_Project_Metrics OWASP Project Metrics]
'''Documentation'''
* [https://www.owasp.org/index.php/OWASP_Data_Exchange_Format_Project OWASP Data Exchange Format Project]
* [https://www.owasp.org/index.php/Cheat_Sheets OWASP Cheat Sheets Project]
* [https://www.owasp.org/index.php/OWASP_Proactive_Controls OWASP Proactive Controls]
* [https://www.owasp.org/index.php/OWASP_Security_Baseline_Project OWASP Security Baseline Project]
* [https://www.owasp.org/index.php/Category:OWASP_Application_Security_Requirements_Project OWASP Application Security Requirements Project]
* [https://www.owasp.org/index.php/Category:OWASP_Application_Security_Assessment_Standards_Project OWASP Application Security Assessment Standards Project]
* [https://www.owasp.org/index.php/Category:OWASP_CBT_Project OWASP Computer Based Training Project (OWASP CBT Project)]
* [https://www.owasp.org/index.php/OWASP_Enterprise_Application_Security_Project OWASP Enterprise Application Security Project]
* [https://www.owasp.org/index.php/OWASP_Exams_Project OWASP Exams Project]
* [https://www.owasp.org/index.php/Projects/OWASP_GoatDroid_Project OWASP GoatDroid Project]
* [https://www.owasp.org/index.php/OWASP_RFP-Criteria OWASP Request For Proposal]
* [https://www.owasp.org/index.php/OWASP_University_Challenge OWASP University Challenge]
* [https://www.owasp.org/index.php/OWASP_Hacking_Lab OWASP Hacking-Lab]
* [https://www.owasp.org/index.php/OWASP_Application_Security_Awareness_Top_10_E-learning_Project OWASP Application Security Awareness Top 10 E-learning Project]
* [https://www.owasp.org/index.php/WASC_OWASP_Web_Application_Firewall_Evaluation_Criteria_Project WASC/OWASP Web Application Firewall Evaluation Criteria (WAFEC)]
* [https://www.owasp.org/index.php/ESAPI_Swingset OWASP ESAPI Swingset Project]
* [https://www.owasp.org/index.php/OWASP_Press OWASP Press]
* [https://www.owasp.org/index.php/OWASP_CISO_Survey OWASP CISO Survey]
* [https://www.owasp.org/index.php/OWASP_Application_Security_Guide_For_CISOs_Project OWASP Application Security Guide For CISOs]
* [https://www.owasp.org/index.php/OWASP_Scada_Security_Project OWASP Scada Security Project]
* [https://www.owasp.org/index.php/OWASP_Cornucopia OWASP Cornucopia]
* [https://www.owasp.org/index.php/OWASP_Secure_Application_Design_Project OWASP Secure Application Design Project]
* [https://www.owasp.org/index.php/OWASP_Top_10_Fuer_Entwickler_Project OWASP Top 10 Fuer Entwickler Project]
* [https://www.owasp.org/index.php/OWASP_Web_Application_Security_Quick_Reference_Guide_Project OWASP Web Application Security Quick Reference Guide Project]
* [https://www.owasp.org/index.php/OWASP_Supporting_Legacy_Web_Applications_in_the_Current_Environment_Project OWASP Supporting Legacy Web Applications in the Current Environment Project]
* [https://www.owasp.org/index.php/OWASP_Security_Principles_Project OWASP Security Principles Project]
* [https://www.owasp.org/index.php/OWASP_Media_Project OWASP Media Project]
* [https://www.owasp.org/index.php/OWASP_Global_Chapter_Meetings_Project OWASP Global Chapter Meetings Project]
* [https://www.owasp.org/index.php/OWASP_Vulnerable_Web_Applications_Directory_Project OWASP Vulnerable Web Applications Directory Project]
* [https://www.owasp.org/index.php/OWASP_Game_Security_Framework_Project OWASP Game Security Framework Project]
* [https://www.owasp.org/index.php/OWASP_Insecure_Web_Components_Project OWASP Insecure Web Components Project]
* [https://www.owasp.org/index.php/OWASP_Reverse_Engineering_and_Code_Modification_Prevention_Project OWASP Reverse Engineering and Code Modification Prevention Project]
* [https://www.owasp.org/index.php/OWASP_Student_Chapters_Program OWASP Student Chapters Project]
* [https://www.owasp.org/index.php/Category:OWASP_Education_Project OWASP Education Project]
* [https://www.owasp.org/index.php/Category:OWASP_Speakers_Project OWASP Speakers Project]
* [https://www.owasp.org/index.php/OWASP_Internet_of_Things_Top_Ten_Project OWASP Internet of Things Top Ten Project]
* [https://www.owasp.org/index.php/Category:OWASP_.NET_Project OWASP .NET Project]
* [https://www.owasp.org/index.php/OWASP_Research_Book_Project OWASP Research Book Project]
* [https://www.owasp.org/index.php/OWASP_Open_Cyber_Security_Framework_Project OWASP Open Cyber Security Framework Project]
* [https://www.owasp.org/index.php/OWASP_Top_10_Privacy_Risks_Project OWASP Top 10 Privacy Risks Project]
* [https://www.owasp.org/index.php/OWASP_WASC_Web_Hacking_Incidents_Database_Project OWASP WASC Web Hacking Incidents Database Project]
* [https://www.owasp.org/index.php/OWASP_Security_Frameworks_Project OWASP Security Frameworks Project]
* [https://www.owasp.org/index.php/OWASP_Incident_Response_Project OWASP Incident Response Project]
* [https://www.owasp.org/index.php/OWASP_Embedded_Application_Security OWASP Embedded Application Security]
* [https://www.owasp.org/index.php/OWASP_STING_Game_Project OWASP STING Game Project]
*[https://www.owasp.org/index.php/Projects/OWASP_Ruby_on_Rails_and_friends_Security_Guide OWASP Ruby on Rails and Friends Security Guide]
*[https://www.owasp.org/index.php/OWASP_Secure_Development_Training OWASP Secure Development Training]

==Donated Projects==

OWASP Donated Projects are inactive projects that have been donated to the OWASP Projects Infrastructure.

'''Tools'''

* [https://www.owasp.org/index.php/OWASP_Excess_XSS_Project OWASP Excess XSS Project]
* [https://www.owasp.org/index.php/OWASP_JOTP_Project OWASP jOTP Project]

==Inactive Projects==

'''Archived Projects'''

OWASP Archived Projects are inactive Labs projects. If you are interested in pursuing any of the projects below, please contact us and let us know of your interest.

* [https://www.owasp.org/index.php/Category:OWASP_Access_Control_Rules_Tester_Project OWASP Access Control Rules Tester Project]
* [https://www.owasp.org/index.php/Category:OWASP_Application_Security_Metrics_Project OWASP Application Security Metrics Project]
* [https://www.owasp.org/index.php/Category:OWASP_AppSec_FAQ_Project OWASP AppSec FAQ Project]
* [https://www.owasp.org/index.php/Asdr OWASP ASDR Project]
* [https://www.owasp.org/index.php/Category:OWASP_Backend_Security_Project OWASP Backend Security Project]
* [https://www.owasp.org/index.php/Category:OWASP_Best_Practices:_Use_of_Web_Application_Firewalls OWASP Best Practices: Use of Web Application Firewalls]
* [https://www.owasp.org/index.php/Category:OWASP_CAL9000_Project OWASP CAL9000 Project]
* [https://www.owasp.org/index.php/Category:OWASP_CLASP_Project OWASP CLASP Project]
* [https://www.owasp.org/index.php/Category:OWASP_Code_Crawler OWASP CodeCrawler Project]
* [https://www.owasp.org/index.php/Category:OWASP_Content_Validation_using_Java_Annotations_Project OWASP Content Validation using Java Annotations Project]
* [https://www.owasp.org/index.php/Category:OWASP_DirBuster_Project OWASP DirBuster Project]
* [https://www.owasp.org/index.php/Category:OWASP_Encoding_Project OWASP Encoding Project]
* [https://www.owasp.org/index.php/Category:OWASP_Google_Hacking_Project OWASP Google Hacking Project]
* [https://www.owasp.org/index.php/Category:OWASP_Insecure_Web_App_Project OWASP Insecure Web App Project]
* [https://www.owasp.org/index.php/Category:OWASP_Interceptor_Project OWASP Interceptor Project]
* [https://www.owasp.org/index.php/Category:OWASP_JSP_Testing_Tool_Project OWASP JSP Testing Tool Project]
* [https://www.owasp.org/index.php/Category:OWASP_LiveCD_Education_Project OWASP LiveCD Education Project]
* [https://www.owasp.org/index.php/Category:OWASP_Logging_Project OWASP Logging Guide]
* [https://www.owasp.org/index.php/Category:OWASP_NetBouncer_Project OWASP NetBouncer Project]
* [https://www.owasp.org/index.php/Category:OWASP_OpenPGP_Extensions_for_HTTP_-_Enigform_and_mod_openpgp OWASP OpenPGP Extensions for HTTP - Enigform and mod_openpgp Project]
* [https://www.owasp.org/index.php/Category:OWASP_OpenSign_Server_Project OWASP OpenSign Server Project]
* [https://www.owasp.org/index.php/Category:OWASP_Pantera_Web_Assessment_Studio_Project OWASP Pantera Web Assessment Studio Project]
* [https://www.owasp.org/index.php/Category:OWASP_PHP_Project OWASP PHP Project]
* [https://www.owasp.org/index.php/ORG_%28OWASP_Report_Generator%29 OWASP Report Generator]
* [https://www.owasp.org/index.php/Category:OWASP_SASAP_Project OWASP Scholastic Application Security Assessment Project]
* [https://www.owasp.org/index.php/Category:OWASP_Security_Analysis_of_Core_J2EE_Design_Patterns_Project OWASP Security Analysis of Core J2EE Design Patterns Project]
* [https://www.owasp.org/index.php/Category:OWASP_Security_Spending_Benchmarks OWASP Security Spending Benchmarks Project]
* [https://www.owasp.org/index.php/OWASP_SiteGenerator OWASP Site Generator Project]
* [https://www.owasp.org/index.php/Category:OWASP_Skavenger_Project OWASP Skavenger Project]
* [https://www.owasp.org/index.php/Category:OWASP_Source_Code_Flaws_Top_10_Project OWASP Source Code Flaws Top 10 Project]
* [https://www.owasp.org/index.php/Category:OWASP_Sprajax_Project OWASP Sprajax Project]
* [https://www.owasp.org/index.php/Category:OWASP_Sqlibench_Project OWASP Sqlibench Project]
* [https://www.owasp.org/index.php/Category:OWASP_Stinger_Project OWASP Stinger Project]
* [https://www.owasp.org/index.php/Category:OWASP_Teachable_Static_Analysis_Workbench_Project OWASP Teachable Static Analysis Workbench Project]
* [https://www.owasp.org/index.php/OWASP_Tiger OWASP Tiger]
* [https://www.owasp.org/index.php/Category:OWASP_Tools_Project OWASP Tools Project]
* [https://www.owasp.org/index.php/Projects/OWASP_Uniform_Reporting_Guidelines OWASP Uniform Reporting Guidelines]
* [https://www.owasp.org/index.php/Category:OWASP_WeBekci_Project OWASP Webekci Project]
* [https://www.owasp.org/index.php/JBroFuzz JBroFuzz]
* [https://owasp.org/index.php/Category:OWASP_SWAAT_Project OWASP SWAAT Project]
* [https://www.owasp.org/index.php/OWASP_Secure_Web_Application_Framework_Manifesto OWASP Secure Web Application Framework Manifesto]
* [https://www.owasp.org/index.php/Scrubbr OWASP Scrubbr]
* [https://www.owasp.org/index.php/OWASP_JavaScript_Sandboxes OWASP JavaScript Sandboxes Project]
* [https://www.owasp.org/index.php/Category:OWASP_Joomla_Vulnerability_Scanner_Project OWASP Joomla Vulnerability Scanner Project]
* [https://www.owasp.org/index.php/OWASP_Hatkit_Datafiddler_Project OWASP Hatkit Datafiddler Project]
* [https://www.owasp.org/index.php/OWASP_Hatkit_Proxy_Project OWASP Hatkit Proxy Project]
* [https://www.owasp.org/index.php/OWASP_Fiddler_Addons_for_Security_Testing_Project OWASP Fiddler Addons for Security Testing Project]
* [https://www.owasp.org/index.php/OWASP_Forward_Exploit_Tool_Project OWASP Forward Exploit Tool Project]
* [https://www.owasp.org/index.php/Category:OWASP_Fuzzing_Code_Database OWASP Fuzzing Code Database]
* [https://www.owasp.org/index.php/Category:OWASP_Cloud_‐_10_Project OWASP Cloud ‐ 10 Project]
* [https://www.owasp.org/index.php/OWASP_Web_Browser_Testing_System_Project OWASP Web Browser Testing System Project]
* [https://www.owasp.org/index.php/Webscarab OWASP WebScarab Project]
* [https://www.owasp.org/index.php/Project_Information:template_Webslayer_Project OWASP Webslayer Project]
* [https://www.owasp.org/index.php/Project_Information:template_WSFuzzer_Project OWASP WSFuzzer Project]
* [http://owasp.com/index.php/Category:OWASP_Security_Assurance_Testing_of_Virtual_Worlds_Project OWASP Security Assurance Testing of Virtual Worlds Project]
* [https://www.owasp.org/index.php/OWASP_WAF_Project OWASP WAF Project]
* [https://www.owasp.org/index.php/OWASP_VFW_Project OWASP VFW Project]
* [https://www.owasp.org/index.php/OWASP_SIMBA_Project OWASP SIMBA Project]
* [https://www.owasp.org/index.php/OWASP_ONYX OWASP ONYX]
* [https://www.owasp.org/index.php/OWASP_Java_Uncertain_Form_Submit_Prevention OWASP Java Uncertain Form Submit Prevention]
* [https://www.owasp.org/index.php/OWASP_Ecuador OWASP Ecuador]
* [https://www.owasp.org/index.php/OWASP_ESOP_Framework OWASP ESOP Framework]
* [https://www.owasp.org/index.php/OWASP_Alchemist_Project OWASP Alchemist Project]
* [https://www.owasp.org/index.php/OWASP_Secure_the_Flag_Competition_Project OWASP Secure the Flag Project]
* [https://www.owasp.org/index.php/OWASP_Browser_Security_ACID_Tests_Project OWASP Browser Security ACID Test Project]
* [https://www.owasp.org/index.php/OWASP_AJAX_Crawling_Tool OWASP AJAX Crawling Tool]
* [https://www.owasp.org/index.php/OWASP_Threat_Modelling_Project OWASP Threat Modeling Project]
* [https://www.owasp.org/index.php/OWASP_Crossword_of_the_Month OWASP Crossword of the Month]
* [https://www.owasp.org/index.php/OWASP_Secure_Password_Project OWASP Secure Password Project]
* [https://www.owasp.org/index.php/OWASP_Myth_Breakers_Project OWASP Myth Breakers Project]
* [http://owasp.com/index.php/OWASP_Project_Partnership_Model OWASP Project Partnership Model]
* [https://www.owasp.org/index.php/OWASP_Browser_Security_Project OWASP Browser Security Project]
* [https://www.owasp.org/index.php/OWASP_Application_Security_Program_for_Managers OWASP Application Security Program for Managers]
* [https://www.owasp.org/index.php/Category:OWASP_Favicon_Database_Project OWASP Favicon Database Project]
* [https://www.owasp.org/index.php/OWASP_Security_JDIs_Project OWASP Security JDIs Project]
* [https://www.owasp.org/index.php/OWASP_File_Hash_Repository OWASP File Hash Repository]
* [https://www.owasp.org/index.php/OWASP_Crowdtesting OWASP Crowdtesting]
* [https://www.owasp.org/index.php/OWASP_Application_Security_Skills_Assessment OWASP Application Security Skills Assessment]
* [https://www.owasp.org/index.php/OWASP_Common_Numbering_Project OWASP Common Numbering Project]
* [https://www.owasp.org/index.php/OWASP_WhatTheFuzz_Project#tab=Project_About OWASP WhatTheFuzz Project]
* [https://www.owasp.org/index.php/OWASP_Security_Tools_for_Developers_Project OWASP Security Tools for Developers Project]
* [https://www.owasp.org/index.php/Category:OWASP_Proxy OWASP Proxy Project]
* [https://www.owasp.org/index.php/OWASP_AW00T OWASP AW00t]
* [https://www.owasp.org/index.php/OWASP_Framework_Security_Project OWASP Framework Security Project]
* [https://www.owasp.org/index.php/OWASP_Desktop_Goat_and_Top_5_Project OWASP Desktop Goat and Top 5 Project]
* [https://www.owasp.org/index.php/OWASP_OVAL_Content_Project OWASP OVAL Content Project]
* [https://www.owasp.org/index.php/OWASP_Software_Security_Assurance_Process OWASP Software Security Assurance Process]
* [https://www.owasp.org/index.php/OWASP_Application_Fuzzing_Framework_Project OWASP Application Fuzzing Framework Project]
* [https://www.owasp.org/index.php/OWASP_Good_Component_Practices_Project OWASP Good Component Practices Project]
* [https://www.owasp.org/index.php/OWASP_1-Liner OWASP 1-Liner]
* [https://www.owasp.org/index.php/Category:OWASP_Java_Project OWASP Java Project]
* [https://www.owasp.org/index.php/OWASP_Web_Application_Security_Accessibility_Project#tab=Project_About OWASP Web Application Security Accessibility Project]
* [https://www.owasp.org/index.php/OWASP_OctoMS OWASP OctoMS]
* [https://www.owasp.org/index.php/OWASP_Java_J2EE_Secure_Development_Curriculum OWASP Java/J2EE Secure Development Curriculum]
* [https://www.owasp.org/index.php/OWASP_Periodic_Table_of_Vulnerabilities OWASP Periodic Table of Vulnerabilities]
* [https://www.owasp.org/index.php/OWASP_Droid_Fusion OWASP Droid Fusion]
* [https://www.owasp.org/index.php/OWASP_iSABEL_Proxy_Server OWASP iSABEL Proxy Server]
* [https://www.owasp.org/index.php/OWASP_WS_Amplification_DoS_Project OWASP WS-Amplification DoS Project]
* [https://www.owasp.org/index.php/OWASP_Windows_Binary_Executable_Files_Security_Checks_Project OWASP Windows Binary Executable Files Security Checks Project]
* [https://www.owasp.org/index.php/OWASP_Wordpress_Security_Checklist_Project OWASP Wordpress Security Checklist Project]
* [https://www.owasp.org/index.php/OWASP_Simple_Host_Base_Incidence_Detection_System_Project OWASP Simple Host Base Incidence Detection System Project]
* [https://www.owasp.org/index.php/OWASP_Unmaskme_Project OWASP Unmaskme Project]
* [https://www.owasp.org/index.php/OWASP_HA_Vulnerability_Scanner_Project OWASP HA Vulnerability Scanner Project]
* [https://www.owasp.org/index.php/OWASP_Pygoat_Project OWASP Pygoat Project]
* [https://www.owasp.org/index.php/OWASP_Security_Labeling_System_Project OWASP Security Labeling System Project]
* [https://www.owasp.org/index.php/OWASP_IoTs_Project OWASP IoTs Project]
* [https://www.owasp.org/index.php/OWASP_STeBB_Project OWASP STeBB Project]
* [https://www.owasp.org/index.php/OWASP_Ultimatum_Project OWASP Ultimatum Project]

= Project Task Force =

===OWASP Project Task Force===

{{:Task_Force/OWASP_Projects}}

= Online Resources =

===Project Online Resources===

{{:Project_Online_Resources}}

= Starting a New Project =

== So you want to start a project... ==

Starting an OWASP Project is easy. You don't have to be an application security expert. You just have to have the drive and desire to make a contribution to the application security community.

Here are some of the guidelines for running a successful OWASP project:

* The best OWASP projects are strategic - they make it easier to produce secure applications by filling a gap in the application security knowledge-base or technology support.

* You ''can'' run a single person project, but it's usually best to get the community involved. You should be prepared to support a mailing list, build a team, speak at conferences, and promote your project.

* You can contribute existing documents or tools to OWASP! Assuming you have the intellectual property rights to a work, you can open it to the world as an OWASP Project. Please coordinate this with OWASP by contacting owasp(at)owasp.org.

* Available Grants to consider if you need funding - [https://www.owasp.org/index.php/Grants Click Here]

* You should promote your project through the OWASP channels as well as by outside means. Get people to blog about it!

== Creating a new project ==
The first thing you have to do if you want to start a new project is submit a new OWASP Project application. [http://www.tfaforms.com/263506 Please submit a new project application here].

* You will need to gather the following information together for your application:
A - PROJECT
# Project Name,
# Project purpose / overview,
# Project Roadmap,
# Project links (if any) to external sites,
# [http://www.owasp.org/index.php/Guidelines_for_OWASP_Projects#Project_Licensing Project License],
# Project Leader name,
# Project Leader email address,
# Project Leader wiki account - the username (you'll need this to edit the wiki),
# Project Contributor(s) (if any) - name email and wiki account (if any),
# Project Main Links (if any).

* Check out the '''[[Guidelines for OWASP Projects]]'''.
* [https://www.owasp.org/index.php/Grant_Spending_Policy Grant Spending Policy]
* [https://www.owasp.org/index.php/Project_Spending_Policy Project Spending Policy]
* [https://www.owasp.org/index.php/Project_Sponsorship_Operational_Guidelines Project Sponsorship Operational Guidelines]

==OWASP Recommended Licenses==

{{Recommended_Licenses}}

==Funding your Project==
An OWASP project does not receive any funding for development at project inception; however, a new project does have the opportunity to submit a request to receive funds if they are available for the year. Additionally, project leaders have the option of seeking sponsorship from outside organizations, but project leaders are required to seek funding through their own initiative. Please contact the OWASP Projects Manager for more information.

== Project Release ==

As your project reaches a point that you'd like OWASP to assist in its promotion, the will need the following information to help spread the word about your project:

# Short 5 sentence paragraph outlining what your project is about, what you hope to accomplish with your project, what value your project brings to software security, and contributor and project leader names and contact information.
# Link to your wiki page.
# Link to your code repository or a link to where readers can download your project.
# Latest Release description answering the following questions: What is it?, What does it do?, Where can I get it?, Who should I contact if something goes wrong?.

==Project Process Forms==
These forms were created to help project leaders, and those interested in a going through a process in the OWASP projects infrastructure. They facilitate the management of each query based on the specific task an applicant will need help with. The forms are described below, and they are linked with their designated online application form.

* [http://www.tfaforms.com/264422 Project Transition Application]:The OWASP project transition form gives current project leaders an easy way of handing over project administration information to individuals wishing to take over a project.

* [http://www.tfaforms.com/264413 Project Review Application]:This form is for current project leaders to request a review of their project based on OWASP graduation criteria. The aim is to designate an OWASP volunteer to review these projects within 3 months time.

* [http://www.tfaforms.com/264418 Project Donation Application]:This form is for projects outside of the OWASP project infrastructure. Project Leaders for these open source projects can choose to partner or give their project to OWASP directly through this form.

* [http://www.tfaforms.com/264428 Project Adoption Request]:This form is used when someone is interested in adopting an archived project.

* [http://www.tfaforms.com/264426 Project Abandonment Request]:The OWASP project abandonment form gives current project leaders an easy way of letting the OWASP Foundation know that they wish to resign their project leader duties. This form should be used when no replacement project leader exists to take over these duties.

* [http://www.tfaforms.com/264392 Incubator Project Graduation Application]:This application form is for Incubator Projects to apply for Labs Project status.

= Project Assessments =

==OWASP Project Lifecycle==
The OWASP Projects Lifecycle represents a balance between keeping a very loose structure around OWASP projects, and ensuring that OWASP consumers are not confused about a project’s maturity and quality. The lifecycle stage allows consumers to easily identify mature projects, and projects that are proofs of concept, experimental, and classified as prototypes in their current state. The greater the maturity of the project, the greater the level of responsibility for the project leader. These responsibilities are not trivial as OWASP provides incentives and benefits (Section 7) for projects who take on these added responsibilities.

'''The OWASP Project Lifecycle is broken down into the following stages:'''

'''Incubator Projects:''' OWASP Incubator projects represent the experimental playground where projects are still being designed, ideas are still being proven, and development is still underway. The “OWASP Incubator” label allows OWASP consumers to readily identify a project’s maturity; moreover, the label allows project leaders to leverage the OWASP name while their project is still maturing. OWASP Incubator projects are given a place on the OWASP Projects Portal to leverage the organizations' infrastructure, and establish their presence and project history.

'''Labs Projects:''' OWASP Labs projects represent projects that have produced a deliverable of significant value. Leaders of OWASP Labs projects are expected to stand behind the quality of their projects as these projects have matured to the point where they are accepted by a significant portion of the OWASP community. While these projects are typically not production ready, the OWASP community expects that an OWASP Labs project leader is producing releases that are ready for mainstream usage. OWASP Labs Projects are meant to be the collection of established projects that have gained community support and acclaim by undergoing the project review process.

'''Flagship Projects:''' The OWASP Flagship designation is given to projects that have demonstrated superior maturity, established quality, and strategic value to OWASP and application security as a whole. Eligible projects are selected from the OWASP Labs project pool. This selection process generally ensures that there is only one project of each type covering any particular security space. OWASP Flagship projects represent projects that are not only mature, but are also projects that OWASP as an organization provides direct support to maintaining. The core mission of OWASP is to make application security visible and so as an organization, OWASP has a vested interest in the success of its Flagship projects. Since Flagship projects have such high visibility, these projects are expected to uphold the most stringent requirements of all OWASP Projects.

== OWASP Project Stage Benefits==
This section outlines the benefits of starting an OWASP project, and the benefits of being at each different stage in the projects lifecycle. In my short time here at OWASP as the PM, I have had several potential project leaders ask me what the benefits are of starting their project with OWASP. Below is my proposal for each Stage’s benefits.

'''Incubator'''
* Financial Donation Management Assistance
* Project Review Support
* WASPY Awards Nominations
* OWASP OSS and OPT Participation
* Opportunity to submit proposal: $500 for Development.
* Community Engagement and Support
* Recognition and visibility of being associated with the OWASP Brand.

'''Labs'''
* All benefits given to Incubator Projects
* Technical Writing Support
* Graphic Design Support
* Project Promotion Support
* OWASP OSS and OPT: Preference

'''Flagship'''
* All benefits given to Incubator & Labs Projects
* Grant finding and proposal writing help
* Yearly marketing plan development
* OWASP OSS and OPT participation preference

For more detailed information on OWASP Project Stage Benefits, please see the 2013 Project Handbook.

== OWASP Project Graduation==
The Project Graduation Process is an optional process undertaken at the request of a project leader using the Incubator Graduation Form. The purpose of this process is to move a project from the OWASP Incubator into the OWASP Labs. In order to be considered for OWASP Labs, an Incubator project must have submitted an OWASP reviewed deliverable, and obtained at least two (2) positive responses for each of the core criteria project health questions.

The review centers around the following core questions. Each core question has three (3) specific questions made up of binary queries. A project must receive at least two (2) positive responses from each reviewer in two of the binary questions, to warrant a postive response for the core question. Each core question must receive a positive response from both project reviewers to pass the Project Health Assessment for Incubator Projects.

* [https://docs.google.com/spreadsheet/ccc?key=0AllOCxlYdf1AdG5NZGhzTjZpT1RDcnRibjd0aXhfOUE Project Graduation Criteria Checklist]

==OWASP Project Health Assessment==
The Project Health Assessment is an optional process undertaken at the request of a project leader when he/she applies for Project Graduation The purpose of this assessment is to determine whether a project meets the minimum criteria of an OWASP Project outlined in the [https://docs.google.com/spreadsheet/ccc?key=0AllOCxlYdf1AdG5NZGhzTjZpT1RDcnRibjd0aXhfOUE Project Health Assessment Criteria Document]. If a project passes the assessment, it then becomes eligible to graduate into the OWASP Labs Project stage. In order to be considered for OWASP Labs, an Incubator project must have submitted an OWASP reviewed deliverable, and obtained at least two (2) positive responses for each of the core criteria project health questions.

==OWASP Project Deliverable/Release Assessment==
The Project Deliverable/Release Review is an optional process undertaken at the request of a project leader using the Project Deliverable Review Form. The purpose of this process is to review a project’s progress, and to make sure the project is heading in the right direction based on the roadmap they provided at project inception.

Reviews must be performed by two (2) OWASP Chapter or Project Leaders, and their review must answer affirmatively to at least the first two (2) core Project Deliverable/Release Review questions. A project must pass the OWASP Project Deliverable/Release Assessment in order to graduate into the OWASP Labs Project stage.

* [https://docs.google.com/spreadsheet/ccc?key=0AllOCxlYdf1AdG5NZGhzTjZpT1RDcnRibjd0aXhfOUE Project Deliverable/Release Assessment Criteria Checklist]

= Brand Resources =


==The Brand Usage Rules==
OWASP's philosophy is that achieving security involves all parts of an organization, including people, process, and technology. We support the use of our brand consistent with this philosophy. However, we cannot allow the use of our brand when it implies something inconsistent with OWASP's comprehensive and balanced approach to application security. Therefore, we have defined these brand usage rules to clarify appropriate and inappropriate uses of the OWASP brand, including our name, domain, logos, project names, and other trademarks.

The Brand Guideline documents and rules below provide details and instruction on how to use the OWASP logo and brand. The quick reference sheet goes over the basics of the OWASP brand logo and a brief overview of customizable options. The Brand Guidelines document gives the entire description of the OWASP brand, its public use, and the options to customize the logo based on personal desire. The guidelines cover the OWASP signature, size and spacing, colors, imagery, and typefaces.

==Rules==

The following rules make reference to the OWASP Materials, meaning any tools, documentation, or other content from OWASP. The rules also make reference to "OWASP Published Standards" which are currently in the process of being developed and released. Currently there are no OWASP Published Standards.

#The OWASP Brand may be used to direct people to the OWASP website for information about application security.
#The OWASP Brand may be used in commentary about the materials found on the OWASP website.
#The OWASP Brand may be used by OWASP Members in good standing to promote a person or company's involvement in OWASP.
#The OWASP Brand may be used in association with an application security assessment only if a complete and detailed methodology, sufficient to reproduce the results, is disclosed.
#The OWASP Brand must not be used in a manner that suggests that The OWASP Foundation supports, advocates, or recommends any particular product or technology.
#The OWASP Brand must not be used in a manner that suggests that a product or technology is compliant with any OWASP Materials other than an OWASP Published Standard.
#The OWASP Brand must not be used in a manner that suggests that a product or technology can enable compliance with any OWASP Materials other than an OWASP Published Standard.
#The OWASP Brand must not be used in any materials that could mislead readers by narrowly interpreting a broad application security category. For example, a vendor product that can find or protect against forced browsing must not claim that they address all of the access control category.
#The OWASP Brand may be used by special arrangement with The OWASP Foundation.

==Project Icons & Templates==

The templates and icons below are the files used for our OWASP Projects. Here you will find icons that you can place on your wiki template to let viewers know what type of project they are looking at, and what stage the project is in. The operational OWASP Project wiki template can be copied onto another project page. If you require more assistance with these files and/or templates, please contact the OWASP staff for assistance

'''[https://www.owasp.org/index.php/OWASP_Operations_Project_Template OWASP Operational Wiki Template]'''

'''[https://www.owasp.org/index.php/OWASP_Documentation_Project_Template OWASP Example Template: DO NOT EDIT]'''

[[Image:OWASP_Project_Header.jpg|Owasp logo|500px]]

[[Image:Project_Type_Files_TOOL.jpg|Owasp logo|200px]] [[Image:Project_Type_Files_DOC.jpg||Owasp logo 1c|200px]]

[[Image:Project_Type_Files_CODE.jpg|Owasp logo|200px]] [[Image:Owasp-defenders-small.png|Owasp logo|100px]] [[Image:Owasp-builders-small.png|Owasp logo|100px]] [[Image:Owasp-breakers-small.png|Owasp logo|100px]]

[[Image:Owasp-incubator-trans-200.png|Owasp logo rev icon|100px]] [[Image:Owasp-labs-trans-85.png|Owasp logo flat|100px]] [[Image:Owasp-flagship-trans-85.png|Owasp logo icon|100px]]

===OpenSAMM===
'''[https://owasp.org/images/5/53/OpenSAMM_icons.zip OpenSAMM Icons]'''

'''Construction:'''

[[Image:Construction black.png| Construction black| 100px]] [[Image:Construction blue.png| Construction blue| 100px]] [[image:Construction olive.png |construction olive|100px]]

'''Deployment:'''

[[image:Deployment black.png| Deployment black| 100px]] [[image:Deployment blue.png| Deployment blue| 100px]] [[image:Deployment olive.png | Deployment olive| 100px]]

'''Governance:'''

[[image:Governance black.png| governance black| 100px]] [[image:Governance blue.png | governance blue | 100px]] [[image:Governance olive.png | governance olive| 100px]]

'''Verification:'''

[[image:Verification black.png | Verification black | 100px]] [[image:Verification blue.png | verification blue | 100px]] [[image: Verification olive.png | Verification olive | 100px]]

==Book Cover Files==

[https://www.owasp.org/images/d/d3/Lulu-guide.pdf Lulu Guide]

Below you will find the Adobe Illustrator, Photoshop, and In-Design files for past OWASP Documentation books. You will need a copy of Adobe Creative Suite to edit these files. If you want to use these templates, but do not have Adobe Creative Suite, please contact the OWASP staff for assistance.

'''[https://www.dropbox.com/s/h27gsbe5m7idg0y/Finished%20Covers.zip Download the Book Cover Zip File]'''
{|
|-
! width="500" align="center" | 
! width="300" align="center" | 
|-
| align="center" | [[Image:BookImage_01.jpg‎|500px| link=https://www.dropbox.com/s/h27gsbe5m7idg0y/Finished%20Covers.zip]]
| align="center" |

|}

= Terminology =

== OWASP Project Infrastructure ==

*'''OWASP Project Lifecycle:''' The OWASP Projects Lifecycle represents a balance between keeping a very loose structure around OWASP projects, and ensuring that OWASP consumers are not confused about a project’s maturity and quality. The lifecycle stage allows consumers to easily identify mature projects, and projects that are proofs of concept, experimental, and classified as prototypes in their current state.

*'''Incubator Project:''' OWASP Incubator projects represent the experimental playground where projects are still being fleshed out, ideas are still being proven, and development is still underway. The “OWASP Incubator” label allows OWASP consumers to readily identify a project’s maturity. The label also allows project leaders to leverage the OWASP name while their project is still maturing.

*'''Labs Project:''' OWASP Labs projects represent projects that have produced a deliverable of value. While these projects are typically not production ready, the OWASP community expects that an OWASP Labs project leader is producing releases that are at least ready for mainstream usage.

*'''Flagship Project:''' The OWASP Flagship designation is given to projects that have demonstrated strategic value to OWASP and application security as a whole.

*'''Project Benefits:''' The standard list of resources and incentives made available to project leaders based on their project's current maturity level.

== OWASP Project Reviews ==

*'''Project Reviews:''' Project reviews are the method OWASP uses to establish a minimal baseline of project characteristics and release quality. Reviews are not mandatory, but they are necessary if a project leader wishes to graduate to the next level of maturity within the OWASP Global Projects infrastructure. Projects can be reviewed when an Incubator project wishes to graduate into the OWASP Labs designation, and project releases can be reviewed if they want the quality of their deliverable to be vouched for by OWASP.

*'''Project Reviewer Pool:''' The project reviewer pool is made up of veteran reviewers who have proven themselves dedicated to executing quality reviews of projects.

*'''Project Graduation:''' The Project Graduation Process is an optional process undertaken at the request of a project leader using the Incubator Graduation Form. The purpose of this process is to move a project from the OWASP Incubator into the OWASP Labs.

*'''Project Health Assessment:''' The Project Health Assessment is an optional process undertaken at the request of a project leader when he/she applies for Project Graduation The purpose of this assessment is to determine whether a project meets the minimum criteria of an OWASP Project outlined in the [https://docs.google.com/a/owasp.org/spreadsheet/ccc?key=0AllOCxlYdf1AdG5NZGhzTjZpT1RDcnRibjd0aXhfOUE#gid=1 Project Health Assessment Criteria Document].

*'''Project Release:''' A project release refers to the final deliverable a project produces. It is the final product of the project.

*'''Project Deliverable/Release Review:''' The Project Deliverable/Release Review is an optional process undertaken at the request of a project leader using the Project Deliverable Review Form. The purpose of this process is to review a project’s progress, and to make sure the project is heading in the right direction based on the roadmap they provided at project inception.

== OWASP Projects Processes ==

*'''Project Processes:''' The set of streamlined processes that exist to help projects move smoothly through the OWASP Project Lifecycle.

*'''Project Inception Process:''' The Project Inception Process is how a brand new idea becomes an OWASP Project. Such projects are labeled as OWASP Incubator projects. The process involves submitting the proposed project name, project leader information, project description, project roadmap, and selecting an appropriate open-source license for the project using the New Project Form on the Projects Portal.

*'''Project Donation Process:''' The Project Donation Process is used for a project that has an existing functional release, but is not currently associated with OWASP. This process is the primary mechanism by which individuals or organizations can transfer the ownership of their project’s copyright to OWASP.

*'''Project Transition Process:''' The Project Transition Process is used to transition leadership of a project to a new project leader. This is a simple automated process to transfer the relevant accounts, mailing lists, and other project resources to the new project leader.

*'''Project Abandonment Process:''' The Project Abandonment Process was put in place for those occasions in which a project leader is no longer able to manage their project, and has not been able to find a suitable replacement for the leader role. Project Abandonment can also occur when the project leader feels his/her project has become obsolete. Under these circumstances, the acting project leader is encourage do submit the Project Abandonment Form found in the Projects Portal.

*'''Incubator Graduation Process:''' The Incubator Graduation Process is an optional process undertaken at the request of a project leader using the Incubator Graduation Form. The purpose of this process is to move a project from the OWASP Incubator into the OWASP Labs.

== Projects at Conferences ==

*'''AppSec Conferences:''' OWASP AppSec conferences bring together industry, government, security researchers, and practitioners to discuss the state of the art in application security. This series was launched in the United States in 2004 and Europe in 2005. Global AppSec conferences are held annually in North America, Latin America, Europe, and Asia Pacific.

*'''Open Source Showcase:''' The Open Source Showcase is an OWASP AppSec Conference event module designed to give Open Source project leaders the opportunity to demo their projects.

*'''OWASP Project Track:''' The OWASP Project Track is an OWASP AppSec Conference event module designed to give OWASP Project leaders the opportunity to showcase their projects as an official conference presenter.

== OWASP Projects General ==

*'''OWASP Code of Ethics:''' The OWASP Code of Ethics are the set of guidelines and principles that the OWASP Foundation expects all of its members and conference attendees to abide by. A copy of the Code of Ethics can be found here in the [https://www.owasp.org/index.php/About_The_Open_Web_Application_Security_Project#Code_of_Ethics OWASP About page].

= Sponsorships and Donations =


==Donate to OWASP Global Projects ==
OWASP Projects, a global division of the OWASP Foundation, is run under the same world wide not-for-profit charitable status as all the foundation strategic groups. OWASP provides a platform for contributors to share their work while providing them with the project and community support they need throughout their project development. All OWASP Projects are run by volunteers and they rely on personal donations and sponsorship to continue their development. Donate to OWASP Projects, and we promise to spend your money wisely on open source initiatives.

'''This is how your money can help:'''

* $20 could help us spread the word on the importance of open source initiatives in the Application Security industry.
* $100 could help fund OWASP project demos at major conferences.
* $250 could help get our volunteer Project Leaders to speaking engagements.

[[Image:Donate_Button.jpg | link=http://www.regonline.com/Register/Checkin.aspx?EventID=1044369]]

= PM Information =


==Samantha Groves: OWASP Program Manager: OWASP Projects==
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Sam3.jpg|100px]]
| align="justify" |Samantha Groves is the Program Manager at OWASP for our Global Projects. Samantha has led many projects in her career, some of which include website development, brand development, sustainability and socio-behavioral research projects, competitor analysis, event organization and management, volunteer engagement projects, staff recruitment and training, and marketing department organization and strategy implementation projects for a variety of commercial and not-for-profit organizations. She is eager to begin her work at OWASP and help the organization reach its project completion goals.

Samantha earned her MBA in International Management with a concentration in sustainability from Royal Holloway, University of London. She earned her Bachelor's degree majoring in Multimedia from The University of Advancing Technology in Mesa, Arizona, and she earned her Associate's degree from Scottsdale Community College in Scottsdale, Arizona. Additionally, Samantha attained her Prince2 (Foundation) project management certification, and she undertook executive management training in Intellectual Property Strategy from Harvard Business School. [https://www.owasp.org/index.php/Test2test .]

Please see the [https://www.owasp.org/index.php/OwaspPM OWASP Program Manager: Projects Role Description] for more information.

|}
 

==Program Reports==

'''2014'''

*[https://www.owasp.org/index.php/Projects/Reports/2014-10-01 Project Manager Report: January 10 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-17-01 Project Manager Report: January 17 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-25-01 Project Manager Report: January 25 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-31-01 Project Manager Report: January 31 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-07-02 Project Manager Report: February 07 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-16-02 Project Manager Report: February 16 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-21-02 Project Manager Report: February 21 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-28-02 Project Manager Report: February 28 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-07-03 Project Manager Report: March 07 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-14-03 Project Manager Report: March 14 2014]
*Project Manager Report: March 21 2014 - No Report this week. PM was away at AppSec APAC 2014.
*[https://www.owasp.org/index.php/Projects/Reports/2014-28-03 Project Manager Report: March 28 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-04-04 Project Manager Report: April 04 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-11-04 Project Manager Report: April 11 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-18-04 Project Manager Report: April 18 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-25-04 Project Manager Report: April 25 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-02-05 Project Manager Report: May 02 2014]
*Project Manager Report: May 09 2013 - No Report this week. On Holiday.
*Project Manager Report: May 16 2013 - No Report this week. On Holiday.
*[https://www.owasp.org/index.php/Projects/Reports/2014-23-05 Program Manager Report: May 23 2014]
*Project Manager Report: May 30 2013 - No Report this week. On Holiday.
*[https://www.owasp.org/index.php/Projects/Reports/2014-06-06 Program Manager Report: June 06 2014]

'''2013'''

*[https://www.owasp.org/index.php/GPC/Meetings/2013-04-01 GPC Meeting: January 04 2013 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-11-01 GPC Meeting: January 11 2013 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-18-01 GPC Meeting: January 18 2013 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-25-01 GPC Meeting: January 25 2013 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-01-02 GPC Meeting: February 01 2013 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-08-02 GPC Meeting: February 08 2013 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-15-02 GPC Meeting: February 15 2013 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-22-02 GPC Meeting: February 22 2013 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-01-03 Project Manager Report: March 01 2013]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-08-03 Project Manager Report: March 08 2013]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-15-03 Project Manager Report: March 15 2013]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-22-03 Project Manager Report: March 22 2013]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-29-03 Project Manager Report: March 29 2013]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-05-04 Project Manager Report: April 05 2013]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-12-04 Project Manager Report: April 12 2013]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-19-04 Project Manager Report: April 19 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-26-04 Project Manager Report: April 26 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-03-05 Project Manager Report: May 03 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-10-05 Project Manager Report: May 10 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-17-05 Project Manager Report: May 17 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-24-05 Project Manager Report: May 24 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-31-05 Project Manager Report: May 31 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-07-06 Project Manager Report: June 07 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-14-06 Project Manager Report: June 14 2013]
*Project Manager Report: June 21 2013 - No Report this week. PM was away at a week long course.
*[https://www.owasp.org/index.php/Projects/Reports/2013-28-06 Project Manager Report: June 28 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-05-07 Project Manager Report: July 05 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-12-07 Project Manager Report: July 12 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-19-07 Project Manager Report: July 19 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-26-07 Project Manager Report: July 26 2013]
*Project Manager Report: August 02 2013 - No Report this week. PM was away at Black Hat & DEFCON 2013.
*[https://www.owasp.org/index.php/Projects/Reports/2013-09-08 Project Manager Report: August 09 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-16-08 Project Manager Report: August 16 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-23-08 Project Manager Report: August 23 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-30-08 Project Manager Report: August 30 2013]
*Project Manager Report: September 06 2013 - No Report this week. PM was away.
*[https://www.owasp.org/index.php/Projects/Reports/2013-13-09 Project Manager Report: September 13 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-20-09 Project Manager Report: September 20 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-27-09 Project Manager Report: September 27 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-04-10 Project Manager Report: October 04 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-12-10 Project Manager Report: October 12 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-18-10 Project Manager Report: October 18 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-25-10 Project Manager Report: October 25 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-01-11 Project Manager Report: November 01 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-08-11 Project Manager Report: November 08 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-15-11 Project Manager Report: November 15 2013]
*Project Manager Report: November 22 2013 - No Report this week. PM was away at AppSec USA 2013.
*Project Manager Report: November 29 2013 - No Report this week. National Holiday.
*[https://www.owasp.org/index.php/Projects/Reports/2013-06-12 Project Manager Report: December 06 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-13-12 Project Manager Report: December 13 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-20-12 Project Manager Report: December 20 2013]

'''2012'''

*[https://www.owasp.org/index.php/GPC/Meetings/2012-24-08 GPC Meeting: August 24 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-07-09 GPC Meeting: September 07 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-14-09 GPC Meeting: September 14 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-21-09 GPC Meeting: September 21 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-28-09 GPC Meeting: September 28 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-05-10 GPC Meeting: October 05 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-12-10 GPC Meeting: October 12 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-19-10 GPC Meeting: October 19 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-09-11 GPC Meeting: November 09 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-16-11 GPC Meeting: November 16 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-30-11 GPC Meeting: November 30 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-07-12 GPC Meeting: December 07 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-14-12 GPC Meeting: December 14 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-21-12 GPC Meeting: December 21 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-27-12 GPC Meeting: December 27 2012 Project Manager Report]

==Board Meeting Reports==

*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/August_13_2012 Board Meeting: August 2012 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/September_10_2012 Board Meeting: September 2012 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/October_08_2012 Board Meeting: October 2012 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/November_12_2012 Board Meeting: November 2012 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/December_10_2012 Board Meeting: December 2012 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/January_14_2013 Board Meeting: January 2013 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/February_11_2013 Board Meeting: February 2013 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/March_11_2013 Board Meeting: March 2013 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/April_05_2013 Board Meeting: April 2013 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/May_13_2013 Board Meeting: May 2013 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/June_10_2013 Board Meeting: June 2013 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/July_08_2013 Board Meeting: July 2013 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/August_06_2013 Board Meeting: August 2013 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/September_09_2013 Board Meeting: September 2013 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/November_06_2013 Board Meeting: November 2013 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/December_03_2013 Board Meeting: December 2013 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/February_18_2013 Board Meeting: February 2014 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/April_18_2014 Board Meeting: April 2014 Project Manager Report]

==Project Funds==

* [https://docs.google.com/a/owasp.org/spreadsheet/pub?hl=en_US&hl=en_US&key=0Atu4kyR3ljftdEdQWTczbUxoMUFnWmlTODZ2ZFZvaXc&output=html Chapter and Individual Project Funds]
* [https://www.owasp.org/index.php/Projects_Reboot_2012 Project Reboot 2012 Information]
* [https://www.owasp.org/images/a/ae/Project_Funds-Q1_2013.pdf Q1 2013: Funds Allocated to Projects]
* [https://www.owasp.org/images/a/a0/PROJECT_FUNDS_Q2_2013.pdf Q2 2013: Funds Allocated to Projects]
* [https://www.owasp.org/images/c/ce/Due_To_Projects_Q3.pdf Q3 2013: Funds Allocated to Projects]
* [https://www.owasp.org/images/b/b3/Due_To_Projects_Q4_2013.pdf Q4 2013: Funds Allocated to Projects]

==Program Grants: Proposals Awarded==

*'''[https://docs.google.com/document/d/1MA3TI5ssclxvheV8At_ffu2Fuic55SDpOokS3AOvBUc/edit?usp=sharing OWASP Guidebooks Proposal]'''
# Amount: $25,000 USD
# Status: Awarded. The first payment has been allocated to our project budgets. The second invoice has now been sent to Georgia Tech and payment has been received.
# [https://www.owasp.org/images/1/18/Development_Guide_Project_Gantt.pdf OWASP Development Guide Plan]
# [https://www.owasp.org/images/e/e9/Testing_Guide_Project_Gantt.pdf OWASP Testing Guide Plan]
# [https://www.owasp.org/images/d/da/Code_Review_Project_Gantt.pdf OWASP Code Review Guide Plan]

*'''Google Grants Proposal'''
#Amount: $120,000 USD in Adwords Funds
#Status: Awarded.
#Note: There is no link to show the proposal for this grant. There was a form that was submitted to Google, and we did not receive a record of this form.

*'''Google Summer of Code'''
#Amount: $5,500
#Status: Awarded

*'''Projects breakdown:'''
**4 ZAP Projects: $2,000
**4 OWTF Projects: $2,000
**1 PHP Security Project: $500
**1 Hackademics Project: $500
**1 Modsecurity Project: $500
**Note: Big thank you to Fabio Cerullo for coordinating and managing this award.

*'''[https://docs.google.com/document/d/1cFbmOLqEQQG8eXPrMTlU6JUivgRIacUeL7D599bZm_E/edit?usp=sharing OWASP AppSensor Grant Proposal]'''
# Amount: $15,000 USD
# Status: Awarded.

*'''Total Funds Awarded: $172,170 USD for 2013.'''

==Proposals Denied==

*'''European Commission Grant Proposal'''
#Amount: €250,000
#Status: Denied.

*'''[https://docs.google.com/document/d/1Vz7BLFdt1h5AhmW-Zc2B_KlqhzsSkSAaEASML5U4VQs/edit?usp=sharing OWASP OpenSAMM Grant Proposal]'''
# Amount: $112,000 USD
# Status: Denied

*'''[https://docs.google.com/document/d/16ZFXaML8C7aDAZdyTMDDg4BzLr1vUTOz9eqmYE8ZW8U/edit?usp=sharing OWASP ESAPI Grant Proposal]'''
# Amount: $25,000 USD
# Status: Denied

*'''[https://docs.google.com/document/d/1dBTaRr-yl8wGhGKxacWACznZhCZnJ_sZeAdN-b2xPlw/edit?usp=sharing OWASP ModSecurity CRS Proposal]'''
#Amount: $30,000 USD
#Status: Denied

*'''[https://docs.google.com/file/d/0B1lOCxlYdf1AQm52T2xjX215M28/edit?usp=sharing OWASP OWTF Grant Proposal]'''
# Amount: $55,800 USD
# Status: Denied

==Program Presentations: Projects==

* [https://www.owasp.org/images/f/fb/OWASP_GLOBAL_PROJECTS.pdf OWASP Projects Presentation: Phoenix Chapter Talk]
* [https://www.owasp.org/images/b/bb/OWASP_Projects_Webinar.pdf OWASP Projects Webinar]
* [https://www.owasp.org/images/1/19/OWASP_PROJECTS_SOLUTIONS.pdf OWASP Project Infrastructure: Solutions]

==Program Manger's Quarterly Strategic Objectives==

'''[https://docs.google.com/document/d/1g9jJImMr0p6fLqixOJIXtrNvGtycmI7-ofT54vWExwo/edit?usp=sharing Goals and Objectives: 2013 Q4]'''
#Finish planning Project Summit & Execute Summit at AppSec USA.
#Develop & Finish Global Projects Strategy for 2014: Includes Budget
#Finish Fundraising Strategy for 2014: Includes Budget

*'''Ongoing Objectives for 2013'''
**Quarterly Report to DHS
**Continue helping leaders reach their grant required milestones
**Finalise graphic design delivery from Patrick: 2 pieces to go.

'''[https://docs.google.com/a/owasp.org/document/d/1wziu7cIMmnYZQ_fMxjNd614e0OWNacZLmcyQl7zWnZU/edit?usp=sharing Goals and Objectives: 2013 Q3]'''
#Marketing: Work with Sarah to solicit feedback from community on Marketing deliverables and finalize relationship with Patrick and Denita.
#Project Review Process - Work with new Technical Project advisors to finalize project review criteria and process.
#Grants: Develop a grant strategy for rest of 2013 and 2014, utilizing fundraising intern(s) as part of this strategy.

*'''Ongoing Objectives for 2013'''
**Work with Project leaders to reach grant required milestones - ONGOING
**Develop a project charter outlining appropriate grant revenue spending and grant required milestones. - DUE IN SEPTEMBER - ONGOING
**Oversight of Marketing and Graphic Design deliverables (Phase 2/Phase 3) provided by 3rd party contractor

==Contact the Program Manager==

If you need any help with anything projects related, or if you simply need some more information, please do not hesitate to contact the [http://owasp4.owasp.org/contactus.html OWASP Projects Manager, Samantha Groves].


= Contact US =


==OWASP Representation==
* [[User:Samantha Groves|Samantha Groves]]: OWASP Program Manager: OWASP Projects

If you need any help with anything projects related, or if you simply need some more information, please do not hesitate to contact the [http://owasp4.owasp.org/contactus.html OWASP Projects Manager, Samantha Groves].


<headertabs />

File:Education-project.png

2014-06-06T21:04:38Z

Samantha Groves:

Projects/Reports/2014-06-06

2014-06-05T20:27:33Z

Samantha Groves: Created page with "=PROJECT METRICS= <div style="width:100%;height:160px;border:0,margin:0;overflow: hidden;">link=</div> ==Metrics== *'''[https://docs.googl..."

Category:OWASP Project

2014-06-05T20:27:07Z

Samantha Groves:

__NOTOC__
{|
|-
! width="700" align="center" | 
! width="500" align="center" | 
|-
| align="right" | [[Image:Owasp_banner_web_pro.jpg|800px| link=https://www.owasp.org/index.php/Category:OWASP_Project]]
| align="right" |

|}

= Welcome =
{| style="width: 100%;"
|-
| style="width: 100%; color: rgb(0, 0, 0);" |
{| style="border: 0px solid ; background: transparent none repeat scroll 0% 0%; width: 100%; -moz-background-clip: border; -moz-background-origin: padding; -moz-background-inline-policy: continuous;"
|-
| style="width: 95%; color: rgb(0, 0, 0);" |


=== OWASP Project Inventory ===

All OWASP tools, document, and code library projects are organized into the following [https://www.owasp.org/index.php/OWASP_Project_Stages categories:]

* '''[https://www.owasp.org/index.php/OWASP_Project_Inventory#Flagship_Projects Flagship Projects:]''' The OWASP Flagship designation is given to projects that have demonstrated strategic value to OWASP and application security as a whole.

* '''[https://www.owasp.org/index.php/OWASP_Project_Inventory#Labs_Projects Lab Projects:]''' OWASP Labs projects represent projects that have produced an OWASP reviewed deliverable of value.

* '''[https://www.owasp.org/index.php/OWASP_Project_Inventory#Incubator_Projects Incubator Projects:]''' OWASP Incubator projects represent the experimental playground where projects are still being fleshed out, ideas are still being proven, and development is still underway.

=== Welcome to the OWASP Global Projects Page ===

An OWASP project is a collection of related tasks that have a defined roadmap and team members. OWASP project leaders are responsible for defining the vision, roadmap, and tasks for the project. The project leader also promotes the project and builds the team. OWASP currently has over 142 active projects, and new project applications are submitted every week.

This is one of the most popular divisions of OWASP as it gives members an opportunity to freely test theories and ideas with the professional advice and support of the OWASP community. Every project has an associated mail list. You can view all the lists, examine their archives, and subscribe to any project by visiting the [http://lists.owasp.org/mailman/listinfo OWASP Project Mailing Lists] page. A summary of recent project announcements is available on the [[OWASP Updates]] page.

'''[https://www.owasp.org/images/d/d8/PROJECT_LEADER-HANDBOOK_2014.pdf Download the OWASP Project Handbook 2014]'''

'''[https://www.owasp.org/index.php/OWASP_2014_Project_Handbook OWASP Project Handbook Wiki 2014]'''

'''[https://www.owasp.org/images/6/6a/OWASP_Projects_Handbook_2013.pdf Download the OWASP Projects Handbook 2013]'''

'''[http://www.tfaforms.com/263506 Start a New OWASP Project]'''

'''[https://www.owasp.org/index.php/Project_Online_Resources Project Online Resources]'''

=== Who Should Start an OWASP Project? ===

*Application Developers.
*Software Architects.
* Information Security Authors.
*Those who would like the support of a world wide professional community to develop or test an idea.
*Anyone wishing to take advantage of the professional body of knowledge OWASP has to offer.

=== Contact Us===

If you have any questions, please do not hesitate to contact the [http://owasp4.owasp.org/contactus.html OWASP Projects Manager, Samantha Groves] by using the form provided here. Please allow five working days for your question or comment to be answered. This is due to the large amount of queries the foundation staff receive every day. We thank you for your patience.

=== Social Media ===

We recommend using the links below to find our official OWASP social media channels. These are a great way to keep in touch with the different initiatives going on at OWASP throughout the world. They are all updated regularly by chapter leaders, project leaders, the OWASP Board Members, and our OWASP Staff. If you have any questions or concerns about any of these accounts, please drop us a line using our [http://www.tfaforms.com/308703 "Contact Us"] form found above.

[[Image:Blogger-32x32.png|32px|link=http://owasp.blogspot.co.uk/]] [[Image:Twitter-32x32.png|32px|link=https://twitter.com/OWASP]] [[Image:Facebook-32x32.png|32px|link=https://www.facebook.com/groups/172892372831444/]] [[Image:Linkedin-32x32.png|32px|link=http://www.linkedin.com/groups/Global-OWASP-Foundation-36874]] [[Image:Google-32x32.png|32px|link=https://plus.google.com/u/0/communities/105181517914716500346?cfem=1]] [[Image:Ning-32x32.png|32px|link=http://myowasp.ning.com/]]





 

|}



| style="border: 3px solid rgb(204, 204, 204); vertical-align: top; width: 95%; font-size: 95%; color: rgb(0, 0, 0);" | 

                                                                                                                              [[Image:Passfault01.jpg‎|center|300px| link=https://www.owasp.org/index.php/OWASP_Passfault]]

[[Image:AppSecEU_2014.jpg|center|300px| link=https://2014.appsec.eu/]]

[[Image:New_initiatives.png|center|300px| link=http://owasp.force.com/volunteers/GW_Volunteers__VolunteersJobListing]]

[[Image:Donate_here_banner.png|center|300px| link=http://www.regonline.com/Register/Checkin.aspx?EventID=1044369]]

{|

| style="width: 110px; font-size: 95%; color: rgb(0, 0, 0);" |
|}

| style="width: 110px; font-size: 95%; color: rgb(0, 0, 0);" |
|}


= Project Inventory =


==Flagship Projects==

The OWASP Flagship designation is given to projects that have demonstrated strategic value to OWASP and application security as a whole.

'''Code'''

'''Tools'''

'''Documentation'''

==Labs Projects==

OWASP Labs projects represent projects that have produced a deliverable of value. While these projects are typically not production ready, the OWASP community expects that an OWASP Labs project leader is producing releases that are at least ready for mainstream usage.

'''Tools'''
* [https://www.owasp.org/index.php/OWASP_Broken_Web_Applications_Project OWASP Broken Web Applications Project]
* [https://www.owasp.org/index.php/Category:OWASP_CSRFTester_Project OWASP CSRFTester Project]
* [https://www.owasp.org/index.php/Category:OWASP_EnDe OWASP EnDe Project]
* [https://www.owasp.org/index.php/OWASP_Hackademic_Challenges_Project OWASP Hackademic Challenges Project]
* [https://www.owasp.org/index.php/OWASP_Mantra_-_Security_Framework OWASP Mantra Security Framework]
* [https://www.owasp.org/index.php/Category:OWASP_Mutillidae OWASP Mutillidae Project]
* [https://www.owasp.org/index.php/OWASP_O2_Platform OWASP O2 Platform]
* [https://www.owasp.org/index.php/Project_Information:template_Vicnum_Project OWASP Vicnum Project]
* [https://www.owasp.org/index.php/Category:OWASP_Wapiti_Project OWASP Wapiti Project]
* [https://www.owasp.org/index.php/Project_Information:template_Yasca_Project OWASP Yasca Project]
* [https://www.owasp.org/index.php/OWASP_OWTF OWASP OWTF]
* [https://www.owasp.org/index.php?title=OWASP_Web_Testing_Environment_Project OWASP Web Testing Environment Project]
* [https://www.owasp.org/index.php/Webgoat OWASP WebGoat Project]
* [https://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Project OWASP Zed Attack Proxy]

'''Documentation'''
* [https://www.owasp.org/index.php/OWASP_Appsec_Tutorial_Series OWASP AppSec Tutorial Series]
* [https://www.owasp.org/index.php/OWASP_AppSensor_Project OWASP AppSensor Project]
* [https://www.owasp.org/index.php/Category:OWASP_CTF_Project OWASP CTF Project]
* [https://www.owasp.org/index.php/Category:OWASP_Legal_Project OWASP Legal Project]
* [https://www.owasp.org/index.php/OWASP_Podcast OWASP Podcast Project]
* [https://www.owasp.org/index.php/Virtual_Patching_Best_Practices Virtual Patching Best Practices]
* [https://www.owasp.org/index.php/Category:OWASP_Application_Security_Verification_Standard_Project OWASP Application Security Verification Standard Project]
* [https://www.owasp.org/index.php/Category:OWASP_Code_Review_Project OWASP Code Review Guide Project]
* [https://www.owasp.org/index.php/OWASP_Codes_of_Conduct OWASP Codes of Conduct]
* [https://www.owasp.org/index.php/Category:OWASP_Guide_Project OWASP Development Guide Project]
* [https://www.owasp.org/index.php/OWASP_Secure_Coding_Practices_-_Quick_Reference_Guide OWASP Secure Coding Practices - Quick Reference Guide]
* [https://www.owasp.org/index.php/Category:Software_Assurance_Maturity_Model OWASP Software Assurance Maturity Model (SAMM)]
* [https://www.owasp.org/index.php/OWASP_Testing_Project OWASP Testing Guide Project]
* [https://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project OWASP Top Ten Project]

'''Code'''
* [https://www.owasp.org/index.php/Category:OWASP_AntiSamy_Project OWASP AntiSamy Project]
* [https://www.owasp.org/index.php/Category:OWASP_Enterprise_Security_API OWASP Enterprise Security API]
* [https://www.owasp.org/index.php/Projects/OWASP_ModSecurity_Core_Rule_Set_Project OWASP ModSecurity Core Rule Set Project]
* [https://www.owasp.org/index.php/Category:OWASP_CSRFGuard_Project OWASP CSRFGuard Project]

<div id="sammysam"></div>

==Incubator Projects==

OWASP Incubator projects represent the experimental playground where projects are still being fleshed out, ideas are still being proven, and development is still underway. The “OWASP Incubator” label allows OWASP consumers to readily identify a project’s maturity. The label also allows project leaders to leverage the OWASP name while their project is still maturing.

'''Code'''
* [https://www.owasp.org/index.php/Opa OWASP OPA]
* [https://www.owasp.org/index.php/OWASP_Java_Encoder_Project OWASP Java Encoder Project]
* [https://www.owasp.org/index.php/OWASP_JSON_Sanitizer OWASP JSON Sanitizer]
* [https://www.owasp.org/index.php/OWASP_Java_HTML_Sanitizer OWASP Java HTML Sanitizer Project]
* [https://www.owasp.org/index.php/OWASP_Java_XML_Templates_Project OWASP Java XML Templates Project]
* [https://www.owasp.org/index.php/OWASP_Passfault OWASP Passfault]
* [https://www.owasp.org/index.php/OWASP_Java_File_I_O_Security_Project OWASP Java File I/O Security Project]
* [https://www.owasp.org/index.php/OWASP_Security_Research_and_Development_Framework OWASP Security Research and Development Framework]
* [https://www.owasp.org/index.php/OWASP_Focus OWASP Focus]
* [https://www.owasp.org/index.php/OWASP_PHPRBAC_Project OWASP PHPRBAC Project]
* [https://www.owasp.org/index.php/OWASP_EJSF_Project OWASP EJSF Project]
* [https://www.owasp.org/index.php/OWASP_iMAS_iOS_Mobile_Application_Security_Project OWASP iMAS - iOS Mobile Application Security Project]
* [https://www.owasp.org/index.php/OWASP_RBAC_Project OWASP RBAC Project]
* [https://www.owasp.org/index.php/OWASP_PHP_Security_Project OWASP PHP Security Project]
* [https://www.owasp.org/index.php/OWASP_File_Format_Validation_Project OWASP File Format Validation Project]
* [https://www.owasp.org/index.php/OWASP_JAWS_Project OWASP JAWS Project]
* [https://www.owasp.org/index.php/OWASP_Node_js_Goat_Project OWASP Node.js Goat Project]
* [https://www.owasp.org/index.php/OWASP_System_Vulnerable_Code_Project OWASP System Vulnerable Code Project]
* [https://www.owasp.org/index.php/OWASP_ISO_IEC_27034_Application_Security_Controls_Project OWASP ISO/IEC 27034 Application Security Controls Project]
* [https://www.owasp.org/index.php/OWASP_Secure_Headers_Project OWASP Secure Headers Project]
* [https://www.owasp.org/index.php/OWASP_Hardened_Phalcon_Project OWASP Hardened Phalcon Project]
* [https://www.owasp.org/index.php/OWASP_Barbarus OWASP Barbarus]

'''Tools'''
* [https://www.owasp.org/index.php/OWASP_NAXSI_Project OWASP NAXSI Project]
* [https://www.owasp.org/index.php/OWASP_Passw3rd_Project OWASP Passw3rd Project]
* [https://www.owasp.org/index.php/Category:OWASP_WebGoat.NET OWASP WebGoat.NET]
* [https://www.owasp.org/index.php/OWASP_Path_Traverser OWASP Path Traverser]
* [https://www.owasp.org/index.php/OWASP_Watiqay OWASP Watiqay]
* [https://www.owasp.org/index.php/Projects/OWASP_Security_Shepherd/Roadmap OWASP Security Shepherd]
* [https://www.owasp.org/index.php/OWASP_Xenotix_XSS_Exploit_Framework OWASP Xenotix XSS Exploit Framework]
* [https://www.owasp.org/index.php/OWASP_Mantra_OS OWASP Mantra OS]
* [https://www.owasp.org/index.php/OWASP_XSSER OWASP XSSER]
* [https://www.owasp.org/index.php/OWASP_Academy_Portal_Project OWASP Academy Portal Project]
* [https://www.owasp.org/index.php/OWASP_ASIDE_Project OWASP ASIDE Project]
* [https://www.owasp.org/index.php/OWASP_iGoat_Project OWASP iGoat Project]
* [https://www.owasp.org/index.php/OWASP_SamuraiWTF_Project OWASP SamuraiWTF]
* [https://www.owasp.org/index.php/O-Saft O-Saft]
* [https://www.owasp.org/index.php/OWASP_OpenStack_Security_Project OWASP OpenStack Security Project]
* [https://www.owasp.org/index.php/OWASP_Bricks OWASP Bricks]
* [https://www.owasp.org/index.php/OWASP_Dependency_Check OWASP Dependency Check]
* [https://www.owasp.org/index.php/OWASP_Hive_Project OWASP Hive Project]
* [https://www.owasp.org/index.php/OWASP_Rails_Goat_Project OWASP Rails Goat Project]
* [https://www.owasp.org/index.php/OWASP_Bywaf_Project OWASP Bywaf Project]
* [https://www.owasp.org/index.php/OWASP_S.T.I.N.G_Project OWASP S.T.I.N.G Project]
* [https://www.owasp.org/index.php/OWASP_VaultDB_Project OWASP VaultDB Project]
* [https://www.owasp.org/index.php/OWASP_Mutillidae_2_Project OWASP Mutillidae 2 Project]
* [https://www.owasp.org/index.php/OWASP_Skanda_SSRF_Exploitation_Framework OWASP Skanda - SSRF Exploitation Framework]
* [https://www.owasp.org/index.php/OWASP_SeraphimDroid_Project OWASP SeraphimDroid Project]
* [https://www.owasp.org/index.php/OWASP_Androick_Project OWASP Androïck Project]
* [https://www.owasp.org/index.php/OWASP_SafeNuGet_Project OWASP SafeNuGet Project]
* [https://www.owasp.org/index.php/OWASP_WebSandBox_Project OWASP WebSandBox Project]
* [https://www.owasp.org/index.php/OWASP_Dependency_Track_Project OWASP Dependency Track Project]
* [https://www.owasp.org/index.php/OWASP_PHP_Portscanner_Project OWASP PHP Portscaner Project]
* [https://www.owasp.org/index.php/OWASP_Python_Security_Project OWASP Python Security Project]
* [https://www.owasp.org/index.php/OWASP_WebSpa_Project OWASP WebSpa Project]
* [https://www.owasp.org/index.php/OWASP_Financial_Information_Exchange_Security_Project OWASP Financial Information Exchange Security Project]
* [https://www.owasp.org/index.php/OWASP_NINJA_PingU_Project OWASP NINJA PingU Project]
* [https://www.owasp.org/index.php/OWASP_Encoder_Comparison_Reference_Project OWASP Encoder Comparison Reference Project]
* [https://www.owasp.org/index.php/Category:OWASP_SQLiX_Project OWASP sqliX Project]
* [https://www.owasp.org/index.php/OWASP_LAPSE_Project OWASP LAPSE Project]
* [https://www.owasp.org/index.php/Category:OWASP_Orizon_Project OWASP Orizon Project]
* [https://www.owasp.org/index.php/OWASP_WASC_Distributed_Web_Honeypots_Project OWASP WASC Distributed Web Honeypots Project]
* [https://www.owasp.org/index.php/OWASP_Click_Me_Project OWASP Click Me Project]
* [https://www.owasp.org/index.php/OWASP_Secure_TDD_Project OWASP Secure TDD Project]
* [https://www.owasp.org/index.php/OWASP_XSecurity_Project OWASP XSecurity Project]
* [https://www.owasp.org/index.php/OWASP_Pyttacker_Project OWASP Pyttacker Project]
* [https://www.owasp.org/index.php/OWASP_Code_Pulse_Project OWASP Code Pulse Project]
* [https://www.owasp.org/index.php/OWASP_HTTP_Post_Tool OWASP HTTP POST Tool]
*[https://www.owasp.org/index.php/OWASP_PHP_Security_Training_Project OWASP PHP Security Training Project]
*[https://www.owasp.org/index.php/Projects/OWASP_iOSForensic OWASP iOSForensic]

'''Documentation'''
* [https://www.owasp.org/index.php/OWASP_Data_Exchange_Format_Project OWASP Data Exchange Format Project]
* [https://www.owasp.org/index.php/Cheat_Sheets OWASP Cheat Sheets Project]
* [https://www.owasp.org/index.php/OWASP_Proactive_Controls OWASP Proactive Controls]
* [https://www.owasp.org/index.php/OWASP_Security_Baseline_Project OWASP Security Baseline Project]
* [https://www.owasp.org/index.php/Category:OWASP_Application_Security_Requirements_Project OWASP Application Security Requirements Project]
* [https://www.owasp.org/index.php/Category:OWASP_Application_Security_Assessment_Standards_Project OWASP Application Security Assessment Standards Project]
* [https://www.owasp.org/index.php/Category:OWASP_CBT_Project OWASP Computer Based Training Project (OWASP CBT Project)]
* [https://www.owasp.org/index.php/OWASP_Enterprise_Application_Security_Project OWASP Enterprise Application Security Project]
* [https://www.owasp.org/index.php/OWASP_Exams_Project OWASP Exams Project]
* [https://www.owasp.org/index.php/Projects/OWASP_GoatDroid_Project OWASP GoatDroid Project]
* [https://www.owasp.org/index.php/OWASP_RFP-Criteria OWASP Request For Proposal]
* [https://www.owasp.org/index.php/OWASP_University_Challenge OWASP University Challenge]
* [https://www.owasp.org/index.php/OWASP_Hacking_Lab OWASP Hacking-Lab]
* [https://www.owasp.org/index.php/OWASP_Application_Security_Awareness_Top_10_E-learning_Project OWASP Application Security Awareness Top 10 E-learning Project]
* [https://www.owasp.org/index.php/WASC_OWASP_Web_Application_Firewall_Evaluation_Criteria_Project WASC/OWASP Web Application Firewall Evaluation Criteria (WAFEC)]
* [https://www.owasp.org/index.php/ESAPI_Swingset OWASP ESAPI Swingset Project]
* [https://www.owasp.org/index.php/OWASP_Press OWASP Press]
* [https://www.owasp.org/index.php/OWASP_CISO_Survey OWASP CISO Survey]
* [https://www.owasp.org/index.php/OWASP_Application_Security_Guide_For_CISOs_Project OWASP Application Security Guide For CISOs]
* [https://www.owasp.org/index.php/OWASP_Scada_Security_Project OWASP Scada Security Project]
* [https://www.owasp.org/index.php/OWASP_Cornucopia OWASP Cornucopia]
* [https://www.owasp.org/index.php/OWASP_Secure_Application_Design_Project OWASP Secure Application Design Project]
* [https://www.owasp.org/index.php/OWASP_Top_10_Fuer_Entwickler_Project OWASP Top 10 Fuer Entwickler Project]
* [https://www.owasp.org/index.php/OWASP_Web_Application_Security_Quick_Reference_Guide_Project OWASP Web Application Security Quick Reference Guide Project]
* [https://www.owasp.org/index.php/OWASP_Supporting_Legacy_Web_Applications_in_the_Current_Environment_Project OWASP Supporting Legacy Web Applications in the Current Environment Project]
* [https://www.owasp.org/index.php/OWASP_Security_Principles_Project OWASP Security Principles Project]
* [https://www.owasp.org/index.php/OWASP_Media_Project OWASP Media Project]
* [https://www.owasp.org/index.php/OWASP_Global_Chapter_Meetings_Project OWASP Global Chapter Meetings Project]
* [https://www.owasp.org/index.php/OWASP_Vulnerable_Web_Applications_Directory_Project OWASP Vulnerable Web Applications Directory Project]
* [https://www.owasp.org/index.php/OWASP_Game_Security_Framework_Project OWASP Game Security Framework Project]
* [https://www.owasp.org/index.php/OWASP_Insecure_Web_Components_Project OWASP Insecure Web Components Project]
* [https://www.owasp.org/index.php/OWASP_Reverse_Engineering_and_Code_Modification_Prevention_Project OWASP Reverse Engineering and Code Modification Prevention Project]
* [https://www.owasp.org/index.php/OWASP_Student_Chapters_Program OWASP Student Chapters Project]
* [https://www.owasp.org/index.php/Category:OWASP_Education_Project OWASP Education Project]
* [https://www.owasp.org/index.php/Category:OWASP_Speakers_Project OWASP Speakers Project]
* [https://www.owasp.org/index.php/OWASP_Internet_of_Things_Top_Ten_Project OWASP Internet of Things Top Ten Project]
* [https://www.owasp.org/index.php/Category:OWASP_.NET_Project OWASP .NET Project]
* [https://www.owasp.org/index.php/OWASP_Research_Book_Project OWASP Research Book Project]
* [https://www.owasp.org/index.php/OWASP_Open_Cyber_Security_Framework_Project OWASP Open Cyber Security Framework Project]
* [https://www.owasp.org/index.php/OWASP_Top_10_Privacy_Risks_Project OWASP Top 10 Privacy Risks Project]
* [https://www.owasp.org/index.php/OWASP_WASC_Web_Hacking_Incidents_Database_Project OWASP WASC Web Hacking Incidents Database Project]
* [https://www.owasp.org/index.php/OWASP_Security_Frameworks_Project OWASP Security Frameworks Project]
* [https://www.owasp.org/index.php/OWASP_Incident_Response_Project OWASP Incident Response Project]
* [https://www.owasp.org/index.php/OWASP_Embedded_Application_Security OWASP Embedded Application Security]
* [https://www.owasp.org/index.php/OWASP_STING_Game_Project OWASP STING Game Project]
*[https://www.owasp.org/index.php/Projects/OWASP_Ruby_on_Rails_and_friends_Security_Guide OWASP Ruby on Rails and Friends Security Guide]
*[https://www.owasp.org/index.php/OWASP_Secure_Development_Training OWASP Secure Development Training]

==Donated Projects==

OWASP Donated Projects are inactive projects that have been donated to the OWASP Projects Infrastructure.

'''Tools'''

* [https://www.owasp.org/index.php/OWASP_Excess_XSS_Project OWASP Excess XSS Project]
* [https://www.owasp.org/index.php/OWASP_JOTP_Project OWASP jOTP Project]

==Inactive Projects==

'''Archived Projects'''

OWASP Archived Projects are inactive Labs projects. If you are interested in pursuing any of the projects below, please contact us and let us know of your interest.

* [https://www.owasp.org/index.php/Category:OWASP_Access_Control_Rules_Tester_Project OWASP Access Control Rules Tester Project]
* [https://www.owasp.org/index.php/Category:OWASP_Application_Security_Metrics_Project OWASP Application Security Metrics Project]
* [https://www.owasp.org/index.php/Category:OWASP_AppSec_FAQ_Project OWASP AppSec FAQ Project]
* [https://www.owasp.org/index.php/Asdr OWASP ASDR Project]
* [https://www.owasp.org/index.php/Category:OWASP_Backend_Security_Project OWASP Backend Security Project]
* [https://www.owasp.org/index.php/Category:OWASP_Best_Practices:_Use_of_Web_Application_Firewalls OWASP Best Practices: Use of Web Application Firewalls]
* [https://www.owasp.org/index.php/Category:OWASP_CAL9000_Project OWASP CAL9000 Project]
* [https://www.owasp.org/index.php/Category:OWASP_CLASP_Project OWASP CLASP Project]
* [https://www.owasp.org/index.php/Category:OWASP_Code_Crawler OWASP CodeCrawler Project]
* [https://www.owasp.org/index.php/Category:OWASP_Content_Validation_using_Java_Annotations_Project OWASP Content Validation using Java Annotations Project]
* [https://www.owasp.org/index.php/Category:OWASP_DirBuster_Project OWASP DirBuster Project]
* [https://www.owasp.org/index.php/Category:OWASP_Encoding_Project OWASP Encoding Project]
* [https://www.owasp.org/index.php/Category:OWASP_Google_Hacking_Project OWASP Google Hacking Project]
* [https://www.owasp.org/index.php/Category:OWASP_Insecure_Web_App_Project OWASP Insecure Web App Project]
* [https://www.owasp.org/index.php/Category:OWASP_Interceptor_Project OWASP Interceptor Project]
* [https://www.owasp.org/index.php/Category:OWASP_JSP_Testing_Tool_Project OWASP JSP Testing Tool Project]
* [https://www.owasp.org/index.php/Category:OWASP_LiveCD_Education_Project OWASP LiveCD Education Project]
* [https://www.owasp.org/index.php/Category:OWASP_Logging_Project OWASP Logging Guide]
* [https://www.owasp.org/index.php/Category:OWASP_NetBouncer_Project OWASP NetBouncer Project]
* [https://www.owasp.org/index.php/Category:OWASP_OpenPGP_Extensions_for_HTTP_-_Enigform_and_mod_openpgp OWASP OpenPGP Extensions for HTTP - Enigform and mod_openpgp Project]
* [https://www.owasp.org/index.php/Category:OWASP_OpenSign_Server_Project OWASP OpenSign Server Project]
* [https://www.owasp.org/index.php/Category:OWASP_Pantera_Web_Assessment_Studio_Project OWASP Pantera Web Assessment Studio Project]
* [https://www.owasp.org/index.php/Category:OWASP_PHP_Project OWASP PHP Project]
* [https://www.owasp.org/index.php/ORG_%28OWASP_Report_Generator%29 OWASP Report Generator]
* [https://www.owasp.org/index.php/Category:OWASP_SASAP_Project OWASP Scholastic Application Security Assessment Project]
* [https://www.owasp.org/index.php/Category:OWASP_Security_Analysis_of_Core_J2EE_Design_Patterns_Project OWASP Security Analysis of Core J2EE Design Patterns Project]
* [https://www.owasp.org/index.php/Category:OWASP_Security_Spending_Benchmarks OWASP Security Spending Benchmarks Project]
* [https://www.owasp.org/index.php/OWASP_SiteGenerator OWASP Site Generator Project]
* [https://www.owasp.org/index.php/Category:OWASP_Skavenger_Project OWASP Skavenger Project]
* [https://www.owasp.org/index.php/Category:OWASP_Source_Code_Flaws_Top_10_Project OWASP Source Code Flaws Top 10 Project]
* [https://www.owasp.org/index.php/Category:OWASP_Sprajax_Project OWASP Sprajax Project]
* [https://www.owasp.org/index.php/Category:OWASP_Sqlibench_Project OWASP Sqlibench Project]
* [https://www.owasp.org/index.php/Category:OWASP_Stinger_Project OWASP Stinger Project]
* [https://www.owasp.org/index.php/Category:OWASP_Teachable_Static_Analysis_Workbench_Project OWASP Teachable Static Analysis Workbench Project]
* [https://www.owasp.org/index.php/OWASP_Tiger OWASP Tiger]
* [https://www.owasp.org/index.php/Category:OWASP_Tools_Project OWASP Tools Project]
* [https://www.owasp.org/index.php/Projects/OWASP_Uniform_Reporting_Guidelines OWASP Uniform Reporting Guidelines]
* [https://www.owasp.org/index.php/Category:OWASP_WeBekci_Project OWASP Webekci Project]
* [https://www.owasp.org/index.php/JBroFuzz JBroFuzz]
* [https://owasp.org/index.php/Category:OWASP_SWAAT_Project OWASP SWAAT Project]
* [https://www.owasp.org/index.php/OWASP_Secure_Web_Application_Framework_Manifesto OWASP Secure Web Application Framework Manifesto]
* [https://www.owasp.org/index.php/Scrubbr OWASP Scrubbr]
* [https://www.owasp.org/index.php/OWASP_JavaScript_Sandboxes OWASP JavaScript Sandboxes Project]
* [https://www.owasp.org/index.php/Category:OWASP_Joomla_Vulnerability_Scanner_Project OWASP Joomla Vulnerability Scanner Project]
* [https://www.owasp.org/index.php/OWASP_Hatkit_Datafiddler_Project OWASP Hatkit Datafiddler Project]
* [https://www.owasp.org/index.php/OWASP_Hatkit_Proxy_Project OWASP Hatkit Proxy Project]
* [https://www.owasp.org/index.php/OWASP_Fiddler_Addons_for_Security_Testing_Project OWASP Fiddler Addons for Security Testing Project]
* [https://www.owasp.org/index.php/OWASP_Forward_Exploit_Tool_Project OWASP Forward Exploit Tool Project]
* [https://www.owasp.org/index.php/Category:OWASP_Fuzzing_Code_Database OWASP Fuzzing Code Database]
* [https://www.owasp.org/index.php/Category:OWASP_Cloud_‐_10_Project OWASP Cloud ‐ 10 Project]
* [https://www.owasp.org/index.php/OWASP_Web_Browser_Testing_System_Project OWASP Web Browser Testing System Project]
* [https://www.owasp.org/index.php/Webscarab OWASP WebScarab Project]
* [https://www.owasp.org/index.php/Project_Information:template_Webslayer_Project OWASP Webslayer Project]
* [https://www.owasp.org/index.php/Project_Information:template_WSFuzzer_Project OWASP WSFuzzer Project]
* [http://owasp.com/index.php/Category:OWASP_Security_Assurance_Testing_of_Virtual_Worlds_Project OWASP Security Assurance Testing of Virtual Worlds Project]
* [https://www.owasp.org/index.php/OWASP_WAF_Project OWASP WAF Project]
* [https://www.owasp.org/index.php/OWASP_VFW_Project OWASP VFW Project]
* [https://www.owasp.org/index.php/OWASP_SIMBA_Project OWASP SIMBA Project]
* [https://www.owasp.org/index.php/OWASP_ONYX OWASP ONYX]
* [https://www.owasp.org/index.php/OWASP_Java_Uncertain_Form_Submit_Prevention OWASP Java Uncertain Form Submit Prevention]
* [https://www.owasp.org/index.php/OWASP_Ecuador OWASP Ecuador]
* [https://www.owasp.org/index.php/OWASP_ESOP_Framework OWASP ESOP Framework]
* [https://www.owasp.org/index.php/OWASP_Alchemist_Project OWASP Alchemist Project]
* [https://www.owasp.org/index.php/OWASP_Secure_the_Flag_Competition_Project OWASP Secure the Flag Project]
* [https://www.owasp.org/index.php/OWASP_Browser_Security_ACID_Tests_Project OWASP Browser Security ACID Test Project]
* [https://www.owasp.org/index.php/OWASP_AJAX_Crawling_Tool OWASP AJAX Crawling Tool]
* [https://www.owasp.org/index.php/OWASP_Threat_Modelling_Project OWASP Threat Modeling Project]
* [https://www.owasp.org/index.php/OWASP_Crossword_of_the_Month OWASP Crossword of the Month]
* [https://www.owasp.org/index.php/OWASP_Secure_Password_Project OWASP Secure Password Project]
* [https://www.owasp.org/index.php/OWASP_Myth_Breakers_Project OWASP Myth Breakers Project]
* [http://owasp.com/index.php/OWASP_Project_Partnership_Model OWASP Project Partnership Model]
* [https://www.owasp.org/index.php/OWASP_Browser_Security_Project OWASP Browser Security Project]
* [https://www.owasp.org/index.php/OWASP_Application_Security_Program_for_Managers OWASP Application Security Program for Managers]
* [https://www.owasp.org/index.php/Category:OWASP_Favicon_Database_Project OWASP Favicon Database Project]
* [https://www.owasp.org/index.php/OWASP_Security_JDIs_Project OWASP Security JDIs Project]
* [https://www.owasp.org/index.php/OWASP_File_Hash_Repository OWASP File Hash Repository]
* [https://www.owasp.org/index.php/OWASP_Crowdtesting OWASP Crowdtesting]
* [https://www.owasp.org/index.php/OWASP_Application_Security_Skills_Assessment OWASP Application Security Skills Assessment]
* [https://www.owasp.org/index.php/OWASP_Common_Numbering_Project OWASP Common Numbering Project]
* [https://www.owasp.org/index.php/OWASP_WhatTheFuzz_Project#tab=Project_About OWASP WhatTheFuzz Project]
* [https://www.owasp.org/index.php/OWASP_Security_Tools_for_Developers_Project OWASP Security Tools for Developers Project]
* [https://www.owasp.org/index.php/Category:OWASP_Proxy OWASP Proxy Project]
* [https://www.owasp.org/index.php/OWASP_AW00T OWASP AW00t]
* [https://www.owasp.org/index.php/OWASP_Framework_Security_Project OWASP Framework Security Project]
* [https://www.owasp.org/index.php/OWASP_Desktop_Goat_and_Top_5_Project OWASP Desktop Goat and Top 5 Project]
* [https://www.owasp.org/index.php/OWASP_OVAL_Content_Project OWASP OVAL Content Project]
* [https://www.owasp.org/index.php/OWASP_Software_Security_Assurance_Process OWASP Software Security Assurance Process]
* [https://www.owasp.org/index.php/OWASP_Application_Fuzzing_Framework_Project OWASP Application Fuzzing Framework Project]
* [https://www.owasp.org/index.php/OWASP_Good_Component_Practices_Project OWASP Good Component Practices Project]
* [https://www.owasp.org/index.php/OWASP_1-Liner OWASP 1-Liner]
* [https://www.owasp.org/index.php/Category:OWASP_Java_Project OWASP Java Project]
* [https://www.owasp.org/index.php/OWASP_Web_Application_Security_Accessibility_Project#tab=Project_About OWASP Web Application Security Accessibility Project]
* [https://www.owasp.org/index.php/OWASP_OctoMS OWASP OctoMS]
* [https://www.owasp.org/index.php/OWASP_Java_J2EE_Secure_Development_Curriculum OWASP Java/J2EE Secure Development Curriculum]
* [https://www.owasp.org/index.php/OWASP_Periodic_Table_of_Vulnerabilities OWASP Periodic Table of Vulnerabilities]
* [https://www.owasp.org/index.php/OWASP_Droid_Fusion OWASP Droid Fusion]
* [https://www.owasp.org/index.php/OWASP_iSABEL_Proxy_Server OWASP iSABEL Proxy Server]
* [https://www.owasp.org/index.php/OWASP_WS_Amplification_DoS_Project OWASP WS-Amplification DoS Project]
* [https://www.owasp.org/index.php/OWASP_Windows_Binary_Executable_Files_Security_Checks_Project OWASP Windows Binary Executable Files Security Checks Project]
* [https://www.owasp.org/index.php/OWASP_Wordpress_Security_Checklist_Project OWASP Wordpress Security Checklist Project]
* [https://www.owasp.org/index.php/OWASP_Simple_Host_Base_Incidence_Detection_System_Project OWASP Simple Host Base Incidence Detection System Project]
* [https://www.owasp.org/index.php/OWASP_Unmaskme_Project OWASP Unmaskme Project]
* [https://www.owasp.org/index.php/OWASP_HA_Vulnerability_Scanner_Project OWASP HA Vulnerability Scanner Project]
* [https://www.owasp.org/index.php/OWASP_Pygoat_Project OWASP Pygoat Project]
* [https://www.owasp.org/index.php/OWASP_Security_Labeling_System_Project OWASP Security Labeling System Project]
* [https://www.owasp.org/index.php/OWASP_IoTs_Project OWASP IoTs Project]
* [https://www.owasp.org/index.php/OWASP_STeBB_Project OWASP STeBB Project]
* [https://www.owasp.org/index.php/OWASP_Ultimatum_Project OWASP Ultimatum Project]

= Project Task Force =

===OWASP Project Task Force===

{{:Task_Force/OWASP_Projects}}

= Online Resources =

===Project Online Resources===

{{:Project_Online_Resources}}

= Starting a New Project =

== So you want to start a project... ==

Starting an OWASP Project is easy. You don't have to be an application security expert. You just have to have the drive and desire to make a contribution to the application security community.

Here are some of the guidelines for running a successful OWASP project:

* The best OWASP projects are strategic - they make it easier to produce secure applications by filling a gap in the application security knowledge-base or technology support.

* You ''can'' run a single person project, but it's usually best to get the community involved. You should be prepared to support a mailing list, build a team, speak at conferences, and promote your project.

* You can contribute existing documents or tools to OWASP! Assuming you have the intellectual property rights to a work, you can open it to the world as an OWASP Project. Please coordinate this with OWASP by contacting owasp(at)owasp.org.

* Available Grants to consider if you need funding - [https://www.owasp.org/index.php/Grants Click Here]

* You should promote your project through the OWASP channels as well as by outside means. Get people to blog about it!

== Creating a new project ==
The first thing you have to do if you want to start a new project is submit a new OWASP Project application. [http://www.tfaforms.com/263506 Please submit a new project application here].

* You will need to gather the following information together for your application:
A - PROJECT
# Project Name,
# Project purpose / overview,
# Project Roadmap,
# Project links (if any) to external sites,
# [http://www.owasp.org/index.php/Guidelines_for_OWASP_Projects#Project_Licensing Project License],
# Project Leader name,
# Project Leader email address,
# Project Leader wiki account - the username (you'll need this to edit the wiki),
# Project Contributor(s) (if any) - name email and wiki account (if any),
# Project Main Links (if any).

* Check out the '''[[Guidelines for OWASP Projects]]'''.
* [https://www.owasp.org/index.php/Grant_Spending_Policy Grant Spending Policy]
* [https://www.owasp.org/index.php/Project_Spending_Policy Project Spending Policy]
* [https://www.owasp.org/index.php/Project_Sponsorship_Operational_Guidelines Project Sponsorship Operational Guidelines]

==OWASP Recommended Licenses==

{{Recommended_Licenses}}

==Funding your Project==
An OWASP project does not receive any funding for development at project inception; however, a new project does have the opportunity to submit a request to receive funds if they are available for the year. Additionally, project leaders have the option of seeking sponsorship from outside organizations, but project leaders are required to seek funding through their own initiative. Please contact the OWASP Projects Manager for more information.

== Project Release ==

As your project reaches a point that you'd like OWASP to assist in its promotion, the will need the following information to help spread the word about your project:

# Short 5 sentence paragraph outlining what your project is about, what you hope to accomplish with your project, what value your project brings to software security, and contributor and project leader names and contact information.
# Link to your wiki page.
# Link to your code repository or a link to where readers can download your project.
# Latest Release description answering the following questions: What is it?, What does it do?, Where can I get it?, Who should I contact if something goes wrong?.

==Project Process Forms==
These forms were created to help project leaders, and those interested in a going through a process in the OWASP projects infrastructure. They facilitate the management of each query based on the specific task an applicant will need help with. The forms are described below, and they are linked with their designated online application form.

* [http://www.tfaforms.com/264422 Project Transition Application]:The OWASP project transition form gives current project leaders an easy way of handing over project administration information to individuals wishing to take over a project.

* [http://www.tfaforms.com/264413 Project Review Application]:This form is for current project leaders to request a review of their project based on OWASP graduation criteria. The aim is to designate an OWASP volunteer to review these projects within 3 months time.

* [http://www.tfaforms.com/264418 Project Donation Application]:This form is for projects outside of the OWASP project infrastructure. Project Leaders for these open source projects can choose to partner or give their project to OWASP directly through this form.

* [http://www.tfaforms.com/264428 Project Adoption Request]:This form is used when someone is interested in adopting an archived project.

* [http://www.tfaforms.com/264426 Project Abandonment Request]:The OWASP project abandonment form gives current project leaders an easy way of letting the OWASP Foundation know that they wish to resign their project leader duties. This form should be used when no replacement project leader exists to take over these duties.

* [http://www.tfaforms.com/264392 Incubator Project Graduation Application]:This application form is for Incubator Projects to apply for Labs Project status.

= Project Assessments =

==OWASP Project Lifecycle==
The OWASP Projects Lifecycle represents a balance between keeping a very loose structure around OWASP projects, and ensuring that OWASP consumers are not confused about a project’s maturity and quality. The lifecycle stage allows consumers to easily identify mature projects, and projects that are proofs of concept, experimental, and classified as prototypes in their current state. The greater the maturity of the project, the greater the level of responsibility for the project leader. These responsibilities are not trivial as OWASP provides incentives and benefits (Section 7) for projects who take on these added responsibilities.

'''The OWASP Project Lifecycle is broken down into the following stages:'''

'''Incubator Projects:''' OWASP Incubator projects represent the experimental playground where projects are still being designed, ideas are still being proven, and development is still underway. The “OWASP Incubator” label allows OWASP consumers to readily identify a project’s maturity; moreover, the label allows project leaders to leverage the OWASP name while their project is still maturing. OWASP Incubator projects are given a place on the OWASP Projects Portal to leverage the organizations' infrastructure, and establish their presence and project history.

'''Labs Projects:''' OWASP Labs projects represent projects that have produced a deliverable of significant value. Leaders of OWASP Labs projects are expected to stand behind the quality of their projects as these projects have matured to the point where they are accepted by a significant portion of the OWASP community. While these projects are typically not production ready, the OWASP community expects that an OWASP Labs project leader is producing releases that are ready for mainstream usage. OWASP Labs Projects are meant to be the collection of established projects that have gained community support and acclaim by undergoing the project review process.

'''Flagship Projects:''' The OWASP Flagship designation is given to projects that have demonstrated superior maturity, established quality, and strategic value to OWASP and application security as a whole. Eligible projects are selected from the OWASP Labs project pool. This selection process generally ensures that there is only one project of each type covering any particular security space. OWASP Flagship projects represent projects that are not only mature, but are also projects that OWASP as an organization provides direct support to maintaining. The core mission of OWASP is to make application security visible and so as an organization, OWASP has a vested interest in the success of its Flagship projects. Since Flagship projects have such high visibility, these projects are expected to uphold the most stringent requirements of all OWASP Projects.

== OWASP Project Stage Benefits==
This section outlines the benefits of starting an OWASP project, and the benefits of being at each different stage in the projects lifecycle. In my short time here at OWASP as the PM, I have had several potential project leaders ask me what the benefits are of starting their project with OWASP. Below is my proposal for each Stage’s benefits.

'''Incubator'''
* Financial Donation Management Assistance
* Project Review Support
* WASPY Awards Nominations
* OWASP OSS and OPT Participation
* Opportunity to submit proposal: $500 for Development.
* Community Engagement and Support
* Recognition and visibility of being associated with the OWASP Brand.

'''Labs'''
* All benefits given to Incubator Projects
* Technical Writing Support
* Graphic Design Support
* Project Promotion Support
* OWASP OSS and OPT: Preference

'''Flagship'''
* All benefits given to Incubator & Labs Projects
* Grant finding and proposal writing help
* Yearly marketing plan development
* OWASP OSS and OPT participation preference

For more detailed information on OWASP Project Stage Benefits, please see the 2013 Project Handbook.

== OWASP Project Graduation==
The Project Graduation Process is an optional process undertaken at the request of a project leader using the Incubator Graduation Form. The purpose of this process is to move a project from the OWASP Incubator into the OWASP Labs. In order to be considered for OWASP Labs, an Incubator project must have submitted an OWASP reviewed deliverable, and obtained at least two (2) positive responses for each of the core criteria project health questions.

The review centers around the following core questions. Each core question has three (3) specific questions made up of binary queries. A project must receive at least two (2) positive responses from each reviewer in two of the binary questions, to warrant a postive response for the core question. Each core question must receive a positive response from both project reviewers to pass the Project Health Assessment for Incubator Projects.

* [https://docs.google.com/spreadsheet/ccc?key=0AllOCxlYdf1AdG5NZGhzTjZpT1RDcnRibjd0aXhfOUE Project Graduation Criteria Checklist]

==OWASP Project Health Assessment==
The Project Health Assessment is an optional process undertaken at the request of a project leader when he/she applies for Project Graduation The purpose of this assessment is to determine whether a project meets the minimum criteria of an OWASP Project outlined in the [https://docs.google.com/spreadsheet/ccc?key=0AllOCxlYdf1AdG5NZGhzTjZpT1RDcnRibjd0aXhfOUE Project Health Assessment Criteria Document]. If a project passes the assessment, it then becomes eligible to graduate into the OWASP Labs Project stage. In order to be considered for OWASP Labs, an Incubator project must have submitted an OWASP reviewed deliverable, and obtained at least two (2) positive responses for each of the core criteria project health questions.

==OWASP Project Deliverable/Release Assessment==
The Project Deliverable/Release Review is an optional process undertaken at the request of a project leader using the Project Deliverable Review Form. The purpose of this process is to review a project’s progress, and to make sure the project is heading in the right direction based on the roadmap they provided at project inception.

Reviews must be performed by two (2) OWASP Chapter or Project Leaders, and their review must answer affirmatively to at least the first two (2) core Project Deliverable/Release Review questions. A project must pass the OWASP Project Deliverable/Release Assessment in order to graduate into the OWASP Labs Project stage.

* [https://docs.google.com/spreadsheet/ccc?key=0AllOCxlYdf1AdG5NZGhzTjZpT1RDcnRibjd0aXhfOUE Project Deliverable/Release Assessment Criteria Checklist]

= Brand Resources =


==The Brand Usage Rules==
OWASP's philosophy is that achieving security involves all parts of an organization, including people, process, and technology. We support the use of our brand consistent with this philosophy. However, we cannot allow the use of our brand when it implies something inconsistent with OWASP's comprehensive and balanced approach to application security. Therefore, we have defined these brand usage rules to clarify appropriate and inappropriate uses of the OWASP brand, including our name, domain, logos, project names, and other trademarks.

The Brand Guideline documents and rules below provide details and instruction on how to use the OWASP logo and brand. The quick reference sheet goes over the basics of the OWASP brand logo and a brief overview of customizable options. The Brand Guidelines document gives the entire description of the OWASP brand, its public use, and the options to customize the logo based on personal desire. The guidelines cover the OWASP signature, size and spacing, colors, imagery, and typefaces.

==Rules==

The following rules make reference to the OWASP Materials, meaning any tools, documentation, or other content from OWASP. The rules also make reference to "OWASP Published Standards" which are currently in the process of being developed and released. Currently there are no OWASP Published Standards.

#The OWASP Brand may be used to direct people to the OWASP website for information about application security.
#The OWASP Brand may be used in commentary about the materials found on the OWASP website.
#The OWASP Brand may be used by OWASP Members in good standing to promote a person or company's involvement in OWASP.
#The OWASP Brand may be used in association with an application security assessment only if a complete and detailed methodology, sufficient to reproduce the results, is disclosed.
#The OWASP Brand must not be used in a manner that suggests that The OWASP Foundation supports, advocates, or recommends any particular product or technology.
#The OWASP Brand must not be used in a manner that suggests that a product or technology is compliant with any OWASP Materials other than an OWASP Published Standard.
#The OWASP Brand must not be used in a manner that suggests that a product or technology can enable compliance with any OWASP Materials other than an OWASP Published Standard.
#The OWASP Brand must not be used in any materials that could mislead readers by narrowly interpreting a broad application security category. For example, a vendor product that can find or protect against forced browsing must not claim that they address all of the access control category.
#The OWASP Brand may be used by special arrangement with The OWASP Foundation.

==Project Icons & Templates==

The templates and icons below are the files used for our OWASP Projects. Here you will find icons that you can place on your wiki template to let viewers know what type of project they are looking at, and what stage the project is in. The operational OWASP Project wiki template can be copied onto another project page. If you require more assistance with these files and/or templates, please contact the OWASP staff for assistance

'''[https://www.owasp.org/index.php/OWASP_Operations_Project_Template OWASP Operational Wiki Template]'''

'''[https://www.owasp.org/index.php/OWASP_Documentation_Project_Template OWASP Example Template: DO NOT EDIT]'''

[[Image:OWASP_Project_Header.jpg|Owasp logo|500px]]

[[Image:Project_Type_Files_TOOL.jpg|Owasp logo|200px]] [[Image:Project_Type_Files_DOC.jpg||Owasp logo 1c|200px]]

[[Image:Project_Type_Files_CODE.jpg|Owasp logo|200px]] [[Image:Owasp-defenders-small.png|Owasp logo|100px]] [[Image:Owasp-builders-small.png|Owasp logo|100px]] [[Image:Owasp-breakers-small.png|Owasp logo|100px]]

[[Image:Owasp-incubator-trans-200.png|Owasp logo rev icon|100px]] [[Image:Owasp-labs-trans-85.png|Owasp logo flat|100px]] [[Image:Owasp-flagship-trans-85.png|Owasp logo icon|100px]]

===OpenSAMM===
'''[https://owasp.org/images/5/53/OpenSAMM_icons.zip OpenSAMM Icons]'''

'''Construction:'''

[[Image:Construction black.png| Construction black| 100px]] [[Image:Construction blue.png| Construction blue| 100px]] [[image:Construction olive.png |construction olive|100px]]

'''Deployment:'''

[[image:Deployment black.png| Deployment black| 100px]] [[image:Deployment blue.png| Deployment blue| 100px]] [[image:Deployment olive.png | Deployment olive| 100px]]

'''Governance:'''

[[image:Governance black.png| governance black| 100px]] [[image:Governance blue.png | governance blue | 100px]] [[image:Governance olive.png | governance olive| 100px]]

'''Verification:'''

[[image:Verification black.png | Verification black | 100px]] [[image:Verification blue.png | verification blue | 100px]] [[image: Verification olive.png | Verification olive | 100px]]

==Book Cover Files==

[https://www.owasp.org/images/d/d3/Lulu-guide.pdf Lulu Guide]

Below you will find the Adobe Illustrator, Photoshop, and In-Design files for past OWASP Documentation books. You will need a copy of Adobe Creative Suite to edit these files. If you want to use these templates, but do not have Adobe Creative Suite, please contact the OWASP staff for assistance.

'''[https://www.dropbox.com/s/h27gsbe5m7idg0y/Finished%20Covers.zip Download the Book Cover Zip File]'''
{|
|-
! width="500" align="center" | 
! width="300" align="center" | 
|-
| align="center" | [[Image:BookImage_01.jpg‎|500px| link=https://www.dropbox.com/s/h27gsbe5m7idg0y/Finished%20Covers.zip]]
| align="center" |

|}

= Terminology =

== OWASP Project Infrastructure ==

*'''OWASP Project Lifecycle:''' The OWASP Projects Lifecycle represents a balance between keeping a very loose structure around OWASP projects, and ensuring that OWASP consumers are not confused about a project’s maturity and quality. The lifecycle stage allows consumers to easily identify mature projects, and projects that are proofs of concept, experimental, and classified as prototypes in their current state.

*'''Incubator Project:''' OWASP Incubator projects represent the experimental playground where projects are still being fleshed out, ideas are still being proven, and development is still underway. The “OWASP Incubator” label allows OWASP consumers to readily identify a project’s maturity. The label also allows project leaders to leverage the OWASP name while their project is still maturing.

*'''Labs Project:''' OWASP Labs projects represent projects that have produced a deliverable of value. While these projects are typically not production ready, the OWASP community expects that an OWASP Labs project leader is producing releases that are at least ready for mainstream usage.

*'''Flagship Project:''' The OWASP Flagship designation is given to projects that have demonstrated strategic value to OWASP and application security as a whole.

*'''Project Benefits:''' The standard list of resources and incentives made available to project leaders based on their project's current maturity level.

== OWASP Project Reviews ==

*'''Project Reviews:''' Project reviews are the method OWASP uses to establish a minimal baseline of project characteristics and release quality. Reviews are not mandatory, but they are necessary if a project leader wishes to graduate to the next level of maturity within the OWASP Global Projects infrastructure. Projects can be reviewed when an Incubator project wishes to graduate into the OWASP Labs designation, and project releases can be reviewed if they want the quality of their deliverable to be vouched for by OWASP.

*'''Project Reviewer Pool:''' The project reviewer pool is made up of veteran reviewers who have proven themselves dedicated to executing quality reviews of projects.

*'''Project Graduation:''' The Project Graduation Process is an optional process undertaken at the request of a project leader using the Incubator Graduation Form. The purpose of this process is to move a project from the OWASP Incubator into the OWASP Labs.

*'''Project Health Assessment:''' The Project Health Assessment is an optional process undertaken at the request of a project leader when he/she applies for Project Graduation The purpose of this assessment is to determine whether a project meets the minimum criteria of an OWASP Project outlined in the [https://docs.google.com/a/owasp.org/spreadsheet/ccc?key=0AllOCxlYdf1AdG5NZGhzTjZpT1RDcnRibjd0aXhfOUE#gid=1 Project Health Assessment Criteria Document].

*'''Project Release:''' A project release refers to the final deliverable a project produces. It is the final product of the project.

*'''Project Deliverable/Release Review:''' The Project Deliverable/Release Review is an optional process undertaken at the request of a project leader using the Project Deliverable Review Form. The purpose of this process is to review a project’s progress, and to make sure the project is heading in the right direction based on the roadmap they provided at project inception.

== OWASP Projects Processes ==

*'''Project Processes:''' The set of streamlined processes that exist to help projects move smoothly through the OWASP Project Lifecycle.

*'''Project Inception Process:''' The Project Inception Process is how a brand new idea becomes an OWASP Project. Such projects are labeled as OWASP Incubator projects. The process involves submitting the proposed project name, project leader information, project description, project roadmap, and selecting an appropriate open-source license for the project using the New Project Form on the Projects Portal.

*'''Project Donation Process:''' The Project Donation Process is used for a project that has an existing functional release, but is not currently associated with OWASP. This process is the primary mechanism by which individuals or organizations can transfer the ownership of their project’s copyright to OWASP.

*'''Project Transition Process:''' The Project Transition Process is used to transition leadership of a project to a new project leader. This is a simple automated process to transfer the relevant accounts, mailing lists, and other project resources to the new project leader.

*'''Project Abandonment Process:''' The Project Abandonment Process was put in place for those occasions in which a project leader is no longer able to manage their project, and has not been able to find a suitable replacement for the leader role. Project Abandonment can also occur when the project leader feels his/her project has become obsolete. Under these circumstances, the acting project leader is encourage do submit the Project Abandonment Form found in the Projects Portal.

*'''Incubator Graduation Process:''' The Incubator Graduation Process is an optional process undertaken at the request of a project leader using the Incubator Graduation Form. The purpose of this process is to move a project from the OWASP Incubator into the OWASP Labs.

== Projects at Conferences ==

*'''AppSec Conferences:''' OWASP AppSec conferences bring together industry, government, security researchers, and practitioners to discuss the state of the art in application security. This series was launched in the United States in 2004 and Europe in 2005. Global AppSec conferences are held annually in North America, Latin America, Europe, and Asia Pacific.

*'''Open Source Showcase:''' The Open Source Showcase is an OWASP AppSec Conference event module designed to give Open Source project leaders the opportunity to demo their projects.

*'''OWASP Project Track:''' The OWASP Project Track is an OWASP AppSec Conference event module designed to give OWASP Project leaders the opportunity to showcase their projects as an official conference presenter.

== OWASP Projects General ==

*'''OWASP Code of Ethics:''' The OWASP Code of Ethics are the set of guidelines and principles that the OWASP Foundation expects all of its members and conference attendees to abide by. A copy of the Code of Ethics can be found here in the [https://www.owasp.org/index.php/About_The_Open_Web_Application_Security_Project#Code_of_Ethics OWASP About page].

= Sponsorships and Donations =


==Donate to OWASP Global Projects ==
OWASP Projects, a global division of the OWASP Foundation, is run under the same world wide not-for-profit charitable status as all the foundation strategic groups. OWASP provides a platform for contributors to share their work while providing them with the project and community support they need throughout their project development. All OWASP Projects are run by volunteers and they rely on personal donations and sponsorship to continue their development. Donate to OWASP Projects, and we promise to spend your money wisely on open source initiatives.

'''This is how your money can help:'''

* $20 could help us spread the word on the importance of open source initiatives in the Application Security industry.
* $100 could help fund OWASP project demos at major conferences.
* $250 could help get our volunteer Project Leaders to speaking engagements.

[[Image:Donate_Button.jpg | link=http://www.regonline.com/Register/Checkin.aspx?EventID=1044369]]

= PM Information =


==Samantha Groves: OWASP Program Manager: OWASP Projects==
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Sam3.jpg|100px]]
| align="justify" |Samantha Groves is the Program Manager at OWASP for our Global Projects. Samantha has led many projects in her career, some of which include website development, brand development, sustainability and socio-behavioral research projects, competitor analysis, event organization and management, volunteer engagement projects, staff recruitment and training, and marketing department organization and strategy implementation projects for a variety of commercial and not-for-profit organizations. She is eager to begin her work at OWASP and help the organization reach its project completion goals.

Samantha earned her MBA in International Management with a concentration in sustainability from Royal Holloway, University of London. She earned her Bachelor's degree majoring in Multimedia from The University of Advancing Technology in Mesa, Arizona, and she earned her Associate's degree from Scottsdale Community College in Scottsdale, Arizona. Additionally, Samantha attained her Prince2 (Foundation) project management certification, and she undertook executive management training in Intellectual Property Strategy from Harvard Business School. [https://www.owasp.org/index.php/Test2test .]

Please see the [https://www.owasp.org/index.php/OwaspPM OWASP Program Manager: Projects Role Description] for more information.

|}
 

==Program Reports==

'''2014'''

*[https://www.owasp.org/index.php/Projects/Reports/2014-10-01 Project Manager Report: January 10 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-17-01 Project Manager Report: January 17 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-25-01 Project Manager Report: January 25 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-31-01 Project Manager Report: January 31 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-07-02 Project Manager Report: February 07 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-16-02 Project Manager Report: February 16 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-21-02 Project Manager Report: February 21 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-28-02 Project Manager Report: February 28 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-07-03 Project Manager Report: March 07 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-14-03 Project Manager Report: March 14 2014]
*Project Manager Report: March 21 2014 - No Report this week. PM was away at AppSec APAC 2014.
*[https://www.owasp.org/index.php/Projects/Reports/2014-28-03 Project Manager Report: March 28 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-04-04 Project Manager Report: April 04 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-11-04 Project Manager Report: April 11 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-18-04 Project Manager Report: April 18 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-25-04 Project Manager Report: April 25 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-02-05 Project Manager Report: May 02 2014]
*Project Manager Report: May 09 2013 - No Report this week. On Holiday.
*Project Manager Report: May 16 2013 - No Report this week. On Holiday.
*[https://www.owasp.org/index.php/Projects/Reports/2014-23-05 Program Manager Report: May 23 2014]
*Project Manager Report: May 30 2013 - No Report this week. On Holiday.
*[https://www.owasp.org/index.php/Projects/Reports/2014-06-06 Program Manager Report: June 06 2014]

'''2013'''

*[https://www.owasp.org/index.php/GPC/Meetings/2013-04-01 GPC Meeting: January 04 2013 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-11-01 GPC Meeting: January 11 2013 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-18-01 GPC Meeting: January 18 2013 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-25-01 GPC Meeting: January 25 2013 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-01-02 GPC Meeting: February 01 2013 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-08-02 GPC Meeting: February 08 2013 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-15-02 GPC Meeting: February 15 2013 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-22-02 GPC Meeting: February 22 2013 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-01-03 Project Manager Report: March 01 2013]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-08-03 Project Manager Report: March 08 2013]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-15-03 Project Manager Report: March 15 2013]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-22-03 Project Manager Report: March 22 2013]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-29-03 Project Manager Report: March 29 2013]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-05-04 Project Manager Report: April 05 2013]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-12-04 Project Manager Report: April 12 2013]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-19-04 Project Manager Report: April 19 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-26-04 Project Manager Report: April 26 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-03-05 Project Manager Report: May 03 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-10-05 Project Manager Report: May 10 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-17-05 Project Manager Report: May 17 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-24-05 Project Manager Report: May 24 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-31-05 Project Manager Report: May 31 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-07-06 Project Manager Report: June 07 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-14-06 Project Manager Report: June 14 2013]
*Project Manager Report: June 21 2013 - No Report this week. PM was away at a week long course.
*[https://www.owasp.org/index.php/Projects/Reports/2013-28-06 Project Manager Report: June 28 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-05-07 Project Manager Report: July 05 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-12-07 Project Manager Report: July 12 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-19-07 Project Manager Report: July 19 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-26-07 Project Manager Report: July 26 2013]
*Project Manager Report: August 02 2013 - No Report this week. PM was away at Black Hat & DEFCON 2013.
*[https://www.owasp.org/index.php/Projects/Reports/2013-09-08 Project Manager Report: August 09 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-16-08 Project Manager Report: August 16 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-23-08 Project Manager Report: August 23 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-30-08 Project Manager Report: August 30 2013]
*Project Manager Report: September 06 2013 - No Report this week. PM was away.
*[https://www.owasp.org/index.php/Projects/Reports/2013-13-09 Project Manager Report: September 13 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-20-09 Project Manager Report: September 20 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-27-09 Project Manager Report: September 27 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-04-10 Project Manager Report: October 04 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-12-10 Project Manager Report: October 12 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-18-10 Project Manager Report: October 18 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-25-10 Project Manager Report: October 25 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-01-11 Project Manager Report: November 01 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-08-11 Project Manager Report: November 08 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-15-11 Project Manager Report: November 15 2013]
*Project Manager Report: November 22 2013 - No Report this week. PM was away at AppSec USA 2013.
*Project Manager Report: November 29 2013 - No Report this week. National Holiday.
*[https://www.owasp.org/index.php/Projects/Reports/2013-06-12 Project Manager Report: December 06 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-13-12 Project Manager Report: December 13 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-20-12 Project Manager Report: December 20 2013]

'''2012'''

*[https://www.owasp.org/index.php/GPC/Meetings/2012-24-08 GPC Meeting: August 24 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-07-09 GPC Meeting: September 07 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-14-09 GPC Meeting: September 14 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-21-09 GPC Meeting: September 21 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-28-09 GPC Meeting: September 28 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-05-10 GPC Meeting: October 05 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-12-10 GPC Meeting: October 12 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-19-10 GPC Meeting: October 19 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-09-11 GPC Meeting: November 09 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-16-11 GPC Meeting: November 16 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-30-11 GPC Meeting: November 30 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-07-12 GPC Meeting: December 07 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-14-12 GPC Meeting: December 14 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-21-12 GPC Meeting: December 21 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-27-12 GPC Meeting: December 27 2012 Project Manager Report]

==Board Meeting Reports==

*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/August_13_2012 Board Meeting: August 2012 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/September_10_2012 Board Meeting: September 2012 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/October_08_2012 Board Meeting: October 2012 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/November_12_2012 Board Meeting: November 2012 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/December_10_2012 Board Meeting: December 2012 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/January_14_2013 Board Meeting: January 2013 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/February_11_2013 Board Meeting: February 2013 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/March_11_2013 Board Meeting: March 2013 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/April_05_2013 Board Meeting: April 2013 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/May_13_2013 Board Meeting: May 2013 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/June_10_2013 Board Meeting: June 2013 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/July_08_2013 Board Meeting: July 2013 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/August_06_2013 Board Meeting: August 2013 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/September_09_2013 Board Meeting: September 2013 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/November_06_2013 Board Meeting: November 2013 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/December_03_2013 Board Meeting: December 2013 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/February_18_2013 Board Meeting: February 2014 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/April_18_2014 Board Meeting: April 2014 Project Manager Report]

==Project Funds==

* [https://docs.google.com/a/owasp.org/spreadsheet/pub?hl=en_US&hl=en_US&key=0Atu4kyR3ljftdEdQWTczbUxoMUFnWmlTODZ2ZFZvaXc&output=html Chapter and Individual Project Funds]
* [https://www.owasp.org/index.php/Projects_Reboot_2012 Project Reboot 2012 Information]
* [https://www.owasp.org/images/a/ae/Project_Funds-Q1_2013.pdf Q1 2013: Funds Allocated to Projects]
* [https://www.owasp.org/images/a/a0/PROJECT_FUNDS_Q2_2013.pdf Q2 2013: Funds Allocated to Projects]
* [https://www.owasp.org/images/c/ce/Due_To_Projects_Q3.pdf Q3 2013: Funds Allocated to Projects]
* [https://www.owasp.org/images/b/b3/Due_To_Projects_Q4_2013.pdf Q4 2013: Funds Allocated to Projects]

==Program Grants: Proposals Awarded==

*'''[https://docs.google.com/document/d/1MA3TI5ssclxvheV8At_ffu2Fuic55SDpOokS3AOvBUc/edit?usp=sharing OWASP Guidebooks Proposal]'''
# Amount: $25,000 USD
# Status: Awarded. The first payment has been allocated to our project budgets. The second invoice has now been sent to Georgia Tech and payment has been received.
# [https://www.owasp.org/images/1/18/Development_Guide_Project_Gantt.pdf OWASP Development Guide Plan]
# [https://www.owasp.org/images/e/e9/Testing_Guide_Project_Gantt.pdf OWASP Testing Guide Plan]
# [https://www.owasp.org/images/d/da/Code_Review_Project_Gantt.pdf OWASP Code Review Guide Plan]

*'''Google Grants Proposal'''
#Amount: $120,000 USD in Adwords Funds
#Status: Awarded.
#Note: There is no link to show the proposal for this grant. There was a form that was submitted to Google, and we did not receive a record of this form.

*'''Google Summer of Code'''
#Amount: $5,500
#Status: Awarded

*'''Projects breakdown:'''
**4 ZAP Projects: $2,000
**4 OWTF Projects: $2,000
**1 PHP Security Project: $500
**1 Hackademics Project: $500
**1 Modsecurity Project: $500
**Note: Big thank you to Fabio Cerullo for coordinating and managing this award.

*'''[https://docs.google.com/document/d/1cFbmOLqEQQG8eXPrMTlU6JUivgRIacUeL7D599bZm_E/edit?usp=sharing OWASP AppSensor Grant Proposal]'''
# Amount: $15,000 USD
# Status: Awarded.

*'''Total Funds Awarded: $172,170 USD for 2013.'''

==Proposals Denied==

*'''European Commission Grant Proposal'''
#Amount: €250,000
#Status: Denied.

*'''[https://docs.google.com/document/d/1Vz7BLFdt1h5AhmW-Zc2B_KlqhzsSkSAaEASML5U4VQs/edit?usp=sharing OWASP OpenSAMM Grant Proposal]'''
# Amount: $112,000 USD
# Status: Denied

*'''[https://docs.google.com/document/d/16ZFXaML8C7aDAZdyTMDDg4BzLr1vUTOz9eqmYE8ZW8U/edit?usp=sharing OWASP ESAPI Grant Proposal]'''
# Amount: $25,000 USD
# Status: Denied

*'''[https://docs.google.com/document/d/1dBTaRr-yl8wGhGKxacWACznZhCZnJ_sZeAdN-b2xPlw/edit?usp=sharing OWASP ModSecurity CRS Proposal]'''
#Amount: $30,000 USD
#Status: Denied

*'''[https://docs.google.com/file/d/0B1lOCxlYdf1AQm52T2xjX215M28/edit?usp=sharing OWASP OWTF Grant Proposal]'''
# Amount: $55,800 USD
# Status: Denied

==Program Presentations: Projects==

* [https://www.owasp.org/images/f/fb/OWASP_GLOBAL_PROJECTS.pdf OWASP Projects Presentation: Phoenix Chapter Talk]
* [https://www.owasp.org/images/b/bb/OWASP_Projects_Webinar.pdf OWASP Projects Webinar]
* [https://www.owasp.org/images/1/19/OWASP_PROJECTS_SOLUTIONS.pdf OWASP Project Infrastructure: Solutions]

==Program Manger's Quarterly Strategic Objectives==

'''[https://docs.google.com/document/d/1g9jJImMr0p6fLqixOJIXtrNvGtycmI7-ofT54vWExwo/edit?usp=sharing Goals and Objectives: 2013 Q4]'''
#Finish planning Project Summit & Execute Summit at AppSec USA.
#Develop & Finish Global Projects Strategy for 2014: Includes Budget
#Finish Fundraising Strategy for 2014: Includes Budget

*'''Ongoing Objectives for 2013'''
**Quarterly Report to DHS
**Continue helping leaders reach their grant required milestones
**Finalise graphic design delivery from Patrick: 2 pieces to go.

'''[https://docs.google.com/a/owasp.org/document/d/1wziu7cIMmnYZQ_fMxjNd614e0OWNacZLmcyQl7zWnZU/edit?usp=sharing Goals and Objectives: 2013 Q3]'''
#Marketing: Work with Sarah to solicit feedback from community on Marketing deliverables and finalize relationship with Patrick and Denita.
#Project Review Process - Work with new Technical Project advisors to finalize project review criteria and process.
#Grants: Develop a grant strategy for rest of 2013 and 2014, utilizing fundraising intern(s) as part of this strategy.

*'''Ongoing Objectives for 2013'''
**Work with Project leaders to reach grant required milestones - ONGOING
**Develop a project charter outlining appropriate grant revenue spending and grant required milestones. - DUE IN SEPTEMBER - ONGOING
**Oversight of Marketing and Graphic Design deliverables (Phase 2/Phase 3) provided by 3rd party contractor

==Contact the Program Manager==

If you need any help with anything projects related, or if you simply need some more information, please do not hesitate to contact the [http://owasp4.owasp.org/contactus.html OWASP Projects Manager, Samantha Groves].


= Contact US =


==OWASP Representation==
* [[User:Samantha Groves|Samantha Groves]]: OWASP Program Manager: OWASP Projects

If you need any help with anything projects related, or if you simply need some more information, please do not hesitate to contact the [http://owasp4.owasp.org/contactus.html OWASP Projects Manager, Samantha Groves].


<headertabs />

Projects/Reports/2014-23-05

2014-06-05T20:25:35Z

Samantha Groves:

OWASP Project Summit 2014/Working Sessions

2014-06-04T20:25:36Z

Samantha Groves:

We are currently looking for more working session ideas for the summit. If you're interested in adding a Working Session for the 2014 Summit, please contact Samantha Groves (Samantha.Groves@owasp.org). Please review the [[Working Sessions Methodology|Working Session methodology]] for Working Session rules.

'''Keep checking back, as we will be adding more working sessions every week.'''

==Current Daily Schedule==

===Monday: June 23===
# [https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/002 OWASP Media Project]
#[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/001 OWASP Education Project]
#[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/003 OWASP 24/7 Podcast Series]
#[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/005 OWASP Code Review Guide]
#[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/009 OWASP OpenSAMM Session]
#[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/010 OWASP Cyber Security Startup Initiative]

===Tuesday: June 24===
# [https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/002 OWASP Media Project]
#[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/003 OWASP 24/7 Podcast Series]
#[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/004 OWASP Developer Guide]
#[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/006 OWASP PCI Toolkit]
#[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/007 OWASP PHP Security Framework]
#[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/008 OWASP NinjaPingU]
#[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/011 OWASP Google Summer of Code]
#[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/008 OWASP PHPSEC and WebGoatPHP]
{| class="wikitable"
|-
!
! Monday 9:00am - 1:00pm
! Monday 2:00pm - 6:00pm
! Tuesday 9:00am - 1:00pm
! Tuesday 2:00pm - 6:00pm
|-
| '''Room 1''' || [https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/002 OWASP Media Project] || [https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/005 OWASP Code Review Guide] || [https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/002 OWASP Media Project] ||
[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/007 OWASP Toolkit Session]
|-
| '''Room 2''' || [https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/003 OWASP 24/7 Podcast Series] || [https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/009 OWASP OpenSAMM Session: 4pm - 6pm] ||[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/003 OWASP 24/7 Podcast Series] ||
|-
| '''Room 3''' || [https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/001 OWASP Education Project] || [https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/010 OWASP Cyber Security Startup Initiative] ||[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/004 OWASP Developer Guide] ||
[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/004 OWASP Developer Guide]
|-
|}

OWASP Project Summit 2014/Working Sessions

2014-06-04T20:24:00Z

Samantha Groves:

We are currently looking for more working session ideas for the summit. If you're interested in adding a Working Session for the 2014 Summit, please contact Samantha Groves (Samantha.Groves@owasp.org). Please review the [[Working Sessions Methodology|Working Session methodology]] for Working Session rules.

'''Keep checking back, as we will be adding more working sessions every week.'''

==Current Daily Schedule==

===Monday: June 23===
# [https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/002 OWASP Media Project]
#[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/001 OWASP Education Project]
#[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/003 OWASP 24/7 Podcast Series]
#[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/005 OWASP Code Review Guide]
#[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/005 OWASP OpenSAMM Session]
#[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/010 OWASP Cyber Security Startup Initiative]

===Tuesday: June 24===
# [https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/002 OWASP Media Project]
#[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/003 OWASP 24/7 Podcast Series]
#[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/004 OWASP Developer Guide]
#[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/006 OWASP PCI Toolkit]
#[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/007 OWASP PHP Security Framework]
#[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/008 OWASP NinjaPingU]
#[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/011 OWASP Google Summer of Code]
#[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/008 OWASP PHPSEC and WebGoatPHP]
{| class="wikitable"
|-
!
! Monday 9:00am - 1:00pm
! Monday 2:00pm - 6:00pm
! Tuesday 9:00am - 1:00pm
! Tuesday 2:00pm - 6:00pm
|-
| '''Room 1''' || [https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/002 OWASP Media Project] || [https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/005 OWASP Code Review Guide] || [https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/002 OWASP Media Project] ||
[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/007 OWASP Toolkit Session]
|-
| '''Room 2''' || [https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/003 OWASP 24/7 Podcast Series] || [https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/005 OWASP OpenSAMM Session: 4pm - 6pm] ||[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/003 OWASP 24/7 Podcast Series] ||
|-
| '''Room 3''' || [https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/001 OWASP Education Project] || [https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/010 OWASP Cyber Security Startup Initiative] ||[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/004 OWASP Developer Guide] ||
[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/004 OWASP Developer Guide]
|-
|}

OWASP Project Summit 2014/Working Sessions

2014-06-04T20:21:58Z

Samantha Groves:

We are currently looking for more working session ideas for the summit. If you're interested in adding a Working Session for the 2014 Summit, please contact Samantha Groves (Samantha.Groves@owasp.org). Please review the [[Working Sessions Methodology|Working Session methodology]] for Working Session rules.

'''Keep checking back, as we will be adding more working sessions every week.'''

==Current Daily Schedule==

===Monday: June 23===
# [https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/002 OWASP Media Project]
#[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/001 OWASP Education Project]
#[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/003 OWASP 24/7 Podcast Series]
#[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/005 OWASP Code Review Guide]
#[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/005 OWASP OpenSAMM Session]
#[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/010 OWASP Cyber Security Startup Initiative]

===Tuesday: June 24===
# [https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/002 OWASP Media Project]
#[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/003 OWASP 24/7 Podcast Series]
#[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/004 OWASP Developer Guide]
#[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/006 OWASP PCI Toolkit]
#[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/007 OWASP PHP Security Framework]
#[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/008 OWASP NinjaPingU]
#[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/011 OWASP Google Summer of Code]
#[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/008 OWASP PHPSEC and WebGoatPHP]
{| class="wikitable"
|-
!
! Monday 9:00am - 1:00pm
! Monday 2:00pm - 6:00pm
! Tuesday 9:00am - 1:00pm
! Tuesday 2:00pm - 6:00pm
|-
| '''Room 1''' || [https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/002 OWASP Media Project] || [https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/005 OWASP Code Review Guide] || [https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/001 OWASP Education Project] ||
[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/007 OWASP Toolkit Session]
|-
| '''Room 2''' || [https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/003 OWASP 24/7 Podcast Series] || [https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/005 OWASP OpenSAMM Session: 4pm - 6pm] ||[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/003 OWASP 24/7 Podcast Series] ||
|-
| '''Room 3''' || [https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/002 OWASP Media Project] || [https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/010 OWASP Cyber Security Startup Initiative] ||[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/004 OWASP Developer Guide] ||
[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/004 OWASP Developer Guide]
|-
|}

OWASP Project Summit 2014/Working Sessions

2014-06-04T20:18:59Z

Samantha Groves:

We are currently looking for more working session ideas for the summit. If you're interested in adding a Working Session for the 2014 Summit, please contact Samantha Groves (Samantha.Groves@owasp.org). Please review the [[Working Sessions Methodology|Working Session methodology]] for Working Session rules.

'''Keep checking back, as we will be adding more working sessions every week.'''

==Current Daily Schedule==

===Monday: June 23===
# [https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/002 OWASP Media Project]
#[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/001 OWASP Education Project]
#[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/003 OWASP 24/7 Podcast Series]
#[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/005 OWASP Code Review Guide]
#[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/005 OWASP OpenSAMM Session]
#[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/010 OWASP Cyber Security Startup Initiative]

===Tuesday: June 24===
# [https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/002 OWASP Media Project]
#[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/003 OWASP 24/7 Podcast Series]
#[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/004 OWASP Developer Guide]
#[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/006 OWASP PCI Toolkit]
#[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/007 OWASP PHP Security Framework]
#[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/008 OWASP NinjaPingU]
#[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/011 OWASP Google Summer of Code]
#[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/008 OWASP PHPSEC and WebGoatPHP]
{| class="wikitable"
|-
!
! Monday 9:00am - 1:00pm
! Monday 2:00pm - 6:00pm
! Tuesday 9:00am - 1:00pm
! Tuesday 2:00pm - 6:00pm
|-
| '''Room 1''' || [https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/002 OWASP Media Project] || [https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/005 OWASP Code Review Guide] || [https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/001 OWASP Education Project] ||
[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/007 OWASP Toolkit Session]
|-
| '''Room 2''' || [https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/003 OWASP 24/7 Podcast Series] || [https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/005 OWASP OpenSAMM Session: 4pm - 6pm] ||[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/003 OWASP 24/7 Podcast Series] ||
|-
| '''Room 3''' || [https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/002 OWASP Media Project] ||
[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/010 OWASP Cyber Security Startup Initiative] ||
[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/004 OWASP Developer Guide]
|-
|}

OWASP Project Summit 2014/Working Sessions

2014-06-04T20:05:27Z

Samantha Groves:

We are currently looking for more working session ideas for the summit. If you're interested in adding a Working Session for the 2014 Summit, please contact Samantha Groves (Samantha.Groves@owasp.org). Please review the [[Working Sessions Methodology|Working Session methodology]] for Working Session rules.

'''Keep checking back, as we will be adding more working sessions every week.'''

==Current Daily Schedule==

===Monday: June 23===
# [https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/002 OWASP Media Project]
#[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/001 OWASP Education Project]
#[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/003 OWASP 24/7 Podcast Series]
#[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/005 OWASP Code Review Guide]
#[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/005 OWASP OpenSAMM Session]
#[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/010 OWASP Cyber Security Startup Initiative]

===Tuesday: June 24===
# [https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/002 OWASP Media Project]
#[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/003 OWASP 24/7 Podcast Series]
#[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/004 OWASP Developer Guide]
#[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/006 OWASP PCI Toolkit]
#[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/007 OWASP PHP Security Framework]
#[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/008 OWASP NinjaPingU]
#[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/011 OWASP Google Summer of Code]
#[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/008 OWASP PHPSEC and WebGoatPHP]
{| class="wikitable"
|-
!
! Monday 9:00am - 1:00pm
! Monday 2:00pm - 6:00pm
! Tuesday 9:00am - 1:00pm
! Tuesday 2:00pm - 6:00pm
|-
| '''Room 1''' || [https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/001 OWASP Education Project] || [https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/005 OWASP Code Review Guide] || [https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/002 OWASP Media Project] ||
[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/008 OWASP NinjaPingU]
|-
| '''Room 2''' || [https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/003 OWASP 24/7 Podcast Series] || || [https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/003 OWASP 24/7 Podcast Series] ||
[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/006 OWASP PCI Toolkit]
|-
| '''Room 3''' ||[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/004 OWASP Developer Guide] || [https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/004 OWASP Developer Guide] ||
[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/007 Google Summer of Code]
|[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/007 PHPSEC and WebGoatPHP]
|-
|}

OWASP Project Summit 2014/Working Sessions

2014-06-04T20:02:14Z

Samantha Groves:

We are currently looking for more working session ideas for the summit. If you're interested in adding a Working Session for the 2014 Summit, please contact Samantha Groves (Samantha.Groves@owasp.org). Please review the [[Working Sessions Methodology|Working Session methodology]] for Working Session rules.

'''Keep checking back, as we will be adding more working sessions every week.'''

==Current Daily Schedule==

===Monday: June 23===
# [https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/002 OWASP Media Project]
#[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/001 OWASP Education Project]
#[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/003 OWASP 24/7 Podcast Series]
#[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/005 OWASP Code Review Guide]
#[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/005 OWASP OpenSAMM Session]

===Tuesday: June 24===
# [https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/002 OWASP Media Project]
#[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/003 OWASP 24/7 Podcast Series]
#[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/004 OWASP Developer Guide]
#[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/006 OWASP PCI Toolkit]
#[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/007 OWASP PHP Security Framework]
#[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/008 OWASP NinjaPingU]
#[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/011 OWASP Google Summer of Code]
#[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/008 OWASP PHPSEC and WebGoatPHP]
{| class="wikitable"
|-
!
! Monday 9:00am - 1:00pm
! Monday 2:00pm - 6:00pm
! Tuesday 9:00am - 1:00pm
! Tuesday 2:00pm - 6:00pm
|-
| '''Room 1''' || [https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/001 OWASP Education Project] || [https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/005 OWASP Code Review Guide] || [https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/002 OWASP Media Project] ||
[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/008 OWASP NinjaPingU]
|-
| '''Room 2''' || [https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/003 OWASP 24/7 Podcast Series] || || [https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/003 OWASP 24/7 Podcast Series] ||
[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/006 OWASP PCI Toolkit]
|-
| '''Room 3''' ||[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/004 OWASP Developer Guide] || [https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/004 OWASP Developer Guide] ||
[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/007 Google Summer of Code]
|[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/007 PHPSEC and WebGoatPHP]
|-
|}

OWASP Project Summit 2014/Working Sessions

2014-06-04T19:56:33Z

Samantha Groves: Reverted edits by Kait Disney-Leugers (talk) to last revision by Johanna Curiel

We are currently looking for more working session ideas for the summit. If you're interested in adding a Working Session for the 2014 Summit, please contact Samantha Groves (Samantha.Groves@owasp.org). Please review the [[Working Sessions Methodology|Working Session methodology]] for Working Session rules.

'''Keep checking back, as we will be adding more working sessions every week.'''

==Current Daily Schedule==

===Monday: June 23===

#[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/001 OWASP Education Project]
#[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/003 OWASP 24/7 Podcast Series]
#[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/004 OWASP Developer Guide]
#[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/005 OWASP Code Review Guide]

===Tuesday: June 24===
# [https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/002 OWASP Media Project]
#[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/003 OWASP 24/7 Podcast Series]
#[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/006 OWASP PCI Toolkit]
#[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/007 OWASP PHP Security Framework]
#[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/008 OWASP NinjaPingU]

{| class="wikitable"
|-
!
! Monday 9:00am - 1:00pm
! Monday 2:00pm - 6:00pm
! Tuesday 9:00am - 1:00pm
! Tuesday 2:00pm - 6:00pm
|-
| '''Room 1''' || [https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/001 OWASP Education Project] || [https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/005 OWASP Code Review Guide] || [https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/002 OWASP Media Project] ||
[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/008 OWASP NinjaPingU]
|-
| '''Room 2''' || [https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/003 OWASP 24/7 Podcast Series] || || [https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/003 OWASP 24/7 Podcast Series] ||
[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/006 OWASP PCI Toolkit]
|-
| '''Room 3''' ||[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/004 OWASP Developer Guide] || [https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/004 OWASP Developer Guide] ||
[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/007 Google Summer of Code]
|[https://www.owasp.org/index.php/Projects_Summit_2014/Working_Sessions/007 PHPSEC and WebGoatPHP]
|-
|}

Marketing/Resources

2014-06-04T19:52:32Z

Samantha Groves:

= WELCOME =
===OWASP Marketing: Designs and Downloads===

On this page, you will find the most current marketing materials and brand guidelines used by the OWASP Foundation. We have everything from logos and business cards to banner stand and brochure designs all for your use. Most of the files found on this page are in a PDF, EPS, or JPEG format; however, some pieces have the original Creative Suite files zipped in a toolbox. We recommend using the PDF, EPS, and JPEG files first as they are the easiest to use. If you need to edit a design piece, then you are more than welcome to download the Creative Suite files if you have access to Adobe In-Design, Photoshop, and Illustrator. If you require an edit to a design, and you do not have access to Adobe Creative Suite, then please let us know by using the [http://owasp4.owasp.org/contactus.html OWASP Contact Us form].

Note: Before you download and use any of the marketing materials on this page, please be sure to read the Brand Usage Rules and Guidelines. It is important to understand how we expect contributors to use these materials as well as what is acceptable and what it not when it comes to usage of our brand and visual Identity.

[https://owasp.org/index.php/File:OWASP_LOGOS_2013.zip OWASP Logo Toolbox 2013 EPS]

[https://www.owasp.org/index.php/File:OWASP_LOGO_PNGs.zip OWASP Logo Toolbox 2013 PNG]

[https://owasp.org/index.php/File:OWASP_2014_Office_Toolbox.zip OWASP Office Toolbox 2014]

= BRAND GUIDELINES =
===The Brand Usage Rules===
OWASP's philosophy is that achieving security involves all parts of an organization, including people, process, and technology. We support the use of our brand consistent with this philosophy. However, we cannot allow the use of our brand when it implies something inconsistent with OWASP's comprehensive and balanced approach to application security. Therefore, we have defined these brand usage rules to clarify appropriate and inappropriate uses of the OWASP brand, including our name, domain, logos, project names, and other trademarks.

The Brand Guideline documents and rules below provide details and instruction on how to use the OWASP logo and brand. The quick reference sheet goes over the basics of the OWASP brand logo and a brief overview of customizable options. The Brand Guidelines document gives the entire description of the OWASP brand, its public use, and the options to customize the logo based on personal desire. The guidelines cover the OWASP signature, size and spacing, colors, imagery, and typefaces.

====Rules====

The following rules make reference to the OWASP Materials, meaning any tools, documentation, or other content from OWASP. The rules also make reference to "OWASP Published Standards" which are currently in the process of being developed and released. Currently there are no OWASP Published Standards.

#The OWASP Brand may be used to direct people to the OWASP website for information about application security.
#The OWASP Brand may be used in commentary about the materials found on the OWASP website.
#The OWASP Brand may be used by OWASP Members in good standing to promote a person or company's involvement in OWASP.
#The OWASP Brand may be used in association with an application security assessment only if a complete and detailed methodology, sufficient to reproduce the results, is disclosed.
#The OWASP Brand must not be used in a manner that suggests that The OWASP Foundation supports, advocates, or recommends any particular product or technology.
#The OWASP Brand must not be used in a manner that suggests that a product or technology is compliant with any OWASP Materials other than an OWASP Published Standard.
#The OWASP Brand must not be used in a manner that suggests that a product or technology can enable compliance with any OWASP Materials other than an OWASP Published Standard.
#The OWASP Brand must not be used in any materials that could mislead readers by narrowly interpreting a broad application security category. For example, a vendor product that can find or protect against forced browsing must not claim that they address all of the access control category.
#The OWASP Brand may be used by special arrangement with The OWASP Foundation.

== Brand Guidelines document ==
{|
|-
! width="500" align="center" | 
! width="300" align="center" | 
|-
| align="center" | [[Image:PrimarySig.png‎|500px| link=https://www.owasp.org/images/2/2b/Owasp_ISM8_FINAL.pdf]]
| align="center" |

|}

== Brand Reference Sheet ==
{|
|-
! width="500" align="center" | 
! width="300" align="center" | 
|-
| align="center" | [[Image:OWASP_Quick_Ref.jpg‎|500px| link=https://www.owasp.org/images/b/b4/Owasp_ISM_quickref_FINAL.pdf]]
| align="center" |

|}

==Open Source Typefaces==

Below is a list of open source typefaces the community can use as an alternative to the typefaces suggested in the brand guidelines document.

====Similar to House Gothic:====

*[http://www.fontsquirrel.com/fonts/Titillium?q%5Bterm%5D=Titillium&q%5Bsearch_check%5D=Y Titillium Typeface]
*[http://www.fontsquirrel.com/fonts/armata Armata Typeface]

====Similar to Joanna:====

*[http://www.fontsquirrel.com/fonts/enriqueta Enriqueta]
*[http://www.fontsquirrel.com/fonts/DejaVu-Serif Deja Vu]
*[http://www.fontsquirrel.com/fonts/brawler Brawler]

= IDENTITY =

===The OWASP Brand===
Circulation of the OWASP brand is a key part in the growth of OWASP. For all OWASP related needs, the OWASP identity is available in the form of logos, letterheads, business cards, envelopes and Power Point presentation templates. These materials are useful when putting together OWASP related documents, and when representing OWASP both within and outside the community. Please refer to the brand guidelines document concerning the usage of the OWASP brand.

== Logos ==
[https://owasp.org/index.php/File:OWASP_LOGOS_2013.zip OWASP Logo Toolbox 2013 EPS]

[https://www.owasp.org/index.php/File:OWASP_LOGO_PNGs.zip OWASP Logo Toolbox 2013 PNG]

[[Image:Owasp logo.jpg|Owasp logo|300px]] [[Image:Owasp logo 1c.jpg||Owasp logo 1c|300px]]

[[Image:Logo3.jpg|Owasp logo|300px]] [[Image:Logo4.jpg||Owasp logo 1c|300px]]

[[Image:Owasp logo rev icon.jpg|Owasp logo rev icon|100px]] [[Image:Owasp logo flat2 icon.jpg|Owasp logo flat|100px]] [[Image:Owasp logo icon.jpg|Owasp logo icon|100px]] [[Image:Owasp logo 1c icon.jpg|Owasp logo 1c icon|100px]]

== Identity Package ==

=== Letterhead ===
{|
|-
! width="500" align="center" | 
! width="300" align="center" | 
|-
| align="center" | [[Image:Proof.jpg|475px| link=https://www.owasp.org/images/e/ea/Proof.pdf]]
| align="center" |

|}

=== Business Cards ===
{|
|-
! width="500" align="center" | 
! width="300" align="center" | 
|-
| align="center" | [[Image:BC OWASP 2013.jpg|475px|link=https://www.owasp.org/images/f/f7/Owasp_bc_nobleed_editable.pdf]]
| align="center" |

|}

=== Envelope ===
{|
|-
! width="500" align="center" | 
! width="300" align="center" | 
|-
| align="center" | [[Image:Envelope.jpg|475px| link=https://www.owasp.org/images/2/29/Proof_1.pdf]]
| align="center" |

|}

== PPT Templates ==

[https://www.owasp.org/images/5/5d/PPT_2013_Toolbox.zip PPT Template Toolbox]

===PowerPoint 1===
{|
|-
! width="500" align="center" | 
! width="300" align="center" | 
|-
| align="center" | [[Image:Owasp ppt 1.jpg|475px| link=https://www.owasp.org/images/0/06/Owasp_ppt_1.pdf]]
| align="center" |

|}

===PowerPoint 2===
{|
|-
! width="500" align="center" | 
! width="300" align="center" | 
|-
| align="center" | [[Image:Owasp ppt 2.jpg|475px| link=https://www.owasp.org/images/0/02/Owasp_ppt_2.pdf]]
| align="center" |

|}

===PowerPoint 3===
{|
|-
! width="500" align="center" | 
! width="300" align="center" | 
|-
| align="center" | [[Image:Owasp ppt 3.jpg|475px| link=https://www.owasp.org/images/e/e2/Owasp_ppt_3.pdf]]
| align="center" |

|}

= AVATARS =
===Social Media===
Connect others to OWASP with the social media avatars. The avatars below can be used for Twitter, Facebook, LinkedIn and YouTube. Social media is the easiest way to keep up to date on the happenings within OWASP. You can either download the icons individually, or you can download them all via the Toolbox link below.

[https://www.owasp.org/images/1/12/Owasp_social_media.zip OWASP Social Media Toolbox]
==Facebook==
'''Icon'''

[[Image:Facebook icon.png|100px|]]

'''Coverphoto'''

[[Image:Coverphoto fb.png|500px|]]
==Google+==
'''Icon'''

[[Image:Googleplus icon.png|100px|]]

'''Coverphoto'''

[[Image:Coverphoto(1)googleplus.png|500px|]]
==LinkedIn==
'''Icon'''

[[Image:Linkedin icon.png]]

'''Large Icon'''

[[Image:Linkedin icon large.png]]

'''Coverphoto'''

[[Image:Coverphoto(2).png]]

==Pinterest==
'''Icon'''

[[Image:Pinterest icon.png|100px|]]
==Twitter==
'''Icon'''

[[Image:Twitter icon.png]]

'''Background'''

[[Image:Tiled background.png|300px|]]

==YouTube==
'''Icon'''

[[Image:Youtube icon.png]]

'''Background'''

[[Image:Tiled background.png|300px|]]

= BANNERS =

===OWASP Print and Web Banners===
Below you will find a print banner that you can use for events and conferences, and several web banners that are used for different operational areas within OWASP. The print banner download comes in a print ready PDF. It is ready to send to the printers.

== Conference Banner ==

{|
! width="500" align="center" | 
! width="300" align="center" | 
|-
| align="center" | [[Image:Banner_stand.png|500px| link=https://www.owasp.org/images/2/21/Owasp_bannerstand_final.pdf]]
| align="center" |
|}

==Web Banners==
[https://www.owasp.org/images/e/e0/Owasp_web_banners_small.zip OWASP Banner Toolbox Small]

[https://www.owasp.org/images/a/a7/Owasp_banners_Large.zip OWASP Banner Toolbox Large]

[[File:Owasp banner web edu.jpg|600px]]

[[File:Owasp banner web com.jpg|600px]]

[[File:Owasp banner web soc.jpg|600px]]

[[File:Owasp banner web ini.jpg|600px]]

[[File:Owasp banner web mem.jpg|600px]]

[[File:Owasp banner web pro.jpg|600px]]

[[File:Owasp banner web cha.jpg|600px]]

[[File:Owasp banner web ind.jpg|600px]]

[[File:Owasp banner web con.jpg|600px]]

== Previous Web Banners ==
[[Image:MEMBERSHIP_BANNER.jpg|600px]]

[[Image:EDUCATION_BANNER.jpg|600px]]

[[Image:CHAPTERS_BANNER.jpg|600px]]

[[Image:CONFERENCES_BANNER.jpg|600px]]

[[Image:PROJECTS_BANNER.jpg|600px]]

[[Image:MARKETING_BANNER.jpg|600px]]

[[Image:INDUSTRY_BANNER.jpg|600px]]

= INFORMATIVE =

==OWASP Information==

The purpose of the informative materials is to give an overview of OWASP and the benefits of membership. Provided below is the brief About Us flyer, as well as information about corporate and individual membership. Three form letters are provided in the New Member Welcome flyer and the e-brochure provides additional information. The final flyer provides information about OWASP project Zed Attack Proxy(ZAP), a penetration-testing tool. The features and functionality of ZAP are also outlined in the flyer.

=== About Us Flyer ===

{|
|-
! width="500" align="center" | 
! width="300" align="center" | 
|-
| align="center" | [[Image:Owasp aboutus flyer.jpg|500px| link=]]
| align="center" |

|}

=== Corporate and Individual Membership Flyer ===
{|
|-
! width="500" align="center" | 
! width="300" align="center" | 
|-
| align="center" | [[Image:OWASP Membership Flyer FINAL WEB.png|500px| link=https://www.owasp.org/images/2/21/OWASP_Membership_Flyer_FINAL_WEB.pdf]]
| align="center" |

|}

=== New Member Welcome Flyer ===
{|
|-
! width="500" align="center" | 
! width="300" align="center" | 
|-
| align="center" | [[Image:Owasp welcome letter(1).jpg|500px| link=]]
| align="center" |
|}

=== ZAP Flyer ===
{|
|-
! width="500" align="center" | 
! width="300" align="center" | 
|-
| align="center" | [[Image:ZAP.png|500px| link=https://www.owasp.org/images/2/23/Owasp_ZAP_Final.pdf]]
| align="center" |
|}

=== E-Brochure ===

[[Image:Owasp brochure final.jpg|400px|link:]]

= PROJECT RESOURCES =

==Project Icons & Templates==

The templates and icons below are the files used for our OWASP Projects. Here you will find icons that you can place on your wiki template to let viewers know what type of project they are looking at, and what stage the project is in. The operational OWASP Project wiki template can be copied onto another project page. If you require more assistance with these files and/or templates, please contact the OWASP staff for assistance

'''[https://www.owasp.org/index.php/OWASP_Operations_Project_Template OWASP Operational Wiki Template]'''

'''[https://www.owasp.org/index.php/OWASP_Documentation_Project_Template OWASP Example Template: DO NOT EDIT]'''

[[Image:OWASP_Project_Header.jpg|Owasp logo|500px]]

[[Image:Project_Type_Files_TOOL.jpg|Owasp logo|200px]] [[Image:Project_Type_Files_DOC.jpg||Owasp logo 1c|200px]]

[[Image:Project_Type_Files_CODE.jpg|Owasp logo|200px]] [[Image:Owasp-defenders-small.png|Owasp logo|100px]] [[Image:Owasp-builders-small.png|Owasp logo|100px]] [[Image:Owasp-breakers-small.png|Owasp logo|100px]]

[[Image:New projects.png|Owasp logo rev icon|100px]] [[Image:Midlevel projects.png|Owasp logo flat|100px]] [[image:Mature projects.png|Owasp logo icon|100px]]

===OpenSAMM===
'''[https://owasp.org/images/5/53/OpenSAMM_icons.zip OpenSAMM Icons]'''

'''Construction:'''

[[Image:Construction black.png| Construction black| 100px]] [[Image:Construction blue.png| Construction blue| 100px]] [[image:Construction olive.png |construction olive|100px]]

'''Deployment:'''

[[image:Deployment black.png| Deployment black| 100px]] [[image:Deployment blue.png| Deployment blue| 100px]] [[image:Deployment olive.png | Deployment olive| 100px]]

'''Governance:'''

[[image:Governance black.png| governance black| 100px]] [[image:Governance blue.png | governance blue | 100px]] [[image:Governance olive.png | governance olive| 100px]]

'''Verification:'''

[[image:Verification black.png | Verification black | 100px]] [[image:Verification blue.png | verification blue | 100px]] [[image: Verification olive.png | Verification olive | 100px]]

==Book Cover Files==

[https://www.owasp.org/images/d/d3/Lulu-guide.pdf Lulu Guide]

Below you will find the Adobe Illustrator, Photoshop, and In-Design files for past OWASP Documentation books. You will need a copy of Adobe Creative Suite to edit these files. If you want to use these templates, but do not have Adobe Creative Suite, please contact the OWASP staff for assistance.

'''[https://www.dropbox.com/s/h27gsbe5m7idg0y/Finished%20Covers.zip Download the Book Cover Zip File]'''
{|
|-
! width="500" align="center" | 
! width="300" align="center" | 
|-
| align="center" | [[Image:BookImage_01.jpg‎|500px| link=https://www.dropbox.com/s/h27gsbe5m7idg0y/Finished%20Covers.zip]]
| align="center" |

|}

= MARKETING RESEARCH =

==Marketing Research==

Sisterworks Publishing and Design Foundry were contracted to help OWASP develop a consistent brand message and style. Both companies, along with the OWASP staff, worked together on this marketing project with the aim of developing consistent brand visual identity and messaging. The marketing project was separated into three phases. The first phase was the market research phase during which Sisterworks and Design Foundry undertook market research initiatives of the overall competitive landscape OWASP exists within. The second phase involved the development of a proposed marketing plan, and included marketing recommendations for OWASP to consider in the future.

[https://www.owasp.org/images/9/9d/Marketing_Reserach.zip Marketing Research]

===Marketing Research Explained===
{|
|-
! width="500" align="center" | 
! width="300" align="center" | 
|-
| align="center" | [[Image:Page-0.jpg|500px| link=https://www.owasp.org/images/7/7c/OWASP_Background-Research_Phase1_Final_%281%29.pdf]]
| align="center" |

|}
===Marketing Strategy Recommendations===
{|
|-
! width="500" align="center" | 
! width="300" align="center" | 
|-
| align="center" | [[Image:Marketing Strategy.jpg|500px| link=https://www.owasp.org/images/c/c5/OWASP_Recommendations-Presentation2-April24.pdf]]
| align="center" |

|}
===SEO Audit and Recommendations===
{|
|-
! width="500" align="center" | 
! width="300" align="center" | 
|-
| align="center" | [[Image:SEO Audits.jpg|500px| link=https://www.owasp.org/images/4/48/OWASP-SEO-Content-Audit-Final-6-7-2013.pdf]]
| align="center" |

|}

=CONTACT=

==Contact Us==

If you are interested in another piece of OWASP design for your event or project, please let us know by using the [http://owasp4.owasp.org/contactus.html OWASP Contact Us form].

<headertabs / >

Marketing/Resources

2014-06-04T19:52:13Z

Samantha Groves:

= WELCOME =
===OWASP Marketing: Designs and Downloads===

On this page, you will find the most current marketing materials and brand guidelines used by the OWASP Foundation. We have everything from logos and business cards to banner stand and brochure designs all for your use. Most of the files found on this page are in a PDF, EPS, or JPEG format; however, some pieces have the original Creative Suite files zipped in a toolbox. We recommend using the PDF, EPS, and JPEG files first as they are the easiest to use. If you need to edit a design piece, then you are more than welcome to download the Creative Suite files if you have access to Adobe In-Design, Photoshop, and Illustrator. If you require an edit to a design, and you do not have access to Adobe Creative Suite, then please let us know by using the [http://owasp4.owasp.org/contactus.html OWASP Contact Us form].

Note: Before you download and use any of the marketing materials on this page, please be sure to read the Brand Usage Rules and Guidelines. It is important to understand how we expect contributors to use these materials as well as what is acceptable and what it not when it comes to usage of our brand and visual Identity.

[https://owasp.org/index.php/File:OWASP_LOGOS_2013.zip OWASP Logo Toolbox 2013 EPS]

[https://www.owasp.org/index.php/File:OWASP_LOGO_PNGs.zip OWASP Logo Toolbox 2013 PNG]

[https://owasp.org/index.php/File:OWASP_2014_Office_Toolbox.zip OWASP Office Toolbox 2014 EPS]

= BRAND GUIDELINES =
===The Brand Usage Rules===
OWASP's philosophy is that achieving security involves all parts of an organization, including people, process, and technology. We support the use of our brand consistent with this philosophy. However, we cannot allow the use of our brand when it implies something inconsistent with OWASP's comprehensive and balanced approach to application security. Therefore, we have defined these brand usage rules to clarify appropriate and inappropriate uses of the OWASP brand, including our name, domain, logos, project names, and other trademarks.

The Brand Guideline documents and rules below provide details and instruction on how to use the OWASP logo and brand. The quick reference sheet goes over the basics of the OWASP brand logo and a brief overview of customizable options. The Brand Guidelines document gives the entire description of the OWASP brand, its public use, and the options to customize the logo based on personal desire. The guidelines cover the OWASP signature, size and spacing, colors, imagery, and typefaces.

====Rules====

The following rules make reference to the OWASP Materials, meaning any tools, documentation, or other content from OWASP. The rules also make reference to "OWASP Published Standards" which are currently in the process of being developed and released. Currently there are no OWASP Published Standards.

#The OWASP Brand may be used to direct people to the OWASP website for information about application security.
#The OWASP Brand may be used in commentary about the materials found on the OWASP website.
#The OWASP Brand may be used by OWASP Members in good standing to promote a person or company's involvement in OWASP.
#The OWASP Brand may be used in association with an application security assessment only if a complete and detailed methodology, sufficient to reproduce the results, is disclosed.
#The OWASP Brand must not be used in a manner that suggests that The OWASP Foundation supports, advocates, or recommends any particular product or technology.
#The OWASP Brand must not be used in a manner that suggests that a product or technology is compliant with any OWASP Materials other than an OWASP Published Standard.
#The OWASP Brand must not be used in a manner that suggests that a product or technology can enable compliance with any OWASP Materials other than an OWASP Published Standard.
#The OWASP Brand must not be used in any materials that could mislead readers by narrowly interpreting a broad application security category. For example, a vendor product that can find or protect against forced browsing must not claim that they address all of the access control category.
#The OWASP Brand may be used by special arrangement with The OWASP Foundation.

== Brand Guidelines document ==
{|
|-
! width="500" align="center" | 
! width="300" align="center" | 
|-
| align="center" | [[Image:PrimarySig.png‎|500px| link=https://www.owasp.org/images/2/2b/Owasp_ISM8_FINAL.pdf]]
| align="center" |

|}

== Brand Reference Sheet ==
{|
|-
! width="500" align="center" | 
! width="300" align="center" | 
|-
| align="center" | [[Image:OWASP_Quick_Ref.jpg‎|500px| link=https://www.owasp.org/images/b/b4/Owasp_ISM_quickref_FINAL.pdf]]
| align="center" |

|}

==Open Source Typefaces==

Below is a list of open source typefaces the community can use as an alternative to the typefaces suggested in the brand guidelines document.

====Similar to House Gothic:====

*[http://www.fontsquirrel.com/fonts/Titillium?q%5Bterm%5D=Titillium&q%5Bsearch_check%5D=Y Titillium Typeface]
*[http://www.fontsquirrel.com/fonts/armata Armata Typeface]

====Similar to Joanna:====

*[http://www.fontsquirrel.com/fonts/enriqueta Enriqueta]
*[http://www.fontsquirrel.com/fonts/DejaVu-Serif Deja Vu]
*[http://www.fontsquirrel.com/fonts/brawler Brawler]

= IDENTITY =

===The OWASP Brand===
Circulation of the OWASP brand is a key part in the growth of OWASP. For all OWASP related needs, the OWASP identity is available in the form of logos, letterheads, business cards, envelopes and Power Point presentation templates. These materials are useful when putting together OWASP related documents, and when representing OWASP both within and outside the community. Please refer to the brand guidelines document concerning the usage of the OWASP brand.

== Logos ==
[https://owasp.org/index.php/File:OWASP_LOGOS_2013.zip OWASP Logo Toolbox 2013 EPS]

[https://www.owasp.org/index.php/File:OWASP_LOGO_PNGs.zip OWASP Logo Toolbox 2013 PNG]

[[Image:Owasp logo.jpg|Owasp logo|300px]] [[Image:Owasp logo 1c.jpg||Owasp logo 1c|300px]]

[[Image:Logo3.jpg|Owasp logo|300px]] [[Image:Logo4.jpg||Owasp logo 1c|300px]]

[[Image:Owasp logo rev icon.jpg|Owasp logo rev icon|100px]] [[Image:Owasp logo flat2 icon.jpg|Owasp logo flat|100px]] [[Image:Owasp logo icon.jpg|Owasp logo icon|100px]] [[Image:Owasp logo 1c icon.jpg|Owasp logo 1c icon|100px]]

== Identity Package ==

=== Letterhead ===
{|
|-
! width="500" align="center" | 
! width="300" align="center" | 
|-
| align="center" | [[Image:Proof.jpg|475px| link=https://www.owasp.org/images/e/ea/Proof.pdf]]
| align="center" |

|}

=== Business Cards ===
{|
|-
! width="500" align="center" | 
! width="300" align="center" | 
|-
| align="center" | [[Image:BC OWASP 2013.jpg|475px|link=https://www.owasp.org/images/f/f7/Owasp_bc_nobleed_editable.pdf]]
| align="center" |

|}

=== Envelope ===
{|
|-
! width="500" align="center" | 
! width="300" align="center" | 
|-
| align="center" | [[Image:Envelope.jpg|475px| link=https://www.owasp.org/images/2/29/Proof_1.pdf]]
| align="center" |

|}

== PPT Templates ==

[https://www.owasp.org/images/5/5d/PPT_2013_Toolbox.zip PPT Template Toolbox]

===PowerPoint 1===
{|
|-
! width="500" align="center" | 
! width="300" align="center" | 
|-
| align="center" | [[Image:Owasp ppt 1.jpg|475px| link=https://www.owasp.org/images/0/06/Owasp_ppt_1.pdf]]
| align="center" |

|}

===PowerPoint 2===
{|
|-
! width="500" align="center" | 
! width="300" align="center" | 
|-
| align="center" | [[Image:Owasp ppt 2.jpg|475px| link=https://www.owasp.org/images/0/02/Owasp_ppt_2.pdf]]
| align="center" |

|}

===PowerPoint 3===
{|
|-
! width="500" align="center" | 
! width="300" align="center" | 
|-
| align="center" | [[Image:Owasp ppt 3.jpg|475px| link=https://www.owasp.org/images/e/e2/Owasp_ppt_3.pdf]]
| align="center" |

|}

= AVATARS =
===Social Media===
Connect others to OWASP with the social media avatars. The avatars below can be used for Twitter, Facebook, LinkedIn and YouTube. Social media is the easiest way to keep up to date on the happenings within OWASP. You can either download the icons individually, or you can download them all via the Toolbox link below.

[https://www.owasp.org/images/1/12/Owasp_social_media.zip OWASP Social Media Toolbox]
==Facebook==
'''Icon'''

[[Image:Facebook icon.png|100px|]]

'''Coverphoto'''

[[Image:Coverphoto fb.png|500px|]]
==Google+==
'''Icon'''

[[Image:Googleplus icon.png|100px|]]

'''Coverphoto'''

[[Image:Coverphoto(1)googleplus.png|500px|]]
==LinkedIn==
'''Icon'''

[[Image:Linkedin icon.png]]

'''Large Icon'''

[[Image:Linkedin icon large.png]]

'''Coverphoto'''

[[Image:Coverphoto(2).png]]

==Pinterest==
'''Icon'''

[[Image:Pinterest icon.png|100px|]]
==Twitter==
'''Icon'''

[[Image:Twitter icon.png]]

'''Background'''

[[Image:Tiled background.png|300px|]]

==YouTube==
'''Icon'''

[[Image:Youtube icon.png]]

'''Background'''

[[Image:Tiled background.png|300px|]]

= BANNERS =

===OWASP Print and Web Banners===
Below you will find a print banner that you can use for events and conferences, and several web banners that are used for different operational areas within OWASP. The print banner download comes in a print ready PDF. It is ready to send to the printers.

== Conference Banner ==

{|
! width="500" align="center" | 
! width="300" align="center" | 
|-
| align="center" | [[Image:Banner_stand.png|500px| link=https://www.owasp.org/images/2/21/Owasp_bannerstand_final.pdf]]
| align="center" |
|}

==Web Banners==
[https://www.owasp.org/images/e/e0/Owasp_web_banners_small.zip OWASP Banner Toolbox Small]

[https://www.owasp.org/images/a/a7/Owasp_banners_Large.zip OWASP Banner Toolbox Large]

[[File:Owasp banner web edu.jpg|600px]]

[[File:Owasp banner web com.jpg|600px]]

[[File:Owasp banner web soc.jpg|600px]]

[[File:Owasp banner web ini.jpg|600px]]

[[File:Owasp banner web mem.jpg|600px]]

[[File:Owasp banner web pro.jpg|600px]]

[[File:Owasp banner web cha.jpg|600px]]

[[File:Owasp banner web ind.jpg|600px]]

[[File:Owasp banner web con.jpg|600px]]

== Previous Web Banners ==
[[Image:MEMBERSHIP_BANNER.jpg|600px]]

[[Image:EDUCATION_BANNER.jpg|600px]]

[[Image:CHAPTERS_BANNER.jpg|600px]]

[[Image:CONFERENCES_BANNER.jpg|600px]]

[[Image:PROJECTS_BANNER.jpg|600px]]

[[Image:MARKETING_BANNER.jpg|600px]]

[[Image:INDUSTRY_BANNER.jpg|600px]]

= INFORMATIVE =

==OWASP Information==

The purpose of the informative materials is to give an overview of OWASP and the benefits of membership. Provided below is the brief About Us flyer, as well as information about corporate and individual membership. Three form letters are provided in the New Member Welcome flyer and the e-brochure provides additional information. The final flyer provides information about OWASP project Zed Attack Proxy(ZAP), a penetration-testing tool. The features and functionality of ZAP are also outlined in the flyer.

=== About Us Flyer ===

{|
|-
! width="500" align="center" | 
! width="300" align="center" | 
|-
| align="center" | [[Image:Owasp aboutus flyer.jpg|500px| link=]]
| align="center" |

|}

=== Corporate and Individual Membership Flyer ===
{|
|-
! width="500" align="center" | 
! width="300" align="center" | 
|-
| align="center" | [[Image:OWASP Membership Flyer FINAL WEB.png|500px| link=https://www.owasp.org/images/2/21/OWASP_Membership_Flyer_FINAL_WEB.pdf]]
| align="center" |

|}

=== New Member Welcome Flyer ===
{|
|-
! width="500" align="center" | 
! width="300" align="center" | 
|-
| align="center" | [[Image:Owasp welcome letter(1).jpg|500px| link=]]
| align="center" |
|}

=== ZAP Flyer ===
{|
|-
! width="500" align="center" | 
! width="300" align="center" | 
|-
| align="center" | [[Image:ZAP.png|500px| link=https://www.owasp.org/images/2/23/Owasp_ZAP_Final.pdf]]
| align="center" |
|}

=== E-Brochure ===

[[Image:Owasp brochure final.jpg|400px|link:]]

= PROJECT RESOURCES =

==Project Icons & Templates==

The templates and icons below are the files used for our OWASP Projects. Here you will find icons that you can place on your wiki template to let viewers know what type of project they are looking at, and what stage the project is in. The operational OWASP Project wiki template can be copied onto another project page. If you require more assistance with these files and/or templates, please contact the OWASP staff for assistance

'''[https://www.owasp.org/index.php/OWASP_Operations_Project_Template OWASP Operational Wiki Template]'''

'''[https://www.owasp.org/index.php/OWASP_Documentation_Project_Template OWASP Example Template: DO NOT EDIT]'''

[[Image:OWASP_Project_Header.jpg|Owasp logo|500px]]

[[Image:Project_Type_Files_TOOL.jpg|Owasp logo|200px]] [[Image:Project_Type_Files_DOC.jpg||Owasp logo 1c|200px]]

[[Image:Project_Type_Files_CODE.jpg|Owasp logo|200px]] [[Image:Owasp-defenders-small.png|Owasp logo|100px]] [[Image:Owasp-builders-small.png|Owasp logo|100px]] [[Image:Owasp-breakers-small.png|Owasp logo|100px]]

[[Image:New projects.png|Owasp logo rev icon|100px]] [[Image:Midlevel projects.png|Owasp logo flat|100px]] [[image:Mature projects.png|Owasp logo icon|100px]]

===OpenSAMM===
'''[https://owasp.org/images/5/53/OpenSAMM_icons.zip OpenSAMM Icons]'''

'''Construction:'''

[[Image:Construction black.png| Construction black| 100px]] [[Image:Construction blue.png| Construction blue| 100px]] [[image:Construction olive.png |construction olive|100px]]

'''Deployment:'''

[[image:Deployment black.png| Deployment black| 100px]] [[image:Deployment blue.png| Deployment blue| 100px]] [[image:Deployment olive.png | Deployment olive| 100px]]

'''Governance:'''

[[image:Governance black.png| governance black| 100px]] [[image:Governance blue.png | governance blue | 100px]] [[image:Governance olive.png | governance olive| 100px]]

'''Verification:'''

[[image:Verification black.png | Verification black | 100px]] [[image:Verification blue.png | verification blue | 100px]] [[image: Verification olive.png | Verification olive | 100px]]

==Book Cover Files==

[https://www.owasp.org/images/d/d3/Lulu-guide.pdf Lulu Guide]

Below you will find the Adobe Illustrator, Photoshop, and In-Design files for past OWASP Documentation books. You will need a copy of Adobe Creative Suite to edit these files. If you want to use these templates, but do not have Adobe Creative Suite, please contact the OWASP staff for assistance.

'''[https://www.dropbox.com/s/h27gsbe5m7idg0y/Finished%20Covers.zip Download the Book Cover Zip File]'''
{|
|-
! width="500" align="center" | 
! width="300" align="center" | 
|-
| align="center" | [[Image:BookImage_01.jpg‎|500px| link=https://www.dropbox.com/s/h27gsbe5m7idg0y/Finished%20Covers.zip]]
| align="center" |

|}

= MARKETING RESEARCH =

==Marketing Research==

Sisterworks Publishing and Design Foundry were contracted to help OWASP develop a consistent brand message and style. Both companies, along with the OWASP staff, worked together on this marketing project with the aim of developing consistent brand visual identity and messaging. The marketing project was separated into three phases. The first phase was the market research phase during which Sisterworks and Design Foundry undertook market research initiatives of the overall competitive landscape OWASP exists within. The second phase involved the development of a proposed marketing plan, and included marketing recommendations for OWASP to consider in the future.

[https://www.owasp.org/images/9/9d/Marketing_Reserach.zip Marketing Research]

===Marketing Research Explained===
{|
|-
! width="500" align="center" | 
! width="300" align="center" | 
|-
| align="center" | [[Image:Page-0.jpg|500px| link=https://www.owasp.org/images/7/7c/OWASP_Background-Research_Phase1_Final_%281%29.pdf]]
| align="center" |

|}
===Marketing Strategy Recommendations===
{|
|-
! width="500" align="center" | 
! width="300" align="center" | 
|-
| align="center" | [[Image:Marketing Strategy.jpg|500px| link=https://www.owasp.org/images/c/c5/OWASP_Recommendations-Presentation2-April24.pdf]]
| align="center" |

|}
===SEO Audit and Recommendations===
{|
|-
! width="500" align="center" | 
! width="300" align="center" | 
|-
| align="center" | [[Image:SEO Audits.jpg|500px| link=https://www.owasp.org/images/4/48/OWASP-SEO-Content-Audit-Final-6-7-2013.pdf]]
| align="center" |

|}

=CONTACT=

==Contact Us==

If you are interested in another piece of OWASP design for your event or project, please let us know by using the [http://owasp4.owasp.org/contactus.html OWASP Contact Us form].

<headertabs / >

File:OWASP 2014 Office Toolbox.zip

2014-06-04T19:51:15Z

Samantha Groves:

Projects/OWASP GoatDroid Project

2014-06-04T16:54:15Z

Samantha Groves:

=Main=

<div style="width:100%;height:160px;border:0,margin:0;overflow: hidden;">[[File:OWASP_Project_Header.jpg|link=]]</div>

{| style="padding: 0;margin:0;margin-top:10px;text-align:left;" |-
| valign="top" style="border-right: 1px dotted gray;padding-right:25px;" |

==GoatDroid==

The OWASP GoatDroid Project is a fully functional and self-contained environment for learning about Android security.

==Introduction==

GoatDroid requires minimal dependencies, and is ideal for both Android beginners as well as more advanced users. The project currently includes two applications: FourGoats, a location based social network, and Herd Financial, a mobile banking application.

==Description==

OWASP GoatDroid is a fully functional and self-contained training environment for educating developers and testers on Android security. GoatDroid requires minimal dependencies and is ideal for both Android beginners as well as more advanced users. The project currently includes two applications: FourGoats, a location-based social network, and Herd Financial, a mobile banking application. There are also several feature that greatly simplify usage within a training environment or for absolute beginners who want a good introduction to working with the Android platform.

As the Android SDK introduces new features, the GoatDroid contributors will strive to implement up-to-date lessons that can educate developers and security testers on new security issues. The project currently provides coverage for most of the OWASP Top 10 Mobile Risks and also includes a bunch of other problems as well.

Contributions will always be needed in order to keep this project moving at a pace that can support the seemingly endless new problems to tackle. If you are interested, please contact the project's leaders or send an email to the OWASP Mobile Security Project mailing list. We welcome code contributors, beta testers, new feature suggestions, and feedback always!

==Licensing==
GoatDroid is published by OWASP under the GPLv3 license. You should read and accept the LICENSE before you use, modify, and/or redistribute this software.

| valign="top" style="padding-left:25px;width:200px;border-right: 1px dotted gray;padding-right:25px;" |

== What is XXX? ==

OWASP XXX provides:

* xxx
* xxx

== Presentation ==

Link to presentation

== Project Leader ==

Jack Mannino

== Related Projects ==

* [[OWASP_Mobile_Security_Project]]

== Ohloh ==

*https://www.ohloh.net/p/owasp-goatdroid-project

| valign="top" style="padding-left:25px;width:200px;" |

== Quick Download ==

* Link to page/download

== News and Events ==
* [20 Nov 2013] News 2
* [30 Sep 2013] News 1

== In Print ==
This project can be purchased as a print on demand book from Lulu.com

==Classifications==

{| width="200" cellpadding="2"
|-
| align="center" valign="top" width="50%" rowspan="2"| [[File:New projects.png|100px|link=https://www.owasp.org/index.php/OWASP_Project_Stages#tab=Incubator_Projects]]
| align="center" valign="top" width="50%"| [[File:Owasp-builders-small.png|link=]]
|-
| align="center" valign="top" width="50%"| [[File:Owasp-defenders-small.png|link=]]
|-
| colspan="2" align="center" | [[File:Cc-button-y-sa-small.png|link=http://creativecommons.org/licenses/by-sa/3.0/]]
|-
| colspan="2" align="center" | [[File:Project_Type_Files_CODE.jpg|link=]]
|}

|}

=FAQs=

; Q1
: A1

; Q2
: A2

= Acknowledgements =
==Volunteers==
XXX is developed by a worldwide team of volunteers. The primary contributors to date have been:

* xxx
* xxx

==Others==
* xxx
* xxx

= Road Map and Getting Involved =
As of XXX, the priorities are:
* xxx
* xxx
* xxx

Involvement in the development and promotion of XXX is actively encouraged!
You do not have to be a security expert in order to contribute.
Some of the ways you can help:
* xxx
* xxx

__NOTOC__ <headertabs />

[[Category:OWASP Project]] [[Category:OWASP_Builders]] [[Category:OWASP_Defenders]] [[Category:OWASP_Document]]

Projects/OWASP GoatDroid Project

2014-06-04T16:52:33Z

Samantha Groves:

=Main=

<div style="width:100%;height:160px;border:0,margin:0;overflow: hidden;">[[File:OWASP_Project_Header.jpg|link=]]</div>

{| style="padding: 0;margin:0;margin-top:10px;text-align:left;" |-
| valign="top" style="border-right: 1px dotted gray;padding-right:25px;" |

==GoatDroid==

The OWASP GoatDroid Project is a fully functional and self-contained environment for learning about Android security.

==Introduction==

GoatDroid requires minimal dependencies, and is ideal for both Android beginners as well as more advanced users. The project currently includes two applications: FourGoats, a location based social network, and Herd Financial, a mobile banking application.

==Description==

OWASP GoatDroid is a fully functional and self-contained training environment for educating developers and testers on Android security. GoatDroid requires minimal dependencies and is ideal for both Android beginners as well as more advanced users. The project currently includes two applications: FourGoats, a location-based social network, and Herd Financial, a mobile banking application. There are also several feature that greatly simplify usage within a training environment or for absolute beginners who want a good introduction to working with the Android platform.

As the Android SDK introduces new features, the GoatDroid contributors will strive to implement up-to-date lessons that can educate developers and security testers on new security issues. The project currently provides coverage for most of the OWASP Top 10 Mobile Risks and also includes a bunch of other problems as well.

Contributions will always be needed in order to keep this project moving at a pace that can support the seemingly endless new problems to tackle. If you are interested, please contact the project's leaders or send an email to the OWASP Mobile Security Project mailing list. We welcome code contributors, beta testers, new feature suggestions, and feedback always!

==Licensing==
GoatDroid is published by OWASP under the GPLv3 license. You should read and accept the LICENSE before you use, modify, and/or redistribute this software.

| valign="top" style="padding-left:25px;width:200px;border-right: 1px dotted gray;padding-right:25px;" |

== What is XXX? ==

OWASP XXX provides:

* xxx
* xxx

== Presentation ==

Link to presentation

== Project Leader ==

Jack Mannino

== Related Projects ==

* [[OWASP_Mobile_Security_Project]]

== Ohloh ==

*https://www.ohloh.net/p/owasp-goatdroid-project

| valign="top" style="padding-left:25px;width:200px;" |

== Quick Download ==

* Link to page/download

== News and Events ==
* [20 Nov 2013] News 2
* [30 Sep 2013] News 1

== In Print ==
This project can be purchased as a print on demand book from Lulu.com

==Classifications==

{| width="200" cellpadding="2"
|-
| align="center" valign="top" width="50%" rowspan="2"| [[File:New projects.png|100px|link=https://www.owasp.org/index.php/OWASP_Project_Stages#tab=Incubator_Projects]]
| align="center" valign="top" width="50%"| [[File:Owasp-builders-small.png|link=]]
|-
| align="center" valign="top" width="50%"| [[File:Owasp-defenders-small.png|link=]]
|-
| colspan="2" align="center" | [[File:Cc-button-y-sa-small.png|link=http://creativecommons.org/licenses/by-sa/3.0/]]
|-
| colspan="2" align="center" | [[File:Project_Type_Files_CODE.jpg|link=]]
|}

|}

=FAQs=

; Q1
: A1

; Q2
: A2

= Acknowledgements =
==Volunteers==
XXX is developed by a worldwide team of volunteers. The primary contributors to date have been:

* xxx
* xxx

==Others==
* xxx
* xxx

= Road Map and Getting Involved =
As of XXX, the priorities are:
* xxx
* xxx
* xxx

Involvement in the development and promotion of XXX is actively encouraged!
You do not have to be a security expert in order to contribute.
Some of the ways you can help:
* xxx
* xxx

=Project About=
{{:Projects/OWASP_GoatDroid_Project}}

__NOTOC__ <headertabs />

[[Category:OWASP Project]] [[Category:OWASP_Builders]] [[Category:OWASP_Defenders]] [[Category:OWASP_Document]]

OWASP Project Inventory

2014-05-28T00:20:57Z

Samantha Groves:

OWASP Project Inventory

2014-05-28T00:20:33Z

Samantha Groves:

Category:OWASP Project

2014-05-28T00:20:08Z

Samantha Groves:

__NOTOC__
{|
|-
! width="700" align="center" | 
! width="500" align="center" | 
|-
| align="right" | [[Image:Owasp_banner_web_pro.jpg|800px| link=https://www.owasp.org/index.php/Category:OWASP_Project]]
| align="right" |

|}

= Welcome =
{| style="width: 100%;"
|-
| style="width: 100%; color: rgb(0, 0, 0);" |
{| style="border: 0px solid ; background: transparent none repeat scroll 0% 0%; width: 100%; -moz-background-clip: border; -moz-background-origin: padding; -moz-background-inline-policy: continuous;"
|-
| style="width: 95%; color: rgb(0, 0, 0);" |


=== OWASP Project Inventory ===

All OWASP tools, document, and code library projects are organized into the following [https://www.owasp.org/index.php/OWASP_Project_Stages categories:]

* '''[https://www.owasp.org/index.php/OWASP_Project_Inventory#Flagship_Projects Flagship Projects:]''' The OWASP Flagship designation is given to projects that have demonstrated strategic value to OWASP and application security as a whole.

* '''[https://www.owasp.org/index.php/OWASP_Project_Inventory#Labs_Projects Lab Projects:]''' OWASP Labs projects represent projects that have produced an OWASP reviewed deliverable of value.

* '''[https://www.owasp.org/index.php/OWASP_Project_Inventory#Incubator_Projects Incubator Projects:]''' OWASP Incubator projects represent the experimental playground where projects are still being fleshed out, ideas are still being proven, and development is still underway.

=== Welcome to the OWASP Global Projects Page ===

An OWASP project is a collection of related tasks that have a defined roadmap and team members. OWASP project leaders are responsible for defining the vision, roadmap, and tasks for the project. The project leader also promotes the project and builds the team. OWASP currently has over 142 active projects, and new project applications are submitted every week.

This is one of the most popular divisions of OWASP as it gives members an opportunity to freely test theories and ideas with the professional advice and support of the OWASP community. Every project has an associated mail list. You can view all the lists, examine their archives, and subscribe to any project by visiting the [http://lists.owasp.org/mailman/listinfo OWASP Project Mailing Lists] page. A summary of recent project announcements is available on the [[OWASP Updates]] page.

'''[https://www.owasp.org/images/d/d8/PROJECT_LEADER-HANDBOOK_2014.pdf Download the OWASP Project Handbook 2014]'''

'''[https://www.owasp.org/index.php/OWASP_2014_Project_Handbook OWASP Project Handbook Wiki 2014]'''

'''[https://www.owasp.org/images/6/6a/OWASP_Projects_Handbook_2013.pdf Download the OWASP Projects Handbook 2013]'''

'''[http://www.tfaforms.com/263506 Start a New OWASP Project]'''

'''[https://www.owasp.org/index.php/Project_Online_Resources Project Online Resources]'''

=== Who Should Start an OWASP Project? ===

*Application Developers.
*Software Architects.
* Information Security Authors.
*Those who would like the support of a world wide professional community to develop or test an idea.
*Anyone wishing to take advantage of the professional body of knowledge OWASP has to offer.

=== Contact Us===

If you have any questions, please do not hesitate to contact the [http://owasp4.owasp.org/contactus.html OWASP Projects Manager, Samantha Groves] by using the form provided here. Please allow five working days for your question or comment to be answered. This is due to the large amount of queries the foundation staff receive every day. We thank you for your patience.

=== Social Media ===

We recommend using the links below to find our official OWASP social media channels. These are a great way to keep in touch with the different initiatives going on at OWASP throughout the world. They are all updated regularly by chapter leaders, project leaders, the OWASP Board Members, and our OWASP Staff. If you have any questions or concerns about any of these accounts, please drop us a line using our [http://www.tfaforms.com/308703 "Contact Us"] form found above.

[[Image:Blogger-32x32.png|32px|link=http://owasp.blogspot.co.uk/]] [[Image:Twitter-32x32.png|32px|link=https://twitter.com/OWASP]] [[Image:Facebook-32x32.png|32px|link=https://www.facebook.com/groups/172892372831444/]] [[Image:Linkedin-32x32.png|32px|link=http://www.linkedin.com/groups/Global-OWASP-Foundation-36874]] [[Image:Google-32x32.png|32px|link=https://plus.google.com/u/0/communities/105181517914716500346?cfem=1]] [[Image:Ning-32x32.png|32px|link=http://myowasp.ning.com/]]





 

|}



| style="border: 3px solid rgb(204, 204, 204); vertical-align: top; width: 95%; font-size: 95%; color: rgb(0, 0, 0);" | 

                                                                                                                              [[Image:Passfault01.jpg‎|center|300px| link=https://www.owasp.org/index.php/OWASP_Passfault]]

[[Image:AppSecEU_2014.jpg|center|300px| link=https://2014.appsec.eu/]]

[[Image:New_initiatives.png|center|300px| link=http://owasp.force.com/volunteers/GW_Volunteers__VolunteersJobListing]]

[[Image:Donate_here_banner.png|center|300px| link=http://www.regonline.com/Register/Checkin.aspx?EventID=1044369]]

{|

| style="width: 110px; font-size: 95%; color: rgb(0, 0, 0);" |
|}

| style="width: 110px; font-size: 95%; color: rgb(0, 0, 0);" |
|}


= Project Inventory =


==Flagship Projects==

The OWASP Flagship designation is given to projects that have demonstrated strategic value to OWASP and application security as a whole.

'''Code'''

'''Tools'''

'''Documentation'''

==Labs Projects==

OWASP Labs projects represent projects that have produced a deliverable of value. While these projects are typically not production ready, the OWASP community expects that an OWASP Labs project leader is producing releases that are at least ready for mainstream usage.

'''Tools'''
* [https://www.owasp.org/index.php/OWASP_Broken_Web_Applications_Project OWASP Broken Web Applications Project]
* [https://www.owasp.org/index.php/Category:OWASP_CSRFTester_Project OWASP CSRFTester Project]
* [https://www.owasp.org/index.php/Category:OWASP_EnDe OWASP EnDe Project]
* [https://www.owasp.org/index.php/OWASP_Hackademic_Challenges_Project OWASP Hackademic Challenges Project]
* [https://www.owasp.org/index.php/OWASP_Mantra_-_Security_Framework OWASP Mantra Security Framework]
* [https://www.owasp.org/index.php/Category:OWASP_Mutillidae OWASP Mutillidae Project]
* [https://www.owasp.org/index.php/OWASP_O2_Platform OWASP O2 Platform]
* [https://www.owasp.org/index.php/Project_Information:template_Vicnum_Project OWASP Vicnum Project]
* [https://www.owasp.org/index.php/Category:OWASP_Wapiti_Project OWASP Wapiti Project]
* [https://www.owasp.org/index.php/Project_Information:template_Yasca_Project OWASP Yasca Project]
* [https://www.owasp.org/index.php/OWASP_OWTF OWASP OWTF]
* [https://www.owasp.org/index.php?title=OWASP_Web_Testing_Environment_Project OWASP Web Testing Environment Project]
* [https://www.owasp.org/index.php/Webgoat OWASP WebGoat Project]
* [https://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Project OWASP Zed Attack Proxy]

'''Documentation'''
* [https://www.owasp.org/index.php/OWASP_Appsec_Tutorial_Series OWASP AppSec Tutorial Series]
* [https://www.owasp.org/index.php/OWASP_AppSensor_Project OWASP AppSensor Project]
* [https://www.owasp.org/index.php/Category:OWASP_CTF_Project OWASP CTF Project]
* [https://www.owasp.org/index.php/Category:OWASP_Legal_Project OWASP Legal Project]
* [https://www.owasp.org/index.php/OWASP_Podcast OWASP Podcast Project]
* [https://www.owasp.org/index.php/Virtual_Patching_Best_Practices Virtual Patching Best Practices]
* [https://www.owasp.org/index.php/Category:OWASP_Application_Security_Verification_Standard_Project OWASP Application Security Verification Standard Project]
* [https://www.owasp.org/index.php/Category:OWASP_Code_Review_Project OWASP Code Review Guide Project]
* [https://www.owasp.org/index.php/OWASP_Codes_of_Conduct OWASP Codes of Conduct]
* [https://www.owasp.org/index.php/Category:OWASP_Guide_Project OWASP Development Guide Project]
* [https://www.owasp.org/index.php/OWASP_Secure_Coding_Practices_-_Quick_Reference_Guide OWASP Secure Coding Practices - Quick Reference Guide]
* [https://www.owasp.org/index.php/Category:Software_Assurance_Maturity_Model OWASP Software Assurance Maturity Model (SAMM)]
* [https://www.owasp.org/index.php/OWASP_Testing_Project OWASP Testing Guide Project]
* [https://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project OWASP Top Ten Project]

'''Code'''
* [https://www.owasp.org/index.php/Category:OWASP_AntiSamy_Project OWASP AntiSamy Project]
* [https://www.owasp.org/index.php/Category:OWASP_Enterprise_Security_API OWASP Enterprise Security API]
* [https://www.owasp.org/index.php/Projects/OWASP_ModSecurity_Core_Rule_Set_Project OWASP ModSecurity Core Rule Set Project]
* [https://www.owasp.org/index.php/Category:OWASP_CSRFGuard_Project OWASP CSRFGuard Project]

<div id="sammysam"></div>

==Incubator Projects==

OWASP Incubator projects represent the experimental playground where projects are still being fleshed out, ideas are still being proven, and development is still underway. The “OWASP Incubator” label allows OWASP consumers to readily identify a project’s maturity. The label also allows project leaders to leverage the OWASP name while their project is still maturing.

'''Code'''
* [https://www.owasp.org/index.php/Opa OWASP OPA]
* [https://www.owasp.org/index.php/OWASP_Java_Encoder_Project OWASP Java Encoder Project]
* [https://www.owasp.org/index.php/OWASP_JSON_Sanitizer OWASP JSON Sanitizer]
* [https://www.owasp.org/index.php/OWASP_Java_HTML_Sanitizer OWASP Java HTML Sanitizer Project]
* [https://www.owasp.org/index.php/OWASP_Java_XML_Templates_Project OWASP Java XML Templates Project]
* [https://www.owasp.org/index.php/OWASP_Passfault OWASP Passfault]
* [https://www.owasp.org/index.php/OWASP_Java_File_I_O_Security_Project OWASP Java File I/O Security Project]
* [https://www.owasp.org/index.php/OWASP_Security_Research_and_Development_Framework OWASP Security Research and Development Framework]
* [https://www.owasp.org/index.php/OWASP_Focus OWASP Focus]
* [https://www.owasp.org/index.php/OWASP_PHPRBAC_Project OWASP PHPRBAC Project]
* [https://www.owasp.org/index.php/OWASP_EJSF_Project OWASP EJSF Project]
* [https://www.owasp.org/index.php/OWASP_iMAS_iOS_Mobile_Application_Security_Project OWASP iMAS - iOS Mobile Application Security Project]
* [https://www.owasp.org/index.php/OWASP_RBAC_Project OWASP RBAC Project]
* [https://www.owasp.org/index.php/OWASP_PHP_Security_Project OWASP PHP Security Project]
* [https://www.owasp.org/index.php/OWASP_File_Format_Validation_Project OWASP File Format Validation Project]
* [https://www.owasp.org/index.php/OWASP_JAWS_Project OWASP JAWS Project]
* [https://www.owasp.org/index.php/OWASP_Node_js_Goat_Project OWASP Node.js Goat Project]
* [https://www.owasp.org/index.php/OWASP_System_Vulnerable_Code_Project OWASP System Vulnerable Code Project]
* [https://www.owasp.org/index.php/OWASP_ISO_IEC_27034_Application_Security_Controls_Project OWASP ISO/IEC 27034 Application Security Controls Project]
* [https://www.owasp.org/index.php/OWASP_Secure_Headers_Project OWASP Secure Headers Project]
* [https://www.owasp.org/index.php/OWASP_Hardened_Phalcon_Project OWASP Hardened Phalcon Project]

'''Tools'''
* [https://www.owasp.org/index.php/OWASP_NAXSI_Project OWASP NAXSI Project]
* [https://www.owasp.org/index.php/OWASP_Passw3rd_Project OWASP Passw3rd Project]
* [https://www.owasp.org/index.php/Category:OWASP_WebGoat.NET OWASP WebGoat.NET]
* [https://www.owasp.org/index.php/OWASP_Path_Traverser OWASP Path Traverser]
* [https://www.owasp.org/index.php/OWASP_Watiqay OWASP Watiqay]
* [https://www.owasp.org/index.php/Projects/OWASP_Security_Shepherd/Roadmap OWASP Security Shepherd]
* [https://www.owasp.org/index.php/OWASP_Xenotix_XSS_Exploit_Framework OWASP Xenotix XSS Exploit Framework]
* [https://www.owasp.org/index.php/OWASP_Mantra_OS OWASP Mantra OS]
* [https://www.owasp.org/index.php/OWASP_XSSER OWASP XSSER]
* [https://www.owasp.org/index.php/OWASP_Academy_Portal_Project OWASP Academy Portal Project]
* [https://www.owasp.org/index.php/OWASP_ASIDE_Project OWASP ASIDE Project]
* [https://www.owasp.org/index.php/OWASP_iGoat_Project OWASP iGoat Project]
* [https://www.owasp.org/index.php/OWASP_SamuraiWTF_Project OWASP SamuraiWTF]
* [https://www.owasp.org/index.php/O-Saft O-Saft]
* [https://www.owasp.org/index.php/OWASP_OpenStack_Security_Project OWASP OpenStack Security Project]
* [https://www.owasp.org/index.php/OWASP_Bricks OWASP Bricks]
* [https://www.owasp.org/index.php/OWASP_Dependency_Check OWASP Dependency Check]
* [https://www.owasp.org/index.php/OWASP_Hive_Project OWASP Hive Project]
* [https://www.owasp.org/index.php/OWASP_Rails_Goat_Project OWASP Rails Goat Project]
* [https://www.owasp.org/index.php/OWASP_Bywaf_Project OWASP Bywaf Project]
* [https://www.owasp.org/index.php/OWASP_S.T.I.N.G_Project OWASP S.T.I.N.G Project]
* [https://www.owasp.org/index.php/OWASP_VaultDB_Project OWASP VaultDB Project]
* [https://www.owasp.org/index.php/OWASP_Mutillidae_2_Project OWASP Mutillidae 2 Project]
* [https://www.owasp.org/index.php/OWASP_Skanda_SSRF_Exploitation_Framework OWASP Skanda - SSRF Exploitation Framework]
* [https://www.owasp.org/index.php/OWASP_SeraphimDroid_Project OWASP SeraphimDroid Project]
* [https://www.owasp.org/index.php/OWASP_Androick_Project OWASP Androïck Project]
* [https://www.owasp.org/index.php/OWASP_SafeNuGet_Project OWASP SafeNuGet Project]
* [https://www.owasp.org/index.php/OWASP_WebSandBox_Project OWASP WebSandBox Project]
* [https://www.owasp.org/index.php/OWASP_Dependency_Track_Project OWASP Dependency Track Project]
* [https://www.owasp.org/index.php/OWASP_PHP_Portscanner_Project OWASP PHP Portscaner Project]
* [https://www.owasp.org/index.php/OWASP_Python_Security_Project OWASP Python Security Project]
* [https://www.owasp.org/index.php/OWASP_WebSpa_Project OWASP WebSpa Project]
* [https://www.owasp.org/index.php/OWASP_Financial_Information_Exchange_Security_Project OWASP Financial Information Exchange Security Project]
* [https://www.owasp.org/index.php/OWASP_NINJA_PingU_Project OWASP NINJA PingU Project]
* [https://www.owasp.org/index.php/OWASP_Encoder_Comparison_Reference_Project OWASP Encoder Comparison Reference Project]
* [https://www.owasp.org/index.php/Category:OWASP_SQLiX_Project OWASP sqliX Project]
* [https://www.owasp.org/index.php/OWASP_LAPSE_Project OWASP LAPSE Project]
* [https://www.owasp.org/index.php/Category:OWASP_Orizon_Project OWASP Orizon Project]
* [https://www.owasp.org/index.php/OWASP_WASC_Distributed_Web_Honeypots_Project OWASP WASC Distributed Web Honeypots Project]
* [https://www.owasp.org/index.php/OWASP_Click_Me_Project OWASP Click Me Project]
* [https://www.owasp.org/index.php/OWASP_Secure_TDD_Project OWASP Secure TDD Project]
* [https://www.owasp.org/index.php/OWASP_XSecurity_Project OWASP XSecurity Project]
* [https://www.owasp.org/index.php/OWASP_Pyttacker_Project OWASP Pyttacker Project]
* [https://www.owasp.org/index.php/OWASP_Code_Pulse_Project OWASP Code Pulse Project]
* [https://www.owasp.org/index.php/OWASP_HTTP_Post_Tool OWASP HTTP POST Tool]
*[https://www.owasp.org/index.php/OWASP_PHP_Security_Training_Project OWASP PHP Security Training Project]

'''Documentation'''
* [https://www.owasp.org/index.php/OWASP_Data_Exchange_Format_Project OWASP Data Exchange Format Project]
* [https://www.owasp.org/index.php/Cheat_Sheets OWASP Cheat Sheets Project]
* [https://www.owasp.org/index.php/OWASP_Proactive_Controls OWASP Proactive Controls]
* [https://www.owasp.org/index.php/OWASP_Security_Baseline_Project OWASP Security Baseline Project]
* [https://www.owasp.org/index.php/Category:OWASP_Application_Security_Requirements_Project OWASP Application Security Requirements Project]
* [https://www.owasp.org/index.php/Category:OWASP_Application_Security_Assessment_Standards_Project OWASP Application Security Assessment Standards Project]
* [https://www.owasp.org/index.php/Category:OWASP_CBT_Project OWASP Computer Based Training Project (OWASP CBT Project)]
* [https://www.owasp.org/index.php/OWASP_Enterprise_Application_Security_Project OWASP Enterprise Application Security Project]
* [https://www.owasp.org/index.php/OWASP_Exams_Project OWASP Exams Project]
* [https://www.owasp.org/index.php/Projects/OWASP_GoatDroid_Project OWASP GoatDroid Project]
* [https://www.owasp.org/index.php/OWASP_RFP-Criteria OWASP Request For Proposal]
* [https://www.owasp.org/index.php/OWASP_University_Challenge OWASP University Challenge]
* [https://www.owasp.org/index.php/OWASP_Hacking_Lab OWASP Hacking-Lab]
* [https://www.owasp.org/index.php/OWASP_Application_Security_Awareness_Top_10_E-learning_Project OWASP Application Security Awareness Top 10 E-learning Project]
* [https://www.owasp.org/index.php/WASC_OWASP_Web_Application_Firewall_Evaluation_Criteria_Project WASC/OWASP Web Application Firewall Evaluation Criteria (WAFEC)]
* [https://www.owasp.org/index.php/ESAPI_Swingset OWASP ESAPI Swingset Project]
* [https://www.owasp.org/index.php/OWASP_Press OWASP Press]
* [https://www.owasp.org/index.php/OWASP_CISO_Survey OWASP CISO Survey]
* [https://www.owasp.org/index.php/OWASP_Application_Security_Guide_For_CISOs_Project OWASP Application Security Guide For CISOs]
* [https://www.owasp.org/index.php/OWASP_Scada_Security_Project OWASP Scada Security Project]
* [https://www.owasp.org/index.php/OWASP_Cornucopia OWASP Cornucopia]
* [https://www.owasp.org/index.php/OWASP_Secure_Application_Design_Project OWASP Secure Application Design Project]
* [https://www.owasp.org/index.php/OWASP_Top_10_Fuer_Entwickler_Project OWASP Top 10 Fuer Entwickler Project]
* [https://www.owasp.org/index.php/OWASP_Web_Application_Security_Quick_Reference_Guide_Project OWASP Web Application Security Quick Reference Guide Project]
* [https://www.owasp.org/index.php/OWASP_Supporting_Legacy_Web_Applications_in_the_Current_Environment_Project OWASP Supporting Legacy Web Applications in the Current Environment Project]
* [https://www.owasp.org/index.php/OWASP_Security_Principles_Project OWASP Security Principles Project]
* [https://www.owasp.org/index.php/OWASP_Media_Project OWASP Media Project]
* [https://www.owasp.org/index.php/OWASP_Global_Chapter_Meetings_Project OWASP Global Chapter Meetings Project]
* [https://www.owasp.org/index.php/OWASP_Vulnerable_Web_Applications_Directory_Project OWASP Vulnerable Web Applications Directory Project]
* [https://www.owasp.org/index.php/OWASP_Game_Security_Framework_Project OWASP Game Security Framework Project]
* [https://www.owasp.org/index.php/OWASP_Insecure_Web_Components_Project OWASP Insecure Web Components Project]
* [https://www.owasp.org/index.php/OWASP_Reverse_Engineering_and_Code_Modification_Prevention_Project OWASP Reverse Engineering and Code Modification Prevention Project]
* [https://www.owasp.org/index.php/OWASP_Student_Chapters_Program OWASP Student Chapters Project]
* [https://www.owasp.org/index.php/Category:OWASP_Education_Project OWASP Education Project]
* [https://www.owasp.org/index.php/Category:OWASP_Speakers_Project OWASP Speakers Project]
* [https://www.owasp.org/index.php/OWASP_Internet_of_Things_Top_Ten_Project OWASP Internet of Things Top Ten Project]
* [https://www.owasp.org/index.php/Category:OWASP_.NET_Project OWASP .NET Project]
* [https://www.owasp.org/index.php/OWASP_Research_Book_Project OWASP Research Book Project]
* [https://www.owasp.org/index.php/OWASP_Open_Cyber_Security_Framework_Project OWASP Open Cyber Security Framework Project]
* [https://www.owasp.org/index.php/OWASP_Top_10_Privacy_Risks_Project OWASP Top 10 Privacy Risks Project]
* [https://www.owasp.org/index.php/OWASP_WASC_Web_Hacking_Incidents_Database_Project OWASP WASC Web Hacking Incidents Database Project]
* [https://www.owasp.org/index.php/OWASP_Security_Frameworks_Project OWASP Security Frameworks Project]
* [https://www.owasp.org/index.php/OWASP_Incident_Response_Project OWASP Incident Response Project]
* [https://www.owasp.org/index.php/OWASP_Embedded_Application_Security OWASP Embedded Application Security]
* [https://www.owasp.org/index.php/OWASP_STING_Game_Project OWASP STING Game Project]
*[https://www.owasp.org/index.php/Projects/OWASP_Ruby_on_Rails_and_friends_Security_Guide OWASP Ruby on Rails and Friends Security Guide]

==Donated Projects==

OWASP Donated Projects are inactive projects that have been donated to the OWASP Projects Infrastructure.

'''Tools'''

* [https://www.owasp.org/index.php/OWASP_Excess_XSS_Project OWASP Excess XSS Project]
* [https://www.owasp.org/index.php/OWASP_JOTP_Project OWASP jOTP Project]

==Inactive Projects==

'''Archived Projects'''

OWASP Archived Projects are inactive Labs projects. If you are interested in pursuing any of the projects below, please contact us and let us know of your interest.

* [https://www.owasp.org/index.php/Category:OWASP_Access_Control_Rules_Tester_Project OWASP Access Control Rules Tester Project]
* [https://www.owasp.org/index.php/Category:OWASP_Application_Security_Metrics_Project OWASP Application Security Metrics Project]
* [https://www.owasp.org/index.php/Category:OWASP_AppSec_FAQ_Project OWASP AppSec FAQ Project]
* [https://www.owasp.org/index.php/Asdr OWASP ASDR Project]
* [https://www.owasp.org/index.php/Category:OWASP_Backend_Security_Project OWASP Backend Security Project]
* [https://www.owasp.org/index.php/Category:OWASP_Best_Practices:_Use_of_Web_Application_Firewalls OWASP Best Practices: Use of Web Application Firewalls]
* [https://www.owasp.org/index.php/Category:OWASP_CAL9000_Project OWASP CAL9000 Project]
* [https://www.owasp.org/index.php/Category:OWASP_CLASP_Project OWASP CLASP Project]
* [https://www.owasp.org/index.php/Category:OWASP_Code_Crawler OWASP CodeCrawler Project]
* [https://www.owasp.org/index.php/Category:OWASP_Content_Validation_using_Java_Annotations_Project OWASP Content Validation using Java Annotations Project]
* [https://www.owasp.org/index.php/Category:OWASP_DirBuster_Project OWASP DirBuster Project]
* [https://www.owasp.org/index.php/Category:OWASP_Encoding_Project OWASP Encoding Project]
* [https://www.owasp.org/index.php/Category:OWASP_Google_Hacking_Project OWASP Google Hacking Project]
* [https://www.owasp.org/index.php/Category:OWASP_Insecure_Web_App_Project OWASP Insecure Web App Project]
* [https://www.owasp.org/index.php/Category:OWASP_Interceptor_Project OWASP Interceptor Project]
* [https://www.owasp.org/index.php/Category:OWASP_JSP_Testing_Tool_Project OWASP JSP Testing Tool Project]
* [https://www.owasp.org/index.php/Category:OWASP_LiveCD_Education_Project OWASP LiveCD Education Project]
* [https://www.owasp.org/index.php/Category:OWASP_Logging_Project OWASP Logging Guide]
* [https://www.owasp.org/index.php/Category:OWASP_NetBouncer_Project OWASP NetBouncer Project]
* [https://www.owasp.org/index.php/Category:OWASP_OpenPGP_Extensions_for_HTTP_-_Enigform_and_mod_openpgp OWASP OpenPGP Extensions for HTTP - Enigform and mod_openpgp Project]
* [https://www.owasp.org/index.php/Category:OWASP_OpenSign_Server_Project OWASP OpenSign Server Project]
* [https://www.owasp.org/index.php/Category:OWASP_Pantera_Web_Assessment_Studio_Project OWASP Pantera Web Assessment Studio Project]
* [https://www.owasp.org/index.php/Category:OWASP_PHP_Project OWASP PHP Project]
* [https://www.owasp.org/index.php/ORG_%28OWASP_Report_Generator%29 OWASP Report Generator]
* [https://www.owasp.org/index.php/Category:OWASP_SASAP_Project OWASP Scholastic Application Security Assessment Project]
* [https://www.owasp.org/index.php/Category:OWASP_Security_Analysis_of_Core_J2EE_Design_Patterns_Project OWASP Security Analysis of Core J2EE Design Patterns Project]
* [https://www.owasp.org/index.php/Category:OWASP_Security_Spending_Benchmarks OWASP Security Spending Benchmarks Project]
* [https://www.owasp.org/index.php/OWASP_SiteGenerator OWASP Site Generator Project]
* [https://www.owasp.org/index.php/Category:OWASP_Skavenger_Project OWASP Skavenger Project]
* [https://www.owasp.org/index.php/Category:OWASP_Source_Code_Flaws_Top_10_Project OWASP Source Code Flaws Top 10 Project]
* [https://www.owasp.org/index.php/Category:OWASP_Sprajax_Project OWASP Sprajax Project]
* [https://www.owasp.org/index.php/Category:OWASP_Sqlibench_Project OWASP Sqlibench Project]
* [https://www.owasp.org/index.php/Category:OWASP_Stinger_Project OWASP Stinger Project]
* [https://www.owasp.org/index.php/Category:OWASP_Teachable_Static_Analysis_Workbench_Project OWASP Teachable Static Analysis Workbench Project]
* [https://www.owasp.org/index.php/OWASP_Tiger OWASP Tiger]
* [https://www.owasp.org/index.php/Category:OWASP_Tools_Project OWASP Tools Project]
* [https://www.owasp.org/index.php/Projects/OWASP_Uniform_Reporting_Guidelines OWASP Uniform Reporting Guidelines]
* [https://www.owasp.org/index.php/Category:OWASP_WeBekci_Project OWASP Webekci Project]
* [https://www.owasp.org/index.php/JBroFuzz JBroFuzz]
* [https://owasp.org/index.php/Category:OWASP_SWAAT_Project OWASP SWAAT Project]
* [https://www.owasp.org/index.php/OWASP_Secure_Web_Application_Framework_Manifesto OWASP Secure Web Application Framework Manifesto]
* [https://www.owasp.org/index.php/Scrubbr OWASP Scrubbr]
* [https://www.owasp.org/index.php/OWASP_JavaScript_Sandboxes OWASP JavaScript Sandboxes Project]
* [https://www.owasp.org/index.php/Category:OWASP_Joomla_Vulnerability_Scanner_Project OWASP Joomla Vulnerability Scanner Project]
* [https://www.owasp.org/index.php/OWASP_Hatkit_Datafiddler_Project OWASP Hatkit Datafiddler Project]
* [https://www.owasp.org/index.php/OWASP_Hatkit_Proxy_Project OWASP Hatkit Proxy Project]
* [https://www.owasp.org/index.php/OWASP_Fiddler_Addons_for_Security_Testing_Project OWASP Fiddler Addons for Security Testing Project]
* [https://www.owasp.org/index.php/OWASP_Forward_Exploit_Tool_Project OWASP Forward Exploit Tool Project]
* [https://www.owasp.org/index.php/Category:OWASP_Fuzzing_Code_Database OWASP Fuzzing Code Database]
* [https://www.owasp.org/index.php/Category:OWASP_Cloud_‐_10_Project OWASP Cloud ‐ 10 Project]
* [https://www.owasp.org/index.php/OWASP_Web_Browser_Testing_System_Project OWASP Web Browser Testing System Project]
* [https://www.owasp.org/index.php/Webscarab OWASP WebScarab Project]
* [https://www.owasp.org/index.php/Project_Information:template_Webslayer_Project OWASP Webslayer Project]
* [https://www.owasp.org/index.php/Project_Information:template_WSFuzzer_Project OWASP WSFuzzer Project]
* [http://owasp.com/index.php/Category:OWASP_Security_Assurance_Testing_of_Virtual_Worlds_Project OWASP Security Assurance Testing of Virtual Worlds Project]
* [https://www.owasp.org/index.php/OWASP_WAF_Project OWASP WAF Project]
* [https://www.owasp.org/index.php/OWASP_VFW_Project OWASP VFW Project]
* [https://www.owasp.org/index.php/OWASP_SIMBA_Project OWASP SIMBA Project]
* [https://www.owasp.org/index.php/OWASP_ONYX OWASP ONYX]
* [https://www.owasp.org/index.php/OWASP_Java_Uncertain_Form_Submit_Prevention OWASP Java Uncertain Form Submit Prevention]
* [https://www.owasp.org/index.php/OWASP_Ecuador OWASP Ecuador]
* [https://www.owasp.org/index.php/OWASP_ESOP_Framework OWASP ESOP Framework]
* [https://www.owasp.org/index.php/OWASP_Alchemist_Project OWASP Alchemist Project]
* [https://www.owasp.org/index.php/OWASP_Secure_the_Flag_Competition_Project OWASP Secure the Flag Project]
* [https://www.owasp.org/index.php/OWASP_Browser_Security_ACID_Tests_Project OWASP Browser Security ACID Test Project]
* [https://www.owasp.org/index.php/OWASP_AJAX_Crawling_Tool OWASP AJAX Crawling Tool]
* [https://www.owasp.org/index.php/OWASP_Threat_Modelling_Project OWASP Threat Modeling Project]
* [https://www.owasp.org/index.php/OWASP_Crossword_of_the_Month OWASP Crossword of the Month]
* [https://www.owasp.org/index.php/OWASP_Secure_Password_Project OWASP Secure Password Project]
* [https://www.owasp.org/index.php/OWASP_Myth_Breakers_Project OWASP Myth Breakers Project]
* [http://owasp.com/index.php/OWASP_Project_Partnership_Model OWASP Project Partnership Model]
* [https://www.owasp.org/index.php/OWASP_Browser_Security_Project OWASP Browser Security Project]
* [https://www.owasp.org/index.php/OWASP_Application_Security_Program_for_Managers OWASP Application Security Program for Managers]
* [https://www.owasp.org/index.php/Category:OWASP_Favicon_Database_Project OWASP Favicon Database Project]
* [https://www.owasp.org/index.php/OWASP_Security_JDIs_Project OWASP Security JDIs Project]
* [https://www.owasp.org/index.php/OWASP_File_Hash_Repository OWASP File Hash Repository]
* [https://www.owasp.org/index.php/OWASP_Crowdtesting OWASP Crowdtesting]
* [https://www.owasp.org/index.php/OWASP_Application_Security_Skills_Assessment OWASP Application Security Skills Assessment]
* [https://www.owasp.org/index.php/OWASP_Common_Numbering_Project OWASP Common Numbering Project]
* [https://www.owasp.org/index.php/OWASP_WhatTheFuzz_Project#tab=Project_About OWASP WhatTheFuzz Project]
* [https://www.owasp.org/index.php/OWASP_Security_Tools_for_Developers_Project OWASP Security Tools for Developers Project]
* [https://www.owasp.org/index.php/Category:OWASP_Proxy OWASP Proxy Project]
* [https://www.owasp.org/index.php/OWASP_AW00T OWASP AW00t]
* [https://www.owasp.org/index.php/OWASP_Framework_Security_Project OWASP Framework Security Project]
* [https://www.owasp.org/index.php/OWASP_Desktop_Goat_and_Top_5_Project OWASP Desktop Goat and Top 5 Project]
* [https://www.owasp.org/index.php/OWASP_OVAL_Content_Project OWASP OVAL Content Project]
* [https://www.owasp.org/index.php/OWASP_Software_Security_Assurance_Process OWASP Software Security Assurance Process]
* [https://www.owasp.org/index.php/OWASP_Application_Fuzzing_Framework_Project OWASP Application Fuzzing Framework Project]
* [https://www.owasp.org/index.php/OWASP_Good_Component_Practices_Project OWASP Good Component Practices Project]
* [https://www.owasp.org/index.php/OWASP_1-Liner OWASP 1-Liner]
* [https://www.owasp.org/index.php/Category:OWASP_Java_Project OWASP Java Project]
* [https://www.owasp.org/index.php/OWASP_Web_Application_Security_Accessibility_Project#tab=Project_About OWASP Web Application Security Accessibility Project]
* [https://www.owasp.org/index.php/OWASP_OctoMS OWASP OctoMS]
* [https://www.owasp.org/index.php/OWASP_Java_J2EE_Secure_Development_Curriculum OWASP Java/J2EE Secure Development Curriculum]
* [https://www.owasp.org/index.php/OWASP_Barbarus OWASP Barbarus]
* [https://www.owasp.org/index.php/OWASP_Periodic_Table_of_Vulnerabilities OWASP Periodic Table of Vulnerabilities]
* [https://www.owasp.org/index.php/OWASP_Droid_Fusion OWASP Droid Fusion]
* [https://www.owasp.org/index.php/OWASP_iSABEL_Proxy_Server OWASP iSABEL Proxy Server]
* [https://www.owasp.org/index.php/OWASP_WS_Amplification_DoS_Project OWASP WS-Amplification DoS Project]
* [https://www.owasp.org/index.php/OWASP_Windows_Binary_Executable_Files_Security_Checks_Project OWASP Windows Binary Executable Files Security Checks Project]
* [https://www.owasp.org/index.php/OWASP_Wordpress_Security_Checklist_Project OWASP Wordpress Security Checklist Project]
* [https://www.owasp.org/index.php/OWASP_Simple_Host_Base_Incidence_Detection_System_Project OWASP Simple Host Base Incidence Detection System Project]
* [https://www.owasp.org/index.php/OWASP_Unmaskme_Project OWASP Unmaskme Project]
* [https://www.owasp.org/index.php/OWASP_HA_Vulnerability_Scanner_Project OWASP HA Vulnerability Scanner Project]
* [https://www.owasp.org/index.php/OWASP_Pygoat_Project OWASP Pygoat Project]
* [https://www.owasp.org/index.php/OWASP_Security_Labeling_System_Project OWASP Security Labeling System Project]
* [https://www.owasp.org/index.php/OWASP_IoTs_Project OWASP IoTs Project]
* [https://www.owasp.org/index.php/OWASP_STeBB_Project OWASP STeBB Project]
* [https://www.owasp.org/index.php/OWASP_Ultimatum_Project OWASP Ultimatum Project]

= Project Task Force =

===OWASP Project Task Force===

{{:Task_Force/OWASP_Projects}}

= Online Resources =

===Project Online Resources===

{{:Project_Online_Resources}}

= Starting a New Project =

== So you want to start a project... ==

Starting an OWASP Project is easy. You don't have to be an application security expert. You just have to have the drive and desire to make a contribution to the application security community.

Here are some of the guidelines for running a successful OWASP project:

* The best OWASP projects are strategic - they make it easier to produce secure applications by filling a gap in the application security knowledge-base or technology support.

* You ''can'' run a single person project, but it's usually best to get the community involved. You should be prepared to support a mailing list, build a team, speak at conferences, and promote your project.

* You can contribute existing documents or tools to OWASP! Assuming you have the intellectual property rights to a work, you can open it to the world as an OWASP Project. Please coordinate this with OWASP by contacting owasp(at)owasp.org.

* Available Grants to consider if you need funding - [https://www.owasp.org/index.php/Grants Click Here]

* You should promote your project through the OWASP channels as well as by outside means. Get people to blog about it!

== Creating a new project ==
The first thing you have to do if you want to start a new project is submit a new OWASP Project application. [http://www.tfaforms.com/263506 Please submit a new project application here].

* You will need to gather the following information together for your application:
A - PROJECT
# Project Name,
# Project purpose / overview,
# Project Roadmap,
# Project links (if any) to external sites,
# [http://www.owasp.org/index.php/Guidelines_for_OWASP_Projects#Project_Licensing Project License],
# Project Leader name,
# Project Leader email address,
# Project Leader wiki account - the username (you'll need this to edit the wiki),
# Project Contributor(s) (if any) - name email and wiki account (if any),
# Project Main Links (if any).

* Check out the '''[[Guidelines for OWASP Projects]]'''.
* [https://www.owasp.org/index.php/Grant_Spending_Policy Grant Spending Policy]
* [https://www.owasp.org/index.php/Project_Spending_Policy Project Spending Policy]
* [https://www.owasp.org/index.php/Project_Sponsorship_Operational_Guidelines Project Sponsorship Operational Guidelines]

==OWASP Recommended Licenses==

{{Recommended_Licenses}}

==Funding your Project==
An OWASP project does not receive any funding for development at project inception; however, a new project does have the opportunity to submit a request to receive funds if they are available for the year. Additionally, project leaders have the option of seeking sponsorship from outside organizations, but project leaders are required to seek funding through their own initiative. Please contact the OWASP Projects Manager for more information.

== Project Release ==

As your project reaches a point that you'd like OWASP to assist in its promotion, the will need the following information to help spread the word about your project:

# Short 5 sentence paragraph outlining what your project is about, what you hope to accomplish with your project, what value your project brings to software security, and contributor and project leader names and contact information.
# Link to your wiki page.
# Link to your code repository or a link to where readers can download your project.
# Latest Release description answering the following questions: What is it?, What does it do?, Where can I get it?, Who should I contact if something goes wrong?.

==Project Process Forms==
These forms were created to help project leaders, and those interested in a going through a process in the OWASP projects infrastructure. They facilitate the management of each query based on the specific task an applicant will need help with. The forms are described below, and they are linked with their designated online application form.

* [http://www.tfaforms.com/264422 Project Transition Application]:The OWASP project transition form gives current project leaders an easy way of handing over project administration information to individuals wishing to take over a project.

* [http://www.tfaforms.com/264413 Project Review Application]:This form is for current project leaders to request a review of their project based on OWASP graduation criteria. The aim is to designate an OWASP volunteer to review these projects within 3 months time.

* [http://www.tfaforms.com/264418 Project Donation Application]:This form is for projects outside of the OWASP project infrastructure. Project Leaders for these open source projects can choose to partner or give their project to OWASP directly through this form.

* [http://www.tfaforms.com/264428 Project Adoption Request]:This form is used when someone is interested in adopting an archived project.

* [http://www.tfaforms.com/264426 Project Abandonment Request]:The OWASP project abandonment form gives current project leaders an easy way of letting the OWASP Foundation know that they wish to resign their project leader duties. This form should be used when no replacement project leader exists to take over these duties.

* [http://www.tfaforms.com/264392 Incubator Project Graduation Application]:This application form is for Incubator Projects to apply for Labs Project status.

= Project Assessments =

==OWASP Project Lifecycle==
The OWASP Projects Lifecycle represents a balance between keeping a very loose structure around OWASP projects, and ensuring that OWASP consumers are not confused about a project’s maturity and quality. The lifecycle stage allows consumers to easily identify mature projects, and projects that are proofs of concept, experimental, and classified as prototypes in their current state. The greater the maturity of the project, the greater the level of responsibility for the project leader. These responsibilities are not trivial as OWASP provides incentives and benefits (Section 7) for projects who take on these added responsibilities.

'''The OWASP Project Lifecycle is broken down into the following stages:'''

'''Incubator Projects:''' OWASP Incubator projects represent the experimental playground where projects are still being designed, ideas are still being proven, and development is still underway. The “OWASP Incubator” label allows OWASP consumers to readily identify a project’s maturity; moreover, the label allows project leaders to leverage the OWASP name while their project is still maturing. OWASP Incubator projects are given a place on the OWASP Projects Portal to leverage the organizations' infrastructure, and establish their presence and project history.

'''Labs Projects:''' OWASP Labs projects represent projects that have produced a deliverable of significant value. Leaders of OWASP Labs projects are expected to stand behind the quality of their projects as these projects have matured to the point where they are accepted by a significant portion of the OWASP community. While these projects are typically not production ready, the OWASP community expects that an OWASP Labs project leader is producing releases that are ready for mainstream usage. OWASP Labs Projects are meant to be the collection of established projects that have gained community support and acclaim by undergoing the project review process.

'''Flagship Projects:''' The OWASP Flagship designation is given to projects that have demonstrated superior maturity, established quality, and strategic value to OWASP and application security as a whole. Eligible projects are selected from the OWASP Labs project pool. This selection process generally ensures that there is only one project of each type covering any particular security space. OWASP Flagship projects represent projects that are not only mature, but are also projects that OWASP as an organization provides direct support to maintaining. The core mission of OWASP is to make application security visible and so as an organization, OWASP has a vested interest in the success of its Flagship projects. Since Flagship projects have such high visibility, these projects are expected to uphold the most stringent requirements of all OWASP Projects.

== OWASP Project Stage Benefits==
This section outlines the benefits of starting an OWASP project, and the benefits of being at each different stage in the projects lifecycle. In my short time here at OWASP as the PM, I have had several potential project leaders ask me what the benefits are of starting their project with OWASP. Below is my proposal for each Stage’s benefits.

'''Incubator'''
* Financial Donation Management Assistance
* Project Review Support
* WASPY Awards Nominations
* OWASP OSS and OPT Participation
* Opportunity to submit proposal: $500 for Development.
* Community Engagement and Support
* Recognition and visibility of being associated with the OWASP Brand.

'''Labs'''
* All benefits given to Incubator Projects
* Technical Writing Support
* Graphic Design Support
* Project Promotion Support
* OWASP OSS and OPT: Preference

'''Flagship'''
* All benefits given to Incubator & Labs Projects
* Grant finding and proposal writing help
* Yearly marketing plan development
* OWASP OSS and OPT participation preference

For more detailed information on OWASP Project Stage Benefits, please see the 2013 Project Handbook.

== OWASP Project Graduation==
The Project Graduation Process is an optional process undertaken at the request of a project leader using the Incubator Graduation Form. The purpose of this process is to move a project from the OWASP Incubator into the OWASP Labs. In order to be considered for OWASP Labs, an Incubator project must have submitted an OWASP reviewed deliverable, and obtained at least two (2) positive responses for each of the core criteria project health questions.

The review centers around the following core questions. Each core question has three (3) specific questions made up of binary queries. A project must receive at least two (2) positive responses from each reviewer in two of the binary questions, to warrant a postive response for the core question. Each core question must receive a positive response from both project reviewers to pass the Project Health Assessment for Incubator Projects.

* [https://docs.google.com/spreadsheet/ccc?key=0AllOCxlYdf1AdG5NZGhzTjZpT1RDcnRibjd0aXhfOUE Project Graduation Criteria Checklist]

==OWASP Project Health Assessment==
The Project Health Assessment is an optional process undertaken at the request of a project leader when he/she applies for Project Graduation The purpose of this assessment is to determine whether a project meets the minimum criteria of an OWASP Project outlined in the [https://docs.google.com/spreadsheet/ccc?key=0AllOCxlYdf1AdG5NZGhzTjZpT1RDcnRibjd0aXhfOUE Project Health Assessment Criteria Document]. If a project passes the assessment, it then becomes eligible to graduate into the OWASP Labs Project stage. In order to be considered for OWASP Labs, an Incubator project must have submitted an OWASP reviewed deliverable, and obtained at least two (2) positive responses for each of the core criteria project health questions.

==OWASP Project Deliverable/Release Assessment==
The Project Deliverable/Release Review is an optional process undertaken at the request of a project leader using the Project Deliverable Review Form. The purpose of this process is to review a project’s progress, and to make sure the project is heading in the right direction based on the roadmap they provided at project inception.

Reviews must be performed by two (2) OWASP Chapter or Project Leaders, and their review must answer affirmatively to at least the first two (2) core Project Deliverable/Release Review questions. A project must pass the OWASP Project Deliverable/Release Assessment in order to graduate into the OWASP Labs Project stage.

* [https://docs.google.com/spreadsheet/ccc?key=0AllOCxlYdf1AdG5NZGhzTjZpT1RDcnRibjd0aXhfOUE Project Deliverable/Release Assessment Criteria Checklist]

= Brand Resources =


==The Brand Usage Rules==
OWASP's philosophy is that achieving security involves all parts of an organization, including people, process, and technology. We support the use of our brand consistent with this philosophy. However, we cannot allow the use of our brand when it implies something inconsistent with OWASP's comprehensive and balanced approach to application security. Therefore, we have defined these brand usage rules to clarify appropriate and inappropriate uses of the OWASP brand, including our name, domain, logos, project names, and other trademarks.

The Brand Guideline documents and rules below provide details and instruction on how to use the OWASP logo and brand. The quick reference sheet goes over the basics of the OWASP brand logo and a brief overview of customizable options. The Brand Guidelines document gives the entire description of the OWASP brand, its public use, and the options to customize the logo based on personal desire. The guidelines cover the OWASP signature, size and spacing, colors, imagery, and typefaces.

==Rules==

The following rules make reference to the OWASP Materials, meaning any tools, documentation, or other content from OWASP. The rules also make reference to "OWASP Published Standards" which are currently in the process of being developed and released. Currently there are no OWASP Published Standards.

#The OWASP Brand may be used to direct people to the OWASP website for information about application security.
#The OWASP Brand may be used in commentary about the materials found on the OWASP website.
#The OWASP Brand may be used by OWASP Members in good standing to promote a person or company's involvement in OWASP.
#The OWASP Brand may be used in association with an application security assessment only if a complete and detailed methodology, sufficient to reproduce the results, is disclosed.
#The OWASP Brand must not be used in a manner that suggests that The OWASP Foundation supports, advocates, or recommends any particular product or technology.
#The OWASP Brand must not be used in a manner that suggests that a product or technology is compliant with any OWASP Materials other than an OWASP Published Standard.
#The OWASP Brand must not be used in a manner that suggests that a product or technology can enable compliance with any OWASP Materials other than an OWASP Published Standard.
#The OWASP Brand must not be used in any materials that could mislead readers by narrowly interpreting a broad application security category. For example, a vendor product that can find or protect against forced browsing must not claim that they address all of the access control category.
#The OWASP Brand may be used by special arrangement with The OWASP Foundation.

==Project Icons & Templates==

The templates and icons below are the files used for our OWASP Projects. Here you will find icons that you can place on your wiki template to let viewers know what type of project they are looking at, and what stage the project is in. The operational OWASP Project wiki template can be copied onto another project page. If you require more assistance with these files and/or templates, please contact the OWASP staff for assistance

'''[https://www.owasp.org/index.php/OWASP_Operations_Project_Template OWASP Operational Wiki Template]'''

'''[https://www.owasp.org/index.php/OWASP_Documentation_Project_Template OWASP Example Template: DO NOT EDIT]'''

[[Image:OWASP_Project_Header.jpg|Owasp logo|500px]]

[[Image:Project_Type_Files_TOOL.jpg|Owasp logo|200px]] [[Image:Project_Type_Files_DOC.jpg||Owasp logo 1c|200px]]

[[Image:Project_Type_Files_CODE.jpg|Owasp logo|200px]] [[Image:Owasp-defenders-small.png|Owasp logo|100px]] [[Image:Owasp-builders-small.png|Owasp logo|100px]] [[Image:Owasp-breakers-small.png|Owasp logo|100px]]

[[Image:Owasp-incubator-trans-200.png|Owasp logo rev icon|100px]] [[Image:Owasp-labs-trans-85.png|Owasp logo flat|100px]] [[Image:Owasp-flagship-trans-85.png|Owasp logo icon|100px]]

===OpenSAMM===
'''[https://owasp.org/images/5/53/OpenSAMM_icons.zip OpenSAMM Icons]'''

'''Construction:'''

[[Image:Construction black.png| Construction black| 100px]] [[Image:Construction blue.png| Construction blue| 100px]] [[image:Construction olive.png |construction olive|100px]]

'''Deployment:'''

[[image:Deployment black.png| Deployment black| 100px]] [[image:Deployment blue.png| Deployment blue| 100px]] [[image:Deployment olive.png | Deployment olive| 100px]]

'''Governance:'''

[[image:Governance black.png| governance black| 100px]] [[image:Governance blue.png | governance blue | 100px]] [[image:Governance olive.png | governance olive| 100px]]

'''Verification:'''

[[image:Verification black.png | Verification black | 100px]] [[image:Verification blue.png | verification blue | 100px]] [[image: Verification olive.png | Verification olive | 100px]]

==Book Cover Files==

[https://www.owasp.org/images/d/d3/Lulu-guide.pdf Lulu Guide]

Below you will find the Adobe Illustrator, Photoshop, and In-Design files for past OWASP Documentation books. You will need a copy of Adobe Creative Suite to edit these files. If you want to use these templates, but do not have Adobe Creative Suite, please contact the OWASP staff for assistance.

'''[https://www.dropbox.com/s/h27gsbe5m7idg0y/Finished%20Covers.zip Download the Book Cover Zip File]'''
{|
|-
! width="500" align="center" | 
! width="300" align="center" | 
|-
| align="center" | [[Image:BookImage_01.jpg‎|500px| link=https://www.dropbox.com/s/h27gsbe5m7idg0y/Finished%20Covers.zip]]
| align="center" |

|}

= Terminology =

== OWASP Project Infrastructure ==

*'''OWASP Project Lifecycle:''' The OWASP Projects Lifecycle represents a balance between keeping a very loose structure around OWASP projects, and ensuring that OWASP consumers are not confused about a project’s maturity and quality. The lifecycle stage allows consumers to easily identify mature projects, and projects that are proofs of concept, experimental, and classified as prototypes in their current state.

*'''Incubator Project:''' OWASP Incubator projects represent the experimental playground where projects are still being fleshed out, ideas are still being proven, and development is still underway. The “OWASP Incubator” label allows OWASP consumers to readily identify a project’s maturity. The label also allows project leaders to leverage the OWASP name while their project is still maturing.

*'''Labs Project:''' OWASP Labs projects represent projects that have produced a deliverable of value. While these projects are typically not production ready, the OWASP community expects that an OWASP Labs project leader is producing releases that are at least ready for mainstream usage.

*'''Flagship Project:''' The OWASP Flagship designation is given to projects that have demonstrated strategic value to OWASP and application security as a whole.

*'''Project Benefits:''' The standard list of resources and incentives made available to project leaders based on their project's current maturity level.

== OWASP Project Reviews ==

*'''Project Reviews:''' Project reviews are the method OWASP uses to establish a minimal baseline of project characteristics and release quality. Reviews are not mandatory, but they are necessary if a project leader wishes to graduate to the next level of maturity within the OWASP Global Projects infrastructure. Projects can be reviewed when an Incubator project wishes to graduate into the OWASP Labs designation, and project releases can be reviewed if they want the quality of their deliverable to be vouched for by OWASP.

*'''Project Reviewer Pool:''' The project reviewer pool is made up of veteran reviewers who have proven themselves dedicated to executing quality reviews of projects.

*'''Project Graduation:''' The Project Graduation Process is an optional process undertaken at the request of a project leader using the Incubator Graduation Form. The purpose of this process is to move a project from the OWASP Incubator into the OWASP Labs.

*'''Project Health Assessment:''' The Project Health Assessment is an optional process undertaken at the request of a project leader when he/she applies for Project Graduation The purpose of this assessment is to determine whether a project meets the minimum criteria of an OWASP Project outlined in the [https://docs.google.com/a/owasp.org/spreadsheet/ccc?key=0AllOCxlYdf1AdG5NZGhzTjZpT1RDcnRibjd0aXhfOUE#gid=1 Project Health Assessment Criteria Document].

*'''Project Release:''' A project release refers to the final deliverable a project produces. It is the final product of the project.

*'''Project Deliverable/Release Review:''' The Project Deliverable/Release Review is an optional process undertaken at the request of a project leader using the Project Deliverable Review Form. The purpose of this process is to review a project’s progress, and to make sure the project is heading in the right direction based on the roadmap they provided at project inception.

== OWASP Projects Processes ==

*'''Project Processes:''' The set of streamlined processes that exist to help projects move smoothly through the OWASP Project Lifecycle.

*'''Project Inception Process:''' The Project Inception Process is how a brand new idea becomes an OWASP Project. Such projects are labeled as OWASP Incubator projects. The process involves submitting the proposed project name, project leader information, project description, project roadmap, and selecting an appropriate open-source license for the project using the New Project Form on the Projects Portal.

*'''Project Donation Process:''' The Project Donation Process is used for a project that has an existing functional release, but is not currently associated with OWASP. This process is the primary mechanism by which individuals or organizations can transfer the ownership of their project’s copyright to OWASP.

*'''Project Transition Process:''' The Project Transition Process is used to transition leadership of a project to a new project leader. This is a simple automated process to transfer the relevant accounts, mailing lists, and other project resources to the new project leader.

*'''Project Abandonment Process:''' The Project Abandonment Process was put in place for those occasions in which a project leader is no longer able to manage their project, and has not been able to find a suitable replacement for the leader role. Project Abandonment can also occur when the project leader feels his/her project has become obsolete. Under these circumstances, the acting project leader is encourage do submit the Project Abandonment Form found in the Projects Portal.

*'''Incubator Graduation Process:''' The Incubator Graduation Process is an optional process undertaken at the request of a project leader using the Incubator Graduation Form. The purpose of this process is to move a project from the OWASP Incubator into the OWASP Labs.

== Projects at Conferences ==

*'''AppSec Conferences:''' OWASP AppSec conferences bring together industry, government, security researchers, and practitioners to discuss the state of the art in application security. This series was launched in the United States in 2004 and Europe in 2005. Global AppSec conferences are held annually in North America, Latin America, Europe, and Asia Pacific.

*'''Open Source Showcase:''' The Open Source Showcase is an OWASP AppSec Conference event module designed to give Open Source project leaders the opportunity to demo their projects.

*'''OWASP Project Track:''' The OWASP Project Track is an OWASP AppSec Conference event module designed to give OWASP Project leaders the opportunity to showcase their projects as an official conference presenter.

== OWASP Projects General ==

*'''OWASP Code of Ethics:''' The OWASP Code of Ethics are the set of guidelines and principles that the OWASP Foundation expects all of its members and conference attendees to abide by. A copy of the Code of Ethics can be found here in the [https://www.owasp.org/index.php/About_The_Open_Web_Application_Security_Project#Code_of_Ethics OWASP About page].

= Sponsorships and Donations =


==Donate to OWASP Global Projects ==
OWASP Projects, a global division of the OWASP Foundation, is run under the same world wide not-for-profit charitable status as all the foundation strategic groups. OWASP provides a platform for contributors to share their work while providing them with the project and community support they need throughout their project development. All OWASP Projects are run by volunteers and they rely on personal donations and sponsorship to continue their development. Donate to OWASP Projects, and we promise to spend your money wisely on open source initiatives.

'''This is how your money can help:'''

* $20 could help us spread the word on the importance of open source initiatives in the Application Security industry.
* $100 could help fund OWASP project demos at major conferences.
* $250 could help get our volunteer Project Leaders to speaking engagements.

[[Image:Donate_Button.jpg | link=http://www.regonline.com/Register/Checkin.aspx?EventID=1044369]]

= PM Information =


==Samantha Groves: OWASP Program Manager: OWASP Projects==
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Sam3.jpg|100px]]
| align="justify" |Samantha Groves is the Program Manager at OWASP for our Global Projects. Samantha has led many projects in her career, some of which include website development, brand development, sustainability and socio-behavioral research projects, competitor analysis, event organization and management, volunteer engagement projects, staff recruitment and training, and marketing department organization and strategy implementation projects for a variety of commercial and not-for-profit organizations. She is eager to begin her work at OWASP and help the organization reach its project completion goals.

Samantha earned her MBA in International Management with a concentration in sustainability from Royal Holloway, University of London. She earned her Bachelor's degree majoring in Multimedia from The University of Advancing Technology in Mesa, Arizona, and she earned her Associate's degree from Scottsdale Community College in Scottsdale, Arizona. Additionally, Samantha attained her Prince2 (Foundation) project management certification, and she undertook executive management training in Intellectual Property Strategy from Harvard Business School. [https://www.owasp.org/index.php/Test2test .]

Please see the [https://www.owasp.org/index.php/OwaspPM OWASP Program Manager: Projects Role Description] for more information.

|}
 

==Program Reports==

'''2014'''

*[https://www.owasp.org/index.php/Projects/Reports/2014-10-01 Project Manager Report: January 10 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-17-01 Project Manager Report: January 17 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-25-01 Project Manager Report: January 25 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-31-01 Project Manager Report: January 31 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-07-02 Project Manager Report: February 07 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-16-02 Project Manager Report: February 16 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-21-02 Project Manager Report: February 21 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-28-02 Project Manager Report: February 28 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-07-03 Project Manager Report: March 07 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-14-03 Project Manager Report: March 14 2014]
*Project Manager Report: March 21 2014 - No Report this week. PM was away at AppSec APAC 2014.
*[https://www.owasp.org/index.php/Projects/Reports/2014-28-03 Project Manager Report: March 28 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-04-04 Project Manager Report: April 04 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-11-04 Project Manager Report: April 11 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-18-04 Project Manager Report: April 18 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-25-04 Project Manager Report: April 25 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-02-05 Project Manager Report: May 02 2014]
*Project Manager Report: May 09 2013 - No Report this week. On Holiday.
*Project Manager Report: May 16 2013 - No Report this week. On Holiday.
*[https://www.owasp.org/index.php/Projects/Reports/2014-23-05 Program Manager Report: May 23 2014]

'''2013'''

*[https://www.owasp.org/index.php/GPC/Meetings/2013-04-01 GPC Meeting: January 04 2013 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-11-01 GPC Meeting: January 11 2013 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-18-01 GPC Meeting: January 18 2013 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-25-01 GPC Meeting: January 25 2013 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-01-02 GPC Meeting: February 01 2013 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-08-02 GPC Meeting: February 08 2013 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-15-02 GPC Meeting: February 15 2013 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-22-02 GPC Meeting: February 22 2013 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-01-03 Project Manager Report: March 01 2013]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-08-03 Project Manager Report: March 08 2013]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-15-03 Project Manager Report: March 15 2013]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-22-03 Project Manager Report: March 22 2013]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-29-03 Project Manager Report: March 29 2013]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-05-04 Project Manager Report: April 05 2013]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-12-04 Project Manager Report: April 12 2013]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-19-04 Project Manager Report: April 19 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-26-04 Project Manager Report: April 26 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-03-05 Project Manager Report: May 03 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-10-05 Project Manager Report: May 10 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-17-05 Project Manager Report: May 17 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-24-05 Project Manager Report: May 24 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-31-05 Project Manager Report: May 31 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-07-06 Project Manager Report: June 07 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-14-06 Project Manager Report: June 14 2013]
*Project Manager Report: June 21 2013 - No Report this week. PM was away at a week long course.
*[https://www.owasp.org/index.php/Projects/Reports/2013-28-06 Project Manager Report: June 28 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-05-07 Project Manager Report: July 05 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-12-07 Project Manager Report: July 12 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-19-07 Project Manager Report: July 19 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-26-07 Project Manager Report: July 26 2013]
*Project Manager Report: August 02 2013 - No Report this week. PM was away at Black Hat & DEFCON 2013.
*[https://www.owasp.org/index.php/Projects/Reports/2013-09-08 Project Manager Report: August 09 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-16-08 Project Manager Report: August 16 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-23-08 Project Manager Report: August 23 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-30-08 Project Manager Report: August 30 2013]
*Project Manager Report: September 06 2013 - No Report this week. PM was away.
*[https://www.owasp.org/index.php/Projects/Reports/2013-13-09 Project Manager Report: September 13 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-20-09 Project Manager Report: September 20 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-27-09 Project Manager Report: September 27 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-04-10 Project Manager Report: October 04 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-12-10 Project Manager Report: October 12 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-18-10 Project Manager Report: October 18 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-25-10 Project Manager Report: October 25 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-01-11 Project Manager Report: November 01 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-08-11 Project Manager Report: November 08 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-15-11 Project Manager Report: November 15 2013]
*Project Manager Report: November 22 2013 - No Report this week. PM was away at AppSec USA 2013.
*Project Manager Report: November 29 2013 - No Report this week. National Holiday.
*[https://www.owasp.org/index.php/Projects/Reports/2013-06-12 Project Manager Report: December 06 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-13-12 Project Manager Report: December 13 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-20-12 Project Manager Report: December 20 2013]

'''2012'''

*[https://www.owasp.org/index.php/GPC/Meetings/2012-24-08 GPC Meeting: August 24 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-07-09 GPC Meeting: September 07 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-14-09 GPC Meeting: September 14 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-21-09 GPC Meeting: September 21 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-28-09 GPC Meeting: September 28 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-05-10 GPC Meeting: October 05 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-12-10 GPC Meeting: October 12 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-19-10 GPC Meeting: October 19 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-09-11 GPC Meeting: November 09 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-16-11 GPC Meeting: November 16 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-30-11 GPC Meeting: November 30 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-07-12 GPC Meeting: December 07 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-14-12 GPC Meeting: December 14 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-21-12 GPC Meeting: December 21 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-27-12 GPC Meeting: December 27 2012 Project Manager Report]

==Board Meeting Reports==

*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/August_13_2012 Board Meeting: August 2012 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/September_10_2012 Board Meeting: September 2012 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/October_08_2012 Board Meeting: October 2012 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/November_12_2012 Board Meeting: November 2012 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/December_10_2012 Board Meeting: December 2012 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/January_14_2013 Board Meeting: January 2013 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/February_11_2013 Board Meeting: February 2013 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/March_11_2013 Board Meeting: March 2013 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/April_05_2013 Board Meeting: April 2013 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/May_13_2013 Board Meeting: May 2013 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/June_10_2013 Board Meeting: June 2013 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/July_08_2013 Board Meeting: July 2013 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/August_06_2013 Board Meeting: August 2013 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/September_09_2013 Board Meeting: September 2013 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/November_06_2013 Board Meeting: November 2013 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/December_03_2013 Board Meeting: December 2013 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/February_18_2013 Board Meeting: February 2014 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/April_18_2014 Board Meeting: April 2014 Project Manager Report]

==Project Funds==

* [https://docs.google.com/a/owasp.org/spreadsheet/pub?hl=en_US&hl=en_US&key=0Atu4kyR3ljftdEdQWTczbUxoMUFnWmlTODZ2ZFZvaXc&output=html Chapter and Individual Project Funds]
* [https://www.owasp.org/index.php/Projects_Reboot_2012 Project Reboot 2012 Information]
* [https://www.owasp.org/images/a/ae/Project_Funds-Q1_2013.pdf Q1 2013: Funds Allocated to Projects]
* [https://www.owasp.org/images/a/a0/PROJECT_FUNDS_Q2_2013.pdf Q2 2013: Funds Allocated to Projects]
* [https://www.owasp.org/images/c/ce/Due_To_Projects_Q3.pdf Q3 2013: Funds Allocated to Projects]
* [https://www.owasp.org/images/b/b3/Due_To_Projects_Q4_2013.pdf Q4 2013: Funds Allocated to Projects]

==Program Grants: Proposals Awarded==

*'''[https://docs.google.com/document/d/1MA3TI5ssclxvheV8At_ffu2Fuic55SDpOokS3AOvBUc/edit?usp=sharing OWASP Guidebooks Proposal]'''
# Amount: $25,000 USD
# Status: Awarded. The first payment has been allocated to our project budgets. The second invoice has now been sent to Georgia Tech and payment has been received.
# [https://www.owasp.org/images/1/18/Development_Guide_Project_Gantt.pdf OWASP Development Guide Plan]
# [https://www.owasp.org/images/e/e9/Testing_Guide_Project_Gantt.pdf OWASP Testing Guide Plan]
# [https://www.owasp.org/images/d/da/Code_Review_Project_Gantt.pdf OWASP Code Review Guide Plan]

*'''Google Grants Proposal'''
#Amount: $120,000 USD in Adwords Funds
#Status: Awarded.
#Note: There is no link to show the proposal for this grant. There was a form that was submitted to Google, and we did not receive a record of this form.

*'''Google Summer of Code'''
#Amount: $5,500
#Status: Awarded

*'''Projects breakdown:'''
**4 ZAP Projects: $2,000
**4 OWTF Projects: $2,000
**1 PHP Security Project: $500
**1 Hackademics Project: $500
**1 Modsecurity Project: $500
**Note: Big thank you to Fabio Cerullo for coordinating and managing this award.

*'''[https://docs.google.com/document/d/1cFbmOLqEQQG8eXPrMTlU6JUivgRIacUeL7D599bZm_E/edit?usp=sharing OWASP AppSensor Grant Proposal]'''
# Amount: $15,000 USD
# Status: Awarded.

*'''Total Funds Awarded: $172,170 USD for 2013.'''

==Proposals Denied==

*'''European Commission Grant Proposal'''
#Amount: €250,000
#Status: Denied.

*'''[https://docs.google.com/document/d/1Vz7BLFdt1h5AhmW-Zc2B_KlqhzsSkSAaEASML5U4VQs/edit?usp=sharing OWASP OpenSAMM Grant Proposal]'''
# Amount: $112,000 USD
# Status: Denied

*'''[https://docs.google.com/document/d/16ZFXaML8C7aDAZdyTMDDg4BzLr1vUTOz9eqmYE8ZW8U/edit?usp=sharing OWASP ESAPI Grant Proposal]'''
# Amount: $25,000 USD
# Status: Denied

*'''[https://docs.google.com/document/d/1dBTaRr-yl8wGhGKxacWACznZhCZnJ_sZeAdN-b2xPlw/edit?usp=sharing OWASP ModSecurity CRS Proposal]'''
#Amount: $30,000 USD
#Status: Denied

*'''[https://docs.google.com/file/d/0B1lOCxlYdf1AQm52T2xjX215M28/edit?usp=sharing OWASP OWTF Grant Proposal]'''
# Amount: $55,800 USD
# Status: Denied

==Program Presentations: Projects==

* [https://www.owasp.org/images/f/fb/OWASP_GLOBAL_PROJECTS.pdf OWASP Projects Presentation: Phoenix Chapter Talk]
* [https://www.owasp.org/images/b/bb/OWASP_Projects_Webinar.pdf OWASP Projects Webinar]
* [https://www.owasp.org/images/1/19/OWASP_PROJECTS_SOLUTIONS.pdf OWASP Project Infrastructure: Solutions]

==Program Manger's Quarterly Strategic Objectives==

'''[https://docs.google.com/document/d/1g9jJImMr0p6fLqixOJIXtrNvGtycmI7-ofT54vWExwo/edit?usp=sharing Goals and Objectives: 2013 Q4]'''
#Finish planning Project Summit & Execute Summit at AppSec USA.
#Develop & Finish Global Projects Strategy for 2014: Includes Budget
#Finish Fundraising Strategy for 2014: Includes Budget

*'''Ongoing Objectives for 2013'''
**Quarterly Report to DHS
**Continue helping leaders reach their grant required milestones
**Finalise graphic design delivery from Patrick: 2 pieces to go.

'''[https://docs.google.com/a/owasp.org/document/d/1wziu7cIMmnYZQ_fMxjNd614e0OWNacZLmcyQl7zWnZU/edit?usp=sharing Goals and Objectives: 2013 Q3]'''
#Marketing: Work with Sarah to solicit feedback from community on Marketing deliverables and finalize relationship with Patrick and Denita.
#Project Review Process - Work with new Technical Project advisors to finalize project review criteria and process.
#Grants: Develop a grant strategy for rest of 2013 and 2014, utilizing fundraising intern(s) as part of this strategy.

*'''Ongoing Objectives for 2013'''
**Work with Project leaders to reach grant required milestones - ONGOING
**Develop a project charter outlining appropriate grant revenue spending and grant required milestones. - DUE IN SEPTEMBER - ONGOING
**Oversight of Marketing and Graphic Design deliverables (Phase 2/Phase 3) provided by 3rd party contractor

==Contact the Program Manager==

If you need any help with anything projects related, or if you simply need some more information, please do not hesitate to contact the [http://owasp4.owasp.org/contactus.html OWASP Projects Manager, Samantha Groves].


= Contact US =


==OWASP Representation==
* [[User:Samantha Groves|Samantha Groves]]: OWASP Program Manager: OWASP Projects

If you need any help with anything projects related, or if you simply need some more information, please do not hesitate to contact the [http://owasp4.owasp.org/contactus.html OWASP Projects Manager, Samantha Groves].


<headertabs />

OWASP Hardened Phalcon Project

2014-05-28T00:09:20Z

Samantha Groves: Created page with "=Main= <div style="width:100%;height:160px;border:0,margin:0;overflow: hidden;">link=</div> {| style="padding: 0;margin:0;margin-top:10px;t..."

=Main=

<div style="width:100%;height:160px;border:0,margin:0;overflow: hidden;">[[File:OWASP_Project_Header.jpg|link=]]</div>

{| style="padding: 0;margin:0;margin-top:10px;text-align:left;" |-
| valign="top" style="border-right: 1px dotted gray;padding-right:25px;" |

==OWASP Hardened Phalcon Project==

The Phalcon Framework is the world's fastest PHP Framework, however like most frameworks it is not 'hardened' by default. OWASP Hardened Phalcon aims to help developers harden their Phalcon applications in-line with the published OWASP guidelines.

==Introduction==

Write a short introduction

==Description==

Write a description that is just a few paragraphs long

==Licensing==
OWASP Hardened Phalcon is free to use. It is licensed under the MIT License.

| valign="top" style="padding-left:25px;width:200px;border-right: 1px dotted gray;padding-right:25px;" |

== What is XXX? ==

OWASP XXX provides:

* xxx
* xxx

== Presentation ==

Link to presentation

== Project Leader ==

Rhodry Korb

== Related Projects ==

* [[OWASP_CISO_Survey]]

== Ohloh ==

* [http://www.ohloh.net/orgs/OWASP OWASP Project Ohloh]

| valign="top" style="padding-left:25px;width:200px;" |

== Quick Download ==

* Link to page/download

== Email List ==

Project Email List

== News and Events ==
* [20 Nov 2013] News 2
* [30 Sep 2013] News 1

== In Print ==
This project can be purchased as a print on demand book from Lulu.com

==Classifications==

{| width="200" cellpadding="2"
|-
| align="center" valign="top" width="50%" rowspan="2"| [[File:New projects.png|100px|link=https://www.owasp.org/index.php/OWASP_Project_Stages#tab=Incubator_Projects]]
| align="center" valign="top" width="50%"| [[File:Owasp-builders-small.png|link=]]
|-
| align="center" valign="top" width="50%"| [[File:Owasp-defenders-small.png|link=]]
|-
| colspan="2" align="center" | [[File:Cc-button-y-sa-small.png|link=http://creativecommons.org/licenses/by-sa/3.0/]]
|-
| colspan="2" align="center" | [[File:Project_Type_Files_CODE.jpg|link=]]
|}

|}

=FAQs=

; Q1
: A1

; Q2
: A2

= Acknowledgements =
==Volunteers==
XXX is developed by a worldwide team of volunteers. The primary contributors to date have been:

* xxx
* xxx

==Others==
* xxx
* xxx

= Road Map and Getting Involved =
As of May 2014, the priorities are:

=== LESS THAN 3 MONTHS ===
Implement session handling and other settings configurable with native Phalcon classes based on the OWASP PHP Security Cheat Sheet.

=== 3-6 MONTHS ===
Implement settings which require custom or PHP native classes based on OWASP PHP Security Cheat Sheet and other OWASP guidelines and documentation.

Implement solutions for phase 1 Framework Issues from OWASP PHP Security Cheat Sheet.

=== 6 MONTHS ===
Continue to improve the code to meet with other OWASP guidelines and documentation.

Implement solutions for phase 2 Framework Issues from OWASP PHP Security Cheat Sheet.

Involvement in the development and promotion of XXX is actively encouraged!
You do not have to be a security expert in order to contribute.
Some of the ways you can help:
* xxx
* xxx

__NOTOC__ <headertabs />

[[Category:OWASP Project]]

Projects/Reports/2014-23-05

2014-05-23T23:46:55Z

Samantha Groves:

Projects/Reports/2014-23-05

2014-05-23T23:44:56Z

Samantha Groves:

Projects/Reports/2014-23-05

2014-05-23T23:39:15Z

Samantha Groves: Created page with "=PROJECT METRICS= <div style="width:100%;height:160px;border:0,margin:0;overflow: hidden;">link=</div> ==Metrics== *'''[https://docs.googl..."

Category:OWASP Project

2014-05-23T23:38:40Z

Samantha Groves:

__NOTOC__
{|
|-
! width="700" align="center" | 
! width="500" align="center" | 
|-
| align="right" | [[Image:Owasp_banner_web_pro.jpg|800px| link=https://www.owasp.org/index.php/Category:OWASP_Project]]
| align="right" |

|}

= Welcome =
{| style="width: 100%;"
|-
| style="width: 100%; color: rgb(0, 0, 0);" |
{| style="border: 0px solid ; background: transparent none repeat scroll 0% 0%; width: 100%; -moz-background-clip: border; -moz-background-origin: padding; -moz-background-inline-policy: continuous;"
|-
| style="width: 95%; color: rgb(0, 0, 0);" |


=== OWASP Project Inventory ===

All OWASP tools, document, and code library projects are organized into the following [https://www.owasp.org/index.php/OWASP_Project_Stages categories:]

* '''[https://www.owasp.org/index.php/OWASP_Project_Inventory#Flagship_Projects Flagship Projects:]''' The OWASP Flagship designation is given to projects that have demonstrated strategic value to OWASP and application security as a whole.

* '''[https://www.owasp.org/index.php/OWASP_Project_Inventory#Labs_Projects Lab Projects:]''' OWASP Labs projects represent projects that have produced an OWASP reviewed deliverable of value.

* '''[https://www.owasp.org/index.php/OWASP_Project_Inventory#Incubator_Projects Incubator Projects:]''' OWASP Incubator projects represent the experimental playground where projects are still being fleshed out, ideas are still being proven, and development is still underway.

=== Welcome to the OWASP Global Projects Page ===

An OWASP project is a collection of related tasks that have a defined roadmap and team members. OWASP project leaders are responsible for defining the vision, roadmap, and tasks for the project. The project leader also promotes the project and builds the team. OWASP currently has over 142 active projects, and new project applications are submitted every week.

This is one of the most popular divisions of OWASP as it gives members an opportunity to freely test theories and ideas with the professional advice and support of the OWASP community. Every project has an associated mail list. You can view all the lists, examine their archives, and subscribe to any project by visiting the [http://lists.owasp.org/mailman/listinfo OWASP Project Mailing Lists] page. A summary of recent project announcements is available on the [[OWASP Updates]] page.

'''[https://www.owasp.org/images/d/d8/PROJECT_LEADER-HANDBOOK_2014.pdf Download the OWASP Project Handbook 2014]'''

'''[https://www.owasp.org/index.php/OWASP_2014_Project_Handbook OWASP Project Handbook Wiki 2014]'''

'''[https://www.owasp.org/images/6/6a/OWASP_Projects_Handbook_2013.pdf Download the OWASP Projects Handbook 2013]'''

'''[http://www.tfaforms.com/263506 Start a New OWASP Project]'''

'''[https://www.owasp.org/index.php/Project_Online_Resources Project Online Resources]'''

=== Who Should Start an OWASP Project? ===

*Application Developers.
*Software Architects.
* Information Security Authors.
*Those who would like the support of a world wide professional community to develop or test an idea.
*Anyone wishing to take advantage of the professional body of knowledge OWASP has to offer.

=== Contact Us===

If you have any questions, please do not hesitate to contact the [http://owasp4.owasp.org/contactus.html OWASP Projects Manager, Samantha Groves] by using the form provided here. Please allow five working days for your question or comment to be answered. This is due to the large amount of queries the foundation staff receive every day. We thank you for your patience.

=== Social Media ===

We recommend using the links below to find our official OWASP social media channels. These are a great way to keep in touch with the different initiatives going on at OWASP throughout the world. They are all updated regularly by chapter leaders, project leaders, the OWASP Board Members, and our OWASP Staff. If you have any questions or concerns about any of these accounts, please drop us a line using our [http://www.tfaforms.com/308703 "Contact Us"] form found above.

[[Image:Blogger-32x32.png|32px|link=http://owasp.blogspot.co.uk/]] [[Image:Twitter-32x32.png|32px|link=https://twitter.com/OWASP]] [[Image:Facebook-32x32.png|32px|link=https://www.facebook.com/groups/172892372831444/]] [[Image:Linkedin-32x32.png|32px|link=http://www.linkedin.com/groups/Global-OWASP-Foundation-36874]] [[Image:Google-32x32.png|32px|link=https://plus.google.com/u/0/communities/105181517914716500346?cfem=1]] [[Image:Ning-32x32.png|32px|link=http://myowasp.ning.com/]]





 

|}



| style="border: 3px solid rgb(204, 204, 204); vertical-align: top; width: 95%; font-size: 95%; color: rgb(0, 0, 0);" | 

                                                                                                                              [[Image:Passfault01.jpg‎|center|300px| link=https://www.owasp.org/index.php/OWASP_Passfault]]

[[Image:AppSecEU_2014.jpg|center|300px| link=https://2014.appsec.eu/]]

[[Image:New_initiatives.png|center|300px| link=http://owasp.force.com/volunteers/GW_Volunteers__VolunteersJobListing]]

[[Image:Donate_here_banner.png|center|300px| link=http://www.regonline.com/Register/Checkin.aspx?EventID=1044369]]

{|

| style="width: 110px; font-size: 95%; color: rgb(0, 0, 0);" |
|}

| style="width: 110px; font-size: 95%; color: rgb(0, 0, 0);" |
|}


= Project Inventory =


==Flagship Projects==

The OWASP Flagship designation is given to projects that have demonstrated strategic value to OWASP and application security as a whole.

'''Code'''

'''Tools'''

'''Documentation'''

==Labs Projects==

OWASP Labs projects represent projects that have produced a deliverable of value. While these projects are typically not production ready, the OWASP community expects that an OWASP Labs project leader is producing releases that are at least ready for mainstream usage.

'''Tools'''
* [https://www.owasp.org/index.php/OWASP_Broken_Web_Applications_Project OWASP Broken Web Applications Project]
* [https://www.owasp.org/index.php/Category:OWASP_CSRFTester_Project OWASP CSRFTester Project]
* [https://www.owasp.org/index.php/Category:OWASP_EnDe OWASP EnDe Project]
* [https://www.owasp.org/index.php/OWASP_Hackademic_Challenges_Project OWASP Hackademic Challenges Project]
* [https://www.owasp.org/index.php/OWASP_Mantra_-_Security_Framework OWASP Mantra Security Framework]
* [https://www.owasp.org/index.php/Category:OWASP_Mutillidae OWASP Mutillidae Project]
* [https://www.owasp.org/index.php/OWASP_O2_Platform OWASP O2 Platform]
* [https://www.owasp.org/index.php/Project_Information:template_Vicnum_Project OWASP Vicnum Project]
* [https://www.owasp.org/index.php/Category:OWASP_Wapiti_Project OWASP Wapiti Project]
* [https://www.owasp.org/index.php/Project_Information:template_Yasca_Project OWASP Yasca Project]
* [https://www.owasp.org/index.php/OWASP_OWTF OWASP OWTF]
* [https://www.owasp.org/index.php?title=OWASP_Web_Testing_Environment_Project OWASP Web Testing Environment Project]
* [https://www.owasp.org/index.php/Webgoat OWASP WebGoat Project]
* [https://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Project OWASP Zed Attack Proxy]

'''Documentation'''
* [https://www.owasp.org/index.php/OWASP_Appsec_Tutorial_Series OWASP AppSec Tutorial Series]
* [https://www.owasp.org/index.php/OWASP_AppSensor_Project OWASP AppSensor Project]
* [https://www.owasp.org/index.php/Category:OWASP_CTF_Project OWASP CTF Project]
* [https://www.owasp.org/index.php/Category:OWASP_Legal_Project OWASP Legal Project]
* [https://www.owasp.org/index.php/OWASP_Podcast OWASP Podcast Project]
* [https://www.owasp.org/index.php/Virtual_Patching_Best_Practices Virtual Patching Best Practices]
* [https://www.owasp.org/index.php/Category:OWASP_Application_Security_Verification_Standard_Project OWASP Application Security Verification Standard Project]
* [https://www.owasp.org/index.php/Category:OWASP_Code_Review_Project OWASP Code Review Guide Project]
* [https://www.owasp.org/index.php/OWASP_Codes_of_Conduct OWASP Codes of Conduct]
* [https://www.owasp.org/index.php/Category:OWASP_Guide_Project OWASP Development Guide Project]
* [https://www.owasp.org/index.php/OWASP_Secure_Coding_Practices_-_Quick_Reference_Guide OWASP Secure Coding Practices - Quick Reference Guide]
* [https://www.owasp.org/index.php/Category:Software_Assurance_Maturity_Model OWASP Software Assurance Maturity Model (SAMM)]
* [https://www.owasp.org/index.php/OWASP_Testing_Project OWASP Testing Guide Project]
* [https://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project OWASP Top Ten Project]

'''Code'''
* [https://www.owasp.org/index.php/Category:OWASP_AntiSamy_Project OWASP AntiSamy Project]
* [https://www.owasp.org/index.php/Category:OWASP_Enterprise_Security_API OWASP Enterprise Security API]
* [https://www.owasp.org/index.php/Projects/OWASP_ModSecurity_Core_Rule_Set_Project OWASP ModSecurity Core Rule Set Project]
* [https://www.owasp.org/index.php/Category:OWASP_CSRFGuard_Project OWASP CSRFGuard Project]

<div id="sammysam"></div>

==Incubator Projects==

OWASP Incubator projects represent the experimental playground where projects are still being fleshed out, ideas are still being proven, and development is still underway. The “OWASP Incubator” label allows OWASP consumers to readily identify a project’s maturity. The label also allows project leaders to leverage the OWASP name while their project is still maturing.

'''Code'''
* [https://www.owasp.org/index.php/Opa OWASP OPA]
* [https://www.owasp.org/index.php/OWASP_Java_Encoder_Project OWASP Java Encoder Project]
* [https://www.owasp.org/index.php/OWASP_JSON_Sanitizer OWASP JSON Sanitizer]
* [https://www.owasp.org/index.php/OWASP_Java_HTML_Sanitizer OWASP Java HTML Sanitizer Project]
* [https://www.owasp.org/index.php/OWASP_Java_XML_Templates_Project OWASP Java XML Templates Project]
* [https://www.owasp.org/index.php/OWASP_Passfault OWASP Passfault]
* [https://www.owasp.org/index.php/OWASP_Java_File_I_O_Security_Project OWASP Java File I/O Security Project]
* [https://www.owasp.org/index.php/OWASP_Security_Research_and_Development_Framework OWASP Security Research and Development Framework]
* [https://www.owasp.org/index.php/OWASP_Focus OWASP Focus]
* [https://www.owasp.org/index.php/OWASP_PHPRBAC_Project OWASP PHPRBAC Project]
* [https://www.owasp.org/index.php/OWASP_EJSF_Project OWASP EJSF Project]
* [https://www.owasp.org/index.php/OWASP_iMAS_iOS_Mobile_Application_Security_Project OWASP iMAS - iOS Mobile Application Security Project]
* [https://www.owasp.org/index.php/OWASP_RBAC_Project OWASP RBAC Project]
* [https://www.owasp.org/index.php/OWASP_PHP_Security_Project OWASP PHP Security Project]
* [https://www.owasp.org/index.php/OWASP_File_Format_Validation_Project OWASP File Format Validation Project]
* [https://www.owasp.org/index.php/OWASP_JAWS_Project OWASP JAWS Project]
* [https://www.owasp.org/index.php/OWASP_Node_js_Goat_Project OWASP Node.js Goat Project]
* [https://www.owasp.org/index.php/OWASP_System_Vulnerable_Code_Project OWASP System Vulnerable Code Project]
* [https://www.owasp.org/index.php/OWASP_ISO_IEC_27034_Application_Security_Controls_Project OWASP ISO/IEC 27034 Application Security Controls Project]
* [https://www.owasp.org/index.php/OWASP_Secure_Headers_Project OWASP Secure Headers Project]

'''Tools'''
* [https://www.owasp.org/index.php/OWASP_NAXSI_Project OWASP NAXSI Project]
* [https://www.owasp.org/index.php/OWASP_Passw3rd_Project OWASP Passw3rd Project]
* [https://www.owasp.org/index.php/Category:OWASP_WebGoat.NET OWASP WebGoat.NET]
* [https://www.owasp.org/index.php/OWASP_Path_Traverser OWASP Path Traverser]
* [https://www.owasp.org/index.php/OWASP_Watiqay OWASP Watiqay]
* [https://www.owasp.org/index.php/Projects/OWASP_Security_Shepherd/Roadmap OWASP Security Shepherd]
* [https://www.owasp.org/index.php/OWASP_Xenotix_XSS_Exploit_Framework OWASP Xenotix XSS Exploit Framework]
* [https://www.owasp.org/index.php/OWASP_Mantra_OS OWASP Mantra OS]
* [https://www.owasp.org/index.php/OWASP_XSSER OWASP XSSER]
* [https://www.owasp.org/index.php/OWASP_Academy_Portal_Project OWASP Academy Portal Project]
* [https://www.owasp.org/index.php/OWASP_ASIDE_Project OWASP ASIDE Project]
* [https://www.owasp.org/index.php/OWASP_iGoat_Project OWASP iGoat Project]
* [https://www.owasp.org/index.php/OWASP_SamuraiWTF_Project OWASP SamuraiWTF]
* [https://www.owasp.org/index.php/O-Saft O-Saft]
* [https://www.owasp.org/index.php/OWASP_OpenStack_Security_Project OWASP OpenStack Security Project]
* [https://www.owasp.org/index.php/OWASP_Bricks OWASP Bricks]
* [https://www.owasp.org/index.php/OWASP_Dependency_Check OWASP Dependency Check]
* [https://www.owasp.org/index.php/OWASP_Hive_Project OWASP Hive Project]
* [https://www.owasp.org/index.php/OWASP_Rails_Goat_Project OWASP Rails Goat Project]
* [https://www.owasp.org/index.php/OWASP_Bywaf_Project OWASP Bywaf Project]
* [https://www.owasp.org/index.php/OWASP_S.T.I.N.G_Project OWASP S.T.I.N.G Project]
* [https://www.owasp.org/index.php/OWASP_VaultDB_Project OWASP VaultDB Project]
* [https://www.owasp.org/index.php/OWASP_Mutillidae_2_Project OWASP Mutillidae 2 Project]
* [https://www.owasp.org/index.php/OWASP_Skanda_SSRF_Exploitation_Framework OWASP Skanda - SSRF Exploitation Framework]
* [https://www.owasp.org/index.php/OWASP_SeraphimDroid_Project OWASP SeraphimDroid Project]
* [https://www.owasp.org/index.php/OWASP_Androick_Project OWASP Androïck Project]
* [https://www.owasp.org/index.php/OWASP_SafeNuGet_Project OWASP SafeNuGet Project]
* [https://www.owasp.org/index.php/OWASP_WebSandBox_Project OWASP WebSandBox Project]
* [https://www.owasp.org/index.php/OWASP_Dependency_Track_Project OWASP Dependency Track Project]
* [https://www.owasp.org/index.php/OWASP_PHP_Portscanner_Project OWASP PHP Portscaner Project]
* [https://www.owasp.org/index.php/OWASP_Python_Security_Project OWASP Python Security Project]
* [https://www.owasp.org/index.php/OWASP_WebSpa_Project OWASP WebSpa Project]
* [https://www.owasp.org/index.php/OWASP_Financial_Information_Exchange_Security_Project OWASP Financial Information Exchange Security Project]
* [https://www.owasp.org/index.php/OWASP_NINJA_PingU_Project OWASP NINJA PingU Project]
* [https://www.owasp.org/index.php/OWASP_Encoder_Comparison_Reference_Project OWASP Encoder Comparison Reference Project]
* [https://www.owasp.org/index.php/Category:OWASP_SQLiX_Project OWASP sqliX Project]
* [https://www.owasp.org/index.php/OWASP_LAPSE_Project OWASP LAPSE Project]
* [https://www.owasp.org/index.php/Category:OWASP_Orizon_Project OWASP Orizon Project]
* [https://www.owasp.org/index.php/OWASP_WASC_Distributed_Web_Honeypots_Project OWASP WASC Distributed Web Honeypots Project]
* [https://www.owasp.org/index.php/OWASP_Click_Me_Project OWASP Click Me Project]
* [https://www.owasp.org/index.php/OWASP_Secure_TDD_Project OWASP Secure TDD Project]
* [https://www.owasp.org/index.php/OWASP_XSecurity_Project OWASP XSecurity Project]
* [https://www.owasp.org/index.php/OWASP_Pyttacker_Project OWASP Pyttacker Project]
* [https://www.owasp.org/index.php/OWASP_Code_Pulse_Project OWASP Code Pulse Project]
* [https://www.owasp.org/index.php/OWASP_HTTP_Post_Tool OWASP HTTP POST Tool]
*[https://www.owasp.org/index.php/OWASP_PHP_Security_Training_Project OWASP PHP Security Training Project]

'''Documentation'''
* [https://www.owasp.org/index.php/OWASP_Data_Exchange_Format_Project OWASP Data Exchange Format Project]
* [https://www.owasp.org/index.php/Cheat_Sheets OWASP Cheat Sheets Project]
* [https://www.owasp.org/index.php/OWASP_Proactive_Controls OWASP Proactive Controls]
* [https://www.owasp.org/index.php/OWASP_Security_Baseline_Project OWASP Security Baseline Project]
* [https://www.owasp.org/index.php/Category:OWASP_Application_Security_Requirements_Project OWASP Application Security Requirements Project]
* [https://www.owasp.org/index.php/Category:OWASP_Application_Security_Assessment_Standards_Project OWASP Application Security Assessment Standards Project]
* [https://www.owasp.org/index.php/Category:OWASP_CBT_Project OWASP Computer Based Training Project (OWASP CBT Project)]
* [https://www.owasp.org/index.php/OWASP_Enterprise_Application_Security_Project OWASP Enterprise Application Security Project]
* [https://www.owasp.org/index.php/OWASP_Exams_Project OWASP Exams Project]
* [https://www.owasp.org/index.php/Projects/OWASP_GoatDroid_Project OWASP GoatDroid Project]
* [https://www.owasp.org/index.php/OWASP_RFP-Criteria OWASP Request For Proposal]
* [https://www.owasp.org/index.php/OWASP_University_Challenge OWASP University Challenge]
* [https://www.owasp.org/index.php/OWASP_Hacking_Lab OWASP Hacking-Lab]
* [https://www.owasp.org/index.php/OWASP_Application_Security_Awareness_Top_10_E-learning_Project OWASP Application Security Awareness Top 10 E-learning Project]
* [https://www.owasp.org/index.php/WASC_OWASP_Web_Application_Firewall_Evaluation_Criteria_Project WASC/OWASP Web Application Firewall Evaluation Criteria (WAFEC)]
* [https://www.owasp.org/index.php/ESAPI_Swingset OWASP ESAPI Swingset Project]
* [https://www.owasp.org/index.php/OWASP_Press OWASP Press]
* [https://www.owasp.org/index.php/OWASP_CISO_Survey OWASP CISO Survey]
* [https://www.owasp.org/index.php/OWASP_Application_Security_Guide_For_CISOs_Project OWASP Application Security Guide For CISOs]
* [https://www.owasp.org/index.php/OWASP_Scada_Security_Project OWASP Scada Security Project]
* [https://www.owasp.org/index.php/OWASP_Cornucopia OWASP Cornucopia]
* [https://www.owasp.org/index.php/OWASP_Secure_Application_Design_Project OWASP Secure Application Design Project]
* [https://www.owasp.org/index.php/OWASP_Top_10_Fuer_Entwickler_Project OWASP Top 10 Fuer Entwickler Project]
* [https://www.owasp.org/index.php/OWASP_Web_Application_Security_Quick_Reference_Guide_Project OWASP Web Application Security Quick Reference Guide Project]
* [https://www.owasp.org/index.php/OWASP_Supporting_Legacy_Web_Applications_in_the_Current_Environment_Project OWASP Supporting Legacy Web Applications in the Current Environment Project]
* [https://www.owasp.org/index.php/OWASP_Security_Principles_Project OWASP Security Principles Project]
* [https://www.owasp.org/index.php/OWASP_Media_Project OWASP Media Project]
* [https://www.owasp.org/index.php/OWASP_Global_Chapter_Meetings_Project OWASP Global Chapter Meetings Project]
* [https://www.owasp.org/index.php/OWASP_Vulnerable_Web_Applications_Directory_Project OWASP Vulnerable Web Applications Directory Project]
* [https://www.owasp.org/index.php/OWASP_Game_Security_Framework_Project OWASP Game Security Framework Project]
* [https://www.owasp.org/index.php/OWASP_Insecure_Web_Components_Project OWASP Insecure Web Components Project]
* [https://www.owasp.org/index.php/OWASP_Reverse_Engineering_and_Code_Modification_Prevention_Project OWASP Reverse Engineering and Code Modification Prevention Project]
* [https://www.owasp.org/index.php/OWASP_Student_Chapters_Program OWASP Student Chapters Project]
* [https://www.owasp.org/index.php/Category:OWASP_Education_Project OWASP Education Project]
* [https://www.owasp.org/index.php/Category:OWASP_Speakers_Project OWASP Speakers Project]
* [https://www.owasp.org/index.php/OWASP_Internet_of_Things_Top_Ten_Project OWASP Internet of Things Top Ten Project]
* [https://www.owasp.org/index.php/Category:OWASP_.NET_Project OWASP .NET Project]
* [https://www.owasp.org/index.php/OWASP_Research_Book_Project OWASP Research Book Project]
* [https://www.owasp.org/index.php/OWASP_Open_Cyber_Security_Framework_Project OWASP Open Cyber Security Framework Project]
* [https://www.owasp.org/index.php/OWASP_Top_10_Privacy_Risks_Project OWASP Top 10 Privacy Risks Project]
* [https://www.owasp.org/index.php/OWASP_WASC_Web_Hacking_Incidents_Database_Project OWASP WASC Web Hacking Incidents Database Project]
* [https://www.owasp.org/index.php/OWASP_Security_Frameworks_Project OWASP Security Frameworks Project]
* [https://www.owasp.org/index.php/OWASP_Incident_Response_Project OWASP Incident Response Project]
* [https://www.owasp.org/index.php/OWASP_Embedded_Application_Security OWASP Embedded Application Security]
* [https://www.owasp.org/index.php/OWASP_STING_Game_Project OWASP STING Game Project]
*[https://www.owasp.org/index.php/Projects/OWASP_Ruby_on_Rails_and_friends_Security_Guide OWASP Ruby on Rails and Friends Security Guide]

==Donated Projects==

OWASP Donated Projects are inactive projects that have been donated to the OWASP Projects Infrastructure.

'''Tools'''

* [https://www.owasp.org/index.php/OWASP_Excess_XSS_Project OWASP Excess XSS Project]
* [https://www.owasp.org/index.php/OWASP_JOTP_Project OWASP jOTP Project]

==Inactive Projects==

'''Archived Projects'''

OWASP Archived Projects are inactive Labs projects. If you are interested in pursuing any of the projects below, please contact us and let us know of your interest.

* [https://www.owasp.org/index.php/Category:OWASP_Access_Control_Rules_Tester_Project OWASP Access Control Rules Tester Project]
* [https://www.owasp.org/index.php/Category:OWASP_Application_Security_Metrics_Project OWASP Application Security Metrics Project]
* [https://www.owasp.org/index.php/Category:OWASP_AppSec_FAQ_Project OWASP AppSec FAQ Project]
* [https://www.owasp.org/index.php/Asdr OWASP ASDR Project]
* [https://www.owasp.org/index.php/Category:OWASP_Backend_Security_Project OWASP Backend Security Project]
* [https://www.owasp.org/index.php/Category:OWASP_Best_Practices:_Use_of_Web_Application_Firewalls OWASP Best Practices: Use of Web Application Firewalls]
* [https://www.owasp.org/index.php/Category:OWASP_CAL9000_Project OWASP CAL9000 Project]
* [https://www.owasp.org/index.php/Category:OWASP_CLASP_Project OWASP CLASP Project]
* [https://www.owasp.org/index.php/Category:OWASP_Code_Crawler OWASP CodeCrawler Project]
* [https://www.owasp.org/index.php/Category:OWASP_Content_Validation_using_Java_Annotations_Project OWASP Content Validation using Java Annotations Project]
* [https://www.owasp.org/index.php/Category:OWASP_DirBuster_Project OWASP DirBuster Project]
* [https://www.owasp.org/index.php/Category:OWASP_Encoding_Project OWASP Encoding Project]
* [https://www.owasp.org/index.php/Category:OWASP_Google_Hacking_Project OWASP Google Hacking Project]
* [https://www.owasp.org/index.php/Category:OWASP_Insecure_Web_App_Project OWASP Insecure Web App Project]
* [https://www.owasp.org/index.php/Category:OWASP_Interceptor_Project OWASP Interceptor Project]
* [https://www.owasp.org/index.php/Category:OWASP_JSP_Testing_Tool_Project OWASP JSP Testing Tool Project]
* [https://www.owasp.org/index.php/Category:OWASP_LiveCD_Education_Project OWASP LiveCD Education Project]
* [https://www.owasp.org/index.php/Category:OWASP_Logging_Project OWASP Logging Guide]
* [https://www.owasp.org/index.php/Category:OWASP_NetBouncer_Project OWASP NetBouncer Project]
* [https://www.owasp.org/index.php/Category:OWASP_OpenPGP_Extensions_for_HTTP_-_Enigform_and_mod_openpgp OWASP OpenPGP Extensions for HTTP - Enigform and mod_openpgp Project]
* [https://www.owasp.org/index.php/Category:OWASP_OpenSign_Server_Project OWASP OpenSign Server Project]
* [https://www.owasp.org/index.php/Category:OWASP_Pantera_Web_Assessment_Studio_Project OWASP Pantera Web Assessment Studio Project]
* [https://www.owasp.org/index.php/Category:OWASP_PHP_Project OWASP PHP Project]
* [https://www.owasp.org/index.php/ORG_%28OWASP_Report_Generator%29 OWASP Report Generator]
* [https://www.owasp.org/index.php/Category:OWASP_SASAP_Project OWASP Scholastic Application Security Assessment Project]
* [https://www.owasp.org/index.php/Category:OWASP_Security_Analysis_of_Core_J2EE_Design_Patterns_Project OWASP Security Analysis of Core J2EE Design Patterns Project]
* [https://www.owasp.org/index.php/Category:OWASP_Security_Spending_Benchmarks OWASP Security Spending Benchmarks Project]
* [https://www.owasp.org/index.php/OWASP_SiteGenerator OWASP Site Generator Project]
* [https://www.owasp.org/index.php/Category:OWASP_Skavenger_Project OWASP Skavenger Project]
* [https://www.owasp.org/index.php/Category:OWASP_Source_Code_Flaws_Top_10_Project OWASP Source Code Flaws Top 10 Project]
* [https://www.owasp.org/index.php/Category:OWASP_Sprajax_Project OWASP Sprajax Project]
* [https://www.owasp.org/index.php/Category:OWASP_Sqlibench_Project OWASP Sqlibench Project]
* [https://www.owasp.org/index.php/Category:OWASP_Stinger_Project OWASP Stinger Project]
* [https://www.owasp.org/index.php/Category:OWASP_Teachable_Static_Analysis_Workbench_Project OWASP Teachable Static Analysis Workbench Project]
* [https://www.owasp.org/index.php/OWASP_Tiger OWASP Tiger]
* [https://www.owasp.org/index.php/Category:OWASP_Tools_Project OWASP Tools Project]
* [https://www.owasp.org/index.php/Projects/OWASP_Uniform_Reporting_Guidelines OWASP Uniform Reporting Guidelines]
* [https://www.owasp.org/index.php/Category:OWASP_WeBekci_Project OWASP Webekci Project]
* [https://www.owasp.org/index.php/JBroFuzz JBroFuzz]
* [https://owasp.org/index.php/Category:OWASP_SWAAT_Project OWASP SWAAT Project]
* [https://www.owasp.org/index.php/OWASP_Secure_Web_Application_Framework_Manifesto OWASP Secure Web Application Framework Manifesto]
* [https://www.owasp.org/index.php/Scrubbr OWASP Scrubbr]
* [https://www.owasp.org/index.php/OWASP_JavaScript_Sandboxes OWASP JavaScript Sandboxes Project]
* [https://www.owasp.org/index.php/Category:OWASP_Joomla_Vulnerability_Scanner_Project OWASP Joomla Vulnerability Scanner Project]
* [https://www.owasp.org/index.php/OWASP_Hatkit_Datafiddler_Project OWASP Hatkit Datafiddler Project]
* [https://www.owasp.org/index.php/OWASP_Hatkit_Proxy_Project OWASP Hatkit Proxy Project]
* [https://www.owasp.org/index.php/OWASP_Fiddler_Addons_for_Security_Testing_Project OWASP Fiddler Addons for Security Testing Project]
* [https://www.owasp.org/index.php/OWASP_Forward_Exploit_Tool_Project OWASP Forward Exploit Tool Project]
* [https://www.owasp.org/index.php/Category:OWASP_Fuzzing_Code_Database OWASP Fuzzing Code Database]
* [https://www.owasp.org/index.php/Category:OWASP_Cloud_‐_10_Project OWASP Cloud ‐ 10 Project]
* [https://www.owasp.org/index.php/OWASP_Web_Browser_Testing_System_Project OWASP Web Browser Testing System Project]
* [https://www.owasp.org/index.php/Webscarab OWASP WebScarab Project]
* [https://www.owasp.org/index.php/Project_Information:template_Webslayer_Project OWASP Webslayer Project]
* [https://www.owasp.org/index.php/Project_Information:template_WSFuzzer_Project OWASP WSFuzzer Project]
* [http://owasp.com/index.php/Category:OWASP_Security_Assurance_Testing_of_Virtual_Worlds_Project OWASP Security Assurance Testing of Virtual Worlds Project]
* [https://www.owasp.org/index.php/OWASP_WAF_Project OWASP WAF Project]
* [https://www.owasp.org/index.php/OWASP_VFW_Project OWASP VFW Project]
* [https://www.owasp.org/index.php/OWASP_SIMBA_Project OWASP SIMBA Project]
* [https://www.owasp.org/index.php/OWASP_ONYX OWASP ONYX]
* [https://www.owasp.org/index.php/OWASP_Java_Uncertain_Form_Submit_Prevention OWASP Java Uncertain Form Submit Prevention]
* [https://www.owasp.org/index.php/OWASP_Ecuador OWASP Ecuador]
* [https://www.owasp.org/index.php/OWASP_ESOP_Framework OWASP ESOP Framework]
* [https://www.owasp.org/index.php/OWASP_Alchemist_Project OWASP Alchemist Project]
* [https://www.owasp.org/index.php/OWASP_Secure_the_Flag_Competition_Project OWASP Secure the Flag Project]
* [https://www.owasp.org/index.php/OWASP_Browser_Security_ACID_Tests_Project OWASP Browser Security ACID Test Project]
* [https://www.owasp.org/index.php/OWASP_AJAX_Crawling_Tool OWASP AJAX Crawling Tool]
* [https://www.owasp.org/index.php/OWASP_Threat_Modelling_Project OWASP Threat Modeling Project]
* [https://www.owasp.org/index.php/OWASP_Crossword_of_the_Month OWASP Crossword of the Month]
* [https://www.owasp.org/index.php/OWASP_Secure_Password_Project OWASP Secure Password Project]
* [https://www.owasp.org/index.php/OWASP_Myth_Breakers_Project OWASP Myth Breakers Project]
* [http://owasp.com/index.php/OWASP_Project_Partnership_Model OWASP Project Partnership Model]
* [https://www.owasp.org/index.php/OWASP_Browser_Security_Project OWASP Browser Security Project]
* [https://www.owasp.org/index.php/OWASP_Application_Security_Program_for_Managers OWASP Application Security Program for Managers]
* [https://www.owasp.org/index.php/Category:OWASP_Favicon_Database_Project OWASP Favicon Database Project]
* [https://www.owasp.org/index.php/OWASP_Security_JDIs_Project OWASP Security JDIs Project]
* [https://www.owasp.org/index.php/OWASP_File_Hash_Repository OWASP File Hash Repository]
* [https://www.owasp.org/index.php/OWASP_Crowdtesting OWASP Crowdtesting]
* [https://www.owasp.org/index.php/OWASP_Application_Security_Skills_Assessment OWASP Application Security Skills Assessment]
* [https://www.owasp.org/index.php/OWASP_Common_Numbering_Project OWASP Common Numbering Project]
* [https://www.owasp.org/index.php/OWASP_WhatTheFuzz_Project#tab=Project_About OWASP WhatTheFuzz Project]
* [https://www.owasp.org/index.php/OWASP_Security_Tools_for_Developers_Project OWASP Security Tools for Developers Project]
* [https://www.owasp.org/index.php/Category:OWASP_Proxy OWASP Proxy Project]
* [https://www.owasp.org/index.php/OWASP_AW00T OWASP AW00t]
* [https://www.owasp.org/index.php/OWASP_Framework_Security_Project OWASP Framework Security Project]
* [https://www.owasp.org/index.php/OWASP_Desktop_Goat_and_Top_5_Project OWASP Desktop Goat and Top 5 Project]
* [https://www.owasp.org/index.php/OWASP_OVAL_Content_Project OWASP OVAL Content Project]
* [https://www.owasp.org/index.php/OWASP_Software_Security_Assurance_Process OWASP Software Security Assurance Process]
* [https://www.owasp.org/index.php/OWASP_Application_Fuzzing_Framework_Project OWASP Application Fuzzing Framework Project]
* [https://www.owasp.org/index.php/OWASP_Good_Component_Practices_Project OWASP Good Component Practices Project]
* [https://www.owasp.org/index.php/OWASP_1-Liner OWASP 1-Liner]
* [https://www.owasp.org/index.php/Category:OWASP_Java_Project OWASP Java Project]
* [https://www.owasp.org/index.php/OWASP_Web_Application_Security_Accessibility_Project#tab=Project_About OWASP Web Application Security Accessibility Project]
* [https://www.owasp.org/index.php/OWASP_OctoMS OWASP OctoMS]
* [https://www.owasp.org/index.php/OWASP_Java_J2EE_Secure_Development_Curriculum OWASP Java/J2EE Secure Development Curriculum]
* [https://www.owasp.org/index.php/OWASP_Barbarus OWASP Barbarus]
* [https://www.owasp.org/index.php/OWASP_Periodic_Table_of_Vulnerabilities OWASP Periodic Table of Vulnerabilities]
* [https://www.owasp.org/index.php/OWASP_Droid_Fusion OWASP Droid Fusion]
* [https://www.owasp.org/index.php/OWASP_iSABEL_Proxy_Server OWASP iSABEL Proxy Server]
* [https://www.owasp.org/index.php/OWASP_WS_Amplification_DoS_Project OWASP WS-Amplification DoS Project]
* [https://www.owasp.org/index.php/OWASP_Windows_Binary_Executable_Files_Security_Checks_Project OWASP Windows Binary Executable Files Security Checks Project]
* [https://www.owasp.org/index.php/OWASP_Wordpress_Security_Checklist_Project OWASP Wordpress Security Checklist Project]
* [https://www.owasp.org/index.php/OWASP_Simple_Host_Base_Incidence_Detection_System_Project OWASP Simple Host Base Incidence Detection System Project]
* [https://www.owasp.org/index.php/OWASP_Unmaskme_Project OWASP Unmaskme Project]
* [https://www.owasp.org/index.php/OWASP_HA_Vulnerability_Scanner_Project OWASP HA Vulnerability Scanner Project]
* [https://www.owasp.org/index.php/OWASP_Pygoat_Project OWASP Pygoat Project]
* [https://www.owasp.org/index.php/OWASP_Security_Labeling_System_Project OWASP Security Labeling System Project]
* [https://www.owasp.org/index.php/OWASP_IoTs_Project OWASP IoTs Project]
* [https://www.owasp.org/index.php/OWASP_STeBB_Project OWASP STeBB Project]
* [https://www.owasp.org/index.php/OWASP_Ultimatum_Project OWASP Ultimatum Project]

= Project Task Force =

===OWASP Project Task Force===

{{:Task_Force/OWASP_Projects}}

= Online Resources =

===Project Online Resources===

{{:Project_Online_Resources}}

= Starting a New Project =

== So you want to start a project... ==

Starting an OWASP Project is easy. You don't have to be an application security expert. You just have to have the drive and desire to make a contribution to the application security community.

Here are some of the guidelines for running a successful OWASP project:

* The best OWASP projects are strategic - they make it easier to produce secure applications by filling a gap in the application security knowledge-base or technology support.

* You ''can'' run a single person project, but it's usually best to get the community involved. You should be prepared to support a mailing list, build a team, speak at conferences, and promote your project.

* You can contribute existing documents or tools to OWASP! Assuming you have the intellectual property rights to a work, you can open it to the world as an OWASP Project. Please coordinate this with OWASP by contacting owasp(at)owasp.org.

* Available Grants to consider if you need funding - [https://www.owasp.org/index.php/Grants Click Here]

* You should promote your project through the OWASP channels as well as by outside means. Get people to blog about it!

== Creating a new project ==
The first thing you have to do if you want to start a new project is submit a new OWASP Project application. [http://www.tfaforms.com/263506 Please submit a new project application here].

* You will need to gather the following information together for your application:
A - PROJECT
# Project Name,
# Project purpose / overview,
# Project Roadmap,
# Project links (if any) to external sites,
# [http://www.owasp.org/index.php/Guidelines_for_OWASP_Projects#Project_Licensing Project License],
# Project Leader name,
# Project Leader email address,
# Project Leader wiki account - the username (you'll need this to edit the wiki),
# Project Contributor(s) (if any) - name email and wiki account (if any),
# Project Main Links (if any).

* Check out the '''[[Guidelines for OWASP Projects]]'''.
* [https://www.owasp.org/index.php/Grant_Spending_Policy Grant Spending Policy]
* [https://www.owasp.org/index.php/Project_Spending_Policy Project Spending Policy]
* [https://www.owasp.org/index.php/Project_Sponsorship_Operational_Guidelines Project Sponsorship Operational Guidelines]

==OWASP Recommended Licenses==

{{Recommended_Licenses}}

==Funding your Project==
An OWASP project does not receive any funding for development at project inception; however, a new project does have the opportunity to submit a request to receive funds if they are available for the year. Additionally, project leaders have the option of seeking sponsorship from outside organizations, but project leaders are required to seek funding through their own initiative. Please contact the OWASP Projects Manager for more information.

== Project Release ==

As your project reaches a point that you'd like OWASP to assist in its promotion, the will need the following information to help spread the word about your project:

# Short 5 sentence paragraph outlining what your project is about, what you hope to accomplish with your project, what value your project brings to software security, and contributor and project leader names and contact information.
# Link to your wiki page.
# Link to your code repository or a link to where readers can download your project.
# Latest Release description answering the following questions: What is it?, What does it do?, Where can I get it?, Who should I contact if something goes wrong?.

==Project Process Forms==
These forms were created to help project leaders, and those interested in a going through a process in the OWASP projects infrastructure. They facilitate the management of each query based on the specific task an applicant will need help with. The forms are described below, and they are linked with their designated online application form.

* [http://www.tfaforms.com/264422 Project Transition Application]:The OWASP project transition form gives current project leaders an easy way of handing over project administration information to individuals wishing to take over a project.

* [http://www.tfaforms.com/264413 Project Review Application]:This form is for current project leaders to request a review of their project based on OWASP graduation criteria. The aim is to designate an OWASP volunteer to review these projects within 3 months time.

* [http://www.tfaforms.com/264418 Project Donation Application]:This form is for projects outside of the OWASP project infrastructure. Project Leaders for these open source projects can choose to partner or give their project to OWASP directly through this form.

* [http://www.tfaforms.com/264428 Project Adoption Request]:This form is used when someone is interested in adopting an archived project.

* [http://www.tfaforms.com/264426 Project Abandonment Request]:The OWASP project abandonment form gives current project leaders an easy way of letting the OWASP Foundation know that they wish to resign their project leader duties. This form should be used when no replacement project leader exists to take over these duties.

* [http://www.tfaforms.com/264392 Incubator Project Graduation Application]:This application form is for Incubator Projects to apply for Labs Project status.

= Project Assessments =

==OWASP Project Lifecycle==
The OWASP Projects Lifecycle represents a balance between keeping a very loose structure around OWASP projects, and ensuring that OWASP consumers are not confused about a project’s maturity and quality. The lifecycle stage allows consumers to easily identify mature projects, and projects that are proofs of concept, experimental, and classified as prototypes in their current state. The greater the maturity of the project, the greater the level of responsibility for the project leader. These responsibilities are not trivial as OWASP provides incentives and benefits (Section 7) for projects who take on these added responsibilities.

'''The OWASP Project Lifecycle is broken down into the following stages:'''

'''Incubator Projects:''' OWASP Incubator projects represent the experimental playground where projects are still being designed, ideas are still being proven, and development is still underway. The “OWASP Incubator” label allows OWASP consumers to readily identify a project’s maturity; moreover, the label allows project leaders to leverage the OWASP name while their project is still maturing. OWASP Incubator projects are given a place on the OWASP Projects Portal to leverage the organizations' infrastructure, and establish their presence and project history.

'''Labs Projects:''' OWASP Labs projects represent projects that have produced a deliverable of significant value. Leaders of OWASP Labs projects are expected to stand behind the quality of their projects as these projects have matured to the point where they are accepted by a significant portion of the OWASP community. While these projects are typically not production ready, the OWASP community expects that an OWASP Labs project leader is producing releases that are ready for mainstream usage. OWASP Labs Projects are meant to be the collection of established projects that have gained community support and acclaim by undergoing the project review process.

'''Flagship Projects:''' The OWASP Flagship designation is given to projects that have demonstrated superior maturity, established quality, and strategic value to OWASP and application security as a whole. Eligible projects are selected from the OWASP Labs project pool. This selection process generally ensures that there is only one project of each type covering any particular security space. OWASP Flagship projects represent projects that are not only mature, but are also projects that OWASP as an organization provides direct support to maintaining. The core mission of OWASP is to make application security visible and so as an organization, OWASP has a vested interest in the success of its Flagship projects. Since Flagship projects have such high visibility, these projects are expected to uphold the most stringent requirements of all OWASP Projects.

== OWASP Project Stage Benefits==
This section outlines the benefits of starting an OWASP project, and the benefits of being at each different stage in the projects lifecycle. In my short time here at OWASP as the PM, I have had several potential project leaders ask me what the benefits are of starting their project with OWASP. Below is my proposal for each Stage’s benefits.

'''Incubator'''
* Financial Donation Management Assistance
* Project Review Support
* WASPY Awards Nominations
* OWASP OSS and OPT Participation
* Opportunity to submit proposal: $500 for Development.
* Community Engagement and Support
* Recognition and visibility of being associated with the OWASP Brand.

'''Labs'''
* All benefits given to Incubator Projects
* Technical Writing Support
* Graphic Design Support
* Project Promotion Support
* OWASP OSS and OPT: Preference

'''Flagship'''
* All benefits given to Incubator & Labs Projects
* Grant finding and proposal writing help
* Yearly marketing plan development
* OWASP OSS and OPT participation preference

For more detailed information on OWASP Project Stage Benefits, please see the 2013 Project Handbook.

== OWASP Project Graduation==
The Project Graduation Process is an optional process undertaken at the request of a project leader using the Incubator Graduation Form. The purpose of this process is to move a project from the OWASP Incubator into the OWASP Labs. In order to be considered for OWASP Labs, an Incubator project must have submitted an OWASP reviewed deliverable, and obtained at least two (2) positive responses for each of the core criteria project health questions.

The review centers around the following core questions. Each core question has three (3) specific questions made up of binary queries. A project must receive at least two (2) positive responses from each reviewer in two of the binary questions, to warrant a postive response for the core question. Each core question must receive a positive response from both project reviewers to pass the Project Health Assessment for Incubator Projects.

* [https://docs.google.com/spreadsheet/ccc?key=0AllOCxlYdf1AdG5NZGhzTjZpT1RDcnRibjd0aXhfOUE Project Graduation Criteria Checklist]

==OWASP Project Health Assessment==
The Project Health Assessment is an optional process undertaken at the request of a project leader when he/she applies for Project Graduation The purpose of this assessment is to determine whether a project meets the minimum criteria of an OWASP Project outlined in the [https://docs.google.com/spreadsheet/ccc?key=0AllOCxlYdf1AdG5NZGhzTjZpT1RDcnRibjd0aXhfOUE Project Health Assessment Criteria Document]. If a project passes the assessment, it then becomes eligible to graduate into the OWASP Labs Project stage. In order to be considered for OWASP Labs, an Incubator project must have submitted an OWASP reviewed deliverable, and obtained at least two (2) positive responses for each of the core criteria project health questions.

==OWASP Project Deliverable/Release Assessment==
The Project Deliverable/Release Review is an optional process undertaken at the request of a project leader using the Project Deliverable Review Form. The purpose of this process is to review a project’s progress, and to make sure the project is heading in the right direction based on the roadmap they provided at project inception.

Reviews must be performed by two (2) OWASP Chapter or Project Leaders, and their review must answer affirmatively to at least the first two (2) core Project Deliverable/Release Review questions. A project must pass the OWASP Project Deliverable/Release Assessment in order to graduate into the OWASP Labs Project stage.

* [https://docs.google.com/spreadsheet/ccc?key=0AllOCxlYdf1AdG5NZGhzTjZpT1RDcnRibjd0aXhfOUE Project Deliverable/Release Assessment Criteria Checklist]

= Brand Resources =


==The Brand Usage Rules==
OWASP's philosophy is that achieving security involves all parts of an organization, including people, process, and technology. We support the use of our brand consistent with this philosophy. However, we cannot allow the use of our brand when it implies something inconsistent with OWASP's comprehensive and balanced approach to application security. Therefore, we have defined these brand usage rules to clarify appropriate and inappropriate uses of the OWASP brand, including our name, domain, logos, project names, and other trademarks.

The Brand Guideline documents and rules below provide details and instruction on how to use the OWASP logo and brand. The quick reference sheet goes over the basics of the OWASP brand logo and a brief overview of customizable options. The Brand Guidelines document gives the entire description of the OWASP brand, its public use, and the options to customize the logo based on personal desire. The guidelines cover the OWASP signature, size and spacing, colors, imagery, and typefaces.

==Rules==

The following rules make reference to the OWASP Materials, meaning any tools, documentation, or other content from OWASP. The rules also make reference to "OWASP Published Standards" which are currently in the process of being developed and released. Currently there are no OWASP Published Standards.

#The OWASP Brand may be used to direct people to the OWASP website for information about application security.
#The OWASP Brand may be used in commentary about the materials found on the OWASP website.
#The OWASP Brand may be used by OWASP Members in good standing to promote a person or company's involvement in OWASP.
#The OWASP Brand may be used in association with an application security assessment only if a complete and detailed methodology, sufficient to reproduce the results, is disclosed.
#The OWASP Brand must not be used in a manner that suggests that The OWASP Foundation supports, advocates, or recommends any particular product or technology.
#The OWASP Brand must not be used in a manner that suggests that a product or technology is compliant with any OWASP Materials other than an OWASP Published Standard.
#The OWASP Brand must not be used in a manner that suggests that a product or technology can enable compliance with any OWASP Materials other than an OWASP Published Standard.
#The OWASP Brand must not be used in any materials that could mislead readers by narrowly interpreting a broad application security category. For example, a vendor product that can find or protect against forced browsing must not claim that they address all of the access control category.
#The OWASP Brand may be used by special arrangement with The OWASP Foundation.

==Project Icons & Templates==

The templates and icons below are the files used for our OWASP Projects. Here you will find icons that you can place on your wiki template to let viewers know what type of project they are looking at, and what stage the project is in. The operational OWASP Project wiki template can be copied onto another project page. If you require more assistance with these files and/or templates, please contact the OWASP staff for assistance

'''[https://www.owasp.org/index.php/OWASP_Operations_Project_Template OWASP Operational Wiki Template]'''

'''[https://www.owasp.org/index.php/OWASP_Documentation_Project_Template OWASP Example Template: DO NOT EDIT]'''

[[Image:OWASP_Project_Header.jpg|Owasp logo|500px]]

[[Image:Project_Type_Files_TOOL.jpg|Owasp logo|200px]] [[Image:Project_Type_Files_DOC.jpg||Owasp logo 1c|200px]]

[[Image:Project_Type_Files_CODE.jpg|Owasp logo|200px]] [[Image:Owasp-defenders-small.png|Owasp logo|100px]] [[Image:Owasp-builders-small.png|Owasp logo|100px]] [[Image:Owasp-breakers-small.png|Owasp logo|100px]]

[[Image:Owasp-incubator-trans-200.png|Owasp logo rev icon|100px]] [[Image:Owasp-labs-trans-85.png|Owasp logo flat|100px]] [[Image:Owasp-flagship-trans-85.png|Owasp logo icon|100px]]

===OpenSAMM===
'''[https://owasp.org/images/5/53/OpenSAMM_icons.zip OpenSAMM Icons]'''

'''Construction:'''

[[Image:Construction black.png| Construction black| 100px]] [[Image:Construction blue.png| Construction blue| 100px]] [[image:Construction olive.png |construction olive|100px]]

'''Deployment:'''

[[image:Deployment black.png| Deployment black| 100px]] [[image:Deployment blue.png| Deployment blue| 100px]] [[image:Deployment olive.png | Deployment olive| 100px]]

'''Governance:'''

[[image:Governance black.png| governance black| 100px]] [[image:Governance blue.png | governance blue | 100px]] [[image:Governance olive.png | governance olive| 100px]]

'''Verification:'''

[[image:Verification black.png | Verification black | 100px]] [[image:Verification blue.png | verification blue | 100px]] [[image: Verification olive.png | Verification olive | 100px]]

==Book Cover Files==

[https://www.owasp.org/images/d/d3/Lulu-guide.pdf Lulu Guide]

Below you will find the Adobe Illustrator, Photoshop, and In-Design files for past OWASP Documentation books. You will need a copy of Adobe Creative Suite to edit these files. If you want to use these templates, but do not have Adobe Creative Suite, please contact the OWASP staff for assistance.

'''[https://www.dropbox.com/s/h27gsbe5m7idg0y/Finished%20Covers.zip Download the Book Cover Zip File]'''
{|
|-
! width="500" align="center" | 
! width="300" align="center" | 
|-
| align="center" | [[Image:BookImage_01.jpg‎|500px| link=https://www.dropbox.com/s/h27gsbe5m7idg0y/Finished%20Covers.zip]]
| align="center" |

|}

= Terminology =

== OWASP Project Infrastructure ==

*'''OWASP Project Lifecycle:''' The OWASP Projects Lifecycle represents a balance between keeping a very loose structure around OWASP projects, and ensuring that OWASP consumers are not confused about a project’s maturity and quality. The lifecycle stage allows consumers to easily identify mature projects, and projects that are proofs of concept, experimental, and classified as prototypes in their current state.

*'''Incubator Project:''' OWASP Incubator projects represent the experimental playground where projects are still being fleshed out, ideas are still being proven, and development is still underway. The “OWASP Incubator” label allows OWASP consumers to readily identify a project’s maturity. The label also allows project leaders to leverage the OWASP name while their project is still maturing.

*'''Labs Project:''' OWASP Labs projects represent projects that have produced a deliverable of value. While these projects are typically not production ready, the OWASP community expects that an OWASP Labs project leader is producing releases that are at least ready for mainstream usage.

*'''Flagship Project:''' The OWASP Flagship designation is given to projects that have demonstrated strategic value to OWASP and application security as a whole.

*'''Project Benefits:''' The standard list of resources and incentives made available to project leaders based on their project's current maturity level.

== OWASP Project Reviews ==

*'''Project Reviews:''' Project reviews are the method OWASP uses to establish a minimal baseline of project characteristics and release quality. Reviews are not mandatory, but they are necessary if a project leader wishes to graduate to the next level of maturity within the OWASP Global Projects infrastructure. Projects can be reviewed when an Incubator project wishes to graduate into the OWASP Labs designation, and project releases can be reviewed if they want the quality of their deliverable to be vouched for by OWASP.

*'''Project Reviewer Pool:''' The project reviewer pool is made up of veteran reviewers who have proven themselves dedicated to executing quality reviews of projects.

*'''Project Graduation:''' The Project Graduation Process is an optional process undertaken at the request of a project leader using the Incubator Graduation Form. The purpose of this process is to move a project from the OWASP Incubator into the OWASP Labs.

*'''Project Health Assessment:''' The Project Health Assessment is an optional process undertaken at the request of a project leader when he/she applies for Project Graduation The purpose of this assessment is to determine whether a project meets the minimum criteria of an OWASP Project outlined in the [https://docs.google.com/a/owasp.org/spreadsheet/ccc?key=0AllOCxlYdf1AdG5NZGhzTjZpT1RDcnRibjd0aXhfOUE#gid=1 Project Health Assessment Criteria Document].

*'''Project Release:''' A project release refers to the final deliverable a project produces. It is the final product of the project.

*'''Project Deliverable/Release Review:''' The Project Deliverable/Release Review is an optional process undertaken at the request of a project leader using the Project Deliverable Review Form. The purpose of this process is to review a project’s progress, and to make sure the project is heading in the right direction based on the roadmap they provided at project inception.

== OWASP Projects Processes ==

*'''Project Processes:''' The set of streamlined processes that exist to help projects move smoothly through the OWASP Project Lifecycle.

*'''Project Inception Process:''' The Project Inception Process is how a brand new idea becomes an OWASP Project. Such projects are labeled as OWASP Incubator projects. The process involves submitting the proposed project name, project leader information, project description, project roadmap, and selecting an appropriate open-source license for the project using the New Project Form on the Projects Portal.

*'''Project Donation Process:''' The Project Donation Process is used for a project that has an existing functional release, but is not currently associated with OWASP. This process is the primary mechanism by which individuals or organizations can transfer the ownership of their project’s copyright to OWASP.

*'''Project Transition Process:''' The Project Transition Process is used to transition leadership of a project to a new project leader. This is a simple automated process to transfer the relevant accounts, mailing lists, and other project resources to the new project leader.

*'''Project Abandonment Process:''' The Project Abandonment Process was put in place for those occasions in which a project leader is no longer able to manage their project, and has not been able to find a suitable replacement for the leader role. Project Abandonment can also occur when the project leader feels his/her project has become obsolete. Under these circumstances, the acting project leader is encourage do submit the Project Abandonment Form found in the Projects Portal.

*'''Incubator Graduation Process:''' The Incubator Graduation Process is an optional process undertaken at the request of a project leader using the Incubator Graduation Form. The purpose of this process is to move a project from the OWASP Incubator into the OWASP Labs.

== Projects at Conferences ==

*'''AppSec Conferences:''' OWASP AppSec conferences bring together industry, government, security researchers, and practitioners to discuss the state of the art in application security. This series was launched in the United States in 2004 and Europe in 2005. Global AppSec conferences are held annually in North America, Latin America, Europe, and Asia Pacific.

*'''Open Source Showcase:''' The Open Source Showcase is an OWASP AppSec Conference event module designed to give Open Source project leaders the opportunity to demo their projects.

*'''OWASP Project Track:''' The OWASP Project Track is an OWASP AppSec Conference event module designed to give OWASP Project leaders the opportunity to showcase their projects as an official conference presenter.

== OWASP Projects General ==

*'''OWASP Code of Ethics:''' The OWASP Code of Ethics are the set of guidelines and principles that the OWASP Foundation expects all of its members and conference attendees to abide by. A copy of the Code of Ethics can be found here in the [https://www.owasp.org/index.php/About_The_Open_Web_Application_Security_Project#Code_of_Ethics OWASP About page].

= Sponsorships and Donations =


==Donate to OWASP Global Projects ==
OWASP Projects, a global division of the OWASP Foundation, is run under the same world wide not-for-profit charitable status as all the foundation strategic groups. OWASP provides a platform for contributors to share their work while providing them with the project and community support they need throughout their project development. All OWASP Projects are run by volunteers and they rely on personal donations and sponsorship to continue their development. Donate to OWASP Projects, and we promise to spend your money wisely on open source initiatives.

'''This is how your money can help:'''

* $20 could help us spread the word on the importance of open source initiatives in the Application Security industry.
* $100 could help fund OWASP project demos at major conferences.
* $250 could help get our volunteer Project Leaders to speaking engagements.

[[Image:Donate_Button.jpg | link=http://www.regonline.com/Register/Checkin.aspx?EventID=1044369]]

= PM Information =


==Samantha Groves: OWASP Program Manager: OWASP Projects==
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Sam3.jpg|100px]]
| align="justify" |Samantha Groves is the Program Manager at OWASP for our Global Projects. Samantha has led many projects in her career, some of which include website development, brand development, sustainability and socio-behavioral research projects, competitor analysis, event organization and management, volunteer engagement projects, staff recruitment and training, and marketing department organization and strategy implementation projects for a variety of commercial and not-for-profit organizations. She is eager to begin her work at OWASP and help the organization reach its project completion goals.

Samantha earned her MBA in International Management with a concentration in sustainability from Royal Holloway, University of London. She earned her Bachelor's degree majoring in Multimedia from The University of Advancing Technology in Mesa, Arizona, and she earned her Associate's degree from Scottsdale Community College in Scottsdale, Arizona. Additionally, Samantha attained her Prince2 (Foundation) project management certification, and she undertook executive management training in Intellectual Property Strategy from Harvard Business School. [https://www.owasp.org/index.php/Test2test .]

Please see the [https://www.owasp.org/index.php/OwaspPM OWASP Program Manager: Projects Role Description] for more information.

|}
 

==Program Reports==

'''2014'''

*[https://www.owasp.org/index.php/Projects/Reports/2014-10-01 Project Manager Report: January 10 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-17-01 Project Manager Report: January 17 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-25-01 Project Manager Report: January 25 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-31-01 Project Manager Report: January 31 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-07-02 Project Manager Report: February 07 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-16-02 Project Manager Report: February 16 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-21-02 Project Manager Report: February 21 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-28-02 Project Manager Report: February 28 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-07-03 Project Manager Report: March 07 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-14-03 Project Manager Report: March 14 2014]
*Project Manager Report: March 21 2014 - No Report this week. PM was away at AppSec APAC 2014.
*[https://www.owasp.org/index.php/Projects/Reports/2014-28-03 Project Manager Report: March 28 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-04-04 Project Manager Report: April 04 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-11-04 Project Manager Report: April 11 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-18-04 Project Manager Report: April 18 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-25-04 Project Manager Report: April 25 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-02-05 Project Manager Report: May 02 2014]
*Project Manager Report: May 09 2013 - No Report this week. On Holiday.
*Project Manager Report: May 16 2013 - No Report this week. On Holiday.
*[https://www.owasp.org/index.php/Projects/Reports/2014-23-05 Program Manager Report: May 23 2014]

'''2013'''

*[https://www.owasp.org/index.php/GPC/Meetings/2013-04-01 GPC Meeting: January 04 2013 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-11-01 GPC Meeting: January 11 2013 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-18-01 GPC Meeting: January 18 2013 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-25-01 GPC Meeting: January 25 2013 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-01-02 GPC Meeting: February 01 2013 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-08-02 GPC Meeting: February 08 2013 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-15-02 GPC Meeting: February 15 2013 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-22-02 GPC Meeting: February 22 2013 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-01-03 Project Manager Report: March 01 2013]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-08-03 Project Manager Report: March 08 2013]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-15-03 Project Manager Report: March 15 2013]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-22-03 Project Manager Report: March 22 2013]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-29-03 Project Manager Report: March 29 2013]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-05-04 Project Manager Report: April 05 2013]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-12-04 Project Manager Report: April 12 2013]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-19-04 Project Manager Report: April 19 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-26-04 Project Manager Report: April 26 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-03-05 Project Manager Report: May 03 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-10-05 Project Manager Report: May 10 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-17-05 Project Manager Report: May 17 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-24-05 Project Manager Report: May 24 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-31-05 Project Manager Report: May 31 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-07-06 Project Manager Report: June 07 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-14-06 Project Manager Report: June 14 2013]
*Project Manager Report: June 21 2013 - No Report this week. PM was away at a week long course.
*[https://www.owasp.org/index.php/Projects/Reports/2013-28-06 Project Manager Report: June 28 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-05-07 Project Manager Report: July 05 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-12-07 Project Manager Report: July 12 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-19-07 Project Manager Report: July 19 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-26-07 Project Manager Report: July 26 2013]
*Project Manager Report: August 02 2013 - No Report this week. PM was away at Black Hat & DEFCON 2013.
*[https://www.owasp.org/index.php/Projects/Reports/2013-09-08 Project Manager Report: August 09 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-16-08 Project Manager Report: August 16 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-23-08 Project Manager Report: August 23 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-30-08 Project Manager Report: August 30 2013]
*Project Manager Report: September 06 2013 - No Report this week. PM was away.
*[https://www.owasp.org/index.php/Projects/Reports/2013-13-09 Project Manager Report: September 13 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-20-09 Project Manager Report: September 20 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-27-09 Project Manager Report: September 27 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-04-10 Project Manager Report: October 04 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-12-10 Project Manager Report: October 12 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-18-10 Project Manager Report: October 18 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-25-10 Project Manager Report: October 25 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-01-11 Project Manager Report: November 01 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-08-11 Project Manager Report: November 08 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-15-11 Project Manager Report: November 15 2013]
*Project Manager Report: November 22 2013 - No Report this week. PM was away at AppSec USA 2013.
*Project Manager Report: November 29 2013 - No Report this week. National Holiday.
*[https://www.owasp.org/index.php/Projects/Reports/2013-06-12 Project Manager Report: December 06 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-13-12 Project Manager Report: December 13 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-20-12 Project Manager Report: December 20 2013]

'''2012'''

*[https://www.owasp.org/index.php/GPC/Meetings/2012-24-08 GPC Meeting: August 24 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-07-09 GPC Meeting: September 07 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-14-09 GPC Meeting: September 14 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-21-09 GPC Meeting: September 21 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-28-09 GPC Meeting: September 28 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-05-10 GPC Meeting: October 05 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-12-10 GPC Meeting: October 12 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-19-10 GPC Meeting: October 19 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-09-11 GPC Meeting: November 09 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-16-11 GPC Meeting: November 16 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-30-11 GPC Meeting: November 30 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-07-12 GPC Meeting: December 07 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-14-12 GPC Meeting: December 14 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-21-12 GPC Meeting: December 21 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-27-12 GPC Meeting: December 27 2012 Project Manager Report]

==Board Meeting Reports==

*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/August_13_2012 Board Meeting: August 2012 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/September_10_2012 Board Meeting: September 2012 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/October_08_2012 Board Meeting: October 2012 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/November_12_2012 Board Meeting: November 2012 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/December_10_2012 Board Meeting: December 2012 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/January_14_2013 Board Meeting: January 2013 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/February_11_2013 Board Meeting: February 2013 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/March_11_2013 Board Meeting: March 2013 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/April_05_2013 Board Meeting: April 2013 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/May_13_2013 Board Meeting: May 2013 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/June_10_2013 Board Meeting: June 2013 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/July_08_2013 Board Meeting: July 2013 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/August_06_2013 Board Meeting: August 2013 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/September_09_2013 Board Meeting: September 2013 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/November_06_2013 Board Meeting: November 2013 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/December_03_2013 Board Meeting: December 2013 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/February_18_2013 Board Meeting: February 2014 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/April_18_2014 Board Meeting: April 2014 Project Manager Report]

==Project Funds==

* [https://docs.google.com/a/owasp.org/spreadsheet/pub?hl=en_US&hl=en_US&key=0Atu4kyR3ljftdEdQWTczbUxoMUFnWmlTODZ2ZFZvaXc&output=html Chapter and Individual Project Funds]
* [https://www.owasp.org/index.php/Projects_Reboot_2012 Project Reboot 2012 Information]
* [https://www.owasp.org/images/a/ae/Project_Funds-Q1_2013.pdf Q1 2013: Funds Allocated to Projects]
* [https://www.owasp.org/images/a/a0/PROJECT_FUNDS_Q2_2013.pdf Q2 2013: Funds Allocated to Projects]
* [https://www.owasp.org/images/c/ce/Due_To_Projects_Q3.pdf Q3 2013: Funds Allocated to Projects]
* [https://www.owasp.org/images/b/b3/Due_To_Projects_Q4_2013.pdf Q4 2013: Funds Allocated to Projects]

==Program Grants: Proposals Awarded==

*'''[https://docs.google.com/document/d/1MA3TI5ssclxvheV8At_ffu2Fuic55SDpOokS3AOvBUc/edit?usp=sharing OWASP Guidebooks Proposal]'''
# Amount: $25,000 USD
# Status: Awarded. The first payment has been allocated to our project budgets. The second invoice has now been sent to Georgia Tech and payment has been received.
# [https://www.owasp.org/images/1/18/Development_Guide_Project_Gantt.pdf OWASP Development Guide Plan]
# [https://www.owasp.org/images/e/e9/Testing_Guide_Project_Gantt.pdf OWASP Testing Guide Plan]
# [https://www.owasp.org/images/d/da/Code_Review_Project_Gantt.pdf OWASP Code Review Guide Plan]

*'''Google Grants Proposal'''
#Amount: $120,000 USD in Adwords Funds
#Status: Awarded.
#Note: There is no link to show the proposal for this grant. There was a form that was submitted to Google, and we did not receive a record of this form.

*'''Google Summer of Code'''
#Amount: $5,500
#Status: Awarded

*'''Projects breakdown:'''
**4 ZAP Projects: $2,000
**4 OWTF Projects: $2,000
**1 PHP Security Project: $500
**1 Hackademics Project: $500
**1 Modsecurity Project: $500
**Note: Big thank you to Fabio Cerullo for coordinating and managing this award.

*'''[https://docs.google.com/document/d/1cFbmOLqEQQG8eXPrMTlU6JUivgRIacUeL7D599bZm_E/edit?usp=sharing OWASP AppSensor Grant Proposal]'''
# Amount: $15,000 USD
# Status: Awarded.

*'''Total Funds Awarded: $172,170 USD for 2013.'''

==Proposals Denied==

*'''European Commission Grant Proposal'''
#Amount: €250,000
#Status: Denied.

*'''[https://docs.google.com/document/d/1Vz7BLFdt1h5AhmW-Zc2B_KlqhzsSkSAaEASML5U4VQs/edit?usp=sharing OWASP OpenSAMM Grant Proposal]'''
# Amount: $112,000 USD
# Status: Denied

*'''[https://docs.google.com/document/d/16ZFXaML8C7aDAZdyTMDDg4BzLr1vUTOz9eqmYE8ZW8U/edit?usp=sharing OWASP ESAPI Grant Proposal]'''
# Amount: $25,000 USD
# Status: Denied

*'''[https://docs.google.com/document/d/1dBTaRr-yl8wGhGKxacWACznZhCZnJ_sZeAdN-b2xPlw/edit?usp=sharing OWASP ModSecurity CRS Proposal]'''
#Amount: $30,000 USD
#Status: Denied

*'''[https://docs.google.com/file/d/0B1lOCxlYdf1AQm52T2xjX215M28/edit?usp=sharing OWASP OWTF Grant Proposal]'''
# Amount: $55,800 USD
# Status: Denied

==Program Presentations: Projects==

* [https://www.owasp.org/images/f/fb/OWASP_GLOBAL_PROJECTS.pdf OWASP Projects Presentation: Phoenix Chapter Talk]
* [https://www.owasp.org/images/b/bb/OWASP_Projects_Webinar.pdf OWASP Projects Webinar]
* [https://www.owasp.org/images/1/19/OWASP_PROJECTS_SOLUTIONS.pdf OWASP Project Infrastructure: Solutions]

==Program Manger's Quarterly Strategic Objectives==

'''[https://docs.google.com/document/d/1g9jJImMr0p6fLqixOJIXtrNvGtycmI7-ofT54vWExwo/edit?usp=sharing Goals and Objectives: 2013 Q4]'''
#Finish planning Project Summit & Execute Summit at AppSec USA.
#Develop & Finish Global Projects Strategy for 2014: Includes Budget
#Finish Fundraising Strategy for 2014: Includes Budget

*'''Ongoing Objectives for 2013'''
**Quarterly Report to DHS
**Continue helping leaders reach their grant required milestones
**Finalise graphic design delivery from Patrick: 2 pieces to go.

'''[https://docs.google.com/a/owasp.org/document/d/1wziu7cIMmnYZQ_fMxjNd614e0OWNacZLmcyQl7zWnZU/edit?usp=sharing Goals and Objectives: 2013 Q3]'''
#Marketing: Work with Sarah to solicit feedback from community on Marketing deliverables and finalize relationship with Patrick and Denita.
#Project Review Process - Work with new Technical Project advisors to finalize project review criteria and process.
#Grants: Develop a grant strategy for rest of 2013 and 2014, utilizing fundraising intern(s) as part of this strategy.

*'''Ongoing Objectives for 2013'''
**Work with Project leaders to reach grant required milestones - ONGOING
**Develop a project charter outlining appropriate grant revenue spending and grant required milestones. - DUE IN SEPTEMBER - ONGOING
**Oversight of Marketing and Graphic Design deliverables (Phase 2/Phase 3) provided by 3rd party contractor

==Contact the Program Manager==

If you need any help with anything projects related, or if you simply need some more information, please do not hesitate to contact the [http://owasp4.owasp.org/contactus.html OWASP Projects Manager, Samantha Groves].


= Contact US =


==OWASP Representation==
* [[User:Samantha Groves|Samantha Groves]]: OWASP Program Manager: OWASP Projects

If you need any help with anything projects related, or if you simply need some more information, please do not hesitate to contact the [http://owasp4.owasp.org/contactus.html OWASP Projects Manager, Samantha Groves].


<headertabs />

OWASP Initiatives Global Strategic Focus

2014-05-23T22:41:08Z

Samantha Groves:

__NOTOC__
{|
|-
! width="700" align="center" | 
! width="500" align="center" | 
|-
| align="center" |
| align="center" |

|}

= Welcome =

[[Image:C_BANNER_2.jpg|900px]]

===Focus Overview===

OWASP recognizes the extraordinary contribution of our global community by engaging them to provide input in seven areas of strategic focus. Within each of these defined areas, there are opportunities to contribute and participate. As with everything in OWASP, these discussions and decisions are open to everyone.

Each volunteer team will focus on a key function or geographic region, such as OWASP projects, conferences, local chapters, membership and industry outreach. Local Chapters, Project Leaders, questions about hosting a conference or starting a chapter should contact the appropriate Focus Leader or Staff Member for assistance, guidance or to suggest best practice.

*Note that in a perfect world we would have your best regional representative from your country as a delegate.

===Global Initiatives===

Each Item listed has links to the related documents, focus group information, discussion pages, and voting opportunities if appropriate, along with decision dates. Please review the provided documentation prior to submitting your vote to ensure the decisions made are based on educated and informed community input.

Each volunteer team will focus on a key function or geographic region, such as OWASP projects, conferences, local chapters, membership and industry outreach. Local Chapters, Project Leaders, questions about hosting a conference or starting a chapter should contact the appropriate Focus Leader or Staff Member for assistance, guidance or to suggest best practice.

*[http://owasp.force.com/volunteers/GW_Volunteers__VolunteersJobListing?campaignid=701U0000000AR1Z Volunteer for Outreach/Social Media]

*[http://owasp.force.com/volunteers/GW_Volunteers__VolunteersJobListing?campaignid=701U0000000ACSx Volunteer For A Membership Initiative]

* [http://owasp.force.com/volunteers/GW_Volunteers__VolunteersJobListing?campaignid=701U0000000AUtE Volunteer For A Project Initiative]

*[http://owasp.force.com/volunteers/GW_Volunteers__VolunteersJobListing?campaignid=701U0000000ASaO Volunteer For An Industry Initiative]

*[http://owasp.force.com/volunteers/GW_Volunteers__VolunteersJobListing?campaignid=701U0000000ASLd Volunteer For A Chapter Initiative]

*[http://owasp.force.com/volunteers/GW_Volunteers__VolunteersJobListing?campaignid=701U0000000AUbv Volunteer For A Conference Initiative]

*[http://owasp.force.com/volunteers/GW_Volunteers__VolunteersJobListing?campaignid=701U0000000Ao2M Volunteer For an OWASP Governance Initiative]

*[http://owasp.force.com/volunteers/GW_Volunteers__VolunteersJobListing?campaignid=701U0000000ACSs Are You a Developer?]

*[http://owasp.force.com/volunteers/GW_Volunteers__VolunteersJobListing?campaignid=701U0000000ACSs Volunteer To Provide Technical Assistance]

* [http://owasp.force.com/volunteers/GW_Volunteers__VolunteersJobListing?campaignid=701U0000000AWhW Sign up To Volunteer for AppSec USA 2013]

===[http://www.tfaforms.com/262386 '''START YOUR OWN INITIATIVE''']===

[[File:World_works.jpeg|link=http://www.tfaforms.com/262386]]

=== Upcoming Meetings & Related Documents===

Upcoming meetings hosted on GotoWebinar:

'''REGISTER FOR THE UPCOMING WEBINARS'''

'''[https://docs.google.com/folder/d/0B5Z9zE0hx0LNZ0pqZC1QWWRTM28/edit Google Docs Folder with Meeting Agendas, Notes, and Presentations]'''

'''Previous Meetings'''

February 28, 2013 - Mandatory Chapter Rules and Code of Ethics

*[https://ab743923f21b28b2966c-fe51df798f4d33c069b5eb4884cb3b25.ssl.cf2.rackcdn.com/Global?Initiatives?2-28-13?10.05?AM.mov Recording of the 2/28 webinar] [https://www.owasp.org/images/5/56/OWASP_February_28%2C_2013.pdf PPT for Discussion - '''Mandatory Chapter Rules and Code of Ethics''']

----
February 14, 2013

*[https://ab743923f21b28b2966c-fe51df798f4d33c069b5eb4884cb3b25.ssl.cf2.rackcdn.com/2013-02-14?09.08?Global?Initiatives?-?Februrary?Goals?and?Objectives.wmv Recording of February 14, 2013 Webinar]

----
January 24, 2013 - Overview of OWASP Projects - past, present, and future roadmap

*[https://ab743923f21b28b2966c-fe51df798f4d33c069b5eb4884cb3b25.ssl.cf2.rackcdn.com/Global%20OWASP%20Webinar%20-%20Initiatives%20-%20OWASP%20Projects%201-24-13%2010.04%20AM.mov Recording of the January 24, 2013 Webinar]

----
January 10, 2013 - A discussion of current and future committee structure and processes and a walkthrough of the Global Initiatives pages, in particular, how to get involved.

*[https://ab743923f21b28b2966c-fe51df798f4d33c069b5eb4884cb3b25.ssl.cf2.rackcdn.com/Global%20Initiatives%20-%20Committee%20Evolution%20and%20Getting%20Involved%20with%20OWASP%201-10-13%209.04%20AM.mov Recording of the Jan 10th 9am Webinar]

*[https://ab743923f21b28b2966c-fe51df798f4d33c069b5eb4884cb3b25.ssl.cf2.rackcdn.com/Global%20Initiatives%20-%20Committee%20Evolution%20and%20Getting%20Involved%20with%20OWASP%201-10-13%209.04%20PM.mov Recording of the Jan 10th 9pm Webinar]

[[File:Volunteer chart.png]]

= Membership =

[[Image:MEMBERSHIP_BANNER.jpg]]

===Membership Activities===

Related opportunities will be available as necessary

* Quarterly Membership Drives

* BiAnnual Corporate Fundraising Drives

* [https://www.owasp.org/index.php/Membership/2012_Election Annual Global Elections]

* [https://www.owasp.org/index.php/WASPY_Awards Annual WASPY awards]

===Get Involved===

[http://owasp.force.com/volunteers/GW_Volunteers__VolunteersJobListing?campaignid=701U0000000ACSx '''Sign up for a Membership initiative''']

[http://owasp.force.com/volunteers/GW_Volunteers__VolunteersSignup '''Tell us what you would like to do''']

===Join in the Discussion===

[http://www.reddit.com/r/technology/comments/10vmg4/owasp_initiatives_global_strategic_focus/ Discussion Pages]

= Education =

[[Image:EDUCATION_BANNER.jpg]]

=== Group Purpose ===

The Global Education Committee was created during the OWASP EU Summit in Portugal 2008 to work with the [https://www.owasp.org/index.php/Category:OWASP_Education_Project OWASP Education Project] to provide educational materials for both internal and external users, develop liaisons with educational institutions worldwide, provide awareness, training and educational resources to corporate government and educational institutions on application security, and to move OWASP educational material globally available as a well known resource in easily consumable form mapped to a framework tied specifically to user.

===Ongoing Education Activities===

Opportunities will be posted as they become available.

* [[OWASP Training|OWASP Training]]

* [[OWASP Academies|OWASP Academies]], [[OWASP Academies|OWASP Academies page]]

* [https://www.owasp.org/index.php/Category:OWASP_Education_Project OWASP Education Project]

===Get Involved===

[http://owasp.force.com/volunteers/GW_Volunteers__VolunteersJobListing '''Sign up for a current initiative''']

[http://owasp.force.com/volunteers/GW_Volunteers__VolunteersSignup '''Tell us what you would like to do''']

===Join the Discussion===

[http://www.reddit.com/r/technology/comments/10vmg4/owasp_initiatives_global_strategic_focus/ Discussion Pages]

= Chapters =

[[Image:CHAPTERS_BANNER.jpg]]

===Group Purpose===

To provide the support required by the local chapters to thrive and contribute to the [[About_OWASP#The_OWASP_Foundation|overall mission and goals of OWASP]].

===Ongoing Chapter Activities===

* [[Chapter_Leader_Handbook|Chapter Leader Handbook]]

* Chapter Mentoring Program

* OWASP on the Move

* Chapter Leader Workshops

===Get Involved===

*[http://owasp.force.com/volunteers/GW_Volunteers__VolunteersJobListing?campaignid=701U0000000ASLd Volunteer For A Chapter Initiative]

[http://owasp.force.com/volunteers/GW_Volunteers__VolunteersSignup '''Tell us what you would like to do''']

[http://www.tfaforms.com/261541 Start a Chapter]

===Join in the Discussion===

[http://www.reddit.com/r/technology/comments/10vmg4/owasp_initiatives_global_strategic_focus/ Discussion Pages]

= Conferences =

[[Image:CONFERENCES_BANNER.jpg]]

OWASP Global Conferences bring thousands of security professionals together to collaborate on security solutions. OWASP hosts 4 Global events annually - one in each quarter - in 4 geographic regions: North America, South America, Asia Pacific, and Europe. These conferences are primarily organized and managed by volunteers and there are many opportunities to get involved in events.

===Ongoing Conference Activities===

* [[How to Host a Conference]] - The comprehensive guide for hosting an OWASP event.

* [https://www.owasp.org/index.php/Global_Conferences_Committee Conference Planner Resources]

* [https://www.owasp.org/index.php/Global_Conferences_Committee Conference Liaison]

* Booth in a Box

* OWASP Conference Track

[http://owasp.force.com/volunteers/GW_Volunteers__VolunteersJobListing?campaignid=701U0000000AUbv Conference Initiatives]

===Get Involved===

[http://owasp.force.com/volunteers/GW_Volunteers__VolunteersJobListing?campaignid=701U0000000AWhW '''Sign up To Volunteer for AppSec USA 2013''']

[http://owasp.force.com/volunteers/GW_Volunteers__VolunteersSignup '''Tell us what you would like to do''']

===Join in the Discussion===

[http://www.reddit.com/r/technology/comments/10vmg4/owasp_initiatives_global_strategic_focus/ Discussion Pages]

= Projects =

[[Image:PROJECTS_BANNER.jpg|1100px]]

===Group Purpose===

The OWASP Global Projects Group is responsible for developing policies, procedures, and strategies for all of our open source projects worldwide. Currently the group is developing the global operational infrastructure that will be used to facilitate participation and success for all of our OWASP Project Leaders.

===2013 OWASP Projects Handbook===

'''[https://www.owasp.org/images/6/6a/OWASP_Projects_Handbook_2013.pdf Download the 2013 OWASP Projects Handbook]'''

=== OWASP Project Inventory ===

All OWASP tools, document, and code library projects are organized into the following categories:

* '''[https://www.owasp.org/index.php/OWASP_Project_Inventory#Incubator_Projects Incubator Projects:]''' OWASP Incubator projects represent the experimental playground where projects are still being fleshed out, ideas are still being proven, and development is still underway.

* '''[https://www.owasp.org/index.php/OWASP_Project_Inventory#Labs_Projects Lab Projects:]''' OWASP Labs projects represent projects that have produced an OWASP reviewed deliverable of value.

* '''[https://www.owasp.org/index.php/OWASP_Project_Inventory#Flagship_Projects Flagship Projects:]''' The OWASP Flagship designation is given to projects that have demonstrated superior maturity, established quality, and strategic value to OWASP and application security as a whole.

===Get Involved===

[http://www.tfaforms.com/262389 Start a New Project]

[http://owasp.force.com/volunteers/GW_Volunteers__VolunteersJobListing?campaignid=701U0000000AUtE '''Sign up for a current initiative''']

[http://owasp.force.com/volunteers/GW_Volunteers__VolunteersSignup '''Tell us what you would like to do''']

===Join the Discussion===

[http://www.reddit.com/r/technology/comments/10vmg4/owasp_initiatives_global_strategic_focus/ Discussion Pages]

= Social Media and Communications =

[[Image:MARKETING_BANNER.jpg]]

===Group Purpose===

The OWASP Connections Committee was created during the OWASP AppSec DC 2009 conference to help facilitate OWASP foundation communication both internally and externally.

===Security Podcast===

Listen as interviews are conducted with OWASP volunteers, industry experts and leaders within the field of software security [https://www.owasp.org/index.php/OWASP_Podcast Click Here]

=== OWASP Foundation Social Media===

:[http://www.linkedin.com/groups/Global-OWASP-Foundation-36874 LinkedIn]

:[http://www.twitter.com/OWASP Twitter]

:[https://plus.google.com/u/0/communities/105181517914716500346 Google+]

:[http://www.facebook.com/pages/OWASP/104106462960656 Facebook]

:[http://myowasp.ning.com NING]

:[http://stackoverflow.com/search?tab=newest&q=owasp StackOverFlow]

===Get Involved===

[http://owasp.force.com/volunteers/GW_Volunteers__VolunteersJobListing '''Sign up for a current initiative''']

[http://owasp.force.com/volunteers/GW_Volunteers__VolunteersSignup '''Tell us what you would like to do''']

=== Join In the Discussion ===

[http://www.reddit.com/r/technology/comments/10vmg4/owasp_initiatives_global_strategic_focus/ Discussion Pages]

= Industry Relationships =

[[Image:INDUSTRY_BANNER.jpg]]

===Group Purpose===

The Global Industry Committee was created during the OWASP EU Summit in Portugal. The OWASP Global Industry Committee (GIC) shall expand awareness of and promote the inclusion of software security best practices in Industry, Government, Academia and regulatory agencies and be a voice for industry. This will be accomplished through outreach; including presentations, development of position papers and collaborative efforts with other entities.

===Ongoing Industry Initiatives===

* Industry Outreach Sessions at OWASP AppSec Conferences

* AppSec Guide For CISO

* [http://www.owasp.org/index.php/Industry:Citations OWASP Citations] - References to OWASP in official, or otherwise important, documents.

===Get Involved===

*[http://owasp.force.com/volunteers/GW_Volunteers__VolunteersJobListing?campaignid=701U0000000ASaO Volunteer For An Industry Initiative]

[http://owasp.force.com/volunteers/GW_Volunteers__VolunteersSignup '''Tell us what you would like to do''']

===Join in the Discussion===

[http://www.reddit.com/r/technology/comments/10vmg4/owasp_initiatives_global_strategic_focus/ Discussion Pages]

= Active Initiatives =

* [https://www.owasp.org/index.php/Global_Initiatives/Cyber_Security_Pre-accelerator_Initiative Cyber Security Pre-accelerator Initiative]

= Contact US =


==OWASP Staff Support==
*Sarah Baso
*Kate Hartmann
*Kelly Santalucia
* [[User:Samantha Groves|Samantha Groves]]: OWASP Project Manager

[http://owasp4.owasp.org/contactus.html Contact Us]

==[http://www.tfaforms.com/262386 Submit your Ideas or Request Volunteer Help]==



<headertabs />

{{:OWASP Initiatives Footer }}

OWASP Initiatives Global Strategic Focus

2014-05-23T22:40:33Z

Samantha Groves:

__NOTOC__
{|
|-
! width="700" align="center" | 
! width="500" align="center" | 
|-
| align="center" |
| align="center" |

|}

= Welcome =

[[Image:C_BANNER_2.jpg|900px]]

===Focus Overview===

OWASP recognizes the extraordinary contribution of our global community by engaging them to provide input in seven areas of strategic focus. Within each of these defined areas, there are opportunities to contribute and participate. As with everything in OWASP, these discussions and decisions are open to everyone.

Each volunteer team will focus on a key function or geographic region, such as OWASP projects, conferences, local chapters, membership and industry outreach. Local Chapters, Project Leaders, questions about hosting a conference or starting a chapter should contact the appropriate Focus Leader or Staff Member for assistance, guidance or to suggest best practice.

*Note that in a perfect world we would have your best regional representative from your country as a delegate.

===Global Initiatives===

Each Item listed has links to the related documents, focus group information, discussion pages, and voting opportunities if appropriate, along with decision dates. Please review the provided documentation prior to submitting your vote to ensure the decisions made are based on educated and informed community input.

Each volunteer team will focus on a key function or geographic region, such as OWASP projects, conferences, local chapters, membership and industry outreach. Local Chapters, Project Leaders, questions about hosting a conference or starting a chapter should contact the appropriate Focus Leader or Staff Member for assistance, guidance or to suggest best practice.

*[http://owasp.force.com/volunteers/GW_Volunteers__VolunteersJobListing?campaignid=701U0000000AR1Z Volunteer for Outreach/Social Media]

*[http://owasp.force.com/volunteers/GW_Volunteers__VolunteersJobListing?campaignid=701U0000000ACSx Volunteer For A Membership Initiative]

* [http://owasp.force.com/volunteers/GW_Volunteers__VolunteersJobListing?campaignid=701U0000000AUtE Volunteer For A Project Initiative]

*[http://owasp.force.com/volunteers/GW_Volunteers__VolunteersJobListing?campaignid=701U0000000ASaO Volunteer For An Industry Initiative]

*[http://owasp.force.com/volunteers/GW_Volunteers__VolunteersJobListing?campaignid=701U0000000ASLd Volunteer For A Chapter Initiative]

*[http://owasp.force.com/volunteers/GW_Volunteers__VolunteersJobListing?campaignid=701U0000000AUbv Volunteer For A Conference Initiative]

*[http://owasp.force.com/volunteers/GW_Volunteers__VolunteersJobListing?campaignid=701U0000000Ao2M Volunteer For an OWASP Governance Initiative]

*[http://owasp.force.com/volunteers/GW_Volunteers__VolunteersJobListing?campaignid=701U0000000ACSs Are You a Developer?]

*[http://owasp.force.com/volunteers/GW_Volunteers__VolunteersJobListing?campaignid=701U0000000ACSs Volunteer To Provide Technical Assistance]

* [http://owasp.force.com/volunteers/GW_Volunteers__VolunteersJobListing?campaignid=701U0000000AWhW Sign up To Volunteer for AppSec USA 2013]

===[http://www.tfaforms.com/262386 '''START YOUR OWN INITIATIVE''']===

[[File:World_works.jpeg|link=http://www.tfaforms.com/262386]]

=== Upcoming Meetings & Related Documents===

Upcoming meetings hosted on GotoWebinar:

'''REGISTER FOR THE UPCOMING WEBINARS'''

'''[https://docs.google.com/folder/d/0B5Z9zE0hx0LNZ0pqZC1QWWRTM28/edit Google Docs Folder with Meeting Agendas, Notes, and Presentations]'''

'''Previous Meetings'''

February 28, 2013 - Mandatory Chapter Rules and Code of Ethics

*[https://ab743923f21b28b2966c-fe51df798f4d33c069b5eb4884cb3b25.ssl.cf2.rackcdn.com/Global?Initiatives?2-28-13?10.05?AM.mov Recording of the 2/28 webinar] [https://www.owasp.org/images/5/56/OWASP_February_28%2C_2013.pdf PPT for Discussion - '''Mandatory Chapter Rules and Code of Ethics''']

----
February 14, 2013

*[https://ab743923f21b28b2966c-fe51df798f4d33c069b5eb4884cb3b25.ssl.cf2.rackcdn.com/2013-02-14?09.08?Global?Initiatives?-?Februrary?Goals?and?Objectives.wmv Recording of February 14, 2013 Webinar]

----
January 24, 2013 - Overview of OWASP Projects - past, present, and future roadmap

*[https://ab743923f21b28b2966c-fe51df798f4d33c069b5eb4884cb3b25.ssl.cf2.rackcdn.com/Global%20OWASP%20Webinar%20-%20Initiatives%20-%20OWASP%20Projects%201-24-13%2010.04%20AM.mov Recording of the January 24, 2013 Webinar]

----
January 10, 2013 - A discussion of current and future committee structure and processes and a walkthrough of the Global Initiatives pages, in particular, how to get involved.

*[https://ab743923f21b28b2966c-fe51df798f4d33c069b5eb4884cb3b25.ssl.cf2.rackcdn.com/Global%20Initiatives%20-%20Committee%20Evolution%20and%20Getting%20Involved%20with%20OWASP%201-10-13%209.04%20AM.mov Recording of the Jan 10th 9am Webinar]

*[https://ab743923f21b28b2966c-fe51df798f4d33c069b5eb4884cb3b25.ssl.cf2.rackcdn.com/Global%20Initiatives%20-%20Committee%20Evolution%20and%20Getting%20Involved%20with%20OWASP%201-10-13%209.04%20PM.mov Recording of the Jan 10th 9pm Webinar]

[[File:Volunteer chart.png]]

= Membership =

[[Image:MEMBERSHIP_BANNER.jpg]]

===Membership Activities===

Related opportunities will be available as necessary

* Quarterly Membership Drives

* BiAnnual Corporate Fundraising Drives

* [https://www.owasp.org/index.php/Membership/2012_Election Annual Global Elections]

* [https://www.owasp.org/index.php/WASPY_Awards Annual WASPY awards]

===Get Involved===

[http://owasp.force.com/volunteers/GW_Volunteers__VolunteersJobListing?campaignid=701U0000000ACSx '''Sign up for a Membership initiative''']

[http://owasp.force.com/volunteers/GW_Volunteers__VolunteersSignup '''Tell us what you would like to do''']

===Join in the Discussion===

[http://www.reddit.com/r/technology/comments/10vmg4/owasp_initiatives_global_strategic_focus/ Discussion Pages]

= Education =

[[Image:EDUCATION_BANNER.jpg]]

=== Group Purpose ===

The Global Education Committee was created during the OWASP EU Summit in Portugal 2008 to work with the [https://www.owasp.org/index.php/Category:OWASP_Education_Project OWASP Education Project] to provide educational materials for both internal and external users, develop liaisons with educational institutions worldwide, provide awareness, training and educational resources to corporate government and educational institutions on application security, and to move OWASP educational material globally available as a well known resource in easily consumable form mapped to a framework tied specifically to user.

===Ongoing Education Activities===

Opportunities will be posted as they become available.

* [[OWASP Training|OWASP Training]]

* [[OWASP Academies|OWASP Academies]], [[OWASP Academies|OWASP Academies page]]

* [https://www.owasp.org/index.php/Category:OWASP_Education_Project OWASP Education Project]

===Get Involved===

[http://owasp.force.com/volunteers/GW_Volunteers__VolunteersJobListing '''Sign up for a current initiative''']

[http://owasp.force.com/volunteers/GW_Volunteers__VolunteersSignup '''Tell us what you would like to do''']

===Join the Discussion===

[http://www.reddit.com/r/technology/comments/10vmg4/owasp_initiatives_global_strategic_focus/ Discussion Pages]

= Chapters =

[[Image:CHAPTERS_BANNER.jpg]]

===Group Purpose===

To provide the support required by the local chapters to thrive and contribute to the [[About_OWASP#The_OWASP_Foundation|overall mission and goals of OWASP]].

===Ongoing Chapter Activities===

* [[Chapter_Leader_Handbook|Chapter Leader Handbook]]

* Chapter Mentoring Program

* OWASP on the Move

* Chapter Leader Workshops

===Get Involved===

*[http://owasp.force.com/volunteers/GW_Volunteers__VolunteersJobListing?campaignid=701U0000000ASLd Volunteer For A Chapter Initiative]

[http://owasp.force.com/volunteers/GW_Volunteers__VolunteersSignup '''Tell us what you would like to do''']

[http://www.tfaforms.com/261541 Start a Chapter]

===Join in the Discussion===

[http://www.reddit.com/r/technology/comments/10vmg4/owasp_initiatives_global_strategic_focus/ Discussion Pages]

= Conferences =

[[Image:CONFERENCES_BANNER.jpg]]

OWASP Global Conferences bring thousands of security professionals together to collaborate on security solutions. OWASP hosts 4 Global events annually - one in each quarter - in 4 geographic regions: North America, South America, Asia Pacific, and Europe. These conferences are primarily organized and managed by volunteers and there are many opportunities to get involved in events.

===Ongoing Conference Activities===

* [[How to Host a Conference]] - The comprehensive guide for hosting an OWASP event.

* [https://www.owasp.org/index.php/Global_Conferences_Committee Conference Planner Resources]

* [https://www.owasp.org/index.php/Global_Conferences_Committee Conference Liaison]

* Booth in a Box

* OWASP Conference Track

[http://owasp.force.com/volunteers/GW_Volunteers__VolunteersJobListing?campaignid=701U0000000AUbv Conference Initiatives]

===Get Involved===

[http://owasp.force.com/volunteers/GW_Volunteers__VolunteersJobListing?campaignid=701U0000000AWhW '''Sign up To Volunteer for AppSec USA 2013''']

[http://owasp.force.com/volunteers/GW_Volunteers__VolunteersSignup '''Tell us what you would like to do''']

===Join in the Discussion===

[http://www.reddit.com/r/technology/comments/10vmg4/owasp_initiatives_global_strategic_focus/ Discussion Pages]

= Projects =

[[Image:PROJECTS_BANNER.jpg|1100px]]

===Group Purpose===

The OWASP Global Projects Group is responsible for developing policies, procedures, and strategies for all of our open source projects worldwide. Currently the group is developing the global operational infrastructure that will be used to facilitate participation and success for all of our OWASP Project Leaders.

===2013 OWASP Projects Handbook===

'''[https://www.owasp.org/images/6/6a/OWASP_Projects_Handbook_2013.pdf Download the 2013 OWASP Projects Handbook]'''

=== OWASP Project Inventory ===

All OWASP tools, document, and code library projects are organized into the following categories:

* '''[https://www.owasp.org/index.php/OWASP_Project_Inventory#Incubator_Projects Incubator Projects:]''' OWASP Incubator projects represent the experimental playground where projects are still being fleshed out, ideas are still being proven, and development is still underway.

* '''[https://www.owasp.org/index.php/OWASP_Project_Inventory#Labs_Projects Lab Projects:]''' OWASP Labs projects represent projects that have produced an OWASP reviewed deliverable of value.

* '''[https://www.owasp.org/index.php/OWASP_Project_Inventory#Flagship_Projects Flagship Projects:]''' The OWASP Flagship designation is given to projects that have demonstrated superior maturity, established quality, and strategic value to OWASP and application security as a whole.

===Get Involved===

[http://www.tfaforms.com/262389 Start a New Project]

[http://owasp.force.com/volunteers/GW_Volunteers__VolunteersJobListing?campaignid=701U0000000AUtE '''Sign up for a current initiative''']

[http://owasp.force.com/volunteers/GW_Volunteers__VolunteersSignup '''Tell us what you would like to do''']

===Join the Discussion===

[http://www.reddit.com/r/technology/comments/10vmg4/owasp_initiatives_global_strategic_focus/ Discussion Pages]

= Social Media and Communications =

[[Image:MARKETING_BANNER.jpg]]

===Group Purpose===

The OWASP Connections Committee was created during the OWASP AppSec DC 2009 conference to help facilitate OWASP foundation communication both internally and externally.

===Security Podcast===

Listen as interviews are conducted with OWASP volunteers, industry experts and leaders within the field of software security [https://www.owasp.org/index.php/OWASP_Podcast Click Here]

=== OWASP Foundation Social Media===

:[http://www.linkedin.com/groups/Global-OWASP-Foundation-36874 LinkedIn]

:[http://www.twitter.com/OWASP Twitter]

:[https://plus.google.com/u/0/communities/105181517914716500346 Google+]

:[http://www.facebook.com/pages/OWASP/104106462960656 Facebook]

:[http://myowasp.ning.com NING]

:[http://stackoverflow.com/search?tab=newest&q=owasp StackOverFlow]

===Get Involved===

[http://owasp.force.com/volunteers/GW_Volunteers__VolunteersJobListing '''Sign up for a current initiative''']

[http://owasp.force.com/volunteers/GW_Volunteers__VolunteersSignup '''Tell us what you would like to do''']

=== Join In the Discussion ===

[http://www.reddit.com/r/technology/comments/10vmg4/owasp_initiatives_global_strategic_focus/ Discussion Pages]

= Industry Relationships =

[[Image:INDUSTRY_BANNER.jpg]]

===Group Purpose===

The Global Industry Committee was created during the OWASP EU Summit in Portugal. The OWASP Global Industry Committee (GIC) shall expand awareness of and promote the inclusion of software security best practices in Industry, Government, Academia and regulatory agencies and be a voice for industry. This will be accomplished through outreach; including presentations, development of position papers and collaborative efforts with other entities.

===Ongoing Industry Initiatives===

* Industry Outreach Sessions at OWASP AppSec Conferences

* AppSec Guide For CISO

* [http://www.owasp.org/index.php/Industry:Citations OWASP Citations] - References to OWASP in official, or otherwise important, documents.

===Get Involved===

*[http://owasp.force.com/volunteers/GW_Volunteers__VolunteersJobListing?campaignid=701U0000000ASaO Volunteer For An Industry Initiative]

[http://owasp.force.com/volunteers/GW_Volunteers__VolunteersSignup '''Tell us what you would like to do''']

===Join in the Discussion===

[http://www.reddit.com/r/technology/comments/10vmg4/owasp_initiatives_global_strategic_focus/ Discussion Pages]

= Active Initiatives =

* [https://www.owasp.org/index.php/Global_Initiatives/Cyber_Security_Pre-accelerator_Initiative Cyber_Security_Pre-accelerator Initiative]

= Contact US =


==OWASP Staff Support==
*Sarah Baso
*Kate Hartmann
*Kelly Santalucia
* [[User:Samantha Groves|Samantha Groves]]: OWASP Project Manager

[http://owasp4.owasp.org/contactus.html Contact Us]

==[http://www.tfaforms.com/262386 Submit your Ideas or Request Volunteer Help]==



<headertabs />

{{:OWASP Initiatives Footer }}

User:Samantha Groves

2014-05-21T04:38:36Z

Samantha Groves:

__NOTOC__

[[image:SAM.jpg]]

= Background =
'''OWASP Program Manager: OWASP Projects'''

Samantha Groves is the Program Manager at OWASP. Samantha has led many projects in her career, some of which include website development, brand development, sustainability and socio-behavioral research projects, competitor analysis, event organization and management, volunteer engagement projects, staff recruitment and training, and marketing department organization and strategy implementation projects for a variety of commercial and not-for-profit organizations. She is eager to begin her work at OWASP and help the organization reach its project completion goals.

Samantha earned her MBA in International Management with a concentration in sustainability from Royal Holloway, University of London. She earned her Bachelor's degree majoring in Multimedia from The University of Advancing Technology in Mesa, Arizona, and she earned her Associate's degree from Scottsdale Community College in Scottsdale, Arizona. Additionally, Samantha attained her Prince2 (Foundation) project management certification, and she undertook executive management training in Intellectual Property Strategy from Harvard Business School. [https://www.owasp.org/index.php/Test2test .]

[[Image:Blogger-32x32.png|32px|link=http://samanthagrovesblog.blogspot.com/]] [[Image:Twitter-32x32.png|32px|link=https://twitter.com/SamHGroves]] [[Image:Facebook-32x32.png|32px|link=https://www.facebook.com/samantha.groves.7140]] [[Image:Linkedin-32x32.png|32px|link=http://www.linkedin.com/in/samanthagroves/]] [[Image:Google-32x32.png|32px|link=https://plus.google.com/u/0/+SamanthaGroves/posts]] [[Image:Ning-32x32.png|32px|link=http://about.me/sam.groves]]

[https://www.owasp.org/index.php/Category:OWASP_Project OWASP Global Projects]

= PM Role =

Samantha is responsible for the development and implementation of the OWASP Project Program’s operational infrastructure that provides support and direction to the project leaders within the OWASP organization. She manages the operational processes, policies, and procedures that assist OWASP's project leaders with starting and running their open source software projects. Currently, there are over 150 open source projects with over 200 project leaders working under the OWASP Project Program. Samantha manages the budgets, expenses, purchases, and metrics reporting for all of the projects, and she manages the overall OWASP Project Program operational budget, as well.

Samantha also coordinates and executes grant funding applications and their allocations for OWASP Projects. She also developed the operational processes to help run the project event module activities at our global conferences, and she coordinates their implementation with the local team in each region. Samantha organizes the mini project summit event activity, as well.

= Program Reports =
'''2014 Project Reports'''

*[https://www.owasp.org/index.php/Projects/Reports/2014-10-01 Project Manager Report: January 10 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-17-01 Project Manager Report: January 17 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-25-01 Project Manager Report: January 25 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-31-01 Project Manager Report: January 31 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-07-02 Project Manager Report: February 07 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-16-02 Project Manager Report: February 16 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-21-02 Project Manager Report: February 21 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-28-02 Project Manager Report: February 28 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-07-03 Project Manager Report: March 07 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-14-03 Project Manager Report: March 14 2014]
*Project Manager Report: March 21 2014 - No Report this week. PM was away at AppSec APAC 2014.
*[https://www.owasp.org/index.php/Projects/Reports/2014-28-03 Project Manager Report: March 28 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-04-04 Project Manager Report: April 04 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-11-04 Project Manager Report: April 11 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-18-04 Project Manager Report: April 18 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-25-04 Project Manager Report: April 25 2014]

'''2013 Project Reports'''

*[https://www.owasp.org/index.php/GPC/Meetings/2013-04-01 GPC Meeting: January 04 2013 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-11-01 GPC Meeting: January 11 2013 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-18-01 GPC Meeting: January 18 2013 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-25-01 GPC Meeting: January 25 2013 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-01-02 GPC Meeting: February 01 2013 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-08-02 GPC Meeting: February 08 2013 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-15-02 GPC Meeting: February 15 2013 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-22-02 GPC Meeting: February 22 2013 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-01-03 Project Manager Report: March 01 2013]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-08-03 Project Manager Report: March 08 2013]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-15-03 Project Manager Report: March 15 2013]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-22-03 Project Manager Report: March 22 2013]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-29-03 Project Manager Report: March 29 2013]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-05-04 Project Manager Report: April 05 2013]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-12-04 Project Manager Report: April 12 2013]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-19-04 Project Manager Report: April 19 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-26-04 Project Manager Report: April 26 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-03-05 Project Manager Report: May 03 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-10-05 Project Manager Report: May 10 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-17-05 Project Manager Report: May 17 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-24-05 Project Manager Report: May 24 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-31-05 Project Manager Report: May 31 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-07-06 Project Manager Report: June 07 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-14-06 Project Manager Report: June 14 2013]
*Project Manager Report: June 21 2013 - No Report this week. PM was away at a week long course.
*[https://www.owasp.org/index.php/Projects/Reports/2013-28-06 Project Manager Report: June 28 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-05-07 Project Manager Report: July 05 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-12-07 Project Manager Report: July 12 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-19-07 Project Manager Report: July 19 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-26-07 Project Manager Report: July 26 2013]
*Project Manager Report: August 02 2013 - No Report this week. PM was away at Black Hat & DEFCON 2013.
*[https://www.owasp.org/index.php/Projects/Reports/2013-09-08 Project Manager Report: August 09 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-16-08 Project Manager Report: August 16 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-23-08 Project Manager Report: August 23 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-30-08 Project Manager Report: August 30 2013]
*Project Manager Report: September 06 2013 - No Report this week. PM was away.
*[https://www.owasp.org/index.php/Projects/Reports/2013-13-09 Project Manager Report: September 13 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-20-09 Project Manager Report: September 20 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-27-09 Project Manager Report: September 27 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-04-10 Project Manager Report: October 04 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-12-10 Project Manager Report: October 12 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-18-10 Project Manager Report: October 18 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-25-10 Project Manager Report: October 25 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-01-11 Project Manager Report: November 01 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-08-11 Project Manager Report: November 08 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-15-11 Project Manager Report: November 15 2013]
*Project Manager Report: November 22 2013 - No Report this week. PM was away at AppSec USA 2013.
*Project Manager Report: November 29 2013 - No Report this week. National Holiday.
*[https://www.owasp.org/index.php/Projects/Reports/2013-06-12 Project Manager Report: December 06 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-13-12 Project Manager Report: December 13 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-20-12 Project Manager Report: December 20 2013]

'''2012 Project Reports'''

*[https://www.owasp.org/index.php/GPC/Meetings/2012-24-08 GPC Meeting: August 24 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-07-09 GPC Meeting: September 07 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-14-09 GPC Meeting: September 14 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-21-09 GPC Meeting: September 21 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-28-09 GPC Meeting: September 28 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-05-10 GPC Meeting: October 05 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-12-10 GPC Meeting: October 12 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-19-10 GPC Meeting: October 19 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-09-11 GPC Meeting: November 09 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-16-11 GPC Meeting: November 16 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-30-11 GPC Meeting: November 30 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-07-12 GPC Meeting: December 07 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-14-12 GPC Meeting: December 14 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-21-12 GPC Meeting: December 21 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-27-12 GPC Meeting: December 27 2012 Project Manager Report]

= Board Reports =
'''Board Member Meeting Reports'''

*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/August_13_2012 Board Meeting: August 2012 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/September_10_2012 Board Meeting: September 2012 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/October_08_2012 Board Meeting: October 2012 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/November_12_2012 Board Meeting: November 2012 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/December_10_2012 Board Meeting: December 2012 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/January_14_2013 Board Meeting: January 2013 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/February_11_2013 Board Meeting: February 2013 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/March_11_2013 Board Meeting: March 2013 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/April_05_2013 Board Meeting: April 2013 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/May_13_2013 Board Meeting: May 2013 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/June_10_2013 Board Meeting: June 2013 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/July_08_2013 Board Meeting: July 2013 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/August_06_2013 Board Meeting: August 2013 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/September_09_2013 Board Meeting: September 2013 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/November_06_2013 Board Meeting: November 2013 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/December_03_2013 Board Meeting: December 2013 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/February_18_2013 Board Meeting: February 2014 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/April_18_2014 Board Meeting: April 2014 Project Manager Report]

= Presentations and Publications =
'''Presentations'''
*[https://www.owasp.org/images/f/fb/OWASP_GLOBAL_PROJECTS.pdf OWASP Projects Presentation: Phoenix Chapter Talk]
*[https://www.owasp.org/images/b/bb/OWASP_Projects_Webinar.pdf OWASP Projects Webinar]
*[https://www.owasp.org/images/1/19/OWASP_PROJECTS_SOLUTIONS.pdf OWASP Project Infrastructure: Solutions]
*[https://www.owasp.org/images/f/f4/OWASP_Project_Leader_Workshop_2013_V2.pdf Project Leader Workshop 2013]

'''Publications and Reports'''
*[https://www.owasp.org/images/6/6a/OWASP_Projects_Handbook_2013.pdf OWASP Project Leader Handbook 2013]
*[https://www.owasp.org/images/d/d8/PROJECT_LEADER-HANDBOOK_2014.pdf OWASP Project Leader Handbook 2014]
*[https://www.owasp.org/images/c/c3/OWASP_2013_PROJECT_SUMMIT_REPORT.pdf OWASP 2013 Project Summit Report]

= 2013 Operational Goals =

'''[https://docs.google.com/document/d/1g9jJImMr0p6fLqixOJIXtrNvGtycmI7-ofT54vWExwo/edit?usp=sharing Goals and Objectives: 2013 Q4]'''
#Finish planning Project Summit & Execute Summit at AppSec USA.
#Develop & Finish Global Projects Strategy for 2014: Includes Budget
#Finish Fundraising Strategy for 2014: Includes Budget

*'''Ongoing Objectives for 2013'''
**Quarterly Report to DHS
**Continue helping leaders reach their grant required milestones
**Finalise graphic design delivery from Patrick: 2 pieces to go.

'''[https://docs.google.com/a/owasp.org/document/d/1wziu7cIMmnYZQ_fMxjNd614e0OWNacZLmcyQl7zWnZU/edit?usp=sharing Goals and Objectives: 2013 Q3]'''
#Marketing: Work with Sarah to solicit feedback from community on Marketing deliverables and finalize relationship with Patrick and Denita.
#Project Review Process - Work with new Technical Project advisors to finalize project review criteria and process.
#Grants: Develop a grant strategy for rest of 2013 and 2014, utilizing fundraising intern(s) as part of this strategy.

*'''Ongoing Objectives for 2013'''
**Work with Project leaders to reach grant required milestones - ONGOING
**Develop a project charter outlining appropriate grant revenue spending and grant required milestones. - DUE IN SEPTEMBER - ONGOING
**Oversight of Marketing and Graphic Design deliverables (Phase 2/Phase 3) provided by 3rd party contractor

= 2014 Operational Goals =

'''OWASP PROJECTS'''

'''Primary Goal:''' Continue to evolve the OWASP Projects Infrastructure by developing operational systems that facilitate Leader participation and innovation.

'''Subgoal 1:''' Continue to work on the operational projects platform with the aim of developing it to be more self sufficient for Leaders.

* Recruit a Projects Support Intern.
* Bring all of the project repositories into Ohloh.
* Continue to develop the Project Portal for Leaders.
* Monitor and update the Project Page with relevant information on a weekly basis.
* Continue to produce weekly and quarterly information reports.
* Organize a monthly webinar about an OWASP Project.
* Produce more substantial software security/projects articles for our quarterly Connector.
* Migrate all of the Project wiki pages to the new template
* Facilitate project page compliance with new Sponsorship Guidelines.
* Facilitate project product compliance with new Sponsorship Guidelines
* Develop marketing and communications pieces that promote: Benefits of Having an OWASP Project; How to start a project; Project Lifecycle; and Review Process.
* Have one Project Leader meeting a month.
* Facilitate OWASP contributions to the Apple Developer Program.
* Identify & promote cross-project collaboration to move clusters of projects forward, with e.g. work groups that work on a certain domain.
* Start a task force of people with spare cycles that can help projects that need extra man-power of are falling behind in delivery of new releases (especially the flag ship projects)
* Ask project leaders to create & give project related training or contribute to the OWASP trainings.
* Push for establishment of completion dates for key tasks for select projects.

'''Subgoal 2:''' Bring more Project Leaders together in 2014.

* Work towards getting at least 2 projects represented at every Global AppSec Conference in 2014.
* Plan a Project Summit Event in 2014
* Work on developing Project Leader Workshop module that can be given when I am not present.

'''Subgoal 3:''' Solidify the Projects Review Process.

* Develop a pragmatic method of doing project reviews.
* Test the review process developed at the 2013 Summit
* Finish reviewing the projects that have specifically asked for review.
* Review the Flagship Projects.
* Review the Lab Projects.
* Review the Incubator Projects.
* Report on the findings and outcomes.
* Document the system so it can be reproduced. (This will probably be a long document/set of instructions and lessons learned).

'''Subgoal 4:''' Design a more sustainable revenue stream using the Project’s IP. (We will probably have to drop this subgoal due to the potential change in our project model this year.)

* In depth market research to determine niche opportunities.
* Come up with at least 4 different potential opportunities based on research.
* Develop an implementation plan.

<headertabs />

Projects/Reports/2014-02-05

2014-05-03T01:15:26Z

Samantha Groves:

Projects/Reports/2014-02-05

2014-05-03T01:07:40Z

Samantha Groves:

=PROJECT METRICS=

<div style="width:100%;height:160px;border:0,margin:0;overflow: hidden;">[[File:OWASP_Project_Header.jpg|link=]]</div>

==Metrics==

*'''[https://docs.google.com/spreadsheet/ccc?key=0AllOCxlYdf1AdGU4MlNpOWZsLWM2YXhpQzZLbnpndkE&usp=sharing Project Numbers]'''

*Active Projects: 171
*Inactive Projects: 112
*Incubator Projects: 138
*Lab Projects: 33
*Flagship Projects: 0

==OWASP Project of the Month ==

{|
|-
! width="400" align="left" |
! width="400" align="left" |
|-
| align="left" | [[Image:Passfault01.jpg|left|300px|link=https://www.owasp.org/index.php/OWASP_Passfault]] 
| align="left" | [[Image:AppSecEU_2014.jpg|left|300px|link=https://2014.appsec.eu/]] 

|}

=CURRENTLY WORKING ON=

*'''OSS in Cambridge'''
**I am happy to report that we now have 8 applicants for the Open Source Showcase.
**I asked the community to help spread the word, and we were successful in getting the applications we needed to move the activity forward.
**We put together this blog post to announce the opportunity: [http://owasp.blogspot.com/2014/04/open-source-showcase-demo-your-project.html OSS at AppSec EU]
**We hope to get more submissions in the coming weeks.
**I have also worked with Kelly this week to put together a sponsorship proposal so she cal sell to potential sponsors for the OSS.
**We are asking for $5K per sponsor.

*'''Project Summit 2014'''
**I have been working with the AppSec EU team to organize the 2014 Project Summit.
**I have been trying to promote the event like crazy these past few weeks, but I am not getting too many submissions.
**I am having to reach out to Leaders directly to invite them to join in.
**We currently have 3 summit sessions, but I need more.
**We are also seeking 10K USD sponsorship for the summit.
**I worked with Kelly this week to put together a sponsorship proposal so she cal sell to potential sponsors for the Summit.
**We are asking for $5K per sponsor, as well.

*'''Project Reviews'''
**Sarah and I spoke about the reviews and the process that was created by the Technical Advisory Board.
**We decided to move forward with the reviews using the forms and process we created at the [https://www.owasp.org/images/c/c3/OWASP_2013_PROJECT_SUMMIT_REPORT.pdf 2013 Summit].
**The only catch is that we are dropping the Open Samm questionnaire, and we are only using the Project Quality and Health assessments.
**Here are the two forms we are using:
**[https://docs.google.com/a/owasp.org/forms/d/1mZ9QJDOS0jYaWDPCooxaa_BZPD7zm5U0REnMjt0RRoM/viewform Project Health]
**[https://docs.google.com/a/owasp.org/forms/d/1UUSrQySyvwQPq_KzhF6Q-9wvOptvLiDzNSjdXwiPOPg/viewform Project Quality: Code and Tool]
**[https://docs.google.com/a/owasp.org/forms/d/1TSj-V-rkngi1crB6BjOqabsCcjOVDjHKSelSitBqRU4/viewform Project Quality: Documentation]
**Simon Bennetts and Johanna Curiel completed a full review of the OWTF Project this week using this process.
**This is the first time the full process has been used to review and graduate a project.
**The OWASP OWTF Project is now a Lab Project.
**See the full review report here: [https://www.owasp.org/images/4/49/OWASP_Project_Review-OWTF_Project.pdf OWASP OWTF Project Review Results]

*'''Project Task Force'''
**The Project Task Force is getting on with operational project tasks.
**I am so glad this is working so well.
**We are underway with our project active/inactive audit.
**We have already eliminated over 10 projects from the active project inventory.
**This group will focus on getting stuff done for our OWASP Projects.
**There are quite a few tasks that we need to get sorted so please join in if you are interested in helping out.
**[https://www.owasp.org/index.php/Category:OWASP_Project#tab=Project_Task_Force Project Task Force Page]
**[https://groups.google.com/forum/#!forum/owasp-projects-task-force Google Group Page]

*'''Graphic Design: Hugo'''
**Hugo has completed some amazing design projects this week.
**Below are some of the examples of his work:
**[https://www.owasp.org/images/3/3a/CodeReviewCover_2014.pdf Code Review Guide Book Covers]
**[https://www.owasp.org/images/8/86/Testing_Guide_V4_final.pdf Testing Guide Book Cover]
**[https://www.owasp.org/images/8/8a/Cambridge_2014_flyer_curves.pdf AppSec EU Triptic Brochure]

*'''Projects Intern: Kait'''
**Kate has been helping me with different administrative project duties this week.
**She is working on getting some additional metrics we need for our project inventory.
**She is also working on reaching out to leaders and finding out if their projects are inactive or not.
**We will do this first pass, and then I want to give the list to Johanna so she can do a more thorough pass.
**Kait is also helping with promotion of the OSS, Summit, and Women in AppSec.

*'''Daily Project based queries and requests'''
**This has not changed much since I began the post: questions are very similar in nature.
**Global AppSec questions.
**Funding queries.
**Travel availability.
**Project based administrative help.
**Project status information.
**Several project donation questions.
**Marketing questions.
**Grant funding questions.
**OWASP social media updates.
**What's happening with projects, questions.
**Managing Salesforce cases.

=PROJECT GRANTS & FUNDING UPDATES=

==General Awards==

*'''OWASP OWTF Project: Brucon 5x5 Award'''
# Amount: €5,000.00 (Approx. $6,670.00)
# Status: Awarded. Congratulations, Abraham Aranguren and all involved in the project, for your award.

==Proposals Awarded==

*'''[https://docs.google.com/document/d/1MA3TI5ssclxvheV8At_ffu2Fuic55SDpOokS3AOvBUc/edit?usp=sharing OWASP Guidebooks Proposal]'''
# Amount: $25,000 USD
# Status: Awarded. The first payment has been allocated to our project budgets. The second invoice has now been sent to Georgia Tech and payment has been received.
# [https://www.owasp.org/images/1/18/Development_Guide_Project_Gantt.pdf OWASP Development Guide Plan]
# [https://www.owasp.org/images/e/e9/Testing_Guide_Project_Gantt.pdf OWASP Testing Guide Plan]
# [https://www.owasp.org/images/d/da/Code_Review_Project_Gantt.pdf OWASP Code Review Guide Plan]

*'''Google Grants Proposal'''
#Amount: $120,000 USD in Adwords Funds
#Status: Awarded.
#Note: There is no link to show the proposal for this grant. There was a form that was submitted to Google, and we did not receive a record of this form.
#[https://www.owasp.org/images/e/ed/2013_Campaign_Report.pdf Google Grants Usage Report]

*'''Google Summer of Code'''
#Amount: $5,500
#Status: Awarded

*'''Projects breakdown:'''
**4 ZAP Projects: $2,000
**4 OWTF Projects: $2,000
**1 PHP Security Project: $500
**1 Hackademics Project: $500
**1 Modsecurity Project: $500
**Travel Expenses: $1,896.38 (Reimbursement)
**Note: Big thank you to Fabio Cerullo for coordinating and managing this award.

*'''[https://docs.google.com/document/d/1cFbmOLqEQQG8eXPrMTlU6JUivgRIacUeL7D599bZm_E/edit?usp=sharing OWASP AppSensor Grant Proposal]'''
# Amount: $15,000 USD
# Status: Awarded.

*'''Total Funds Awarded: $172,170 USD for 2013.'''

==Proposals Denied==

*'''European Commission Grant Proposal'''
#Amount: €250,000
#Status: Denied.

*'''[https://docs.google.com/document/d/1Vz7BLFdt1h5AhmW-Zc2B_KlqhzsSkSAaEASML5U4VQs/edit?usp=sharing OWASP OpenSAMM Grant Proposal]'''
# Amount: $112,000 USD
# Status: Denied

*'''[https://docs.google.com/document/d/16ZFXaML8C7aDAZdyTMDDg4BzLr1vUTOz9eqmYE8ZW8U/edit?usp=sharing OWASP ESAPI Grant Proposal]'''
# Amount: $25,000 USD
# Status: Denied

*'''[https://docs.google.com/document/d/1dBTaRr-yl8wGhGKxacWACznZhCZnJ_sZeAdN-b2xPlw/edit?usp=sharing OWASP ModSecurity CRS Proposal]'''
#Amount: $30,000 USD
#Status: Denied

*'''[https://docs.google.com/file/d/0B1lOCxlYdf1AQm52T2xjX215M28/edit?usp=sharing OWASP OWTF Grant Proposal]'''
# Amount: $55,800 USD
# Status: Denied

==Current Project Funds==

* [https://docs.google.com/a/owasp.org/spreadsheet/pub?hl=en_US&hl=en_US&key=0Atu4kyR3ljftdEdQWTczbUxoMUFnWmlTODZ2ZFZvaXc&output=html Chapter and Individual Project Funds]
* [https://www.owasp.org/index.php/Projects_Reboot_2012 Project Reboot 2012 Information]
* [https://www.owasp.org/images/a/ae/Project_Funds-Q1_2013.pdf Q1 2013: Funds Allocated to Projects]
* [https://www.owasp.org/images/a/a0/PROJECT_FUNDS_Q2_2013.pdf Q2 2013: Funds Allocated to Projects]
* [https://www.owasp.org/images/c/ce/Due_To_Projects_Q3.pdf Q3 2013: Funds Allocated to Projects]
* [https://www.owasp.org/images/b/b3/Due_To_Projects_Q4_2013.pdf Q4 2013: Funds Allocated to Projects]

=PROJECT ANNOUNCEMENTS=

==2014 OWASP Project Summit: Need Working Session Ideas!==

The 2014 OWASP Project Summit will be taking place during AppSec EU 2014 in Cambridge, UK, and we need your help to make it our best Project Summit yet. We are calling on all OWASP Project Leaders to submit your project to participate in this year’s Summit. The Project Summit is a great opportunity to reach project milestones, as well as receive feedback from the OWASP community by enlisting new volunteers to your project.

Help shape the 2014 Project Summit by submitting to lead a working session. We would also, like your feedback on what tracks and session you would like to see at the Summit. The planning team would like your input on ideas to creating a productive event this year. The Summit team will take your ideas, and develop a comprehensive schedule that suits the needs of our Project Leaders and community.

Help make the 2014 Project Summit in Cambridge a great success for OWASP Projects. Submit your ideas for tracks and sessions to Samantha Groves (Samantha.Groves@owasp.org) and Kait Disney-Leugers (Kait.Disney.Leugers@owasp.org).

==Open Source Showcase: Demo your Project at AppSec EU 2014!==

As part of AppSec EU, the conference organizers are looking for projects to participate in the Open Source Showcase. The Open Source Showcase is a unique event module that allows project leaders and/or project contributors to showcase their work in a demo setting and gain exposure for their projects without the need to conduct a full talk session. The showcase allows a more personal view of the project between attendees.

The guidelines for submitting to the Open Source Showcase are simple: the Open Source Showcase is open to ANY project - not just OWASP projects. The only requirement for submission is that the project must be licensed under an approved Open Source License.

All open source projects are encouraged to apply to take part in the Open Source Showcase at AppSec EU 2014 in Cambridge, UK. The application form can be found here: [https://docs.google.com/forms/d/1IKKpfDL66bnzXbCglyLx1wXA4OdPmVZUUsRg1NgsYhk/viewform Submission Form].

If you have additional questions, please contact the AppSec EU 2014 Planning Team (appseceu2014@owasp.org).

==Webinar Opportunity for OWASP Project Leaders==

We are still in need for Project Leaders to showcase their projects via our Webinar series. The webinars will be held every third (3) Wednesday of every month at 10am EST. Below are the dates when each webinar will be held, and you can indicate the month if you are interested:

*May 21: Jonathan Carter
*June 18
*July 16
*August 20
*September 17
*October 15
*November 19
*December 17

Please reach out to Samantha Groves (Samantha.Groves@owasp.org) if you are interested in giving a 45 minute webinar on your OWASP Project.

=OWASP 24/7 BROADCAST SERIES=

[https://www.owasp.org/index.php/OWASP_Podcast "OWASP 24/7"] with Mark Miller is a series of recorded broadcasts, highlighting OWASP projects and people from around the world. With over 43,000 members in 100 countries, the OWASP 24/7 channel is available on demand, at anytime, anywhere on the planet. You are welcome to embed the broadcasts on your page, download them for your personal listening or keep up to date by subscribing to the iTunes channel. Please view the [https://www.owasp.org/index.php/OWASP_Podcast Podcast Project page] for a list of current interviews.

'''View [https://soundcloud.com/owasp-podcast All Available Broadcasts] or choose a single episode below'''

* [http://trustedsoftwarealliance.com/2014/03/21/the-owasp-cornucopia-project-with-colin-watson/ The OWASP Cornucopia Project with Colin Watson]
* [http://trustedsoftwarealliance.com/2014/03/24/the-owasp-top-ten-proactive-controls-project-with-jim-bird/ The OWASP Top Ten Proactive Controls Project with Jim Bird]
* [http://trustedsoftwarealliance.com/2014/03/27/owasp-hacky-easter-challenge/ The OWASP Hacky Easter Challenge with Ivan Bütler]
* [https://soundcloud.com/owasp-podcast/2014-appsec-apac-history-and/ AppSec APAC: What to Expect - Riotaro Okada & Robert Dracea]
* [https://soundcloud.com/owasp-podcast/appsec-europe-2014-what-to/ AppSec Europe What to Expect - Adrian Winckles]
* [http://trustedsoftwarealliance.com/2014/01/31/not-making-a-statement-is-a-statement-in-its-own-right-tobias-gondrom/ Not Making a Statement is a Statement in its Own Right - Tobias Gondrom and Eoin Keary]
* [http://trustedsoftwarealliance.com/2014/01/14/appsec-apac-2014-with-tobias-gondrom-what-to-expect/ AppSec APAC 2014 with Tobias Gondrom - What to Expect]
* [http://trustedsoftwarealliance.com/2014/01/13/appsec-usa-2013-larry-conklin-and-the-code-review-book-project/ AppSec USA 2013: Larry Conklin and the Code Review Book Project]
* [http://trustedsoftwarealliance.com/2014/01/07/jim-manico-life-after-owasp-podcasting/ AppSec USA 2013: Jim Manico - Life After OWASP Podcasting]
* [http://trustedsoftwarealliance.com/2013/12/13/appsec-usa-2013-zed-attack-proxy-project-with-simon-bennetts-interview/ AppSec USA 2013: Zed Attack Proxy Project with Simon Bennetts ]
* [http://trustedsoftwarealliance.com/2013/12/19/appsec-usa-2013-abbas-naderi-and-the-owasp-php-security-project/ AppSec USA 2013: Abbas Naderi and the OWASP PHP Security Project)]
* [http://trustedsoftwarealliance.com/2013/12/10/appsec-usa-2013-michael-coates-on-the-appsensor-project/ AppSec USA 2013: Michael Coates on the AppSensor Project]
* [http://trustedsoftwarealliance.com/2013/12/02/the-owasp-application-security-ciso-guide-with-marco-morana-and-tobias-gondrom/ The OWASP Application Security CISO Guide with Marco Morana and Tobias Gondrom]
* [http://trustedsoftwarealliance.com/2013/11/27/the-purpose-of-owasp-an-interview-with-co-founder-dennis-groves/ The Purpose of OWASP, an Interview with Co-Founder Dennis Groves]
* [http://trustedsoftwarealliance.com/2013/11/25/wait-wait-dont-pwn-me-full-recording-from-appsec-usa-2013/ Wait wait... don’t pwn me! - Full recording from AppSec USA 2013]
* [https://soundcloud.com/owasp-podcast/sarah-baso-43-000-members-160 Sarah Baso - What does it take to support 43,000 members in 100+ countries?]
* [https://soundcloud.com/owasp-podcast/samantha-groves-owasp-projects Samantha Groves - Getting the Most from OWASP Projects]
* [https://soundcloud.com/owasp-podcast/kate-hartmann-the-future-of Kate Hartmann - The Future of Virtual Chapter Meetings]
* [https://soundcloud.com/owasp-podcast/kelly-santalucia-growing-owasp Kelly Santalucia - Growing OWASP and the Outreach Programs]
* [https://soundcloud.com/owasp-podcast/tom-brennan-what-to-expect-at Tom Brennan - What to Expect at AppSecUSA 2013]

'''Upcoming interviews'''
* Kevin Wall (ESAPI)
* Andrew van der Stock (Pro-Active Controls)
* Andrew van der Stock
* Chetan Karande - Node.jsGoat
* Mark Arnold - OWASP Boston Chapter Lead
* Mike McCabe, Ken Johnson
* Rafael Gil
* Seba Deleersnyder

__NOTOC__ <headertabs />

Category:OWASP Project

2014-05-03T01:03:05Z

Samantha Groves:

__NOTOC__
{|
|-
! width="700" align="center" | 
! width="500" align="center" | 
|-
| align="right" | [[Image:Owasp_banner_web_pro.jpg|800px| link=https://www.owasp.org/index.php/Category:OWASP_Project]]
| align="right" |

|}

= Welcome =
{| style="width: 100%;"
|-
| style="width: 100%; color: rgb(0, 0, 0);" |
{| style="border: 0px solid ; background: transparent none repeat scroll 0% 0%; width: 100%; -moz-background-clip: border; -moz-background-origin: padding; -moz-background-inline-policy: continuous;"
|-
| style="width: 95%; color: rgb(0, 0, 0);" |


=== OWASP Project Inventory ===

All OWASP tools, document, and code library projects are organized into the following [https://www.owasp.org/index.php/OWASP_Project_Stages categories:]

* '''[https://www.owasp.org/index.php/OWASP_Project_Inventory#Flagship_Projects Flagship Projects:]''' The OWASP Flagship designation is given to projects that have demonstrated strategic value to OWASP and application security as a whole.

* '''[https://www.owasp.org/index.php/OWASP_Project_Inventory#Labs_Projects Lab Projects:]''' OWASP Labs projects represent projects that have produced an OWASP reviewed deliverable of value.

* '''[https://www.owasp.org/index.php/OWASP_Project_Inventory#Incubator_Projects Incubator Projects:]''' OWASP Incubator projects represent the experimental playground where projects are still being fleshed out, ideas are still being proven, and development is still underway.

=== Welcome to the OWASP Global Projects Page ===

An OWASP project is a collection of related tasks that have a defined roadmap and team members. OWASP project leaders are responsible for defining the vision, roadmap, and tasks for the project. The project leader also promotes the project and builds the team. OWASP currently has over 142 active projects, and new project applications are submitted every week.

This is one of the most popular divisions of OWASP as it gives members an opportunity to freely test theories and ideas with the professional advice and support of the OWASP community. Every project has an associated mail list. You can view all the lists, examine their archives, and subscribe to any project by visiting the [http://lists.owasp.org/mailman/listinfo OWASP Project Mailing Lists] page. A summary of recent project announcements is available on the [[OWASP Updates]] page.

'''[https://www.owasp.org/images/d/d8/PROJECT_LEADER-HANDBOOK_2014.pdf Download the OWASP Project Handbook 2014]'''

'''[https://www.owasp.org/index.php/OWASP_2014_Project_Handbook OWASP Project Handbook Wiki 2014]'''

'''[https://www.owasp.org/images/6/6a/OWASP_Projects_Handbook_2013.pdf Download the OWASP Projects Handbook 2013]'''

'''[http://www.tfaforms.com/263506 Start a New OWASP Project]'''

'''[https://www.owasp.org/index.php/Project_Online_Resources Project Online Resources]'''

=== Who Should Start an OWASP Project? ===

*Application Developers.
*Software Architects.
* Information Security Authors.
*Those who would like the support of a world wide professional community to develop or test an idea.
*Anyone wishing to take advantage of the professional body of knowledge OWASP has to offer.

=== Contact Us===

If you have any questions, please do not hesitate to contact the [http://owasp4.owasp.org/contactus.html OWASP Projects Manager, Samantha Groves] by using the form provided here. Please allow five working days for your question or comment to be answered. This is due to the large amount of queries the foundation staff receive every day. We thank you for your patience.

=== Social Media ===

We recommend using the links below to find our official OWASP social media channels. These are a great way to keep in touch with the different initiatives going on at OWASP throughout the world. They are all updated regularly by chapter leaders, project leaders, the OWASP Board Members, and our OWASP Staff. If you have any questions or concerns about any of these accounts, please drop us a line using our [http://www.tfaforms.com/308703 "Contact Us"] form found above.

[[Image:Blogger-32x32.png|32px|link=http://owasp.blogspot.co.uk/]] [[Image:Twitter-32x32.png|32px|link=https://twitter.com/OWASP]] [[Image:Facebook-32x32.png|32px|link=https://www.facebook.com/groups/172892372831444/]] [[Image:Linkedin-32x32.png|32px|link=http://www.linkedin.com/groups/Global-OWASP-Foundation-36874]] [[Image:Google-32x32.png|32px|link=https://plus.google.com/u/0/communities/105181517914716500346?cfem=1]] [[Image:Ning-32x32.png|32px|link=http://myowasp.ning.com/]]





 

|}



| style="border: 3px solid rgb(204, 204, 204); vertical-align: top; width: 95%; font-size: 95%; color: rgb(0, 0, 0);" | 

                                                                                                                              [[Image:Passfault01.jpg‎|center|300px| link=https://www.owasp.org/index.php/OWASP_Passfault]]

[[Image:AppSecEU_2014.jpg|center|300px| link=https://2014.appsec.eu/]]

[[Image:New_initiatives.png|center|300px| link=http://owasp.force.com/volunteers/GW_Volunteers__VolunteersJobListing]]

[[Image:Donate_here_banner.png|center|300px| link=http://www.regonline.com/Register/Checkin.aspx?EventID=1044369]]

{|

| style="width: 110px; font-size: 95%; color: rgb(0, 0, 0);" |
|}

| style="width: 110px; font-size: 95%; color: rgb(0, 0, 0);" |
|}


= Project Inventory =


==Flagship Projects==

The OWASP Flagship designation is given to projects that have demonstrated strategic value to OWASP and application security as a whole.

'''Code'''

'''Tools'''

'''Documentation'''

==Labs Projects==

OWASP Labs projects represent projects that have produced a deliverable of value. While these projects are typically not production ready, the OWASP community expects that an OWASP Labs project leader is producing releases that are at least ready for mainstream usage.

'''Tools'''
* [https://www.owasp.org/index.php/OWASP_Broken_Web_Applications_Project OWASP Broken Web Applications Project]
* [https://www.owasp.org/index.php/Category:OWASP_CSRFTester_Project OWASP CSRFTester Project]
* [https://www.owasp.org/index.php/Category:OWASP_EnDe OWASP EnDe Project]
* [https://www.owasp.org/index.php/OWASP_Hackademic_Challenges_Project OWASP Hackademic Challenges Project]
* [https://www.owasp.org/index.php/OWASP_Mantra_-_Security_Framework OWASP Mantra Security Framework]
* [https://www.owasp.org/index.php/Category:OWASP_Mutillidae OWASP Mutillidae Project]
* [https://www.owasp.org/index.php/OWASP_O2_Platform OWASP O2 Platform]
* [https://www.owasp.org/index.php/Project_Information:template_Vicnum_Project OWASP Vicnum Project]
* [https://www.owasp.org/index.php/Category:OWASP_Wapiti_Project OWASP Wapiti Project]
* [https://www.owasp.org/index.php/Project_Information:template_Yasca_Project OWASP Yasca Project]
* [https://www.owasp.org/index.php/OWASP_OWTF OWASP OWTF]
* [https://www.owasp.org/index.php?title=OWASP_Web_Testing_Environment_Project OWASP Web Testing Environment Project]
* [https://www.owasp.org/index.php/Webgoat OWASP WebGoat Project]
* [https://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Project OWASP Zed Attack Proxy]

'''Documentation'''
* [https://www.owasp.org/index.php/OWASP_Appsec_Tutorial_Series OWASP AppSec Tutorial Series]
* [https://www.owasp.org/index.php/OWASP_AppSensor_Project OWASP AppSensor Project]
* [https://www.owasp.org/index.php/Category:OWASP_CTF_Project OWASP CTF Project]
* [https://www.owasp.org/index.php/Category:OWASP_Legal_Project OWASP Legal Project]
* [https://www.owasp.org/index.php/OWASP_Podcast OWASP Podcast Project]
* [https://www.owasp.org/index.php/Virtual_Patching_Best_Practices Virtual Patching Best Practices]
* [https://www.owasp.org/index.php/Category:OWASP_Application_Security_Verification_Standard_Project OWASP Application Security Verification Standard Project]
* [https://www.owasp.org/index.php/Category:OWASP_Code_Review_Project OWASP Code Review Guide Project]
* [https://www.owasp.org/index.php/OWASP_Codes_of_Conduct OWASP Codes of Conduct]
* [https://www.owasp.org/index.php/Category:OWASP_Guide_Project OWASP Development Guide Project]
* [https://www.owasp.org/index.php/OWASP_Secure_Coding_Practices_-_Quick_Reference_Guide OWASP Secure Coding Practices - Quick Reference Guide]
* [https://www.owasp.org/index.php/Category:Software_Assurance_Maturity_Model OWASP Software Assurance Maturity Model (SAMM)]
* [https://www.owasp.org/index.php/OWASP_Testing_Project OWASP Testing Guide Project]
* [https://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project OWASP Top Ten Project]

'''Code'''
* [https://www.owasp.org/index.php/Category:OWASP_AntiSamy_Project OWASP AntiSamy Project]
* [https://www.owasp.org/index.php/Category:OWASP_Enterprise_Security_API OWASP Enterprise Security API]
* [https://www.owasp.org/index.php/Projects/OWASP_ModSecurity_Core_Rule_Set_Project OWASP ModSecurity Core Rule Set Project]
* [https://www.owasp.org/index.php/Category:OWASP_CSRFGuard_Project OWASP CSRFGuard Project]

<div id="sammysam"></div>

==Incubator Projects==

OWASP Incubator projects represent the experimental playground where projects are still being fleshed out, ideas are still being proven, and development is still underway. The “OWASP Incubator” label allows OWASP consumers to readily identify a project’s maturity. The label also allows project leaders to leverage the OWASP name while their project is still maturing.

'''Code'''
* [https://www.owasp.org/index.php/Opa OWASP OPA]
* [https://www.owasp.org/index.php/OWASP_Java_Encoder_Project OWASP Java Encoder Project]
* [https://www.owasp.org/index.php/OWASP_JSON_Sanitizer OWASP JSON Sanitizer]
* [https://www.owasp.org/index.php/OWASP_Java_HTML_Sanitizer OWASP Java HTML Sanitizer Project]
* [https://www.owasp.org/index.php/OWASP_Java_XML_Templates_Project OWASP Java XML Templates Project]
* [https://www.owasp.org/index.php/OWASP_Passfault OWASP Passfault]
* [https://www.owasp.org/index.php/OWASP_OctoMS OWASP OctoMS]
* [https://www.owasp.org/index.php/OWASP_Java_File_I_O_Security_Project OWASP Java File I/O Security Project]
* [https://www.owasp.org/index.php/OWASP_Security_Research_and_Development_Framework OWASP Security Research and Development Framework]
* [https://www.owasp.org/index.php/OWASP_1-Liner OWASP 1-Liner]
* [https://www.owasp.org/index.php/OWASP_Focus OWASP Focus]
* [https://www.owasp.org/index.php/OWASP_PHPRBAC_Project OWASP PHPRBAC Project]
* [https://www.owasp.org/index.php/OWASP_EJSF_Project OWASP EJSF Project]
* [https://www.owasp.org/index.php/OWASP_Barbarus OWASP Barbarus]
* [https://www.owasp.org/index.php/OWASP_iMAS_iOS_Mobile_Application_Security_Project OWASP iMAS - iOS Mobile Application Security Project]
* [https://www.owasp.org/index.php/OWASP_RBAC_Project OWASP RBAC Project]
* [https://www.owasp.org/index.php/OWASP_PHP_Security_Project OWASP PHP Security Project]
* [https://www.owasp.org/index.php/OWASP_Simple_Host_Base_Incidence_Detection_System_Project OWASP Simple Host Base Incidence Detection System Project]
* [https://www.owasp.org/index.php/OWASP_File_Format_Validation_Project OWASP File Format Validation Project]
* [https://www.owasp.org/index.php/OWASP_JAWS_Project OWASP JAWS Project]
* [https://www.owasp.org/index.php/OWASP_Node_js_Goat_Project OWASP Node.js Goat Project]
* [https://www.owasp.org/index.php/OWASP_System_Vulnerable_Code_Project OWASP System Vulnerable Code Project]
* [https://www.owasp.org/index.php/OWASP_ISO_IEC_27034_Application_Security_Controls_Project OWASP ISO/IEC 27034 Application Security Controls Project]
* [https://www.owasp.org/index.php/OWASP_Ultimatum_Project OWASP Ultimatum Project]
* [https://www.owasp.org/index.php/OWASP_Secure_Headers_Project OWASP Secure Headers Project]

'''Tools'''
* [https://www.owasp.org/index.php/OWASP_NAXSI_Project OWASP NAXSI Project]
* [https://www.owasp.org/index.php/OWASP_Passw3rd_Project OWASP Passw3rd Project]
* [https://www.owasp.org/index.php/Category:OWASP_WebGoat.NET OWASP WebGoat.NET]
* [https://www.owasp.org/index.php/OWASP_Path_Traverser OWASP Path Traverser]
* [https://www.owasp.org/index.php/OWASP_Watiqay OWASP Watiqay]
* [https://www.owasp.org/index.php/Projects/OWASP_Security_Shepherd/Roadmap OWASP Security Shepherd]
* [https://www.owasp.org/index.php/OWASP_Xenotix_XSS_Exploit_Framework OWASP Xenotix XSS Exploit Framework]
* [https://www.owasp.org/index.php/OWASP_Mantra_OS OWASP Mantra OS]
* [https://www.owasp.org/index.php/OWASP_XSSER OWASP XSSER]
* [https://www.owasp.org/index.php/OWASP_Academy_Portal_Project OWASP Academy Portal Project]
* [https://www.owasp.org/index.php/OWASP_ASIDE_Project OWASP ASIDE Project]
* [https://www.owasp.org/index.php/OWASP_iGoat_Project OWASP iGoat Project]
* [https://www.owasp.org/index.php/OWASP_SamuraiWTF_Project OWASP SamuraiWTF]
* [https://www.owasp.org/index.php/O-Saft O-Saft]
* [https://www.owasp.org/index.php/OWASP_OpenStack_Security_Project OWASP OpenStack Security Project]
* [https://www.owasp.org/index.php/OWASP_Bricks OWASP Bricks]
* [https://www.owasp.org/index.php/OWASP_Dependency_Check OWASP Dependency Check]
* [https://www.owasp.org/index.php/OWASP_Hive_Project OWASP Hive Project]
* [https://www.owasp.org/index.php/OWASP_Droid_Fusion OWASP Droid Fusion]
* [https://www.owasp.org/index.php/OWASP_iSABEL_Proxy_Server OWASP iSABEL Proxy Server]
* [https://www.owasp.org/index.php/OWASP_Rails_Goat_Project OWASP Rails Goat Project]
* [https://www.owasp.org/index.php/OWASP_Bywaf_Project OWASP Bywaf Project]
* [https://www.owasp.org/index.php/OWASP_S.T.I.N.G_Project OWASP S.T.I.N.G Project]
* [https://www.owasp.org/index.php/OWASP_VaultDB_Project OWASP VaultDB Project]
* [https://www.owasp.org/index.php/OWASP_WS_Amplification_DoS_Project OWASP WS-Amplification DoS Project]
* [https://www.owasp.org/index.php/OWASP_Mutillidae_2_Project OWASP Mutillidae 2 Project]
* [https://www.owasp.org/index.php/OWASP_Skanda_SSRF_Exploitation_Framework OWASP Skanda - SSRF Exploitation Framework]
* [https://www.owasp.org/index.php/OWASP_SeraphimDroid_Project OWASP SeraphimDroid Project]
* [https://www.owasp.org/index.php/OWASP_Unmaskme_Project OWASP Unmaskme Project]
* [https://www.owasp.org/index.php/OWASP_Androick_Project OWASP Androïck Project]
* [https://www.owasp.org/index.php/OWASP_SafeNuGet_Project OWASP SafeNuGet Project]
* [https://www.owasp.org/index.php/OWASP_WebSandBox_Project OWASP WebSandBox Project]
* [https://www.owasp.org/index.php/OWASP_HA_Vulnerability_Scanner_Project OWASP HA Vulnerability Scanner Project]
* [https://www.owasp.org/index.php/OWASP_Dependency_Track_Project OWASP Dependency Track Project]
* [https://www.owasp.org/index.php/OWASP_PHP_Portscanner_Project OWASP PHP Portscaner Project]
* [https://www.owasp.org/index.php/OWASP_Pygoat_Project OWASP Pygoat Project]
* [https://www.owasp.org/index.php/OWASP_Python_Security_Project OWASP Python Security Project]
* [https://www.owasp.org/index.php/OWASP_WebSpa_Project OWASP WebSpa Project]
* [https://www.owasp.org/index.php/OWASP_Financial_Information_Exchange_Security_Project OWASP Financial Information Exchange Security Project]
* [https://www.owasp.org/index.php/OWASP_STeBB_Project OWASP STeBB Project]
* [https://www.owasp.org/index.php/OWASP_NINJA_PingU_Project OWASP NINJA PingU Project]
* [https://www.owasp.org/index.php/OWASP_Encoder_Comparison_Reference_Project OWASP Encoder Comparison Reference Project]
* [https://www.owasp.org/index.php/Category:OWASP_SQLiX_Project OWASP sqliX Project]
* [https://www.owasp.org/index.php/OWASP_LAPSE_Project OWASP LAPSE Project]
* [https://www.owasp.org/index.php/Category:OWASP_Orizon_Project OWASP Orizon Project]
* [https://www.owasp.org/index.php/OWASP_WASC_Distributed_Web_Honeypots_Project OWASP WASC Distributed Web Honeypots Project]
* [https://www.owasp.org/index.php/OWASP_Click_Me_Project OWASP Click Me Project]
* [https://www.owasp.org/index.php/OWASP_Secure_TDD_Project OWASP Secure TDD Project]
* [https://www.owasp.org/index.php/OWASP_XSecurity_Project OWASP XSecurity Project]
* [https://www.owasp.org/index.php/OWASP_Pyttacker_Project OWASP Pyttacker Project]
* [https://www.owasp.org/index.php/OWASP_Code_Pulse_Project OWASP Code Pulse Project]
* [https://www.owasp.org/index.php/OWASP_HTTP_Post_Tool OWASP HTTP POST Tool]

'''Documentation'''
* [https://www.owasp.org/index.php/OWASP_Data_Exchange_Format_Project OWASP Data Exchange Format Project]
* [https://www.owasp.org/index.php/Cheat_Sheets OWASP Cheat Sheets Project]
* [https://www.owasp.org/index.php/OWASP_Proactive_Controls OWASP Proactive Controls]
* [https://www.owasp.org/index.php/OWASP_Java_J2EE_Secure_Development_Curriculum OWASP Java/J2EE Secure Development Curriculum]
* [https://www.owasp.org/index.php/OWASP_Security_Baseline_Project OWASP Security Baseline Project]
* [https://www.owasp.org/index.php/OWASP_Web_Application_Security_Accessibility_Project#tab=Project_About OWASP Web Application Security Accessibility Project]
* [https://www.owasp.org/index.php/Category:OWASP_Application_Security_Requirements_Project OWASP Application Security Requirements Project]
* [https://www.owasp.org/index.php/Category:OWASP_Application_Security_Assessment_Standards_Project OWASP Application Security Assessment Standards Project]
* [https://www.owasp.org/index.php/Category:OWASP_CBT_Project OWASP Computer Based Training Project (OWASP CBT Project)]
* [https://www.owasp.org/index.php/OWASP_Enterprise_Application_Security_Project OWASP Enterprise Application Security Project]
* [https://www.owasp.org/index.php/OWASP_Exams_Project OWASP Exams Project]
* [https://www.owasp.org/index.php/Projects/OWASP_GoatDroid_Project OWASP GoatDroid Project]
* [https://www.owasp.org/index.php/OWASP_RFP-Criteria OWASP Request For Proposal]
* [https://www.owasp.org/index.php/OWASP_University_Challenge OWASP University Challenge]
* [https://www.owasp.org/index.php/OWASP_Hacking_Lab OWASP Hacking-Lab]
* [https://www.owasp.org/index.php/OWASP_Application_Security_Awareness_Top_10_E-learning_Project OWASP Application Security Awareness Top 10 E-learning Project]
* [https://www.owasp.org/index.php/OWASP_Periodic_Table_of_Vulnerabilities OWASP Periodic Table of Vulnerabilities]
* [https://www.owasp.org/index.php/WASC_OWASP_Web_Application_Firewall_Evaluation_Criteria_Project WASC/OWASP Web Application Firewall Evaluation Criteria (WAFEC)]
* [https://www.owasp.org/index.php/ESAPI_Swingset OWASP ESAPI Swingset Project]
* [https://www.owasp.org/index.php/OWASP_Press OWASP Press]
* [https://www.owasp.org/index.php/OWASP_CISO_Survey OWASP CISO Survey]
* [https://www.owasp.org/index.php/OWASP_Application_Security_Guide_For_CISOs_Project OWASP Application Security Guide For CISOs]
* [https://www.owasp.org/index.php/OWASP_Scada_Security_Project OWASP Scada Security Project]
* [https://www.owasp.org/index.php/OWASP_Cornucopia OWASP Cornucopia]
* [https://www.owasp.org/index.php/OWASP_Secure_Application_Design_Project OWASP Secure Application Design Project]
* [https://www.owasp.org/index.php/OWASP_Top_10_Fuer_Entwickler_Project OWASP Top 10 Fuer Entwickler Project]
* [https://www.owasp.org/index.php/OWASP_Web_Application_Security_Quick_Reference_Guide_Project OWASP Web Application Security Quick Reference Guide Project]
* [https://www.owasp.org/index.php/OWASP_Windows_Binary_Executable_Files_Security_Checks_Project OWASP Windows Binary Executable Files Security Checks Project]
* [https://www.owasp.org/index.php/OWASP_Wordpress_Security_Checklist_Project OWASP Wordpress Security Checklist Project]
* [https://www.owasp.org/index.php/OWASP_Supporting_Legacy_Web_Applications_in_the_Current_Environment_Project OWASP Supporting Legacy Web Applications in the Current Environment Project]
* [https://www.owasp.org/index.php/OWASP_Security_Principles_Project OWASP Security Principles Project]
* [https://www.owasp.org/index.php/OWASP_Ruby_on_Rails_and_friends_Security_Guide OWASP Ruby on Rails and friends Security Guide Project]
* [https://www.owasp.org/index.php/OWASP_Media_Project OWASP Media Project]
* [https://www.owasp.org/index.php/OWASP_Global_Chapter_Meetings_Project OWASP Global Chapter Meetings Project]
* [https://www.owasp.org/index.php/OWASP_Vulnerable_Web_Applications_Directory_Project OWASP Vulnerable Web Applications Directory Project]
* [https://www.owasp.org/index.php/OWASP_Game_Security_Framework_Project OWASP Game Security Framework Project]
* [https://www.owasp.org/index.php/OWASP_Security_Labeling_System_Project OWASP Security Labeling System Project]
* [https://www.owasp.org/index.php/OWASP_IoTs_Project OWASP IoTs Project]
* [https://www.owasp.org/index.php/OWASP_Insecure_Web_Components_Project OWASP Insecure Web Components Project]
* [https://www.owasp.org/index.php/OWASP_Reverse_Engineering_and_Code_Modification_Prevention_Project OWASP Reverse Engineering and Code Modification Prevention Project]
* [https://www.owasp.org/index.php/OWASP_Student_Chapters_Program OWASP Student Chapters Project]
* [https://www.owasp.org/index.php/Category:OWASP_Education_Project OWASP Education Project]
* [https://www.owasp.org/index.php/Category:OWASP_Speakers_Project OWASP Speakers Project]
* [https://www.owasp.org/index.php/OWASP_Internet_of_Things_Top_Ten_Project OWASP Internet of Things Top Ten Project]
* [https://www.owasp.org/index.php/Category:OWASP_.NET_Project OWASP .NET Project]
* [https://www.owasp.org/index.php/OWASP_Research_Book_Project OWASP Research Book Project]
* [https://www.owasp.org/index.php/OWASP_Open_Cyber_Security_Framework_Project OWASP Open Cyber Security Framework Project]
* [https://www.owasp.org/index.php/OWASP_Top_10_Privacy_Risks_Project OWASP Top 10 Privacy Risks Project]
* [https://www.owasp.org/index.php/OWASP_WASC_Web_Hacking_Incidents_Database_Project OWASP WASC Web Hacking Incidents Database Project]
* [https://www.owasp.org/index.php/OWASP_Security_Frameworks_Project OWASP Security Frameworks Project]
* [https://www.owasp.org/index.php/OWASP_Incident_Response_Project OWASP Incident Response Project]
* [https://www.owasp.org/index.php/OWASP_Embedded_Application_Security OWASP Embedded Application Security]
* [https://www.owasp.org/index.php/OWASP_STING_Game_Project OWASP STING Game Project]

==Donated Projects==

OWASP Donated Projects are inactive projects that have been donated to the OWASP Projects Infrastructure.

'''Tools'''

* [https://www.owasp.org/index.php/OWASP_Excess_XSS_Project OWASP Excess XSS Project]
* [https://www.owasp.org/index.php/OWASP_JOTP_Project OWASP jOTP Project]

==Inactive Projects==

'''Archived Projects'''

OWASP Archived Projects are inactive Labs projects. If you are interested in pursuing any of the projects below, please contact us and let us know of your interest.

* [https://www.owasp.org/index.php/Category:OWASP_Access_Control_Rules_Tester_Project OWASP Access Control Rules Tester Project]
* [https://www.owasp.org/index.php/Category:OWASP_Application_Security_Metrics_Project OWASP Application Security Metrics Project]
* [https://www.owasp.org/index.php/Category:OWASP_AppSec_FAQ_Project OWASP AppSec FAQ Project]
* [https://www.owasp.org/index.php/Asdr OWASP ASDR Project]
* [https://www.owasp.org/index.php/Category:OWASP_Backend_Security_Project OWASP Backend Security Project]
* [https://www.owasp.org/index.php/Category:OWASP_Best_Practices:_Use_of_Web_Application_Firewalls OWASP Best Practices: Use of Web Application Firewalls]
* [https://www.owasp.org/index.php/Category:OWASP_CAL9000_Project OWASP CAL9000 Project]
* [https://www.owasp.org/index.php/Category:OWASP_CLASP_Project OWASP CLASP Project]
* [https://www.owasp.org/index.php/Category:OWASP_Code_Crawler OWASP CodeCrawler Project]
* [https://www.owasp.org/index.php/Category:OWASP_Content_Validation_using_Java_Annotations_Project OWASP Content Validation using Java Annotations Project]
* [https://www.owasp.org/index.php/Category:OWASP_DirBuster_Project OWASP DirBuster Project]
* [https://www.owasp.org/index.php/Category:OWASP_Encoding_Project OWASP Encoding Project]
* [https://www.owasp.org/index.php/Category:OWASP_Google_Hacking_Project OWASP Google Hacking Project]
* [https://www.owasp.org/index.php/Category:OWASP_Insecure_Web_App_Project OWASP Insecure Web App Project]
* [https://www.owasp.org/index.php/Category:OWASP_Interceptor_Project OWASP Interceptor Project]
* [https://www.owasp.org/index.php/Category:OWASP_JSP_Testing_Tool_Project OWASP JSP Testing Tool Project]
* [https://www.owasp.org/index.php/Category:OWASP_LiveCD_Education_Project OWASP LiveCD Education Project]
* [https://www.owasp.org/index.php/Category:OWASP_Logging_Project OWASP Logging Guide]
* [https://www.owasp.org/index.php/Category:OWASP_NetBouncer_Project OWASP NetBouncer Project]
* [https://www.owasp.org/index.php/Category:OWASP_OpenPGP_Extensions_for_HTTP_-_Enigform_and_mod_openpgp OWASP OpenPGP Extensions for HTTP - Enigform and mod_openpgp Project]
* [https://www.owasp.org/index.php/Category:OWASP_OpenSign_Server_Project OWASP OpenSign Server Project]
* [https://www.owasp.org/index.php/Category:OWASP_Pantera_Web_Assessment_Studio_Project OWASP Pantera Web Assessment Studio Project]
* [https://www.owasp.org/index.php/Category:OWASP_PHP_Project OWASP PHP Project]
* [https://www.owasp.org/index.php/ORG_%28OWASP_Report_Generator%29 OWASP Report Generator]
* [https://www.owasp.org/index.php/Category:OWASP_SASAP_Project OWASP Scholastic Application Security Assessment Project]
* [https://www.owasp.org/index.php/Category:OWASP_Security_Analysis_of_Core_J2EE_Design_Patterns_Project OWASP Security Analysis of Core J2EE Design Patterns Project]
* [https://www.owasp.org/index.php/Category:OWASP_Security_Spending_Benchmarks OWASP Security Spending Benchmarks Project]
* [https://www.owasp.org/index.php/OWASP_SiteGenerator OWASP Site Generator Project]
* [https://www.owasp.org/index.php/Category:OWASP_Skavenger_Project OWASP Skavenger Project]
* [https://www.owasp.org/index.php/Category:OWASP_Source_Code_Flaws_Top_10_Project OWASP Source Code Flaws Top 10 Project]
* [https://www.owasp.org/index.php/Category:OWASP_Sprajax_Project OWASP Sprajax Project]
* [https://www.owasp.org/index.php/Category:OWASP_Sqlibench_Project OWASP Sqlibench Project]
* [https://www.owasp.org/index.php/Category:OWASP_Stinger_Project OWASP Stinger Project]
* [https://www.owasp.org/index.php/Category:OWASP_Teachable_Static_Analysis_Workbench_Project OWASP Teachable Static Analysis Workbench Project]
* [https://www.owasp.org/index.php/OWASP_Tiger OWASP Tiger]
* [https://www.owasp.org/index.php/Category:OWASP_Tools_Project OWASP Tools Project]
* [https://www.owasp.org/index.php/Projects/OWASP_Uniform_Reporting_Guidelines OWASP Uniform Reporting Guidelines]
* [https://www.owasp.org/index.php/Category:OWASP_WeBekci_Project OWASP Webekci Project]
* [https://www.owasp.org/index.php/JBroFuzz JBroFuzz]
* [https://owasp.org/index.php/Category:OWASP_SWAAT_Project OWASP SWAAT Project]
* [https://www.owasp.org/index.php/OWASP_Secure_Web_Application_Framework_Manifesto OWASP Secure Web Application Framework Manifesto]
* [https://www.owasp.org/index.php/Scrubbr OWASP Scrubbr]
* [https://www.owasp.org/index.php/OWASP_JavaScript_Sandboxes OWASP JavaScript Sandboxes Project]
* [https://www.owasp.org/index.php/Category:OWASP_Joomla_Vulnerability_Scanner_Project OWASP Joomla Vulnerability Scanner Project]
* [https://www.owasp.org/index.php/OWASP_Hatkit_Datafiddler_Project OWASP Hatkit Datafiddler Project]
* [https://www.owasp.org/index.php/OWASP_Hatkit_Proxy_Project OWASP Hatkit Proxy Project]
* [https://www.owasp.org/index.php/OWASP_Fiddler_Addons_for_Security_Testing_Project OWASP Fiddler Addons for Security Testing Project]
* [https://www.owasp.org/index.php/OWASP_Forward_Exploit_Tool_Project OWASP Forward Exploit Tool Project]
* [https://www.owasp.org/index.php/Category:OWASP_Fuzzing_Code_Database OWASP Fuzzing Code Database]
* [https://www.owasp.org/index.php/Category:OWASP_Cloud_‐_10_Project OWASP Cloud ‐ 10 Project]
* [https://www.owasp.org/index.php/OWASP_Web_Browser_Testing_System_Project OWASP Web Browser Testing System Project]
* [https://www.owasp.org/index.php/Webscarab OWASP WebScarab Project]
* [https://www.owasp.org/index.php/Project_Information:template_Webslayer_Project OWASP Webslayer Project]
* [https://www.owasp.org/index.php/Project_Information:template_WSFuzzer_Project OWASP WSFuzzer Project]
* [http://owasp.com/index.php/Category:OWASP_Security_Assurance_Testing_of_Virtual_Worlds_Project OWASP Security Assurance Testing of Virtual Worlds Project]
* [https://www.owasp.org/index.php/OWASP_WAF_Project OWASP WAF Project]
* [https://www.owasp.org/index.php/OWASP_VFW_Project OWASP VFW Project]
* [https://www.owasp.org/index.php/OWASP_SIMBA_Project OWASP SIMBA Project]
* [https://www.owasp.org/index.php/OWASP_ONYX OWASP ONYX]
* [https://www.owasp.org/index.php/OWASP_Java_Uncertain_Form_Submit_Prevention OWASP Java Uncertain Form Submit Prevention]
* [https://www.owasp.org/index.php/OWASP_Ecuador OWASP Ecuador]
* [https://www.owasp.org/index.php/OWASP_ESOP_Framework OWASP ESOP Framework]
* [https://www.owasp.org/index.php/OWASP_Alchemist_Project OWASP Alchemist Project]
* [https://www.owasp.org/index.php/OWASP_Secure_the_Flag_Competition_Project OWASP Secure the Flag Project]
* [https://www.owasp.org/index.php/OWASP_Browser_Security_ACID_Tests_Project OWASP Browser Security ACID Test Project]
* [https://www.owasp.org/index.php/OWASP_AJAX_Crawling_Tool OWASP AJAX Crawling Tool]
* [https://www.owasp.org/index.php/OWASP_Threat_Modelling_Project OWASP Threat Modeling Project]
* [https://www.owasp.org/index.php/OWASP_Crossword_of_the_Month OWASP Crossword of the Month]
* [https://www.owasp.org/index.php/OWASP_Secure_Password_Project OWASP Secure Password Project]
* [https://www.owasp.org/index.php/OWASP_Myth_Breakers_Project OWASP Myth Breakers Project]
* [http://owasp.com/index.php/OWASP_Project_Partnership_Model OWASP Project Partnership Model]
* [https://www.owasp.org/index.php/OWASP_Browser_Security_Project OWASP Browser Security Project]
* [https://www.owasp.org/index.php/OWASP_Application_Security_Program_for_Managers OWASP Application Security Program for Managers]
* [https://www.owasp.org/index.php/Category:OWASP_Favicon_Database_Project OWASP Favicon Database Project]
* [https://www.owasp.org/index.php/OWASP_Security_JDIs_Project OWASP Security JDIs Project]
* [https://www.owasp.org/index.php/OWASP_File_Hash_Repository OWASP File Hash Repository]
* [https://www.owasp.org/index.php/OWASP_Crowdtesting OWASP Crowdtesting]
* [https://www.owasp.org/index.php/OWASP_Application_Security_Skills_Assessment OWASP Application Security Skills Assessment]
* [https://www.owasp.org/index.php/OWASP_Common_Numbering_Project OWASP Common Numbering Project]
* [https://www.owasp.org/index.php/OWASP_WhatTheFuzz_Project#tab=Project_About OWASP WhatTheFuzz Project]
* [https://www.owasp.org/index.php/OWASP_Security_Tools_for_Developers_Project OWASP Security Tools for Developers Project]
* [https://www.owasp.org/index.php/Category:OWASP_Proxy OWASP Proxy Project]
* [https://www.owasp.org/index.php/OWASP_AW00T OWASP AW00t]
* [https://www.owasp.org/index.php/OWASP_Framework_Security_Project OWASP Framework Security Project]
* [https://www.owasp.org/index.php/OWASP_Desktop_Goat_and_Top_5_Project OWASP Desktop Goat and Top 5 Project]
* [https://www.owasp.org/index.php/OWASP_OVAL_Content_Project OWASP OVAL Content Project]
* [https://www.owasp.org/index.php/OWASP_Software_Security_Assurance_Process OWASP Software Security Assurance Process]
* [https://www.owasp.org/index.php/OWASP_Application_Fuzzing_Framework_Project OWASP Application Fuzzing Framework Project]
* [https://www.owasp.org/index.php/OWASP_Good_Component_Practices_Project OWASP Good Component Practices Project]

= Project Task Force =

===OWASP Project Task Force===

{{:Task_Force/OWASP_Projects}}

= Online Resources =

===Project Online Resources===

{{:Project_Online_Resources}}

= Starting a New Project =

== So you want to start a project... ==

Starting an OWASP Project is easy. You don't have to be an application security expert. You just have to have the drive and desire to make a contribution to the application security community.

Here are some of the guidelines for running a successful OWASP project:

* The best OWASP projects are strategic - they make it easier to produce secure applications by filling a gap in the application security knowledge-base or technology support.

* You ''can'' run a single person project, but it's usually best to get the community involved. You should be prepared to support a mailing list, build a team, speak at conferences, and promote your project.

* You can contribute existing documents or tools to OWASP! Assuming you have the intellectual property rights to a work, you can open it to the world as an OWASP Project. Please coordinate this with OWASP by contacting owasp(at)owasp.org.

* Available Grants to consider if you need funding - [https://www.owasp.org/index.php/Grants Click Here]

* You should promote your project through the OWASP channels as well as by outside means. Get people to blog about it!

== Creating a new project ==
The first thing you have to do if you want to start a new project is submit a new OWASP Project application. [http://www.tfaforms.com/263506 Please submit a new project application here].

* You will need to gather the following information together for your application:
A - PROJECT
# Project Name,
# Project purpose / overview,
# Project Roadmap,
# Project links (if any) to external sites,
# [http://www.owasp.org/index.php/Guidelines_for_OWASP_Projects#Project_Licensing Project License],
# Project Leader name,
# Project Leader email address,
# Project Leader wiki account - the username (you'll need this to edit the wiki),
# Project Contributor(s) (if any) - name email and wiki account (if any),
# Project Main Links (if any).

* Check out the '''[[Guidelines for OWASP Projects]]'''.
* [https://www.owasp.org/index.php/Grant_Spending_Policy Grant Spending Policy]
* [https://www.owasp.org/index.php/Project_Spending_Policy Project Spending Policy]
* [https://www.owasp.org/index.php/Project_Sponsorship_Operational_Guidelines Project Sponsorship Operational Guidelines]

==OWASP Recommended Licenses==

{{Recommended_Licenses}}

==Funding your Project==
An OWASP project does not receive any funding for development at project inception; however, a new project does have the opportunity to submit a request to receive funds if they are available for the year. Additionally, project leaders have the option of seeking sponsorship from outside organizations, but project leaders are required to seek funding through their own initiative. Please contact the OWASP Projects Manager for more information.

== Project Release ==

As your project reaches a point that you'd like OWASP to assist in its promotion, the will need the following information to help spread the word about your project:

# Short 5 sentence paragraph outlining what your project is about, what you hope to accomplish with your project, what value your project brings to software security, and contributor and project leader names and contact information.
# Link to your wiki page.
# Link to your code repository or a link to where readers can download your project.
# Latest Release description answering the following questions: What is it?, What does it do?, Where can I get it?, Who should I contact if something goes wrong?.

==Project Process Forms==
These forms were created to help project leaders, and those interested in a going through a process in the OWASP projects infrastructure. They facilitate the management of each query based on the specific task an applicant will need help with. The forms are described below, and they are linked with their designated online application form.

* [http://www.tfaforms.com/264422 Project Transition Application]:The OWASP project transition form gives current project leaders an easy way of handing over project administration information to individuals wishing to take over a project.

* [http://www.tfaforms.com/264413 Project Review Application]:This form is for current project leaders to request a review of their project based on OWASP graduation criteria. The aim is to designate an OWASP volunteer to review these projects within 3 months time.

* [http://www.tfaforms.com/264418 Project Donation Application]:This form is for projects outside of the OWASP project infrastructure. Project Leaders for these open source projects can choose to partner or give their project to OWASP directly through this form.

* [http://www.tfaforms.com/264428 Project Adoption Request]:This form is used when someone is interested in adopting an archived project.

* [http://www.tfaforms.com/264426 Project Abandonment Request]:The OWASP project abandonment form gives current project leaders an easy way of letting the OWASP Foundation know that they wish to resign their project leader duties. This form should be used when no replacement project leader exists to take over these duties.

* [http://www.tfaforms.com/264392 Incubator Project Graduation Application]:This application form is for Incubator Projects to apply for Labs Project status.

= Project Assessments =

==OWASP Project Lifecycle==
The OWASP Projects Lifecycle represents a balance between keeping a very loose structure around OWASP projects, and ensuring that OWASP consumers are not confused about a project’s maturity and quality. The lifecycle stage allows consumers to easily identify mature projects, and projects that are proofs of concept, experimental, and classified as prototypes in their current state. The greater the maturity of the project, the greater the level of responsibility for the project leader. These responsibilities are not trivial as OWASP provides incentives and benefits (Section 7) for projects who take on these added responsibilities.

'''The OWASP Project Lifecycle is broken down into the following stages:'''

'''Incubator Projects:''' OWASP Incubator projects represent the experimental playground where projects are still being designed, ideas are still being proven, and development is still underway. The “OWASP Incubator” label allows OWASP consumers to readily identify a project’s maturity; moreover, the label allows project leaders to leverage the OWASP name while their project is still maturing. OWASP Incubator projects are given a place on the OWASP Projects Portal to leverage the organizations' infrastructure, and establish their presence and project history.

'''Labs Projects:''' OWASP Labs projects represent projects that have produced a deliverable of significant value. Leaders of OWASP Labs projects are expected to stand behind the quality of their projects as these projects have matured to the point where they are accepted by a significant portion of the OWASP community. While these projects are typically not production ready, the OWASP community expects that an OWASP Labs project leader is producing releases that are ready for mainstream usage. OWASP Labs Projects are meant to be the collection of established projects that have gained community support and acclaim by undergoing the project review process.

'''Flagship Projects:''' The OWASP Flagship designation is given to projects that have demonstrated superior maturity, established quality, and strategic value to OWASP and application security as a whole. Eligible projects are selected from the OWASP Labs project pool. This selection process generally ensures that there is only one project of each type covering any particular security space. OWASP Flagship projects represent projects that are not only mature, but are also projects that OWASP as an organization provides direct support to maintaining. The core mission of OWASP is to make application security visible and so as an organization, OWASP has a vested interest in the success of its Flagship projects. Since Flagship projects have such high visibility, these projects are expected to uphold the most stringent requirements of all OWASP Projects.

== OWASP Project Stage Benefits==
This section outlines the benefits of starting an OWASP project, and the benefits of being at each different stage in the projects lifecycle. In my short time here at OWASP as the PM, I have had several potential project leaders ask me what the benefits are of starting their project with OWASP. Below is my proposal for each Stage’s benefits.

'''Incubator'''
* Financial Donation Management Assistance
* Project Review Support
* WASPY Awards Nominations
* OWASP OSS and OPT Participation
* Opportunity to submit proposal: $500 for Development.
* Community Engagement and Support
* Recognition and visibility of being associated with the OWASP Brand.

'''Labs'''
* All benefits given to Incubator Projects
* Technical Writing Support
* Graphic Design Support
* Project Promotion Support
* OWASP OSS and OPT: Preference

'''Flagship'''
* All benefits given to Incubator & Labs Projects
* Grant finding and proposal writing help
* Yearly marketing plan development
* OWASP OSS and OPT participation preference

For more detailed information on OWASP Project Stage Benefits, please see the 2013 Project Handbook.

== OWASP Project Graduation==
The Project Graduation Process is an optional process undertaken at the request of a project leader using the Incubator Graduation Form. The purpose of this process is to move a project from the OWASP Incubator into the OWASP Labs. In order to be considered for OWASP Labs, an Incubator project must have submitted an OWASP reviewed deliverable, and obtained at least two (2) positive responses for each of the core criteria project health questions.

The review centers around the following core questions. Each core question has three (3) specific questions made up of binary queries. A project must receive at least two (2) positive responses from each reviewer in two of the binary questions, to warrant a postive response for the core question. Each core question must receive a positive response from both project reviewers to pass the Project Health Assessment for Incubator Projects.

* [https://docs.google.com/spreadsheet/ccc?key=0AllOCxlYdf1AdG5NZGhzTjZpT1RDcnRibjd0aXhfOUE Project Graduation Criteria Checklist]

==OWASP Project Health Assessment==
The Project Health Assessment is an optional process undertaken at the request of a project leader when he/she applies for Project Graduation The purpose of this assessment is to determine whether a project meets the minimum criteria of an OWASP Project outlined in the [https://docs.google.com/spreadsheet/ccc?key=0AllOCxlYdf1AdG5NZGhzTjZpT1RDcnRibjd0aXhfOUE Project Health Assessment Criteria Document]. If a project passes the assessment, it then becomes eligible to graduate into the OWASP Labs Project stage. In order to be considered for OWASP Labs, an Incubator project must have submitted an OWASP reviewed deliverable, and obtained at least two (2) positive responses for each of the core criteria project health questions.

==OWASP Project Deliverable/Release Assessment==
The Project Deliverable/Release Review is an optional process undertaken at the request of a project leader using the Project Deliverable Review Form. The purpose of this process is to review a project’s progress, and to make sure the project is heading in the right direction based on the roadmap they provided at project inception.

Reviews must be performed by two (2) OWASP Chapter or Project Leaders, and their review must answer affirmatively to at least the first two (2) core Project Deliverable/Release Review questions. A project must pass the OWASP Project Deliverable/Release Assessment in order to graduate into the OWASP Labs Project stage.

* [https://docs.google.com/spreadsheet/ccc?key=0AllOCxlYdf1AdG5NZGhzTjZpT1RDcnRibjd0aXhfOUE Project Deliverable/Release Assessment Criteria Checklist]

= Brand Resources =


==The Brand Usage Rules==
OWASP's philosophy is that achieving security involves all parts of an organization, including people, process, and technology. We support the use of our brand consistent with this philosophy. However, we cannot allow the use of our brand when it implies something inconsistent with OWASP's comprehensive and balanced approach to application security. Therefore, we have defined these brand usage rules to clarify appropriate and inappropriate uses of the OWASP brand, including our name, domain, logos, project names, and other trademarks.

The Brand Guideline documents and rules below provide details and instruction on how to use the OWASP logo and brand. The quick reference sheet goes over the basics of the OWASP brand logo and a brief overview of customizable options. The Brand Guidelines document gives the entire description of the OWASP brand, its public use, and the options to customize the logo based on personal desire. The guidelines cover the OWASP signature, size and spacing, colors, imagery, and typefaces.

==Rules==

The following rules make reference to the OWASP Materials, meaning any tools, documentation, or other content from OWASP. The rules also make reference to "OWASP Published Standards" which are currently in the process of being developed and released. Currently there are no OWASP Published Standards.

#The OWASP Brand may be used to direct people to the OWASP website for information about application security.
#The OWASP Brand may be used in commentary about the materials found on the OWASP website.
#The OWASP Brand may be used by OWASP Members in good standing to promote a person or company's involvement in OWASP.
#The OWASP Brand may be used in association with an application security assessment only if a complete and detailed methodology, sufficient to reproduce the results, is disclosed.
#The OWASP Brand must not be used in a manner that suggests that The OWASP Foundation supports, advocates, or recommends any particular product or technology.
#The OWASP Brand must not be used in a manner that suggests that a product or technology is compliant with any OWASP Materials other than an OWASP Published Standard.
#The OWASP Brand must not be used in a manner that suggests that a product or technology can enable compliance with any OWASP Materials other than an OWASP Published Standard.
#The OWASP Brand must not be used in any materials that could mislead readers by narrowly interpreting a broad application security category. For example, a vendor product that can find or protect against forced browsing must not claim that they address all of the access control category.
#The OWASP Brand may be used by special arrangement with The OWASP Foundation.

==Project Icons & Templates==

The templates and icons below are the files used for our OWASP Projects. Here you will find icons that you can place on your wiki template to let viewers know what type of project they are looking at, and what stage the project is in. The operational OWASP Project wiki template can be copied onto another project page. If you require more assistance with these files and/or templates, please contact the OWASP staff for assistance

'''[https://www.owasp.org/index.php/OWASP_Operations_Project_Template OWASP Operational Wiki Template]'''

'''[https://www.owasp.org/index.php/OWASP_Documentation_Project_Template OWASP Example Template: DO NOT EDIT]'''

[[Image:OWASP_Project_Header.jpg|Owasp logo|500px]]

[[Image:Project_Type_Files_TOOL.jpg|Owasp logo|200px]] [[Image:Project_Type_Files_DOC.jpg||Owasp logo 1c|200px]]

[[Image:Project_Type_Files_CODE.jpg|Owasp logo|200px]] [[Image:Owasp-defenders-small.png|Owasp logo|100px]] [[Image:Owasp-builders-small.png|Owasp logo|100px]] [[Image:Owasp-breakers-small.png|Owasp logo|100px]]

[[Image:Owasp-incubator-trans-200.png|Owasp logo rev icon|100px]] [[Image:Owasp-labs-trans-85.png|Owasp logo flat|100px]] [[Image:Owasp-flagship-trans-85.png|Owasp logo icon|100px]]

==Book Cover Files==

[https://www.owasp.org/images/d/d3/Lulu-guide.pdf Lulu Guide]

Below you will find the Adobe Illustrator, Photoshop, and In-Design files for past OWASP Documentation books. You will need a copy of Adobe Creative Suite to edit these files. If you want to use these templates, but do not have Adobe Creative Suite, please contact the OWASP staff for assistance.

'''[https://www.dropbox.com/s/h27gsbe5m7idg0y/Finished%20Covers.zip Download the Book Cover Zip File]'''
{|
|-
! width="500" align="center" | 
! width="300" align="center" | 
|-
| align="center" | [[Image:BookImage_01.jpg‎|500px| link=https://www.dropbox.com/s/h27gsbe5m7idg0y/Finished%20Covers.zip]]
| align="center" |

|}

= Terminology =

== OWASP Project Infrastructure ==

*'''OWASP Project Lifecycle:''' The OWASP Projects Lifecycle represents a balance between keeping a very loose structure around OWASP projects, and ensuring that OWASP consumers are not confused about a project’s maturity and quality. The lifecycle stage allows consumers to easily identify mature projects, and projects that are proofs of concept, experimental, and classified as prototypes in their current state.

*'''Incubator Project:''' OWASP Incubator projects represent the experimental playground where projects are still being fleshed out, ideas are still being proven, and development is still underway. The “OWASP Incubator” label allows OWASP consumers to readily identify a project’s maturity. The label also allows project leaders to leverage the OWASP name while their project is still maturing.

*'''Labs Project:''' OWASP Labs projects represent projects that have produced a deliverable of value. While these projects are typically not production ready, the OWASP community expects that an OWASP Labs project leader is producing releases that are at least ready for mainstream usage.

*'''Flagship Project:''' The OWASP Flagship designation is given to projects that have demonstrated strategic value to OWASP and application security as a whole.

*'''Project Benefits:''' The standard list of resources and incentives made available to project leaders based on their project's current maturity level.

== OWASP Project Reviews ==

*'''Project Reviews:''' Project reviews are the method OWASP uses to establish a minimal baseline of project characteristics and release quality. Reviews are not mandatory, but they are necessary if a project leader wishes to graduate to the next level of maturity within the OWASP Global Projects infrastructure. Projects can be reviewed when an Incubator project wishes to graduate into the OWASP Labs designation, and project releases can be reviewed if they want the quality of their deliverable to be vouched for by OWASP.

*'''Project Reviewer Pool:''' The project reviewer pool is made up of veteran reviewers who have proven themselves dedicated to executing quality reviews of projects.

*'''Project Graduation:''' The Project Graduation Process is an optional process undertaken at the request of a project leader using the Incubator Graduation Form. The purpose of this process is to move a project from the OWASP Incubator into the OWASP Labs.

*'''Project Health Assessment:''' The Project Health Assessment is an optional process undertaken at the request of a project leader when he/she applies for Project Graduation The purpose of this assessment is to determine whether a project meets the minimum criteria of an OWASP Project outlined in the [https://docs.google.com/a/owasp.org/spreadsheet/ccc?key=0AllOCxlYdf1AdG5NZGhzTjZpT1RDcnRibjd0aXhfOUE#gid=1 Project Health Assessment Criteria Document].

*'''Project Release:''' A project release refers to the final deliverable a project produces. It is the final product of the project.

*'''Project Deliverable/Release Review:''' The Project Deliverable/Release Review is an optional process undertaken at the request of a project leader using the Project Deliverable Review Form. The purpose of this process is to review a project’s progress, and to make sure the project is heading in the right direction based on the roadmap they provided at project inception.

== OWASP Projects Processes ==

*'''Project Processes:''' The set of streamlined processes that exist to help projects move smoothly through the OWASP Project Lifecycle.

*'''Project Inception Process:''' The Project Inception Process is how a brand new idea becomes an OWASP Project. Such projects are labeled as OWASP Incubator projects. The process involves submitting the proposed project name, project leader information, project description, project roadmap, and selecting an appropriate open-source license for the project using the New Project Form on the Projects Portal.

*'''Project Donation Process:''' The Project Donation Process is used for a project that has an existing functional release, but is not currently associated with OWASP. This process is the primary mechanism by which individuals or organizations can transfer the ownership of their project’s copyright to OWASP.

*'''Project Transition Process:''' The Project Transition Process is used to transition leadership of a project to a new project leader. This is a simple automated process to transfer the relevant accounts, mailing lists, and other project resources to the new project leader.

*'''Project Abandonment Process:''' The Project Abandonment Process was put in place for those occasions in which a project leader is no longer able to manage their project, and has not been able to find a suitable replacement for the leader role. Project Abandonment can also occur when the project leader feels his/her project has become obsolete. Under these circumstances, the acting project leader is encourage do submit the Project Abandonment Form found in the Projects Portal.

*'''Incubator Graduation Process:''' The Incubator Graduation Process is an optional process undertaken at the request of a project leader using the Incubator Graduation Form. The purpose of this process is to move a project from the OWASP Incubator into the OWASP Labs.

== Projects at Conferences ==

*'''AppSec Conferences:''' OWASP AppSec conferences bring together industry, government, security researchers, and practitioners to discuss the state of the art in application security. This series was launched in the United States in 2004 and Europe in 2005. Global AppSec conferences are held annually in North America, Latin America, Europe, and Asia Pacific.

*'''Open Source Showcase:''' The Open Source Showcase is an OWASP AppSec Conference event module designed to give Open Source project leaders the opportunity to demo their projects.

*'''OWASP Project Track:''' The OWASP Project Track is an OWASP AppSec Conference event module designed to give OWASP Project leaders the opportunity to showcase their projects as an official conference presenter.

== OWASP Projects General ==

*'''OWASP Code of Ethics:''' The OWASP Code of Ethics are the set of guidelines and principles that the OWASP Foundation expects all of its members and conference attendees to abide by. A copy of the Code of Ethics can be found here in the [https://www.owasp.org/index.php/About_The_Open_Web_Application_Security_Project#Code_of_Ethics OWASP About page].

= Sponsorships and Donations =


==Donate to OWASP Global Projects ==
OWASP Projects, a global division of the OWASP Foundation, is run under the same world wide not-for-profit charitable status as all the foundation strategic groups. OWASP provides a platform for contributors to share their work while providing them with the project and community support they need throughout their project development. All OWASP Projects are run by volunteers and they rely on personal donations and sponsorship to continue their development. Donate to OWASP Projects, and we promise to spend your money wisely on open source initiatives.

'''This is how your money can help:'''

* $20 could help us spread the word on the importance of open source initiatives in the Application Security industry.
* $100 could help fund OWASP project demos at major conferences.
* $250 could help get our volunteer Project Leaders to speaking engagements.

[[Image:Donate_Button.jpg | link=http://www.regonline.com/Register/Checkin.aspx?EventID=1044369]]

= PM Information =


==Samantha Groves: OWASP Program Manager: OWASP Projects==
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Sam3.jpg|100px]]
| align="justify" |Samantha Groves is the Program Manager at OWASP for our Global Projects. Samantha has led many projects in her career, some of which include website development, brand development, sustainability and socio-behavioral research projects, competitor analysis, event organization and management, volunteer engagement projects, staff recruitment and training, and marketing department organization and strategy implementation projects for a variety of commercial and not-for-profit organizations. She is eager to begin her work at OWASP and help the organization reach its project completion goals.

Samantha earned her MBA in International Management with a concentration in sustainability from Royal Holloway, University of London. She earned her Bachelor's degree majoring in Multimedia from The University of Advancing Technology in Mesa, Arizona, and she earned her Associate's degree from Scottsdale Community College in Scottsdale, Arizona. Additionally, Samantha attained her Prince2 (Foundation) project management certification, and she undertook executive management training in Intellectual Property Strategy from Harvard Business School. [https://www.owasp.org/index.php/Test2test .]

Please see the [https://www.owasp.org/index.php/OwaspPM OWASP Program Manager: Projects Role Description] for more information.

|}
 

==Program Reports==

'''2014'''

*[https://www.owasp.org/index.php/Projects/Reports/2014-10-01 Project Manager Report: January 10 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-17-01 Project Manager Report: January 17 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-25-01 Project Manager Report: January 25 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-31-01 Project Manager Report: January 31 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-07-02 Project Manager Report: February 07 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-16-02 Project Manager Report: February 16 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-21-02 Project Manager Report: February 21 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-28-02 Project Manager Report: February 28 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-07-03 Project Manager Report: March 07 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-14-03 Project Manager Report: March 14 2014]
*Project Manager Report: March 21 2014 - No Report this week. PM was away at AppSec APAC 2014.
*[https://www.owasp.org/index.php/Projects/Reports/2014-28-03 Project Manager Report: March 28 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-04-04 Project Manager Report: April 04 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-11-04 Project Manager Report: April 11 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-18-04 Project Manager Report: April 18 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-25-04 Project Manager Report: April 25 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-02-05 Project Manager Report: May 02 2014]

'''2013'''

*[https://www.owasp.org/index.php/GPC/Meetings/2013-04-01 GPC Meeting: January 04 2013 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-11-01 GPC Meeting: January 11 2013 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-18-01 GPC Meeting: January 18 2013 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-25-01 GPC Meeting: January 25 2013 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-01-02 GPC Meeting: February 01 2013 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-08-02 GPC Meeting: February 08 2013 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-15-02 GPC Meeting: February 15 2013 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-22-02 GPC Meeting: February 22 2013 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-01-03 Project Manager Report: March 01 2013]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-08-03 Project Manager Report: March 08 2013]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-15-03 Project Manager Report: March 15 2013]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-22-03 Project Manager Report: March 22 2013]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-29-03 Project Manager Report: March 29 2013]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-05-04 Project Manager Report: April 05 2013]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-12-04 Project Manager Report: April 12 2013]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-19-04 Project Manager Report: April 19 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-26-04 Project Manager Report: April 26 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-03-05 Project Manager Report: May 03 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-10-05 Project Manager Report: May 10 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-17-05 Project Manager Report: May 17 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-24-05 Project Manager Report: May 24 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-31-05 Project Manager Report: May 31 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-07-06 Project Manager Report: June 07 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-14-06 Project Manager Report: June 14 2013]
*Project Manager Report: June 21 2013 - No Report this week. PM was away at a week long course.
*[https://www.owasp.org/index.php/Projects/Reports/2013-28-06 Project Manager Report: June 28 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-05-07 Project Manager Report: July 05 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-12-07 Project Manager Report: July 12 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-19-07 Project Manager Report: July 19 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-26-07 Project Manager Report: July 26 2013]
*Project Manager Report: August 02 2013 - No Report this week. PM was away at Black Hat & DEFCON 2013.
*[https://www.owasp.org/index.php/Projects/Reports/2013-09-08 Project Manager Report: August 09 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-16-08 Project Manager Report: August 16 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-23-08 Project Manager Report: August 23 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-30-08 Project Manager Report: August 30 2013]
*Project Manager Report: September 06 2013 - No Report this week. PM was away.
*[https://www.owasp.org/index.php/Projects/Reports/2013-13-09 Project Manager Report: September 13 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-20-09 Project Manager Report: September 20 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-27-09 Project Manager Report: September 27 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-04-10 Project Manager Report: October 04 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-12-10 Project Manager Report: October 12 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-18-10 Project Manager Report: October 18 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-25-10 Project Manager Report: October 25 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-01-11 Project Manager Report: November 01 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-08-11 Project Manager Report: November 08 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-15-11 Project Manager Report: November 15 2013]
*Project Manager Report: November 22 2013 - No Report this week. PM was away at AppSec USA 2013.
*Project Manager Report: November 29 2013 - No Report this week. National Holiday.
*[https://www.owasp.org/index.php/Projects/Reports/2013-06-12 Project Manager Report: December 06 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-13-12 Project Manager Report: December 13 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-20-12 Project Manager Report: December 20 2013]

'''2012'''

*[https://www.owasp.org/index.php/GPC/Meetings/2012-24-08 GPC Meeting: August 24 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-07-09 GPC Meeting: September 07 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-14-09 GPC Meeting: September 14 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-21-09 GPC Meeting: September 21 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-28-09 GPC Meeting: September 28 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-05-10 GPC Meeting: October 05 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-12-10 GPC Meeting: October 12 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-19-10 GPC Meeting: October 19 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-09-11 GPC Meeting: November 09 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-16-11 GPC Meeting: November 16 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-30-11 GPC Meeting: November 30 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-07-12 GPC Meeting: December 07 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-14-12 GPC Meeting: December 14 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-21-12 GPC Meeting: December 21 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-27-12 GPC Meeting: December 27 2012 Project Manager Report]

==Board Meeting Reports==

*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/August_13_2012 Board Meeting: August 2012 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/September_10_2012 Board Meeting: September 2012 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/October_08_2012 Board Meeting: October 2012 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/November_12_2012 Board Meeting: November 2012 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/December_10_2012 Board Meeting: December 2012 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/January_14_2013 Board Meeting: January 2013 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/February_11_2013 Board Meeting: February 2013 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/March_11_2013 Board Meeting: March 2013 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/April_05_2013 Board Meeting: April 2013 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/May_13_2013 Board Meeting: May 2013 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/June_10_2013 Board Meeting: June 2013 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/July_08_2013 Board Meeting: July 2013 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/August_06_2013 Board Meeting: August 2013 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/September_09_2013 Board Meeting: September 2013 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/November_06_2013 Board Meeting: November 2013 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/December_03_2013 Board Meeting: December 2013 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/February_18_2013 Board Meeting: February 2014 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/April_18_2014 Board Meeting: April 2014 Project Manager Report]

==Project Funds==

* [https://docs.google.com/a/owasp.org/spreadsheet/pub?hl=en_US&hl=en_US&key=0Atu4kyR3ljftdEdQWTczbUxoMUFnWmlTODZ2ZFZvaXc&output=html Chapter and Individual Project Funds]
* [https://www.owasp.org/index.php/Projects_Reboot_2012 Project Reboot 2012 Information]
* [https://www.owasp.org/images/a/ae/Project_Funds-Q1_2013.pdf Q1 2013: Funds Allocated to Projects]
* [https://www.owasp.org/images/a/a0/PROJECT_FUNDS_Q2_2013.pdf Q2 2013: Funds Allocated to Projects]
* [https://www.owasp.org/images/c/ce/Due_To_Projects_Q3.pdf Q3 2013: Funds Allocated to Projects]
* [https://www.owasp.org/images/b/b3/Due_To_Projects_Q4_2013.pdf Q4 2013: Funds Allocated to Projects]

==Program Grants: Proposals Awarded==

*'''[https://docs.google.com/document/d/1MA3TI5ssclxvheV8At_ffu2Fuic55SDpOokS3AOvBUc/edit?usp=sharing OWASP Guidebooks Proposal]'''
# Amount: $25,000 USD
# Status: Awarded. The first payment has been allocated to our project budgets. The second invoice has now been sent to Georgia Tech and payment has been received.
# [https://www.owasp.org/images/1/18/Development_Guide_Project_Gantt.pdf OWASP Development Guide Plan]
# [https://www.owasp.org/images/e/e9/Testing_Guide_Project_Gantt.pdf OWASP Testing Guide Plan]
# [https://www.owasp.org/images/d/da/Code_Review_Project_Gantt.pdf OWASP Code Review Guide Plan]

*'''Google Grants Proposal'''
#Amount: $120,000 USD in Adwords Funds
#Status: Awarded.
#Note: There is no link to show the proposal for this grant. There was a form that was submitted to Google, and we did not receive a record of this form.

*'''Google Summer of Code'''
#Amount: $5,500
#Status: Awarded

*'''Projects breakdown:'''
**4 ZAP Projects: $2,000
**4 OWTF Projects: $2,000
**1 PHP Security Project: $500
**1 Hackademics Project: $500
**1 Modsecurity Project: $500
**Note: Big thank you to Fabio Cerullo for coordinating and managing this award.

*'''[https://docs.google.com/document/d/1cFbmOLqEQQG8eXPrMTlU6JUivgRIacUeL7D599bZm_E/edit?usp=sharing OWASP AppSensor Grant Proposal]'''
# Amount: $15,000 USD
# Status: Awarded.

*'''Total Funds Awarded: $172,170 USD for 2013.'''

==Proposals Denied==

*'''European Commission Grant Proposal'''
#Amount: €250,000
#Status: Denied.

*'''[https://docs.google.com/document/d/1Vz7BLFdt1h5AhmW-Zc2B_KlqhzsSkSAaEASML5U4VQs/edit?usp=sharing OWASP OpenSAMM Grant Proposal]'''
# Amount: $112,000 USD
# Status: Denied

*'''[https://docs.google.com/document/d/16ZFXaML8C7aDAZdyTMDDg4BzLr1vUTOz9eqmYE8ZW8U/edit?usp=sharing OWASP ESAPI Grant Proposal]'''
# Amount: $25,000 USD
# Status: Denied

*'''[https://docs.google.com/document/d/1dBTaRr-yl8wGhGKxacWACznZhCZnJ_sZeAdN-b2xPlw/edit?usp=sharing OWASP ModSecurity CRS Proposal]'''
#Amount: $30,000 USD
#Status: Denied

*'''[https://docs.google.com/file/d/0B1lOCxlYdf1AQm52T2xjX215M28/edit?usp=sharing OWASP OWTF Grant Proposal]'''
# Amount: $55,800 USD
# Status: Denied

==Program Presentations: Projects==

* [https://www.owasp.org/images/f/fb/OWASP_GLOBAL_PROJECTS.pdf OWASP Projects Presentation: Phoenix Chapter Talk]
* [https://www.owasp.org/images/b/bb/OWASP_Projects_Webinar.pdf OWASP Projects Webinar]
* [https://www.owasp.org/images/1/19/OWASP_PROJECTS_SOLUTIONS.pdf OWASP Project Infrastructure: Solutions]

==Program Manger's Quarterly Strategic Objectives==

'''[https://docs.google.com/document/d/1g9jJImMr0p6fLqixOJIXtrNvGtycmI7-ofT54vWExwo/edit?usp=sharing Goals and Objectives: 2013 Q4]'''
#Finish planning Project Summit & Execute Summit at AppSec USA.
#Develop & Finish Global Projects Strategy for 2014: Includes Budget
#Finish Fundraising Strategy for 2014: Includes Budget

*'''Ongoing Objectives for 2013'''
**Quarterly Report to DHS
**Continue helping leaders reach their grant required milestones
**Finalise graphic design delivery from Patrick: 2 pieces to go.

'''[https://docs.google.com/a/owasp.org/document/d/1wziu7cIMmnYZQ_fMxjNd614e0OWNacZLmcyQl7zWnZU/edit?usp=sharing Goals and Objectives: 2013 Q3]'''
#Marketing: Work with Sarah to solicit feedback from community on Marketing deliverables and finalize relationship with Patrick and Denita.
#Project Review Process - Work with new Technical Project advisors to finalize project review criteria and process.
#Grants: Develop a grant strategy for rest of 2013 and 2014, utilizing fundraising intern(s) as part of this strategy.

*'''Ongoing Objectives for 2013'''
**Work with Project leaders to reach grant required milestones - ONGOING
**Develop a project charter outlining appropriate grant revenue spending and grant required milestones. - DUE IN SEPTEMBER - ONGOING
**Oversight of Marketing and Graphic Design deliverables (Phase 2/Phase 3) provided by 3rd party contractor

==Contact the Program Manager==

If you need any help with anything projects related, or if you simply need some more information, please do not hesitate to contact the [http://owasp4.owasp.org/contactus.html OWASP Projects Manager, Samantha Groves].


= Contact US =


==OWASP Representation==
* [[User:Samantha Groves|Samantha Groves]]: OWASP Program Manager: OWASP Projects

If you need any help with anything projects related, or if you simply need some more information, please do not hesitate to contact the [http://owasp4.owasp.org/contactus.html OWASP Projects Manager, Samantha Groves].


<headertabs />

Category:OWASP Project

2014-05-03T01:02:29Z

Samantha Groves:

__NOTOC__
{|
|-
! width="700" align="center" | 
! width="500" align="center" | 
|-
| align="right" | [[Image:Owasp_banner_web_pro.jpg|800px| link=https://www.owasp.org/index.php/Category:OWASP_Project]]
| align="right" |

|}

= Welcome =
{| style="width: 100%;"
|-
| style="width: 100%; color: rgb(0, 0, 0);" |
{| style="border: 0px solid ; background: transparent none repeat scroll 0% 0%; width: 100%; -moz-background-clip: border; -moz-background-origin: padding; -moz-background-inline-policy: continuous;"
|-
| style="width: 95%; color: rgb(0, 0, 0);" |


=== OWASP Project Inventory ===

All OWASP tools, document, and code library projects are organized into the following [https://www.owasp.org/index.php/OWASP_Project_Stages categories:]

* '''[https://www.owasp.org/index.php/OWASP_Project_Inventory#Flagship_Projects Flagship Projects:]''' The OWASP Flagship designation is given to projects that have demonstrated strategic value to OWASP and application security as a whole.

* '''[https://www.owasp.org/index.php/OWASP_Project_Inventory#Labs_Projects Lab Projects:]''' OWASP Labs projects represent projects that have produced an OWASP reviewed deliverable of value.

* '''[https://www.owasp.org/index.php/OWASP_Project_Inventory#Incubator_Projects Incubator Projects:]''' OWASP Incubator projects represent the experimental playground where projects are still being fleshed out, ideas are still being proven, and development is still underway.

=== Welcome to the OWASP Global Projects Page ===

An OWASP project is a collection of related tasks that have a defined roadmap and team members. OWASP project leaders are responsible for defining the vision, roadmap, and tasks for the project. The project leader also promotes the project and builds the team. OWASP currently has over 142 active projects, and new project applications are submitted every week.

This is one of the most popular divisions of OWASP as it gives members an opportunity to freely test theories and ideas with the professional advice and support of the OWASP community. Every project has an associated mail list. You can view all the lists, examine their archives, and subscribe to any project by visiting the [http://lists.owasp.org/mailman/listinfo OWASP Project Mailing Lists] page. A summary of recent project announcements is available on the [[OWASP Updates]] page.

'''[https://www.owasp.org/images/d/d8/PROJECT_LEADER-HANDBOOK_2014.pdf Download the OWASP Project Handbook 2014]'''

'''[https://www.owasp.org/index.php/OWASP_2014_Project_Handbook OWASP Project Handbook Wiki 2014]'''

'''[https://www.owasp.org/images/6/6a/OWASP_Projects_Handbook_2013.pdf Download the OWASP Projects Handbook 2013]'''

'''[http://www.tfaforms.com/263506 Start a New OWASP Project]'''

'''[https://www.owasp.org/index.php/Project_Online_Resources Project Online Resources]'''

=== Who Should Start an OWASP Project? ===

*Application Developers.
*Software Architects.
* Information Security Authors.
*Those who would like the support of a world wide professional community to develop or test an idea.
*Anyone wishing to take advantage of the professional body of knowledge OWASP has to offer.

=== Contact Us===

If you have any questions, please do not hesitate to contact the [http://owasp4.owasp.org/contactus.html OWASP Projects Manager, Samantha Groves] by using the form provided here. Please allow five working days for your question or comment to be answered. This is due to the large amount of queries the foundation staff receive every day. We thank you for your patience.

=== Social Media ===

We recommend using the links below to find our official OWASP social media channels. These are a great way to keep in touch with the different initiatives going on at OWASP throughout the world. They are all updated regularly by chapter leaders, project leaders, the OWASP Board Members, and our OWASP Staff. If you have any questions or concerns about any of these accounts, please drop us a line using our [http://www.tfaforms.com/308703 "Contact Us"] form found above.

[[Image:Blogger-32x32.png|32px|link=http://owasp.blogspot.co.uk/]] [[Image:Twitter-32x32.png|32px|link=https://twitter.com/OWASP]] [[Image:Facebook-32x32.png|32px|link=https://www.facebook.com/groups/172892372831444/]] [[Image:Linkedin-32x32.png|32px|link=http://www.linkedin.com/groups/Global-OWASP-Foundation-36874]] [[Image:Google-32x32.png|32px|link=https://plus.google.com/u/0/communities/105181517914716500346?cfem=1]] [[Image:Ning-32x32.png|32px|link=http://myowasp.ning.com/]]





 

|}



| style="border: 3px solid rgb(204, 204, 204); vertical-align: top; width: 95%; font-size: 95%; color: rgb(0, 0, 0);" | 

                                                                                                                              [[Image:Passfault01.jpg‎|center|300px| link=https://www.owasp.org/index.php/OWASP_Passfault]

[[Image:AppSecEU_2014.jpg|center|300px| link=https://2014.appsec.eu/]]

[[Image:New_initiatives.png|center|300px| link=http://owasp.force.com/volunteers/GW_Volunteers__VolunteersJobListing]]

[[Image:Donate_here_banner.png|center|300px| link=http://www.regonline.com/Register/Checkin.aspx?EventID=1044369]]

{|

| style="width: 110px; font-size: 95%; color: rgb(0, 0, 0);" |
|}

| style="width: 110px; font-size: 95%; color: rgb(0, 0, 0);" |
|}


= Project Inventory =


==Flagship Projects==

The OWASP Flagship designation is given to projects that have demonstrated strategic value to OWASP and application security as a whole.

'''Code'''

'''Tools'''

'''Documentation'''

==Labs Projects==

OWASP Labs projects represent projects that have produced a deliverable of value. While these projects are typically not production ready, the OWASP community expects that an OWASP Labs project leader is producing releases that are at least ready for mainstream usage.

'''Tools'''
* [https://www.owasp.org/index.php/OWASP_Broken_Web_Applications_Project OWASP Broken Web Applications Project]
* [https://www.owasp.org/index.php/Category:OWASP_CSRFTester_Project OWASP CSRFTester Project]
* [https://www.owasp.org/index.php/Category:OWASP_EnDe OWASP EnDe Project]
* [https://www.owasp.org/index.php/OWASP_Hackademic_Challenges_Project OWASP Hackademic Challenges Project]
* [https://www.owasp.org/index.php/OWASP_Mantra_-_Security_Framework OWASP Mantra Security Framework]
* [https://www.owasp.org/index.php/Category:OWASP_Mutillidae OWASP Mutillidae Project]
* [https://www.owasp.org/index.php/OWASP_O2_Platform OWASP O2 Platform]
* [https://www.owasp.org/index.php/Project_Information:template_Vicnum_Project OWASP Vicnum Project]
* [https://www.owasp.org/index.php/Category:OWASP_Wapiti_Project OWASP Wapiti Project]
* [https://www.owasp.org/index.php/Project_Information:template_Yasca_Project OWASP Yasca Project]
* [https://www.owasp.org/index.php/OWASP_OWTF OWASP OWTF]
* [https://www.owasp.org/index.php?title=OWASP_Web_Testing_Environment_Project OWASP Web Testing Environment Project]
* [https://www.owasp.org/index.php/Webgoat OWASP WebGoat Project]
* [https://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Project OWASP Zed Attack Proxy]

'''Documentation'''
* [https://www.owasp.org/index.php/OWASP_Appsec_Tutorial_Series OWASP AppSec Tutorial Series]
* [https://www.owasp.org/index.php/OWASP_AppSensor_Project OWASP AppSensor Project]
* [https://www.owasp.org/index.php/Category:OWASP_CTF_Project OWASP CTF Project]
* [https://www.owasp.org/index.php/Category:OWASP_Legal_Project OWASP Legal Project]
* [https://www.owasp.org/index.php/OWASP_Podcast OWASP Podcast Project]
* [https://www.owasp.org/index.php/Virtual_Patching_Best_Practices Virtual Patching Best Practices]
* [https://www.owasp.org/index.php/Category:OWASP_Application_Security_Verification_Standard_Project OWASP Application Security Verification Standard Project]
* [https://www.owasp.org/index.php/Category:OWASP_Code_Review_Project OWASP Code Review Guide Project]
* [https://www.owasp.org/index.php/OWASP_Codes_of_Conduct OWASP Codes of Conduct]
* [https://www.owasp.org/index.php/Category:OWASP_Guide_Project OWASP Development Guide Project]
* [https://www.owasp.org/index.php/OWASP_Secure_Coding_Practices_-_Quick_Reference_Guide OWASP Secure Coding Practices - Quick Reference Guide]
* [https://www.owasp.org/index.php/Category:Software_Assurance_Maturity_Model OWASP Software Assurance Maturity Model (SAMM)]
* [https://www.owasp.org/index.php/OWASP_Testing_Project OWASP Testing Guide Project]
* [https://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project OWASP Top Ten Project]

'''Code'''
* [https://www.owasp.org/index.php/Category:OWASP_AntiSamy_Project OWASP AntiSamy Project]
* [https://www.owasp.org/index.php/Category:OWASP_Enterprise_Security_API OWASP Enterprise Security API]
* [https://www.owasp.org/index.php/Projects/OWASP_ModSecurity_Core_Rule_Set_Project OWASP ModSecurity Core Rule Set Project]
* [https://www.owasp.org/index.php/Category:OWASP_CSRFGuard_Project OWASP CSRFGuard Project]

<div id="sammysam"></div>

==Incubator Projects==

OWASP Incubator projects represent the experimental playground where projects are still being fleshed out, ideas are still being proven, and development is still underway. The “OWASP Incubator” label allows OWASP consumers to readily identify a project’s maturity. The label also allows project leaders to leverage the OWASP name while their project is still maturing.

'''Code'''
* [https://www.owasp.org/index.php/Opa OWASP OPA]
* [https://www.owasp.org/index.php/OWASP_Java_Encoder_Project OWASP Java Encoder Project]
* [https://www.owasp.org/index.php/OWASP_JSON_Sanitizer OWASP JSON Sanitizer]
* [https://www.owasp.org/index.php/OWASP_Java_HTML_Sanitizer OWASP Java HTML Sanitizer Project]
* [https://www.owasp.org/index.php/OWASP_Java_XML_Templates_Project OWASP Java XML Templates Project]
* [https://www.owasp.org/index.php/OWASP_Passfault OWASP Passfault]
* [https://www.owasp.org/index.php/OWASP_OctoMS OWASP OctoMS]
* [https://www.owasp.org/index.php/OWASP_Java_File_I_O_Security_Project OWASP Java File I/O Security Project]
* [https://www.owasp.org/index.php/OWASP_Security_Research_and_Development_Framework OWASP Security Research and Development Framework]
* [https://www.owasp.org/index.php/OWASP_1-Liner OWASP 1-Liner]
* [https://www.owasp.org/index.php/OWASP_Focus OWASP Focus]
* [https://www.owasp.org/index.php/OWASP_PHPRBAC_Project OWASP PHPRBAC Project]
* [https://www.owasp.org/index.php/OWASP_EJSF_Project OWASP EJSF Project]
* [https://www.owasp.org/index.php/OWASP_Barbarus OWASP Barbarus]
* [https://www.owasp.org/index.php/OWASP_iMAS_iOS_Mobile_Application_Security_Project OWASP iMAS - iOS Mobile Application Security Project]
* [https://www.owasp.org/index.php/OWASP_RBAC_Project OWASP RBAC Project]
* [https://www.owasp.org/index.php/OWASP_PHP_Security_Project OWASP PHP Security Project]
* [https://www.owasp.org/index.php/OWASP_Simple_Host_Base_Incidence_Detection_System_Project OWASP Simple Host Base Incidence Detection System Project]
* [https://www.owasp.org/index.php/OWASP_File_Format_Validation_Project OWASP File Format Validation Project]
* [https://www.owasp.org/index.php/OWASP_JAWS_Project OWASP JAWS Project]
* [https://www.owasp.org/index.php/OWASP_Node_js_Goat_Project OWASP Node.js Goat Project]
* [https://www.owasp.org/index.php/OWASP_System_Vulnerable_Code_Project OWASP System Vulnerable Code Project]
* [https://www.owasp.org/index.php/OWASP_ISO_IEC_27034_Application_Security_Controls_Project OWASP ISO/IEC 27034 Application Security Controls Project]
* [https://www.owasp.org/index.php/OWASP_Ultimatum_Project OWASP Ultimatum Project]
* [https://www.owasp.org/index.php/OWASP_Secure_Headers_Project OWASP Secure Headers Project]

'''Tools'''
* [https://www.owasp.org/index.php/OWASP_NAXSI_Project OWASP NAXSI Project]
* [https://www.owasp.org/index.php/OWASP_Passw3rd_Project OWASP Passw3rd Project]
* [https://www.owasp.org/index.php/Category:OWASP_WebGoat.NET OWASP WebGoat.NET]
* [https://www.owasp.org/index.php/OWASP_Path_Traverser OWASP Path Traverser]
* [https://www.owasp.org/index.php/OWASP_Watiqay OWASP Watiqay]
* [https://www.owasp.org/index.php/Projects/OWASP_Security_Shepherd/Roadmap OWASP Security Shepherd]
* [https://www.owasp.org/index.php/OWASP_Xenotix_XSS_Exploit_Framework OWASP Xenotix XSS Exploit Framework]
* [https://www.owasp.org/index.php/OWASP_Mantra_OS OWASP Mantra OS]
* [https://www.owasp.org/index.php/OWASP_XSSER OWASP XSSER]
* [https://www.owasp.org/index.php/OWASP_Academy_Portal_Project OWASP Academy Portal Project]
* [https://www.owasp.org/index.php/OWASP_ASIDE_Project OWASP ASIDE Project]
* [https://www.owasp.org/index.php/OWASP_iGoat_Project OWASP iGoat Project]
* [https://www.owasp.org/index.php/OWASP_SamuraiWTF_Project OWASP SamuraiWTF]
* [https://www.owasp.org/index.php/O-Saft O-Saft]
* [https://www.owasp.org/index.php/OWASP_OpenStack_Security_Project OWASP OpenStack Security Project]
* [https://www.owasp.org/index.php/OWASP_Bricks OWASP Bricks]
* [https://www.owasp.org/index.php/OWASP_Dependency_Check OWASP Dependency Check]
* [https://www.owasp.org/index.php/OWASP_Hive_Project OWASP Hive Project]
* [https://www.owasp.org/index.php/OWASP_Droid_Fusion OWASP Droid Fusion]
* [https://www.owasp.org/index.php/OWASP_iSABEL_Proxy_Server OWASP iSABEL Proxy Server]
* [https://www.owasp.org/index.php/OWASP_Rails_Goat_Project OWASP Rails Goat Project]
* [https://www.owasp.org/index.php/OWASP_Bywaf_Project OWASP Bywaf Project]
* [https://www.owasp.org/index.php/OWASP_S.T.I.N.G_Project OWASP S.T.I.N.G Project]
* [https://www.owasp.org/index.php/OWASP_VaultDB_Project OWASP VaultDB Project]
* [https://www.owasp.org/index.php/OWASP_WS_Amplification_DoS_Project OWASP WS-Amplification DoS Project]
* [https://www.owasp.org/index.php/OWASP_Mutillidae_2_Project OWASP Mutillidae 2 Project]
* [https://www.owasp.org/index.php/OWASP_Skanda_SSRF_Exploitation_Framework OWASP Skanda - SSRF Exploitation Framework]
* [https://www.owasp.org/index.php/OWASP_SeraphimDroid_Project OWASP SeraphimDroid Project]
* [https://www.owasp.org/index.php/OWASP_Unmaskme_Project OWASP Unmaskme Project]
* [https://www.owasp.org/index.php/OWASP_Androick_Project OWASP Androïck Project]
* [https://www.owasp.org/index.php/OWASP_SafeNuGet_Project OWASP SafeNuGet Project]
* [https://www.owasp.org/index.php/OWASP_WebSandBox_Project OWASP WebSandBox Project]
* [https://www.owasp.org/index.php/OWASP_HA_Vulnerability_Scanner_Project OWASP HA Vulnerability Scanner Project]
* [https://www.owasp.org/index.php/OWASP_Dependency_Track_Project OWASP Dependency Track Project]
* [https://www.owasp.org/index.php/OWASP_PHP_Portscanner_Project OWASP PHP Portscaner Project]
* [https://www.owasp.org/index.php/OWASP_Pygoat_Project OWASP Pygoat Project]
* [https://www.owasp.org/index.php/OWASP_Python_Security_Project OWASP Python Security Project]
* [https://www.owasp.org/index.php/OWASP_WebSpa_Project OWASP WebSpa Project]
* [https://www.owasp.org/index.php/OWASP_Financial_Information_Exchange_Security_Project OWASP Financial Information Exchange Security Project]
* [https://www.owasp.org/index.php/OWASP_STeBB_Project OWASP STeBB Project]
* [https://www.owasp.org/index.php/OWASP_NINJA_PingU_Project OWASP NINJA PingU Project]
* [https://www.owasp.org/index.php/OWASP_Encoder_Comparison_Reference_Project OWASP Encoder Comparison Reference Project]
* [https://www.owasp.org/index.php/Category:OWASP_SQLiX_Project OWASP sqliX Project]
* [https://www.owasp.org/index.php/OWASP_LAPSE_Project OWASP LAPSE Project]
* [https://www.owasp.org/index.php/Category:OWASP_Orizon_Project OWASP Orizon Project]
* [https://www.owasp.org/index.php/OWASP_WASC_Distributed_Web_Honeypots_Project OWASP WASC Distributed Web Honeypots Project]
* [https://www.owasp.org/index.php/OWASP_Click_Me_Project OWASP Click Me Project]
* [https://www.owasp.org/index.php/OWASP_Secure_TDD_Project OWASP Secure TDD Project]
* [https://www.owasp.org/index.php/OWASP_XSecurity_Project OWASP XSecurity Project]
* [https://www.owasp.org/index.php/OWASP_Pyttacker_Project OWASP Pyttacker Project]
* [https://www.owasp.org/index.php/OWASP_Code_Pulse_Project OWASP Code Pulse Project]
* [https://www.owasp.org/index.php/OWASP_HTTP_Post_Tool OWASP HTTP POST Tool]

'''Documentation'''
* [https://www.owasp.org/index.php/OWASP_Data_Exchange_Format_Project OWASP Data Exchange Format Project]
* [https://www.owasp.org/index.php/Cheat_Sheets OWASP Cheat Sheets Project]
* [https://www.owasp.org/index.php/OWASP_Proactive_Controls OWASP Proactive Controls]
* [https://www.owasp.org/index.php/OWASP_Java_J2EE_Secure_Development_Curriculum OWASP Java/J2EE Secure Development Curriculum]
* [https://www.owasp.org/index.php/OWASP_Security_Baseline_Project OWASP Security Baseline Project]
* [https://www.owasp.org/index.php/OWASP_Web_Application_Security_Accessibility_Project#tab=Project_About OWASP Web Application Security Accessibility Project]
* [https://www.owasp.org/index.php/Category:OWASP_Application_Security_Requirements_Project OWASP Application Security Requirements Project]
* [https://www.owasp.org/index.php/Category:OWASP_Application_Security_Assessment_Standards_Project OWASP Application Security Assessment Standards Project]
* [https://www.owasp.org/index.php/Category:OWASP_CBT_Project OWASP Computer Based Training Project (OWASP CBT Project)]
* [https://www.owasp.org/index.php/OWASP_Enterprise_Application_Security_Project OWASP Enterprise Application Security Project]
* [https://www.owasp.org/index.php/OWASP_Exams_Project OWASP Exams Project]
* [https://www.owasp.org/index.php/Projects/OWASP_GoatDroid_Project OWASP GoatDroid Project]
* [https://www.owasp.org/index.php/OWASP_RFP-Criteria OWASP Request For Proposal]
* [https://www.owasp.org/index.php/OWASP_University_Challenge OWASP University Challenge]
* [https://www.owasp.org/index.php/OWASP_Hacking_Lab OWASP Hacking-Lab]
* [https://www.owasp.org/index.php/OWASP_Application_Security_Awareness_Top_10_E-learning_Project OWASP Application Security Awareness Top 10 E-learning Project]
* [https://www.owasp.org/index.php/OWASP_Periodic_Table_of_Vulnerabilities OWASP Periodic Table of Vulnerabilities]
* [https://www.owasp.org/index.php/WASC_OWASP_Web_Application_Firewall_Evaluation_Criteria_Project WASC/OWASP Web Application Firewall Evaluation Criteria (WAFEC)]
* [https://www.owasp.org/index.php/ESAPI_Swingset OWASP ESAPI Swingset Project]
* [https://www.owasp.org/index.php/OWASP_Press OWASP Press]
* [https://www.owasp.org/index.php/OWASP_CISO_Survey OWASP CISO Survey]
* [https://www.owasp.org/index.php/OWASP_Application_Security_Guide_For_CISOs_Project OWASP Application Security Guide For CISOs]
* [https://www.owasp.org/index.php/OWASP_Scada_Security_Project OWASP Scada Security Project]
* [https://www.owasp.org/index.php/OWASP_Cornucopia OWASP Cornucopia]
* [https://www.owasp.org/index.php/OWASP_Secure_Application_Design_Project OWASP Secure Application Design Project]
* [https://www.owasp.org/index.php/OWASP_Top_10_Fuer_Entwickler_Project OWASP Top 10 Fuer Entwickler Project]
* [https://www.owasp.org/index.php/OWASP_Web_Application_Security_Quick_Reference_Guide_Project OWASP Web Application Security Quick Reference Guide Project]
* [https://www.owasp.org/index.php/OWASP_Windows_Binary_Executable_Files_Security_Checks_Project OWASP Windows Binary Executable Files Security Checks Project]
* [https://www.owasp.org/index.php/OWASP_Wordpress_Security_Checklist_Project OWASP Wordpress Security Checklist Project]
* [https://www.owasp.org/index.php/OWASP_Supporting_Legacy_Web_Applications_in_the_Current_Environment_Project OWASP Supporting Legacy Web Applications in the Current Environment Project]
* [https://www.owasp.org/index.php/OWASP_Security_Principles_Project OWASP Security Principles Project]
* [https://www.owasp.org/index.php/OWASP_Ruby_on_Rails_and_friends_Security_Guide OWASP Ruby on Rails and friends Security Guide Project]
* [https://www.owasp.org/index.php/OWASP_Media_Project OWASP Media Project]
* [https://www.owasp.org/index.php/OWASP_Global_Chapter_Meetings_Project OWASP Global Chapter Meetings Project]
* [https://www.owasp.org/index.php/OWASP_Vulnerable_Web_Applications_Directory_Project OWASP Vulnerable Web Applications Directory Project]
* [https://www.owasp.org/index.php/OWASP_Game_Security_Framework_Project OWASP Game Security Framework Project]
* [https://www.owasp.org/index.php/OWASP_Security_Labeling_System_Project OWASP Security Labeling System Project]
* [https://www.owasp.org/index.php/OWASP_IoTs_Project OWASP IoTs Project]
* [https://www.owasp.org/index.php/OWASP_Insecure_Web_Components_Project OWASP Insecure Web Components Project]
* [https://www.owasp.org/index.php/OWASP_Reverse_Engineering_and_Code_Modification_Prevention_Project OWASP Reverse Engineering and Code Modification Prevention Project]
* [https://www.owasp.org/index.php/OWASP_Student_Chapters_Program OWASP Student Chapters Project]
* [https://www.owasp.org/index.php/Category:OWASP_Education_Project OWASP Education Project]
* [https://www.owasp.org/index.php/Category:OWASP_Speakers_Project OWASP Speakers Project]
* [https://www.owasp.org/index.php/OWASP_Internet_of_Things_Top_Ten_Project OWASP Internet of Things Top Ten Project]
* [https://www.owasp.org/index.php/Category:OWASP_.NET_Project OWASP .NET Project]
* [https://www.owasp.org/index.php/OWASP_Research_Book_Project OWASP Research Book Project]
* [https://www.owasp.org/index.php/OWASP_Open_Cyber_Security_Framework_Project OWASP Open Cyber Security Framework Project]
* [https://www.owasp.org/index.php/OWASP_Top_10_Privacy_Risks_Project OWASP Top 10 Privacy Risks Project]
* [https://www.owasp.org/index.php/OWASP_WASC_Web_Hacking_Incidents_Database_Project OWASP WASC Web Hacking Incidents Database Project]
* [https://www.owasp.org/index.php/OWASP_Security_Frameworks_Project OWASP Security Frameworks Project]
* [https://www.owasp.org/index.php/OWASP_Incident_Response_Project OWASP Incident Response Project]
* [https://www.owasp.org/index.php/OWASP_Embedded_Application_Security OWASP Embedded Application Security]
* [https://www.owasp.org/index.php/OWASP_STING_Game_Project OWASP STING Game Project]

==Donated Projects==

OWASP Donated Projects are inactive projects that have been donated to the OWASP Projects Infrastructure.

'''Tools'''

* [https://www.owasp.org/index.php/OWASP_Excess_XSS_Project OWASP Excess XSS Project]
* [https://www.owasp.org/index.php/OWASP_JOTP_Project OWASP jOTP Project]

==Inactive Projects==

'''Archived Projects'''

OWASP Archived Projects are inactive Labs projects. If you are interested in pursuing any of the projects below, please contact us and let us know of your interest.

* [https://www.owasp.org/index.php/Category:OWASP_Access_Control_Rules_Tester_Project OWASP Access Control Rules Tester Project]
* [https://www.owasp.org/index.php/Category:OWASP_Application_Security_Metrics_Project OWASP Application Security Metrics Project]
* [https://www.owasp.org/index.php/Category:OWASP_AppSec_FAQ_Project OWASP AppSec FAQ Project]
* [https://www.owasp.org/index.php/Asdr OWASP ASDR Project]
* [https://www.owasp.org/index.php/Category:OWASP_Backend_Security_Project OWASP Backend Security Project]
* [https://www.owasp.org/index.php/Category:OWASP_Best_Practices:_Use_of_Web_Application_Firewalls OWASP Best Practices: Use of Web Application Firewalls]
* [https://www.owasp.org/index.php/Category:OWASP_CAL9000_Project OWASP CAL9000 Project]
* [https://www.owasp.org/index.php/Category:OWASP_CLASP_Project OWASP CLASP Project]
* [https://www.owasp.org/index.php/Category:OWASP_Code_Crawler OWASP CodeCrawler Project]
* [https://www.owasp.org/index.php/Category:OWASP_Content_Validation_using_Java_Annotations_Project OWASP Content Validation using Java Annotations Project]
* [https://www.owasp.org/index.php/Category:OWASP_DirBuster_Project OWASP DirBuster Project]
* [https://www.owasp.org/index.php/Category:OWASP_Encoding_Project OWASP Encoding Project]
* [https://www.owasp.org/index.php/Category:OWASP_Google_Hacking_Project OWASP Google Hacking Project]
* [https://www.owasp.org/index.php/Category:OWASP_Insecure_Web_App_Project OWASP Insecure Web App Project]
* [https://www.owasp.org/index.php/Category:OWASP_Interceptor_Project OWASP Interceptor Project]
* [https://www.owasp.org/index.php/Category:OWASP_JSP_Testing_Tool_Project OWASP JSP Testing Tool Project]
* [https://www.owasp.org/index.php/Category:OWASP_LiveCD_Education_Project OWASP LiveCD Education Project]
* [https://www.owasp.org/index.php/Category:OWASP_Logging_Project OWASP Logging Guide]
* [https://www.owasp.org/index.php/Category:OWASP_NetBouncer_Project OWASP NetBouncer Project]
* [https://www.owasp.org/index.php/Category:OWASP_OpenPGP_Extensions_for_HTTP_-_Enigform_and_mod_openpgp OWASP OpenPGP Extensions for HTTP - Enigform and mod_openpgp Project]
* [https://www.owasp.org/index.php/Category:OWASP_OpenSign_Server_Project OWASP OpenSign Server Project]
* [https://www.owasp.org/index.php/Category:OWASP_Pantera_Web_Assessment_Studio_Project OWASP Pantera Web Assessment Studio Project]
* [https://www.owasp.org/index.php/Category:OWASP_PHP_Project OWASP PHP Project]
* [https://www.owasp.org/index.php/ORG_%28OWASP_Report_Generator%29 OWASP Report Generator]
* [https://www.owasp.org/index.php/Category:OWASP_SASAP_Project OWASP Scholastic Application Security Assessment Project]
* [https://www.owasp.org/index.php/Category:OWASP_Security_Analysis_of_Core_J2EE_Design_Patterns_Project OWASP Security Analysis of Core J2EE Design Patterns Project]
* [https://www.owasp.org/index.php/Category:OWASP_Security_Spending_Benchmarks OWASP Security Spending Benchmarks Project]
* [https://www.owasp.org/index.php/OWASP_SiteGenerator OWASP Site Generator Project]
* [https://www.owasp.org/index.php/Category:OWASP_Skavenger_Project OWASP Skavenger Project]
* [https://www.owasp.org/index.php/Category:OWASP_Source_Code_Flaws_Top_10_Project OWASP Source Code Flaws Top 10 Project]
* [https://www.owasp.org/index.php/Category:OWASP_Sprajax_Project OWASP Sprajax Project]
* [https://www.owasp.org/index.php/Category:OWASP_Sqlibench_Project OWASP Sqlibench Project]
* [https://www.owasp.org/index.php/Category:OWASP_Stinger_Project OWASP Stinger Project]
* [https://www.owasp.org/index.php/Category:OWASP_Teachable_Static_Analysis_Workbench_Project OWASP Teachable Static Analysis Workbench Project]
* [https://www.owasp.org/index.php/OWASP_Tiger OWASP Tiger]
* [https://www.owasp.org/index.php/Category:OWASP_Tools_Project OWASP Tools Project]
* [https://www.owasp.org/index.php/Projects/OWASP_Uniform_Reporting_Guidelines OWASP Uniform Reporting Guidelines]
* [https://www.owasp.org/index.php/Category:OWASP_WeBekci_Project OWASP Webekci Project]
* [https://www.owasp.org/index.php/JBroFuzz JBroFuzz]
* [https://owasp.org/index.php/Category:OWASP_SWAAT_Project OWASP SWAAT Project]
* [https://www.owasp.org/index.php/OWASP_Secure_Web_Application_Framework_Manifesto OWASP Secure Web Application Framework Manifesto]
* [https://www.owasp.org/index.php/Scrubbr OWASP Scrubbr]
* [https://www.owasp.org/index.php/OWASP_JavaScript_Sandboxes OWASP JavaScript Sandboxes Project]
* [https://www.owasp.org/index.php/Category:OWASP_Joomla_Vulnerability_Scanner_Project OWASP Joomla Vulnerability Scanner Project]
* [https://www.owasp.org/index.php/OWASP_Hatkit_Datafiddler_Project OWASP Hatkit Datafiddler Project]
* [https://www.owasp.org/index.php/OWASP_Hatkit_Proxy_Project OWASP Hatkit Proxy Project]
* [https://www.owasp.org/index.php/OWASP_Fiddler_Addons_for_Security_Testing_Project OWASP Fiddler Addons for Security Testing Project]
* [https://www.owasp.org/index.php/OWASP_Forward_Exploit_Tool_Project OWASP Forward Exploit Tool Project]
* [https://www.owasp.org/index.php/Category:OWASP_Fuzzing_Code_Database OWASP Fuzzing Code Database]
* [https://www.owasp.org/index.php/Category:OWASP_Cloud_‐_10_Project OWASP Cloud ‐ 10 Project]
* [https://www.owasp.org/index.php/OWASP_Web_Browser_Testing_System_Project OWASP Web Browser Testing System Project]
* [https://www.owasp.org/index.php/Webscarab OWASP WebScarab Project]
* [https://www.owasp.org/index.php/Project_Information:template_Webslayer_Project OWASP Webslayer Project]
* [https://www.owasp.org/index.php/Project_Information:template_WSFuzzer_Project OWASP WSFuzzer Project]
* [http://owasp.com/index.php/Category:OWASP_Security_Assurance_Testing_of_Virtual_Worlds_Project OWASP Security Assurance Testing of Virtual Worlds Project]
* [https://www.owasp.org/index.php/OWASP_WAF_Project OWASP WAF Project]
* [https://www.owasp.org/index.php/OWASP_VFW_Project OWASP VFW Project]
* [https://www.owasp.org/index.php/OWASP_SIMBA_Project OWASP SIMBA Project]
* [https://www.owasp.org/index.php/OWASP_ONYX OWASP ONYX]
* [https://www.owasp.org/index.php/OWASP_Java_Uncertain_Form_Submit_Prevention OWASP Java Uncertain Form Submit Prevention]
* [https://www.owasp.org/index.php/OWASP_Ecuador OWASP Ecuador]
* [https://www.owasp.org/index.php/OWASP_ESOP_Framework OWASP ESOP Framework]
* [https://www.owasp.org/index.php/OWASP_Alchemist_Project OWASP Alchemist Project]
* [https://www.owasp.org/index.php/OWASP_Secure_the_Flag_Competition_Project OWASP Secure the Flag Project]
* [https://www.owasp.org/index.php/OWASP_Browser_Security_ACID_Tests_Project OWASP Browser Security ACID Test Project]
* [https://www.owasp.org/index.php/OWASP_AJAX_Crawling_Tool OWASP AJAX Crawling Tool]
* [https://www.owasp.org/index.php/OWASP_Threat_Modelling_Project OWASP Threat Modeling Project]
* [https://www.owasp.org/index.php/OWASP_Crossword_of_the_Month OWASP Crossword of the Month]
* [https://www.owasp.org/index.php/OWASP_Secure_Password_Project OWASP Secure Password Project]
* [https://www.owasp.org/index.php/OWASP_Myth_Breakers_Project OWASP Myth Breakers Project]
* [http://owasp.com/index.php/OWASP_Project_Partnership_Model OWASP Project Partnership Model]
* [https://www.owasp.org/index.php/OWASP_Browser_Security_Project OWASP Browser Security Project]
* [https://www.owasp.org/index.php/OWASP_Application_Security_Program_for_Managers OWASP Application Security Program for Managers]
* [https://www.owasp.org/index.php/Category:OWASP_Favicon_Database_Project OWASP Favicon Database Project]
* [https://www.owasp.org/index.php/OWASP_Security_JDIs_Project OWASP Security JDIs Project]
* [https://www.owasp.org/index.php/OWASP_File_Hash_Repository OWASP File Hash Repository]
* [https://www.owasp.org/index.php/OWASP_Crowdtesting OWASP Crowdtesting]
* [https://www.owasp.org/index.php/OWASP_Application_Security_Skills_Assessment OWASP Application Security Skills Assessment]
* [https://www.owasp.org/index.php/OWASP_Common_Numbering_Project OWASP Common Numbering Project]
* [https://www.owasp.org/index.php/OWASP_WhatTheFuzz_Project#tab=Project_About OWASP WhatTheFuzz Project]
* [https://www.owasp.org/index.php/OWASP_Security_Tools_for_Developers_Project OWASP Security Tools for Developers Project]
* [https://www.owasp.org/index.php/Category:OWASP_Proxy OWASP Proxy Project]
* [https://www.owasp.org/index.php/OWASP_AW00T OWASP AW00t]
* [https://www.owasp.org/index.php/OWASP_Framework_Security_Project OWASP Framework Security Project]
* [https://www.owasp.org/index.php/OWASP_Desktop_Goat_and_Top_5_Project OWASP Desktop Goat and Top 5 Project]
* [https://www.owasp.org/index.php/OWASP_OVAL_Content_Project OWASP OVAL Content Project]
* [https://www.owasp.org/index.php/OWASP_Software_Security_Assurance_Process OWASP Software Security Assurance Process]
* [https://www.owasp.org/index.php/OWASP_Application_Fuzzing_Framework_Project OWASP Application Fuzzing Framework Project]
* [https://www.owasp.org/index.php/OWASP_Good_Component_Practices_Project OWASP Good Component Practices Project]

= Project Task Force =

===OWASP Project Task Force===

{{:Task_Force/OWASP_Projects}}

= Online Resources =

===Project Online Resources===

{{:Project_Online_Resources}}

= Starting a New Project =

== So you want to start a project... ==

Starting an OWASP Project is easy. You don't have to be an application security expert. You just have to have the drive and desire to make a contribution to the application security community.

Here are some of the guidelines for running a successful OWASP project:

* The best OWASP projects are strategic - they make it easier to produce secure applications by filling a gap in the application security knowledge-base or technology support.

* You ''can'' run a single person project, but it's usually best to get the community involved. You should be prepared to support a mailing list, build a team, speak at conferences, and promote your project.

* You can contribute existing documents or tools to OWASP! Assuming you have the intellectual property rights to a work, you can open it to the world as an OWASP Project. Please coordinate this with OWASP by contacting owasp(at)owasp.org.

* Available Grants to consider if you need funding - [https://www.owasp.org/index.php/Grants Click Here]

* You should promote your project through the OWASP channels as well as by outside means. Get people to blog about it!

== Creating a new project ==
The first thing you have to do if you want to start a new project is submit a new OWASP Project application. [http://www.tfaforms.com/263506 Please submit a new project application here].

* You will need to gather the following information together for your application:
A - PROJECT
# Project Name,
# Project purpose / overview,
# Project Roadmap,
# Project links (if any) to external sites,
# [http://www.owasp.org/index.php/Guidelines_for_OWASP_Projects#Project_Licensing Project License],
# Project Leader name,
# Project Leader email address,
# Project Leader wiki account - the username (you'll need this to edit the wiki),
# Project Contributor(s) (if any) - name email and wiki account (if any),
# Project Main Links (if any).

* Check out the '''[[Guidelines for OWASP Projects]]'''.
* [https://www.owasp.org/index.php/Grant_Spending_Policy Grant Spending Policy]
* [https://www.owasp.org/index.php/Project_Spending_Policy Project Spending Policy]
* [https://www.owasp.org/index.php/Project_Sponsorship_Operational_Guidelines Project Sponsorship Operational Guidelines]

==OWASP Recommended Licenses==

{{Recommended_Licenses}}

==Funding your Project==
An OWASP project does not receive any funding for development at project inception; however, a new project does have the opportunity to submit a request to receive funds if they are available for the year. Additionally, project leaders have the option of seeking sponsorship from outside organizations, but project leaders are required to seek funding through their own initiative. Please contact the OWASP Projects Manager for more information.

== Project Release ==

As your project reaches a point that you'd like OWASP to assist in its promotion, the will need the following information to help spread the word about your project:

# Short 5 sentence paragraph outlining what your project is about, what you hope to accomplish with your project, what value your project brings to software security, and contributor and project leader names and contact information.
# Link to your wiki page.
# Link to your code repository or a link to where readers can download your project.
# Latest Release description answering the following questions: What is it?, What does it do?, Where can I get it?, Who should I contact if something goes wrong?.

==Project Process Forms==
These forms were created to help project leaders, and those interested in a going through a process in the OWASP projects infrastructure. They facilitate the management of each query based on the specific task an applicant will need help with. The forms are described below, and they are linked with their designated online application form.

* [http://www.tfaforms.com/264422 Project Transition Application]:The OWASP project transition form gives current project leaders an easy way of handing over project administration information to individuals wishing to take over a project.

* [http://www.tfaforms.com/264413 Project Review Application]:This form is for current project leaders to request a review of their project based on OWASP graduation criteria. The aim is to designate an OWASP volunteer to review these projects within 3 months time.

* [http://www.tfaforms.com/264418 Project Donation Application]:This form is for projects outside of the OWASP project infrastructure. Project Leaders for these open source projects can choose to partner or give their project to OWASP directly through this form.

* [http://www.tfaforms.com/264428 Project Adoption Request]:This form is used when someone is interested in adopting an archived project.

* [http://www.tfaforms.com/264426 Project Abandonment Request]:The OWASP project abandonment form gives current project leaders an easy way of letting the OWASP Foundation know that they wish to resign their project leader duties. This form should be used when no replacement project leader exists to take over these duties.

* [http://www.tfaforms.com/264392 Incubator Project Graduation Application]:This application form is for Incubator Projects to apply for Labs Project status.

= Project Assessments =

==OWASP Project Lifecycle==
The OWASP Projects Lifecycle represents a balance between keeping a very loose structure around OWASP projects, and ensuring that OWASP consumers are not confused about a project’s maturity and quality. The lifecycle stage allows consumers to easily identify mature projects, and projects that are proofs of concept, experimental, and classified as prototypes in their current state. The greater the maturity of the project, the greater the level of responsibility for the project leader. These responsibilities are not trivial as OWASP provides incentives and benefits (Section 7) for projects who take on these added responsibilities.

'''The OWASP Project Lifecycle is broken down into the following stages:'''

'''Incubator Projects:''' OWASP Incubator projects represent the experimental playground where projects are still being designed, ideas are still being proven, and development is still underway. The “OWASP Incubator” label allows OWASP consumers to readily identify a project’s maturity; moreover, the label allows project leaders to leverage the OWASP name while their project is still maturing. OWASP Incubator projects are given a place on the OWASP Projects Portal to leverage the organizations' infrastructure, and establish their presence and project history.

'''Labs Projects:''' OWASP Labs projects represent projects that have produced a deliverable of significant value. Leaders of OWASP Labs projects are expected to stand behind the quality of their projects as these projects have matured to the point where they are accepted by a significant portion of the OWASP community. While these projects are typically not production ready, the OWASP community expects that an OWASP Labs project leader is producing releases that are ready for mainstream usage. OWASP Labs Projects are meant to be the collection of established projects that have gained community support and acclaim by undergoing the project review process.

'''Flagship Projects:''' The OWASP Flagship designation is given to projects that have demonstrated superior maturity, established quality, and strategic value to OWASP and application security as a whole. Eligible projects are selected from the OWASP Labs project pool. This selection process generally ensures that there is only one project of each type covering any particular security space. OWASP Flagship projects represent projects that are not only mature, but are also projects that OWASP as an organization provides direct support to maintaining. The core mission of OWASP is to make application security visible and so as an organization, OWASP has a vested interest in the success of its Flagship projects. Since Flagship projects have such high visibility, these projects are expected to uphold the most stringent requirements of all OWASP Projects.

== OWASP Project Stage Benefits==
This section outlines the benefits of starting an OWASP project, and the benefits of being at each different stage in the projects lifecycle. In my short time here at OWASP as the PM, I have had several potential project leaders ask me what the benefits are of starting their project with OWASP. Below is my proposal for each Stage’s benefits.

'''Incubator'''
* Financial Donation Management Assistance
* Project Review Support
* WASPY Awards Nominations
* OWASP OSS and OPT Participation
* Opportunity to submit proposal: $500 for Development.
* Community Engagement and Support
* Recognition and visibility of being associated with the OWASP Brand.

'''Labs'''
* All benefits given to Incubator Projects
* Technical Writing Support
* Graphic Design Support
* Project Promotion Support
* OWASP OSS and OPT: Preference

'''Flagship'''
* All benefits given to Incubator & Labs Projects
* Grant finding and proposal writing help
* Yearly marketing plan development
* OWASP OSS and OPT participation preference

For more detailed information on OWASP Project Stage Benefits, please see the 2013 Project Handbook.

== OWASP Project Graduation==
The Project Graduation Process is an optional process undertaken at the request of a project leader using the Incubator Graduation Form. The purpose of this process is to move a project from the OWASP Incubator into the OWASP Labs. In order to be considered for OWASP Labs, an Incubator project must have submitted an OWASP reviewed deliverable, and obtained at least two (2) positive responses for each of the core criteria project health questions.

The review centers around the following core questions. Each core question has three (3) specific questions made up of binary queries. A project must receive at least two (2) positive responses from each reviewer in two of the binary questions, to warrant a postive response for the core question. Each core question must receive a positive response from both project reviewers to pass the Project Health Assessment for Incubator Projects.

* [https://docs.google.com/spreadsheet/ccc?key=0AllOCxlYdf1AdG5NZGhzTjZpT1RDcnRibjd0aXhfOUE Project Graduation Criteria Checklist]

==OWASP Project Health Assessment==
The Project Health Assessment is an optional process undertaken at the request of a project leader when he/she applies for Project Graduation The purpose of this assessment is to determine whether a project meets the minimum criteria of an OWASP Project outlined in the [https://docs.google.com/spreadsheet/ccc?key=0AllOCxlYdf1AdG5NZGhzTjZpT1RDcnRibjd0aXhfOUE Project Health Assessment Criteria Document]. If a project passes the assessment, it then becomes eligible to graduate into the OWASP Labs Project stage. In order to be considered for OWASP Labs, an Incubator project must have submitted an OWASP reviewed deliverable, and obtained at least two (2) positive responses for each of the core criteria project health questions.

==OWASP Project Deliverable/Release Assessment==
The Project Deliverable/Release Review is an optional process undertaken at the request of a project leader using the Project Deliverable Review Form. The purpose of this process is to review a project’s progress, and to make sure the project is heading in the right direction based on the roadmap they provided at project inception.

Reviews must be performed by two (2) OWASP Chapter or Project Leaders, and their review must answer affirmatively to at least the first two (2) core Project Deliverable/Release Review questions. A project must pass the OWASP Project Deliverable/Release Assessment in order to graduate into the OWASP Labs Project stage.

* [https://docs.google.com/spreadsheet/ccc?key=0AllOCxlYdf1AdG5NZGhzTjZpT1RDcnRibjd0aXhfOUE Project Deliverable/Release Assessment Criteria Checklist]

= Brand Resources =


==The Brand Usage Rules==
OWASP's philosophy is that achieving security involves all parts of an organization, including people, process, and technology. We support the use of our brand consistent with this philosophy. However, we cannot allow the use of our brand when it implies something inconsistent with OWASP's comprehensive and balanced approach to application security. Therefore, we have defined these brand usage rules to clarify appropriate and inappropriate uses of the OWASP brand, including our name, domain, logos, project names, and other trademarks.

The Brand Guideline documents and rules below provide details and instruction on how to use the OWASP logo and brand. The quick reference sheet goes over the basics of the OWASP brand logo and a brief overview of customizable options. The Brand Guidelines document gives the entire description of the OWASP brand, its public use, and the options to customize the logo based on personal desire. The guidelines cover the OWASP signature, size and spacing, colors, imagery, and typefaces.

==Rules==

The following rules make reference to the OWASP Materials, meaning any tools, documentation, or other content from OWASP. The rules also make reference to "OWASP Published Standards" which are currently in the process of being developed and released. Currently there are no OWASP Published Standards.

#The OWASP Brand may be used to direct people to the OWASP website for information about application security.
#The OWASP Brand may be used in commentary about the materials found on the OWASP website.
#The OWASP Brand may be used by OWASP Members in good standing to promote a person or company's involvement in OWASP.
#The OWASP Brand may be used in association with an application security assessment only if a complete and detailed methodology, sufficient to reproduce the results, is disclosed.
#The OWASP Brand must not be used in a manner that suggests that The OWASP Foundation supports, advocates, or recommends any particular product or technology.
#The OWASP Brand must not be used in a manner that suggests that a product or technology is compliant with any OWASP Materials other than an OWASP Published Standard.
#The OWASP Brand must not be used in a manner that suggests that a product or technology can enable compliance with any OWASP Materials other than an OWASP Published Standard.
#The OWASP Brand must not be used in any materials that could mislead readers by narrowly interpreting a broad application security category. For example, a vendor product that can find or protect against forced browsing must not claim that they address all of the access control category.
#The OWASP Brand may be used by special arrangement with The OWASP Foundation.

==Project Icons & Templates==

The templates and icons below are the files used for our OWASP Projects. Here you will find icons that you can place on your wiki template to let viewers know what type of project they are looking at, and what stage the project is in. The operational OWASP Project wiki template can be copied onto another project page. If you require more assistance with these files and/or templates, please contact the OWASP staff for assistance

'''[https://www.owasp.org/index.php/OWASP_Operations_Project_Template OWASP Operational Wiki Template]'''

'''[https://www.owasp.org/index.php/OWASP_Documentation_Project_Template OWASP Example Template: DO NOT EDIT]'''

[[Image:OWASP_Project_Header.jpg|Owasp logo|500px]]

[[Image:Project_Type_Files_TOOL.jpg|Owasp logo|200px]] [[Image:Project_Type_Files_DOC.jpg||Owasp logo 1c|200px]]

[[Image:Project_Type_Files_CODE.jpg|Owasp logo|200px]] [[Image:Owasp-defenders-small.png|Owasp logo|100px]] [[Image:Owasp-builders-small.png|Owasp logo|100px]] [[Image:Owasp-breakers-small.png|Owasp logo|100px]]

[[Image:Owasp-incubator-trans-200.png|Owasp logo rev icon|100px]] [[Image:Owasp-labs-trans-85.png|Owasp logo flat|100px]] [[Image:Owasp-flagship-trans-85.png|Owasp logo icon|100px]]

==Book Cover Files==

[https://www.owasp.org/images/d/d3/Lulu-guide.pdf Lulu Guide]

Below you will find the Adobe Illustrator, Photoshop, and In-Design files for past OWASP Documentation books. You will need a copy of Adobe Creative Suite to edit these files. If you want to use these templates, but do not have Adobe Creative Suite, please contact the OWASP staff for assistance.

'''[https://www.dropbox.com/s/h27gsbe5m7idg0y/Finished%20Covers.zip Download the Book Cover Zip File]'''
{|
|-
! width="500" align="center" | 
! width="300" align="center" | 
|-
| align="center" | [[Image:BookImage_01.jpg‎|500px| link=https://www.dropbox.com/s/h27gsbe5m7idg0y/Finished%20Covers.zip]]
| align="center" |

|}

= Terminology =

== OWASP Project Infrastructure ==

*'''OWASP Project Lifecycle:''' The OWASP Projects Lifecycle represents a balance between keeping a very loose structure around OWASP projects, and ensuring that OWASP consumers are not confused about a project’s maturity and quality. The lifecycle stage allows consumers to easily identify mature projects, and projects that are proofs of concept, experimental, and classified as prototypes in their current state.

*'''Incubator Project:''' OWASP Incubator projects represent the experimental playground where projects are still being fleshed out, ideas are still being proven, and development is still underway. The “OWASP Incubator” label allows OWASP consumers to readily identify a project’s maturity. The label also allows project leaders to leverage the OWASP name while their project is still maturing.

*'''Labs Project:''' OWASP Labs projects represent projects that have produced a deliverable of value. While these projects are typically not production ready, the OWASP community expects that an OWASP Labs project leader is producing releases that are at least ready for mainstream usage.

*'''Flagship Project:''' The OWASP Flagship designation is given to projects that have demonstrated strategic value to OWASP and application security as a whole.

*'''Project Benefits:''' The standard list of resources and incentives made available to project leaders based on their project's current maturity level.

== OWASP Project Reviews ==

*'''Project Reviews:''' Project reviews are the method OWASP uses to establish a minimal baseline of project characteristics and release quality. Reviews are not mandatory, but they are necessary if a project leader wishes to graduate to the next level of maturity within the OWASP Global Projects infrastructure. Projects can be reviewed when an Incubator project wishes to graduate into the OWASP Labs designation, and project releases can be reviewed if they want the quality of their deliverable to be vouched for by OWASP.

*'''Project Reviewer Pool:''' The project reviewer pool is made up of veteran reviewers who have proven themselves dedicated to executing quality reviews of projects.

*'''Project Graduation:''' The Project Graduation Process is an optional process undertaken at the request of a project leader using the Incubator Graduation Form. The purpose of this process is to move a project from the OWASP Incubator into the OWASP Labs.

*'''Project Health Assessment:''' The Project Health Assessment is an optional process undertaken at the request of a project leader when he/she applies for Project Graduation The purpose of this assessment is to determine whether a project meets the minimum criteria of an OWASP Project outlined in the [https://docs.google.com/a/owasp.org/spreadsheet/ccc?key=0AllOCxlYdf1AdG5NZGhzTjZpT1RDcnRibjd0aXhfOUE#gid=1 Project Health Assessment Criteria Document].

*'''Project Release:''' A project release refers to the final deliverable a project produces. It is the final product of the project.

*'''Project Deliverable/Release Review:''' The Project Deliverable/Release Review is an optional process undertaken at the request of a project leader using the Project Deliverable Review Form. The purpose of this process is to review a project’s progress, and to make sure the project is heading in the right direction based on the roadmap they provided at project inception.

== OWASP Projects Processes ==

*'''Project Processes:''' The set of streamlined processes that exist to help projects move smoothly through the OWASP Project Lifecycle.

*'''Project Inception Process:''' The Project Inception Process is how a brand new idea becomes an OWASP Project. Such projects are labeled as OWASP Incubator projects. The process involves submitting the proposed project name, project leader information, project description, project roadmap, and selecting an appropriate open-source license for the project using the New Project Form on the Projects Portal.

*'''Project Donation Process:''' The Project Donation Process is used for a project that has an existing functional release, but is not currently associated with OWASP. This process is the primary mechanism by which individuals or organizations can transfer the ownership of their project’s copyright to OWASP.

*'''Project Transition Process:''' The Project Transition Process is used to transition leadership of a project to a new project leader. This is a simple automated process to transfer the relevant accounts, mailing lists, and other project resources to the new project leader.

*'''Project Abandonment Process:''' The Project Abandonment Process was put in place for those occasions in which a project leader is no longer able to manage their project, and has not been able to find a suitable replacement for the leader role. Project Abandonment can also occur when the project leader feels his/her project has become obsolete. Under these circumstances, the acting project leader is encourage do submit the Project Abandonment Form found in the Projects Portal.

*'''Incubator Graduation Process:''' The Incubator Graduation Process is an optional process undertaken at the request of a project leader using the Incubator Graduation Form. The purpose of this process is to move a project from the OWASP Incubator into the OWASP Labs.

== Projects at Conferences ==

*'''AppSec Conferences:''' OWASP AppSec conferences bring together industry, government, security researchers, and practitioners to discuss the state of the art in application security. This series was launched in the United States in 2004 and Europe in 2005. Global AppSec conferences are held annually in North America, Latin America, Europe, and Asia Pacific.

*'''Open Source Showcase:''' The Open Source Showcase is an OWASP AppSec Conference event module designed to give Open Source project leaders the opportunity to demo their projects.

*'''OWASP Project Track:''' The OWASP Project Track is an OWASP AppSec Conference event module designed to give OWASP Project leaders the opportunity to showcase their projects as an official conference presenter.

== OWASP Projects General ==

*'''OWASP Code of Ethics:''' The OWASP Code of Ethics are the set of guidelines and principles that the OWASP Foundation expects all of its members and conference attendees to abide by. A copy of the Code of Ethics can be found here in the [https://www.owasp.org/index.php/About_The_Open_Web_Application_Security_Project#Code_of_Ethics OWASP About page].

= Sponsorships and Donations =


==Donate to OWASP Global Projects ==
OWASP Projects, a global division of the OWASP Foundation, is run under the same world wide not-for-profit charitable status as all the foundation strategic groups. OWASP provides a platform for contributors to share their work while providing them with the project and community support they need throughout their project development. All OWASP Projects are run by volunteers and they rely on personal donations and sponsorship to continue their development. Donate to OWASP Projects, and we promise to spend your money wisely on open source initiatives.

'''This is how your money can help:'''

* $20 could help us spread the word on the importance of open source initiatives in the Application Security industry.
* $100 could help fund OWASP project demos at major conferences.
* $250 could help get our volunteer Project Leaders to speaking engagements.

[[Image:Donate_Button.jpg | link=http://www.regonline.com/Register/Checkin.aspx?EventID=1044369]]

= PM Information =


==Samantha Groves: OWASP Program Manager: OWASP Projects==
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Sam3.jpg|100px]]
| align="justify" |Samantha Groves is the Program Manager at OWASP for our Global Projects. Samantha has led many projects in her career, some of which include website development, brand development, sustainability and socio-behavioral research projects, competitor analysis, event organization and management, volunteer engagement projects, staff recruitment and training, and marketing department organization and strategy implementation projects for a variety of commercial and not-for-profit organizations. She is eager to begin her work at OWASP and help the organization reach its project completion goals.

Samantha earned her MBA in International Management with a concentration in sustainability from Royal Holloway, University of London. She earned her Bachelor's degree majoring in Multimedia from The University of Advancing Technology in Mesa, Arizona, and she earned her Associate's degree from Scottsdale Community College in Scottsdale, Arizona. Additionally, Samantha attained her Prince2 (Foundation) project management certification, and she undertook executive management training in Intellectual Property Strategy from Harvard Business School. [https://www.owasp.org/index.php/Test2test .]

Please see the [https://www.owasp.org/index.php/OwaspPM OWASP Program Manager: Projects Role Description] for more information.

|}
 

==Program Reports==

'''2014'''

*[https://www.owasp.org/index.php/Projects/Reports/2014-10-01 Project Manager Report: January 10 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-17-01 Project Manager Report: January 17 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-25-01 Project Manager Report: January 25 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-31-01 Project Manager Report: January 31 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-07-02 Project Manager Report: February 07 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-16-02 Project Manager Report: February 16 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-21-02 Project Manager Report: February 21 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-28-02 Project Manager Report: February 28 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-07-03 Project Manager Report: March 07 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-14-03 Project Manager Report: March 14 2014]
*Project Manager Report: March 21 2014 - No Report this week. PM was away at AppSec APAC 2014.
*[https://www.owasp.org/index.php/Projects/Reports/2014-28-03 Project Manager Report: March 28 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-04-04 Project Manager Report: April 04 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-11-04 Project Manager Report: April 11 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-18-04 Project Manager Report: April 18 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-25-04 Project Manager Report: April 25 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-02-05 Project Manager Report: May 02 2014]

'''2013'''

*[https://www.owasp.org/index.php/GPC/Meetings/2013-04-01 GPC Meeting: January 04 2013 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-11-01 GPC Meeting: January 11 2013 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-18-01 GPC Meeting: January 18 2013 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-25-01 GPC Meeting: January 25 2013 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-01-02 GPC Meeting: February 01 2013 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-08-02 GPC Meeting: February 08 2013 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-15-02 GPC Meeting: February 15 2013 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-22-02 GPC Meeting: February 22 2013 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-01-03 Project Manager Report: March 01 2013]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-08-03 Project Manager Report: March 08 2013]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-15-03 Project Manager Report: March 15 2013]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-22-03 Project Manager Report: March 22 2013]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-29-03 Project Manager Report: March 29 2013]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-05-04 Project Manager Report: April 05 2013]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-12-04 Project Manager Report: April 12 2013]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-19-04 Project Manager Report: April 19 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-26-04 Project Manager Report: April 26 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-03-05 Project Manager Report: May 03 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-10-05 Project Manager Report: May 10 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-17-05 Project Manager Report: May 17 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-24-05 Project Manager Report: May 24 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-31-05 Project Manager Report: May 31 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-07-06 Project Manager Report: June 07 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-14-06 Project Manager Report: June 14 2013]
*Project Manager Report: June 21 2013 - No Report this week. PM was away at a week long course.
*[https://www.owasp.org/index.php/Projects/Reports/2013-28-06 Project Manager Report: June 28 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-05-07 Project Manager Report: July 05 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-12-07 Project Manager Report: July 12 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-19-07 Project Manager Report: July 19 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-26-07 Project Manager Report: July 26 2013]
*Project Manager Report: August 02 2013 - No Report this week. PM was away at Black Hat & DEFCON 2013.
*[https://www.owasp.org/index.php/Projects/Reports/2013-09-08 Project Manager Report: August 09 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-16-08 Project Manager Report: August 16 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-23-08 Project Manager Report: August 23 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-30-08 Project Manager Report: August 30 2013]
*Project Manager Report: September 06 2013 - No Report this week. PM was away.
*[https://www.owasp.org/index.php/Projects/Reports/2013-13-09 Project Manager Report: September 13 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-20-09 Project Manager Report: September 20 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-27-09 Project Manager Report: September 27 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-04-10 Project Manager Report: October 04 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-12-10 Project Manager Report: October 12 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-18-10 Project Manager Report: October 18 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-25-10 Project Manager Report: October 25 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-01-11 Project Manager Report: November 01 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-08-11 Project Manager Report: November 08 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-15-11 Project Manager Report: November 15 2013]
*Project Manager Report: November 22 2013 - No Report this week. PM was away at AppSec USA 2013.
*Project Manager Report: November 29 2013 - No Report this week. National Holiday.
*[https://www.owasp.org/index.php/Projects/Reports/2013-06-12 Project Manager Report: December 06 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-13-12 Project Manager Report: December 13 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-20-12 Project Manager Report: December 20 2013]

'''2012'''

*[https://www.owasp.org/index.php/GPC/Meetings/2012-24-08 GPC Meeting: August 24 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-07-09 GPC Meeting: September 07 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-14-09 GPC Meeting: September 14 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-21-09 GPC Meeting: September 21 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-28-09 GPC Meeting: September 28 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-05-10 GPC Meeting: October 05 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-12-10 GPC Meeting: October 12 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-19-10 GPC Meeting: October 19 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-09-11 GPC Meeting: November 09 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-16-11 GPC Meeting: November 16 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-30-11 GPC Meeting: November 30 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-07-12 GPC Meeting: December 07 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-14-12 GPC Meeting: December 14 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-21-12 GPC Meeting: December 21 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-27-12 GPC Meeting: December 27 2012 Project Manager Report]

==Board Meeting Reports==

*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/August_13_2012 Board Meeting: August 2012 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/September_10_2012 Board Meeting: September 2012 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/October_08_2012 Board Meeting: October 2012 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/November_12_2012 Board Meeting: November 2012 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/December_10_2012 Board Meeting: December 2012 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/January_14_2013 Board Meeting: January 2013 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/February_11_2013 Board Meeting: February 2013 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/March_11_2013 Board Meeting: March 2013 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/April_05_2013 Board Meeting: April 2013 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/May_13_2013 Board Meeting: May 2013 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/June_10_2013 Board Meeting: June 2013 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/July_08_2013 Board Meeting: July 2013 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/August_06_2013 Board Meeting: August 2013 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/September_09_2013 Board Meeting: September 2013 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/November_06_2013 Board Meeting: November 2013 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/December_03_2013 Board Meeting: December 2013 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/February_18_2013 Board Meeting: February 2014 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/April_18_2014 Board Meeting: April 2014 Project Manager Report]

==Project Funds==

* [https://docs.google.com/a/owasp.org/spreadsheet/pub?hl=en_US&hl=en_US&key=0Atu4kyR3ljftdEdQWTczbUxoMUFnWmlTODZ2ZFZvaXc&output=html Chapter and Individual Project Funds]
* [https://www.owasp.org/index.php/Projects_Reboot_2012 Project Reboot 2012 Information]
* [https://www.owasp.org/images/a/ae/Project_Funds-Q1_2013.pdf Q1 2013: Funds Allocated to Projects]
* [https://www.owasp.org/images/a/a0/PROJECT_FUNDS_Q2_2013.pdf Q2 2013: Funds Allocated to Projects]
* [https://www.owasp.org/images/c/ce/Due_To_Projects_Q3.pdf Q3 2013: Funds Allocated to Projects]
* [https://www.owasp.org/images/b/b3/Due_To_Projects_Q4_2013.pdf Q4 2013: Funds Allocated to Projects]

==Program Grants: Proposals Awarded==

*'''[https://docs.google.com/document/d/1MA3TI5ssclxvheV8At_ffu2Fuic55SDpOokS3AOvBUc/edit?usp=sharing OWASP Guidebooks Proposal]'''
# Amount: $25,000 USD
# Status: Awarded. The first payment has been allocated to our project budgets. The second invoice has now been sent to Georgia Tech and payment has been received.
# [https://www.owasp.org/images/1/18/Development_Guide_Project_Gantt.pdf OWASP Development Guide Plan]
# [https://www.owasp.org/images/e/e9/Testing_Guide_Project_Gantt.pdf OWASP Testing Guide Plan]
# [https://www.owasp.org/images/d/da/Code_Review_Project_Gantt.pdf OWASP Code Review Guide Plan]

*'''Google Grants Proposal'''
#Amount: $120,000 USD in Adwords Funds
#Status: Awarded.
#Note: There is no link to show the proposal for this grant. There was a form that was submitted to Google, and we did not receive a record of this form.

*'''Google Summer of Code'''
#Amount: $5,500
#Status: Awarded

*'''Projects breakdown:'''
**4 ZAP Projects: $2,000
**4 OWTF Projects: $2,000
**1 PHP Security Project: $500
**1 Hackademics Project: $500
**1 Modsecurity Project: $500
**Note: Big thank you to Fabio Cerullo for coordinating and managing this award.

*'''[https://docs.google.com/document/d/1cFbmOLqEQQG8eXPrMTlU6JUivgRIacUeL7D599bZm_E/edit?usp=sharing OWASP AppSensor Grant Proposal]'''
# Amount: $15,000 USD
# Status: Awarded.

*'''Total Funds Awarded: $172,170 USD for 2013.'''

==Proposals Denied==

*'''European Commission Grant Proposal'''
#Amount: €250,000
#Status: Denied.

*'''[https://docs.google.com/document/d/1Vz7BLFdt1h5AhmW-Zc2B_KlqhzsSkSAaEASML5U4VQs/edit?usp=sharing OWASP OpenSAMM Grant Proposal]'''
# Amount: $112,000 USD
# Status: Denied

*'''[https://docs.google.com/document/d/16ZFXaML8C7aDAZdyTMDDg4BzLr1vUTOz9eqmYE8ZW8U/edit?usp=sharing OWASP ESAPI Grant Proposal]'''
# Amount: $25,000 USD
# Status: Denied

*'''[https://docs.google.com/document/d/1dBTaRr-yl8wGhGKxacWACznZhCZnJ_sZeAdN-b2xPlw/edit?usp=sharing OWASP ModSecurity CRS Proposal]'''
#Amount: $30,000 USD
#Status: Denied

*'''[https://docs.google.com/file/d/0B1lOCxlYdf1AQm52T2xjX215M28/edit?usp=sharing OWASP OWTF Grant Proposal]'''
# Amount: $55,800 USD
# Status: Denied

==Program Presentations: Projects==

* [https://www.owasp.org/images/f/fb/OWASP_GLOBAL_PROJECTS.pdf OWASP Projects Presentation: Phoenix Chapter Talk]
* [https://www.owasp.org/images/b/bb/OWASP_Projects_Webinar.pdf OWASP Projects Webinar]
* [https://www.owasp.org/images/1/19/OWASP_PROJECTS_SOLUTIONS.pdf OWASP Project Infrastructure: Solutions]

==Program Manger's Quarterly Strategic Objectives==

'''[https://docs.google.com/document/d/1g9jJImMr0p6fLqixOJIXtrNvGtycmI7-ofT54vWExwo/edit?usp=sharing Goals and Objectives: 2013 Q4]'''
#Finish planning Project Summit & Execute Summit at AppSec USA.
#Develop & Finish Global Projects Strategy for 2014: Includes Budget
#Finish Fundraising Strategy for 2014: Includes Budget

*'''Ongoing Objectives for 2013'''
**Quarterly Report to DHS
**Continue helping leaders reach their grant required milestones
**Finalise graphic design delivery from Patrick: 2 pieces to go.

'''[https://docs.google.com/a/owasp.org/document/d/1wziu7cIMmnYZQ_fMxjNd614e0OWNacZLmcyQl7zWnZU/edit?usp=sharing Goals and Objectives: 2013 Q3]'''
#Marketing: Work with Sarah to solicit feedback from community on Marketing deliverables and finalize relationship with Patrick and Denita.
#Project Review Process - Work with new Technical Project advisors to finalize project review criteria and process.
#Grants: Develop a grant strategy for rest of 2013 and 2014, utilizing fundraising intern(s) as part of this strategy.

*'''Ongoing Objectives for 2013'''
**Work with Project leaders to reach grant required milestones - ONGOING
**Develop a project charter outlining appropriate grant revenue spending and grant required milestones. - DUE IN SEPTEMBER - ONGOING
**Oversight of Marketing and Graphic Design deliverables (Phase 2/Phase 3) provided by 3rd party contractor

==Contact the Program Manager==

If you need any help with anything projects related, or if you simply need some more information, please do not hesitate to contact the [http://owasp4.owasp.org/contactus.html OWASP Projects Manager, Samantha Groves].


= Contact US =


==OWASP Representation==
* [[User:Samantha Groves|Samantha Groves]]: OWASP Program Manager: OWASP Projects

If you need any help with anything projects related, or if you simply need some more information, please do not hesitate to contact the [http://owasp4.owasp.org/contactus.html OWASP Projects Manager, Samantha Groves].


<headertabs />

Projects/Reports/2014-02-05

2014-05-03T01:01:44Z

Samantha Groves:

=PROJECT METRICS=

<div style="width:100%;height:160px;border:0,margin:0;overflow: hidden;">[[File:OWASP_Project_Header.jpg|link=]]</div>

==Metrics==

*'''[https://docs.google.com/spreadsheet/ccc?key=0AllOCxlYdf1AdFFOQlZKQ0VhYndKT0ZkUlVsdFhrV3c&usp=sharing Project Numbers]'''

*Active Projects: 172
*Inactive Projects: 111
*Incubator Projects: 139
*Lab Projects: 18
*Flagship Projects: 15

==OWASP Project of the Month ==

{|
|-
! width="400" align="left" |
! width="400" align="left" |
|-
| align="left" | [[Image:Passfault01.jpg|left|300px|link=https://www.owasp.org/index.php/OWASP_Passfault]] 
| align="left" | [[Image:AppSecEU_2014.jpg|left|300px|link=https://2014.appsec.eu/]] 

|}

=CURRENTLY WORKING ON=

*'''OSS in Cambridge'''
**I am happy to report that we now have 8 applicants for the Open Source Showcase.
**I asked the community to help spread the word, and we were successful in getting the applications we needed to move the activity forward.
**We put together this blog post to announce the opportunity: [http://owasp.blogspot.com/2014/04/open-source-showcase-demo-your-project.html OSS at AppSec EU]
**We hope to get more submissions in the coming weeks.
**I have also worked with Kelly this week to put together a sponsorship proposal so she cal sell to potential sponsors for the OSS.
**We are asking for $5K per sponsor.

*'''Project Summit 2014'''
**I have been working with the AppSec EU team to organize the 2014 Project Summit.
**I have been trying to promote the event like crazy these past few weeks, but I am not getting too many submissions.
**I am having to reach out to Leaders directly to invite them to join in.
**We currently have 3 summit sessions, but I need more.
**We are also seeking 10K USD sponsorship for the summit.
**I worked with Kelly this week to put together a sponsorship proposal so she cal sell to potential sponsors for the Summit.
**We are asking for $5K per sponsor, as well.

*'''Project Reviews'''
**Sarah and I spoke about the reviews and the process that was created by the Technical Advisory Board.
**We decided to move forward with the reviews using the forms and process we created at the [https://www.owasp.org/images/c/c3/OWASP_2013_PROJECT_SUMMIT_REPORT.pdf 2013 Summit].
**The only catch is that we are dropping the Open Samm questionnaire, and we are only using the Project Quality and Health assessments.
**Here are the two forms we are using:
**[https://docs.google.com/a/owasp.org/forms/d/1mZ9QJDOS0jYaWDPCooxaa_BZPD7zm5U0REnMjt0RRoM/viewform Project Health]
**[https://docs.google.com/a/owasp.org/forms/d/1UUSrQySyvwQPq_KzhF6Q-9wvOptvLiDzNSjdXwiPOPg/viewform Project Quality: Code and Tool]
**[https://docs.google.com/a/owasp.org/forms/d/1TSj-V-rkngi1crB6BjOqabsCcjOVDjHKSelSitBqRU4/viewform Project Quality: Documentation]
**Simon Bennetts and Johanna Curiel completed a full review of the OWTF Project this week using this process.
**This is the first time the full process has been used to review and graduate a project.
**The OWASP OWTF Project is now a Lab Project.
**See the full review report here: [https://www.owasp.org/images/4/49/OWASP_Project_Review-OWTF_Project.pdf OWASP OWTF Project Review Results]

*'''Project Task Force'''
**The Project Task Force is getting on with operational project tasks.
**I am so glad this is working so well.
**We are underway with our project active/inactive audit.
**We have already eliminated over 10 projects from the active project inventory.
**This group will focus on getting stuff done for our OWASP Projects.
**There are quite a few tasks that we need to get sorted so please join in if you are interested in helping out.
**[https://www.owasp.org/index.php/Category:OWASP_Project#tab=Project_Task_Force Project Task Force Page]
**[https://groups.google.com/forum/#!forum/owasp-projects-task-force Google Group Page]

*'''Graphic Design: Hugo'''
**Hugo has completed some amazing design projects this week.
**Below are some of the examples of his work:
**[https://www.owasp.org/images/3/3a/CodeReviewCover_2014.pdf Code Review Guide Book Covers]
**[https://www.owasp.org/images/8/86/Testing_Guide_V4_final.pdf Testing Guide Book Cover]
**[https://www.owasp.org/images/8/8a/Cambridge_2014_flyer_curves.pdf AppSec EU Triptic Brochure]

*'''Projects Intern: Kait'''
**Kate has been helping me with different administrative project duties this week.
**She is working on getting some additional metrics we need for our project inventory.
**She is also working on reaching out to leaders and finding out if their projects are inactive or not.
**We will do this first pass, and then I want to give the list to Johanna so she can do a more thorough pass.
**Kait is also helping with promotion of the OSS, Summit, and Women in AppSec.

*'''Daily Project based queries and requests'''
**This has not changed much since I began the post: questions are very similar in nature.
**Global AppSec questions.
**Funding queries.
**Travel availability.
**Project based administrative help.
**Project status information.
**Several project donation questions.
**Marketing questions.
**Grant funding questions.
**OWASP social media updates.
**What's happening with projects, questions.
**Managing Salesforce cases.

=PROJECT GRANTS & FUNDING UPDATES=

==General Awards==

*'''OWASP OWTF Project: Brucon 5x5 Award'''
# Amount: €5,000.00 (Approx. $6,670.00)
# Status: Awarded. Congratulations, Abraham Aranguren and all involved in the project, for your award.

==Proposals Awarded==

*'''[https://docs.google.com/document/d/1MA3TI5ssclxvheV8At_ffu2Fuic55SDpOokS3AOvBUc/edit?usp=sharing OWASP Guidebooks Proposal]'''
# Amount: $25,000 USD
# Status: Awarded. The first payment has been allocated to our project budgets. The second invoice has now been sent to Georgia Tech and payment has been received.
# [https://www.owasp.org/images/1/18/Development_Guide_Project_Gantt.pdf OWASP Development Guide Plan]
# [https://www.owasp.org/images/e/e9/Testing_Guide_Project_Gantt.pdf OWASP Testing Guide Plan]
# [https://www.owasp.org/images/d/da/Code_Review_Project_Gantt.pdf OWASP Code Review Guide Plan]

*'''Google Grants Proposal'''
#Amount: $120,000 USD in Adwords Funds
#Status: Awarded.
#Note: There is no link to show the proposal for this grant. There was a form that was submitted to Google, and we did not receive a record of this form.
#[https://www.owasp.org/images/e/ed/2013_Campaign_Report.pdf Google Grants Usage Report]

*'''Google Summer of Code'''
#Amount: $5,500
#Status: Awarded

*'''Projects breakdown:'''
**4 ZAP Projects: $2,000
**4 OWTF Projects: $2,000
**1 PHP Security Project: $500
**1 Hackademics Project: $500
**1 Modsecurity Project: $500
**Travel Expenses: $1,896.38 (Reimbursement)
**Note: Big thank you to Fabio Cerullo for coordinating and managing this award.

*'''[https://docs.google.com/document/d/1cFbmOLqEQQG8eXPrMTlU6JUivgRIacUeL7D599bZm_E/edit?usp=sharing OWASP AppSensor Grant Proposal]'''
# Amount: $15,000 USD
# Status: Awarded.

*'''Total Funds Awarded: $172,170 USD for 2013.'''

==Proposals Denied==

*'''European Commission Grant Proposal'''
#Amount: €250,000
#Status: Denied.

*'''[https://docs.google.com/document/d/1Vz7BLFdt1h5AhmW-Zc2B_KlqhzsSkSAaEASML5U4VQs/edit?usp=sharing OWASP OpenSAMM Grant Proposal]'''
# Amount: $112,000 USD
# Status: Denied

*'''[https://docs.google.com/document/d/16ZFXaML8C7aDAZdyTMDDg4BzLr1vUTOz9eqmYE8ZW8U/edit?usp=sharing OWASP ESAPI Grant Proposal]'''
# Amount: $25,000 USD
# Status: Denied

*'''[https://docs.google.com/document/d/1dBTaRr-yl8wGhGKxacWACznZhCZnJ_sZeAdN-b2xPlw/edit?usp=sharing OWASP ModSecurity CRS Proposal]'''
#Amount: $30,000 USD
#Status: Denied

*'''[https://docs.google.com/file/d/0B1lOCxlYdf1AQm52T2xjX215M28/edit?usp=sharing OWASP OWTF Grant Proposal]'''
# Amount: $55,800 USD
# Status: Denied

==Current Project Funds==

* [https://docs.google.com/a/owasp.org/spreadsheet/pub?hl=en_US&hl=en_US&key=0Atu4kyR3ljftdEdQWTczbUxoMUFnWmlTODZ2ZFZvaXc&output=html Chapter and Individual Project Funds]
* [https://www.owasp.org/index.php/Projects_Reboot_2012 Project Reboot 2012 Information]
* [https://www.owasp.org/images/a/ae/Project_Funds-Q1_2013.pdf Q1 2013: Funds Allocated to Projects]
* [https://www.owasp.org/images/a/a0/PROJECT_FUNDS_Q2_2013.pdf Q2 2013: Funds Allocated to Projects]
* [https://www.owasp.org/images/c/ce/Due_To_Projects_Q3.pdf Q3 2013: Funds Allocated to Projects]
* [https://www.owasp.org/images/b/b3/Due_To_Projects_Q4_2013.pdf Q4 2013: Funds Allocated to Projects]

=PROJECT ANNOUNCEMENTS=

==2014 OWASP Project Summit: Need Working Session Ideas!==

The 2014 OWASP Project Summit will be taking place during AppSec EU 2014 in Cambridge, UK, and we need your help to make it our best Project Summit yet. We are calling on all OWASP Project Leaders to submit your project to participate in this year’s Summit. The Project Summit is a great opportunity to reach project milestones, as well as receive feedback from the OWASP community by enlisting new volunteers to your project.

Help shape the 2014 Project Summit by submitting to lead a working session. We would also, like your feedback on what tracks and session you would like to see at the Summit. The planning team would like your input on ideas to creating a productive event this year. The Summit team will take your ideas, and develop a comprehensive schedule that suits the needs of our Project Leaders and community.

Help make the 2014 Project Summit in Cambridge a great success for OWASP Projects. Submit your ideas for tracks and sessions to Samantha Groves (Samantha.Groves@owasp.org) and Kait Disney-Leugers (Kait.Disney.Leugers@owasp.org).

==Open Source Showcase: Demo your Project at AppSec EU 2014!==

As part of AppSec EU, the conference organizers are looking for projects to participate in the Open Source Showcase. The Open Source Showcase is a unique event module that allows project leaders and/or project contributors to showcase their work in a demo setting and gain exposure for their projects without the need to conduct a full talk session. The showcase allows a more personal view of the project between attendees.

The guidelines for submitting to the Open Source Showcase are simple: the Open Source Showcase is open to ANY project - not just OWASP projects. The only requirement for submission is that the project must be licensed under an approved Open Source License.

All open source projects are encouraged to apply to take part in the Open Source Showcase at AppSec EU 2014 in Cambridge, UK. The application form can be found here: [https://docs.google.com/forms/d/1IKKpfDL66bnzXbCglyLx1wXA4OdPmVZUUsRg1NgsYhk/viewform Submission Form].

If you have additional questions, please contact the AppSec EU 2014 Planning Team (appseceu2014@owasp.org).

==Webinar Opportunity for OWASP Project Leaders==

We are still in need for Project Leaders to showcase their projects via our Webinar series. The webinars will be held every third (3) Wednesday of every month at 10am EST. Below are the dates when each webinar will be held, and you can indicate the month if you are interested:

*May 21: Jonathan Carter
*June 18
*July 16
*August 20
*September 17
*October 15
*November 19
*December 17

Please reach out to Samantha Groves (Samantha.Groves@owasp.org) if you are interested in giving a 45 minute webinar on your OWASP Project.

=OWASP 24/7 BROADCAST SERIES=

[https://www.owasp.org/index.php/OWASP_Podcast "OWASP 24/7"] with Mark Miller is a series of recorded broadcasts, highlighting OWASP projects and people from around the world. With over 43,000 members in 100 countries, the OWASP 24/7 channel is available on demand, at anytime, anywhere on the planet. You are welcome to embed the broadcasts on your page, download them for your personal listening or keep up to date by subscribing to the iTunes channel. Please view the [https://www.owasp.org/index.php/OWASP_Podcast Podcast Project page] for a list of current interviews.

'''View [https://soundcloud.com/owasp-podcast All Available Broadcasts] or choose a single episode below'''

* [http://trustedsoftwarealliance.com/2014/03/21/the-owasp-cornucopia-project-with-colin-watson/ The OWASP Cornucopia Project with Colin Watson]
* [http://trustedsoftwarealliance.com/2014/03/24/the-owasp-top-ten-proactive-controls-project-with-jim-bird/ The OWASP Top Ten Proactive Controls Project with Jim Bird]
* [http://trustedsoftwarealliance.com/2014/03/27/owasp-hacky-easter-challenge/ The OWASP Hacky Easter Challenge with Ivan Bütler]
* [https://soundcloud.com/owasp-podcast/2014-appsec-apac-history-and/ AppSec APAC: What to Expect - Riotaro Okada & Robert Dracea]
* [https://soundcloud.com/owasp-podcast/appsec-europe-2014-what-to/ AppSec Europe What to Expect - Adrian Winckles]
* [http://trustedsoftwarealliance.com/2014/01/31/not-making-a-statement-is-a-statement-in-its-own-right-tobias-gondrom/ Not Making a Statement is a Statement in its Own Right - Tobias Gondrom and Eoin Keary]
* [http://trustedsoftwarealliance.com/2014/01/14/appsec-apac-2014-with-tobias-gondrom-what-to-expect/ AppSec APAC 2014 with Tobias Gondrom - What to Expect]
* [http://trustedsoftwarealliance.com/2014/01/13/appsec-usa-2013-larry-conklin-and-the-code-review-book-project/ AppSec USA 2013: Larry Conklin and the Code Review Book Project]
* [http://trustedsoftwarealliance.com/2014/01/07/jim-manico-life-after-owasp-podcasting/ AppSec USA 2013: Jim Manico - Life After OWASP Podcasting]
* [http://trustedsoftwarealliance.com/2013/12/13/appsec-usa-2013-zed-attack-proxy-project-with-simon-bennetts-interview/ AppSec USA 2013: Zed Attack Proxy Project with Simon Bennetts ]
* [http://trustedsoftwarealliance.com/2013/12/19/appsec-usa-2013-abbas-naderi-and-the-owasp-php-security-project/ AppSec USA 2013: Abbas Naderi and the OWASP PHP Security Project)]
* [http://trustedsoftwarealliance.com/2013/12/10/appsec-usa-2013-michael-coates-on-the-appsensor-project/ AppSec USA 2013: Michael Coates on the AppSensor Project]
* [http://trustedsoftwarealliance.com/2013/12/02/the-owasp-application-security-ciso-guide-with-marco-morana-and-tobias-gondrom/ The OWASP Application Security CISO Guide with Marco Morana and Tobias Gondrom]
* [http://trustedsoftwarealliance.com/2013/11/27/the-purpose-of-owasp-an-interview-with-co-founder-dennis-groves/ The Purpose of OWASP, an Interview with Co-Founder Dennis Groves]
* [http://trustedsoftwarealliance.com/2013/11/25/wait-wait-dont-pwn-me-full-recording-from-appsec-usa-2013/ Wait wait... don’t pwn me! - Full recording from AppSec USA 2013]
* [https://soundcloud.com/owasp-podcast/sarah-baso-43-000-members-160 Sarah Baso - What does it take to support 43,000 members in 100+ countries?]
* [https://soundcloud.com/owasp-podcast/samantha-groves-owasp-projects Samantha Groves - Getting the Most from OWASP Projects]
* [https://soundcloud.com/owasp-podcast/kate-hartmann-the-future-of Kate Hartmann - The Future of Virtual Chapter Meetings]
* [https://soundcloud.com/owasp-podcast/kelly-santalucia-growing-owasp Kelly Santalucia - Growing OWASP and the Outreach Programs]
* [https://soundcloud.com/owasp-podcast/tom-brennan-what-to-expect-at Tom Brennan - What to Expect at AppSecUSA 2013]

'''Upcoming interviews'''
* Kevin Wall (ESAPI)
* Andrew van der Stock (Pro-Active Controls)
* Andrew van der Stock
* Chetan Karande - Node.jsGoat
* Mark Arnold - OWASP Boston Chapter Lead
* Mike McCabe, Ken Johnson
* Rafael Gil
* Seba Deleersnyder

__NOTOC__ <headertabs />

File:Passfault01.jpg

2014-05-03T01:01:08Z

Samantha Groves:

Category:OWASP Project

2014-05-03T00:23:45Z

Samantha Groves:

__NOTOC__
{|
|-
! width="700" align="center" | 
! width="500" align="center" | 
|-
| align="right" | [[Image:Owasp_banner_web_pro.jpg|800px| link=https://www.owasp.org/index.php/Category:OWASP_Project]]
| align="right" |

|}

= Welcome =
{| style="width: 100%;"
|-
| style="width: 100%; color: rgb(0, 0, 0);" |
{| style="border: 0px solid ; background: transparent none repeat scroll 0% 0%; width: 100%; -moz-background-clip: border; -moz-background-origin: padding; -moz-background-inline-policy: continuous;"
|-
| style="width: 95%; color: rgb(0, 0, 0);" |


=== OWASP Project Inventory ===

All OWASP tools, document, and code library projects are organized into the following [https://www.owasp.org/index.php/OWASP_Project_Stages categories:]

* '''[https://www.owasp.org/index.php/OWASP_Project_Inventory#Flagship_Projects Flagship Projects:]''' The OWASP Flagship designation is given to projects that have demonstrated strategic value to OWASP and application security as a whole.

* '''[https://www.owasp.org/index.php/OWASP_Project_Inventory#Labs_Projects Lab Projects:]''' OWASP Labs projects represent projects that have produced an OWASP reviewed deliverable of value.

* '''[https://www.owasp.org/index.php/OWASP_Project_Inventory#Incubator_Projects Incubator Projects:]''' OWASP Incubator projects represent the experimental playground where projects are still being fleshed out, ideas are still being proven, and development is still underway.

=== Welcome to the OWASP Global Projects Page ===

An OWASP project is a collection of related tasks that have a defined roadmap and team members. OWASP project leaders are responsible for defining the vision, roadmap, and tasks for the project. The project leader also promotes the project and builds the team. OWASP currently has over 142 active projects, and new project applications are submitted every week.

This is one of the most popular divisions of OWASP as it gives members an opportunity to freely test theories and ideas with the professional advice and support of the OWASP community. Every project has an associated mail list. You can view all the lists, examine their archives, and subscribe to any project by visiting the [http://lists.owasp.org/mailman/listinfo OWASP Project Mailing Lists] page. A summary of recent project announcements is available on the [[OWASP Updates]] page.

'''[https://www.owasp.org/images/d/d8/PROJECT_LEADER-HANDBOOK_2014.pdf Download the OWASP Project Handbook 2014]'''

'''[https://www.owasp.org/index.php/OWASP_2014_Project_Handbook OWASP Project Handbook Wiki 2014]'''

'''[https://www.owasp.org/images/6/6a/OWASP_Projects_Handbook_2013.pdf Download the OWASP Projects Handbook 2013]'''

'''[http://www.tfaforms.com/263506 Start a New OWASP Project]'''

'''[https://www.owasp.org/index.php/Project_Online_Resources Project Online Resources]'''

=== Who Should Start an OWASP Project? ===

*Application Developers.
*Software Architects.
* Information Security Authors.
*Those who would like the support of a world wide professional community to develop or test an idea.
*Anyone wishing to take advantage of the professional body of knowledge OWASP has to offer.

=== Contact Us===

If you have any questions, please do not hesitate to contact the [http://owasp4.owasp.org/contactus.html OWASP Projects Manager, Samantha Groves] by using the form provided here. Please allow five working days for your question or comment to be answered. This is due to the large amount of queries the foundation staff receive every day. We thank you for your patience.

=== Social Media ===

We recommend using the links below to find our official OWASP social media channels. These are a great way to keep in touch with the different initiatives going on at OWASP throughout the world. They are all updated regularly by chapter leaders, project leaders, the OWASP Board Members, and our OWASP Staff. If you have any questions or concerns about any of these accounts, please drop us a line using our [http://www.tfaforms.com/308703 "Contact Us"] form found above.

[[Image:Blogger-32x32.png|32px|link=http://owasp.blogspot.co.uk/]] [[Image:Twitter-32x32.png|32px|link=https://twitter.com/OWASP]] [[Image:Facebook-32x32.png|32px|link=https://www.facebook.com/groups/172892372831444/]] [[Image:Linkedin-32x32.png|32px|link=http://www.linkedin.com/groups/Global-OWASP-Foundation-36874]] [[Image:Google-32x32.png|32px|link=https://plus.google.com/u/0/communities/105181517914716500346?cfem=1]] [[Image:Ning-32x32.png|32px|link=http://myowasp.ning.com/]]





 

|}



| style="border: 3px solid rgb(204, 204, 204); vertical-align: top; width: 95%; font-size: 95%; color: rgb(0, 0, 0);" | 

                                                                                                                              [[Image:Reversepm.jpg‎|center|300px| link=https://www.owasp.org/index.php/OWASP_Reverse_Engineering_and_Code_Modification_Prevention_Project]]

[[Image:AppSecEU_2014.jpg|center|300px| link=https://2014.appsec.eu/]]

[[Image:New_initiatives.png|center|300px| link=http://owasp.force.com/volunteers/GW_Volunteers__VolunteersJobListing]]

[[Image:Donate_here_banner.png|center|300px| link=http://www.regonline.com/Register/Checkin.aspx?EventID=1044369]]

{|

| style="width: 110px; font-size: 95%; color: rgb(0, 0, 0);" |
|}

| style="width: 110px; font-size: 95%; color: rgb(0, 0, 0);" |
|}


= Project Inventory =


==Flagship Projects==

The OWASP Flagship designation is given to projects that have demonstrated strategic value to OWASP and application security as a whole.

'''Code'''

'''Tools'''

'''Documentation'''

==Labs Projects==

OWASP Labs projects represent projects that have produced a deliverable of value. While these projects are typically not production ready, the OWASP community expects that an OWASP Labs project leader is producing releases that are at least ready for mainstream usage.

'''Tools'''
* [https://www.owasp.org/index.php/OWASP_Broken_Web_Applications_Project OWASP Broken Web Applications Project]
* [https://www.owasp.org/index.php/Category:OWASP_CSRFTester_Project OWASP CSRFTester Project]
* [https://www.owasp.org/index.php/Category:OWASP_EnDe OWASP EnDe Project]
* [https://www.owasp.org/index.php/OWASP_Hackademic_Challenges_Project OWASP Hackademic Challenges Project]
* [https://www.owasp.org/index.php/OWASP_Mantra_-_Security_Framework OWASP Mantra Security Framework]
* [https://www.owasp.org/index.php/Category:OWASP_Mutillidae OWASP Mutillidae Project]
* [https://www.owasp.org/index.php/OWASP_O2_Platform OWASP O2 Platform]
* [https://www.owasp.org/index.php/Project_Information:template_Vicnum_Project OWASP Vicnum Project]
* [https://www.owasp.org/index.php/Category:OWASP_Wapiti_Project OWASP Wapiti Project]
* [https://www.owasp.org/index.php/Project_Information:template_Yasca_Project OWASP Yasca Project]
* [https://www.owasp.org/index.php/OWASP_OWTF OWASP OWTF]
* [https://www.owasp.org/index.php?title=OWASP_Web_Testing_Environment_Project OWASP Web Testing Environment Project]
* [https://www.owasp.org/index.php/Webgoat OWASP WebGoat Project]
* [https://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Project OWASP Zed Attack Proxy]

'''Documentation'''
* [https://www.owasp.org/index.php/OWASP_Appsec_Tutorial_Series OWASP AppSec Tutorial Series]
* [https://www.owasp.org/index.php/OWASP_AppSensor_Project OWASP AppSensor Project]
* [https://www.owasp.org/index.php/Category:OWASP_CTF_Project OWASP CTF Project]
* [https://www.owasp.org/index.php/Category:OWASP_Legal_Project OWASP Legal Project]
* [https://www.owasp.org/index.php/OWASP_Podcast OWASP Podcast Project]
* [https://www.owasp.org/index.php/Virtual_Patching_Best_Practices Virtual Patching Best Practices]
* [https://www.owasp.org/index.php/Category:OWASP_Application_Security_Verification_Standard_Project OWASP Application Security Verification Standard Project]
* [https://www.owasp.org/index.php/Category:OWASP_Code_Review_Project OWASP Code Review Guide Project]
* [https://www.owasp.org/index.php/OWASP_Codes_of_Conduct OWASP Codes of Conduct]
* [https://www.owasp.org/index.php/Category:OWASP_Guide_Project OWASP Development Guide Project]
* [https://www.owasp.org/index.php/OWASP_Secure_Coding_Practices_-_Quick_Reference_Guide OWASP Secure Coding Practices - Quick Reference Guide]
* [https://www.owasp.org/index.php/Category:Software_Assurance_Maturity_Model OWASP Software Assurance Maturity Model (SAMM)]
* [https://www.owasp.org/index.php/OWASP_Testing_Project OWASP Testing Guide Project]
* [https://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project OWASP Top Ten Project]

'''Code'''
* [https://www.owasp.org/index.php/Category:OWASP_AntiSamy_Project OWASP AntiSamy Project]
* [https://www.owasp.org/index.php/Category:OWASP_Enterprise_Security_API OWASP Enterprise Security API]
* [https://www.owasp.org/index.php/Projects/OWASP_ModSecurity_Core_Rule_Set_Project OWASP ModSecurity Core Rule Set Project]
* [https://www.owasp.org/index.php/Category:OWASP_CSRFGuard_Project OWASP CSRFGuard Project]

<div id="sammysam"></div>

==Incubator Projects==

OWASP Incubator projects represent the experimental playground where projects are still being fleshed out, ideas are still being proven, and development is still underway. The “OWASP Incubator” label allows OWASP consumers to readily identify a project’s maturity. The label also allows project leaders to leverage the OWASP name while their project is still maturing.

'''Code'''
* [https://www.owasp.org/index.php/Opa OWASP OPA]
* [https://www.owasp.org/index.php/OWASP_Java_Encoder_Project OWASP Java Encoder Project]
* [https://www.owasp.org/index.php/OWASP_JSON_Sanitizer OWASP JSON Sanitizer]
* [https://www.owasp.org/index.php/OWASP_Java_HTML_Sanitizer OWASP Java HTML Sanitizer Project]
* [https://www.owasp.org/index.php/OWASP_Java_XML_Templates_Project OWASP Java XML Templates Project]
* [https://www.owasp.org/index.php/OWASP_Passfault OWASP Passfault]
* [https://www.owasp.org/index.php/OWASP_OctoMS OWASP OctoMS]
* [https://www.owasp.org/index.php/OWASP_Java_File_I_O_Security_Project OWASP Java File I/O Security Project]
* [https://www.owasp.org/index.php/OWASP_Security_Research_and_Development_Framework OWASP Security Research and Development Framework]
* [https://www.owasp.org/index.php/OWASP_1-Liner OWASP 1-Liner]
* [https://www.owasp.org/index.php/OWASP_Focus OWASP Focus]
* [https://www.owasp.org/index.php/OWASP_PHPRBAC_Project OWASP PHPRBAC Project]
* [https://www.owasp.org/index.php/OWASP_EJSF_Project OWASP EJSF Project]
* [https://www.owasp.org/index.php/OWASP_Barbarus OWASP Barbarus]
* [https://www.owasp.org/index.php/OWASP_iMAS_iOS_Mobile_Application_Security_Project OWASP iMAS - iOS Mobile Application Security Project]
* [https://www.owasp.org/index.php/OWASP_RBAC_Project OWASP RBAC Project]
* [https://www.owasp.org/index.php/OWASP_PHP_Security_Project OWASP PHP Security Project]
* [https://www.owasp.org/index.php/OWASP_Simple_Host_Base_Incidence_Detection_System_Project OWASP Simple Host Base Incidence Detection System Project]
* [https://www.owasp.org/index.php/OWASP_File_Format_Validation_Project OWASP File Format Validation Project]
* [https://www.owasp.org/index.php/OWASP_JAWS_Project OWASP JAWS Project]
* [https://www.owasp.org/index.php/OWASP_Node_js_Goat_Project OWASP Node.js Goat Project]
* [https://www.owasp.org/index.php/OWASP_System_Vulnerable_Code_Project OWASP System Vulnerable Code Project]
* [https://www.owasp.org/index.php/OWASP_ISO_IEC_27034_Application_Security_Controls_Project OWASP ISO/IEC 27034 Application Security Controls Project]
* [https://www.owasp.org/index.php/OWASP_Ultimatum_Project OWASP Ultimatum Project]
* [https://www.owasp.org/index.php/OWASP_Secure_Headers_Project OWASP Secure Headers Project]

'''Tools'''
* [https://www.owasp.org/index.php/OWASP_NAXSI_Project OWASP NAXSI Project]
* [https://www.owasp.org/index.php/OWASP_Passw3rd_Project OWASP Passw3rd Project]
* [https://www.owasp.org/index.php/Category:OWASP_WebGoat.NET OWASP WebGoat.NET]
* [https://www.owasp.org/index.php/OWASP_Path_Traverser OWASP Path Traverser]
* [https://www.owasp.org/index.php/OWASP_Watiqay OWASP Watiqay]
* [https://www.owasp.org/index.php/Projects/OWASP_Security_Shepherd/Roadmap OWASP Security Shepherd]
* [https://www.owasp.org/index.php/OWASP_Xenotix_XSS_Exploit_Framework OWASP Xenotix XSS Exploit Framework]
* [https://www.owasp.org/index.php/OWASP_Mantra_OS OWASP Mantra OS]
* [https://www.owasp.org/index.php/OWASP_XSSER OWASP XSSER]
* [https://www.owasp.org/index.php/OWASP_Academy_Portal_Project OWASP Academy Portal Project]
* [https://www.owasp.org/index.php/OWASP_ASIDE_Project OWASP ASIDE Project]
* [https://www.owasp.org/index.php/OWASP_iGoat_Project OWASP iGoat Project]
* [https://www.owasp.org/index.php/OWASP_SamuraiWTF_Project OWASP SamuraiWTF]
* [https://www.owasp.org/index.php/O-Saft O-Saft]
* [https://www.owasp.org/index.php/OWASP_OpenStack_Security_Project OWASP OpenStack Security Project]
* [https://www.owasp.org/index.php/OWASP_Bricks OWASP Bricks]
* [https://www.owasp.org/index.php/OWASP_Dependency_Check OWASP Dependency Check]
* [https://www.owasp.org/index.php/OWASP_Hive_Project OWASP Hive Project]
* [https://www.owasp.org/index.php/OWASP_Droid_Fusion OWASP Droid Fusion]
* [https://www.owasp.org/index.php/OWASP_iSABEL_Proxy_Server OWASP iSABEL Proxy Server]
* [https://www.owasp.org/index.php/OWASP_Rails_Goat_Project OWASP Rails Goat Project]
* [https://www.owasp.org/index.php/OWASP_Bywaf_Project OWASP Bywaf Project]
* [https://www.owasp.org/index.php/OWASP_S.T.I.N.G_Project OWASP S.T.I.N.G Project]
* [https://www.owasp.org/index.php/OWASP_VaultDB_Project OWASP VaultDB Project]
* [https://www.owasp.org/index.php/OWASP_WS_Amplification_DoS_Project OWASP WS-Amplification DoS Project]
* [https://www.owasp.org/index.php/OWASP_Mutillidae_2_Project OWASP Mutillidae 2 Project]
* [https://www.owasp.org/index.php/OWASP_Skanda_SSRF_Exploitation_Framework OWASP Skanda - SSRF Exploitation Framework]
* [https://www.owasp.org/index.php/OWASP_SeraphimDroid_Project OWASP SeraphimDroid Project]
* [https://www.owasp.org/index.php/OWASP_Unmaskme_Project OWASP Unmaskme Project]
* [https://www.owasp.org/index.php/OWASP_Androick_Project OWASP Androïck Project]
* [https://www.owasp.org/index.php/OWASP_SafeNuGet_Project OWASP SafeNuGet Project]
* [https://www.owasp.org/index.php/OWASP_WebSandBox_Project OWASP WebSandBox Project]
* [https://www.owasp.org/index.php/OWASP_HA_Vulnerability_Scanner_Project OWASP HA Vulnerability Scanner Project]
* [https://www.owasp.org/index.php/OWASP_Dependency_Track_Project OWASP Dependency Track Project]
* [https://www.owasp.org/index.php/OWASP_PHP_Portscanner_Project OWASP PHP Portscaner Project]
* [https://www.owasp.org/index.php/OWASP_Pygoat_Project OWASP Pygoat Project]
* [https://www.owasp.org/index.php/OWASP_Python_Security_Project OWASP Python Security Project]
* [https://www.owasp.org/index.php/OWASP_WebSpa_Project OWASP WebSpa Project]
* [https://www.owasp.org/index.php/OWASP_Financial_Information_Exchange_Security_Project OWASP Financial Information Exchange Security Project]
* [https://www.owasp.org/index.php/OWASP_STeBB_Project OWASP STeBB Project]
* [https://www.owasp.org/index.php/OWASP_NINJA_PingU_Project OWASP NINJA PingU Project]
* [https://www.owasp.org/index.php/OWASP_Encoder_Comparison_Reference_Project OWASP Encoder Comparison Reference Project]
* [https://www.owasp.org/index.php/Category:OWASP_SQLiX_Project OWASP sqliX Project]
* [https://www.owasp.org/index.php/OWASP_LAPSE_Project OWASP LAPSE Project]
* [https://www.owasp.org/index.php/Category:OWASP_Orizon_Project OWASP Orizon Project]
* [https://www.owasp.org/index.php/OWASP_WASC_Distributed_Web_Honeypots_Project OWASP WASC Distributed Web Honeypots Project]
* [https://www.owasp.org/index.php/OWASP_Click_Me_Project OWASP Click Me Project]
* [https://www.owasp.org/index.php/OWASP_Secure_TDD_Project OWASP Secure TDD Project]
* [https://www.owasp.org/index.php/OWASP_XSecurity_Project OWASP XSecurity Project]
* [https://www.owasp.org/index.php/OWASP_Pyttacker_Project OWASP Pyttacker Project]
* [https://www.owasp.org/index.php/OWASP_Code_Pulse_Project OWASP Code Pulse Project]
* [https://www.owasp.org/index.php/OWASP_HTTP_Post_Tool OWASP HTTP POST Tool]

'''Documentation'''
* [https://www.owasp.org/index.php/OWASP_Data_Exchange_Format_Project OWASP Data Exchange Format Project]
* [https://www.owasp.org/index.php/Cheat_Sheets OWASP Cheat Sheets Project]
* [https://www.owasp.org/index.php/OWASP_Proactive_Controls OWASP Proactive Controls]
* [https://www.owasp.org/index.php/OWASP_Java_J2EE_Secure_Development_Curriculum OWASP Java/J2EE Secure Development Curriculum]
* [https://www.owasp.org/index.php/OWASP_Security_Baseline_Project OWASP Security Baseline Project]
* [https://www.owasp.org/index.php/OWASP_Web_Application_Security_Accessibility_Project#tab=Project_About OWASP Web Application Security Accessibility Project]
* [https://www.owasp.org/index.php/Category:OWASP_Application_Security_Requirements_Project OWASP Application Security Requirements Project]
* [https://www.owasp.org/index.php/Category:OWASP_Application_Security_Assessment_Standards_Project OWASP Application Security Assessment Standards Project]
* [https://www.owasp.org/index.php/Category:OWASP_CBT_Project OWASP Computer Based Training Project (OWASP CBT Project)]
* [https://www.owasp.org/index.php/OWASP_Enterprise_Application_Security_Project OWASP Enterprise Application Security Project]
* [https://www.owasp.org/index.php/OWASP_Exams_Project OWASP Exams Project]
* [https://www.owasp.org/index.php/Projects/OWASP_GoatDroid_Project OWASP GoatDroid Project]
* [https://www.owasp.org/index.php/OWASP_RFP-Criteria OWASP Request For Proposal]
* [https://www.owasp.org/index.php/OWASP_University_Challenge OWASP University Challenge]
* [https://www.owasp.org/index.php/OWASP_Hacking_Lab OWASP Hacking-Lab]
* [https://www.owasp.org/index.php/OWASP_Application_Security_Awareness_Top_10_E-learning_Project OWASP Application Security Awareness Top 10 E-learning Project]
* [https://www.owasp.org/index.php/OWASP_Periodic_Table_of_Vulnerabilities OWASP Periodic Table of Vulnerabilities]
* [https://www.owasp.org/index.php/WASC_OWASP_Web_Application_Firewall_Evaluation_Criteria_Project WASC/OWASP Web Application Firewall Evaluation Criteria (WAFEC)]
* [https://www.owasp.org/index.php/ESAPI_Swingset OWASP ESAPI Swingset Project]
* [https://www.owasp.org/index.php/OWASP_Press OWASP Press]
* [https://www.owasp.org/index.php/OWASP_CISO_Survey OWASP CISO Survey]
* [https://www.owasp.org/index.php/OWASP_Application_Security_Guide_For_CISOs_Project OWASP Application Security Guide For CISOs]
* [https://www.owasp.org/index.php/OWASP_Scada_Security_Project OWASP Scada Security Project]
* [https://www.owasp.org/index.php/OWASP_Cornucopia OWASP Cornucopia]
* [https://www.owasp.org/index.php/OWASP_Secure_Application_Design_Project OWASP Secure Application Design Project]
* [https://www.owasp.org/index.php/OWASP_Top_10_Fuer_Entwickler_Project OWASP Top 10 Fuer Entwickler Project]
* [https://www.owasp.org/index.php/OWASP_Web_Application_Security_Quick_Reference_Guide_Project OWASP Web Application Security Quick Reference Guide Project]
* [https://www.owasp.org/index.php/OWASP_Windows_Binary_Executable_Files_Security_Checks_Project OWASP Windows Binary Executable Files Security Checks Project]
* [https://www.owasp.org/index.php/OWASP_Wordpress_Security_Checklist_Project OWASP Wordpress Security Checklist Project]
* [https://www.owasp.org/index.php/OWASP_Supporting_Legacy_Web_Applications_in_the_Current_Environment_Project OWASP Supporting Legacy Web Applications in the Current Environment Project]
* [https://www.owasp.org/index.php/OWASP_Security_Principles_Project OWASP Security Principles Project]
* [https://www.owasp.org/index.php/OWASP_Ruby_on_Rails_and_friends_Security_Guide OWASP Ruby on Rails and friends Security Guide Project]
* [https://www.owasp.org/index.php/OWASP_Media_Project OWASP Media Project]
* [https://www.owasp.org/index.php/OWASP_Global_Chapter_Meetings_Project OWASP Global Chapter Meetings Project]
* [https://www.owasp.org/index.php/OWASP_Vulnerable_Web_Applications_Directory_Project OWASP Vulnerable Web Applications Directory Project]
* [https://www.owasp.org/index.php/OWASP_Game_Security_Framework_Project OWASP Game Security Framework Project]
* [https://www.owasp.org/index.php/OWASP_Security_Labeling_System_Project OWASP Security Labeling System Project]
* [https://www.owasp.org/index.php/OWASP_IoTs_Project OWASP IoTs Project]
* [https://www.owasp.org/index.php/OWASP_Insecure_Web_Components_Project OWASP Insecure Web Components Project]
* [https://www.owasp.org/index.php/OWASP_Reverse_Engineering_and_Code_Modification_Prevention_Project OWASP Reverse Engineering and Code Modification Prevention Project]
* [https://www.owasp.org/index.php/OWASP_Student_Chapters_Program OWASP Student Chapters Project]
* [https://www.owasp.org/index.php/Category:OWASP_Education_Project OWASP Education Project]
* [https://www.owasp.org/index.php/Category:OWASP_Speakers_Project OWASP Speakers Project]
* [https://www.owasp.org/index.php/OWASP_Internet_of_Things_Top_Ten_Project OWASP Internet of Things Top Ten Project]
* [https://www.owasp.org/index.php/Category:OWASP_.NET_Project OWASP .NET Project]
* [https://www.owasp.org/index.php/OWASP_Research_Book_Project OWASP Research Book Project]
* [https://www.owasp.org/index.php/OWASP_Open_Cyber_Security_Framework_Project OWASP Open Cyber Security Framework Project]
* [https://www.owasp.org/index.php/OWASP_Top_10_Privacy_Risks_Project OWASP Top 10 Privacy Risks Project]
* [https://www.owasp.org/index.php/OWASP_WASC_Web_Hacking_Incidents_Database_Project OWASP WASC Web Hacking Incidents Database Project]
* [https://www.owasp.org/index.php/OWASP_Security_Frameworks_Project OWASP Security Frameworks Project]
* [https://www.owasp.org/index.php/OWASP_Incident_Response_Project OWASP Incident Response Project]
* [https://www.owasp.org/index.php/OWASP_Embedded_Application_Security OWASP Embedded Application Security]
* [https://www.owasp.org/index.php/OWASP_STING_Game_Project OWASP STING Game Project]

==Donated Projects==

OWASP Donated Projects are inactive projects that have been donated to the OWASP Projects Infrastructure.

'''Tools'''

* [https://www.owasp.org/index.php/OWASP_Excess_XSS_Project OWASP Excess XSS Project]
* [https://www.owasp.org/index.php/OWASP_JOTP_Project OWASP jOTP Project]

==Inactive Projects==

'''Archived Projects'''

OWASP Archived Projects are inactive Labs projects. If you are interested in pursuing any of the projects below, please contact us and let us know of your interest.

* [https://www.owasp.org/index.php/Category:OWASP_Access_Control_Rules_Tester_Project OWASP Access Control Rules Tester Project]
* [https://www.owasp.org/index.php/Category:OWASP_Application_Security_Metrics_Project OWASP Application Security Metrics Project]
* [https://www.owasp.org/index.php/Category:OWASP_AppSec_FAQ_Project OWASP AppSec FAQ Project]
* [https://www.owasp.org/index.php/Asdr OWASP ASDR Project]
* [https://www.owasp.org/index.php/Category:OWASP_Backend_Security_Project OWASP Backend Security Project]
* [https://www.owasp.org/index.php/Category:OWASP_Best_Practices:_Use_of_Web_Application_Firewalls OWASP Best Practices: Use of Web Application Firewalls]
* [https://www.owasp.org/index.php/Category:OWASP_CAL9000_Project OWASP CAL9000 Project]
* [https://www.owasp.org/index.php/Category:OWASP_CLASP_Project OWASP CLASP Project]
* [https://www.owasp.org/index.php/Category:OWASP_Code_Crawler OWASP CodeCrawler Project]
* [https://www.owasp.org/index.php/Category:OWASP_Content_Validation_using_Java_Annotations_Project OWASP Content Validation using Java Annotations Project]
* [https://www.owasp.org/index.php/Category:OWASP_DirBuster_Project OWASP DirBuster Project]
* [https://www.owasp.org/index.php/Category:OWASP_Encoding_Project OWASP Encoding Project]
* [https://www.owasp.org/index.php/Category:OWASP_Google_Hacking_Project OWASP Google Hacking Project]
* [https://www.owasp.org/index.php/Category:OWASP_Insecure_Web_App_Project OWASP Insecure Web App Project]
* [https://www.owasp.org/index.php/Category:OWASP_Interceptor_Project OWASP Interceptor Project]
* [https://www.owasp.org/index.php/Category:OWASP_JSP_Testing_Tool_Project OWASP JSP Testing Tool Project]
* [https://www.owasp.org/index.php/Category:OWASP_LiveCD_Education_Project OWASP LiveCD Education Project]
* [https://www.owasp.org/index.php/Category:OWASP_Logging_Project OWASP Logging Guide]
* [https://www.owasp.org/index.php/Category:OWASP_NetBouncer_Project OWASP NetBouncer Project]
* [https://www.owasp.org/index.php/Category:OWASP_OpenPGP_Extensions_for_HTTP_-_Enigform_and_mod_openpgp OWASP OpenPGP Extensions for HTTP - Enigform and mod_openpgp Project]
* [https://www.owasp.org/index.php/Category:OWASP_OpenSign_Server_Project OWASP OpenSign Server Project]
* [https://www.owasp.org/index.php/Category:OWASP_Pantera_Web_Assessment_Studio_Project OWASP Pantera Web Assessment Studio Project]
* [https://www.owasp.org/index.php/Category:OWASP_PHP_Project OWASP PHP Project]
* [https://www.owasp.org/index.php/ORG_%28OWASP_Report_Generator%29 OWASP Report Generator]
* [https://www.owasp.org/index.php/Category:OWASP_SASAP_Project OWASP Scholastic Application Security Assessment Project]
* [https://www.owasp.org/index.php/Category:OWASP_Security_Analysis_of_Core_J2EE_Design_Patterns_Project OWASP Security Analysis of Core J2EE Design Patterns Project]
* [https://www.owasp.org/index.php/Category:OWASP_Security_Spending_Benchmarks OWASP Security Spending Benchmarks Project]
* [https://www.owasp.org/index.php/OWASP_SiteGenerator OWASP Site Generator Project]
* [https://www.owasp.org/index.php/Category:OWASP_Skavenger_Project OWASP Skavenger Project]
* [https://www.owasp.org/index.php/Category:OWASP_Source_Code_Flaws_Top_10_Project OWASP Source Code Flaws Top 10 Project]
* [https://www.owasp.org/index.php/Category:OWASP_Sprajax_Project OWASP Sprajax Project]
* [https://www.owasp.org/index.php/Category:OWASP_Sqlibench_Project OWASP Sqlibench Project]
* [https://www.owasp.org/index.php/Category:OWASP_Stinger_Project OWASP Stinger Project]
* [https://www.owasp.org/index.php/Category:OWASP_Teachable_Static_Analysis_Workbench_Project OWASP Teachable Static Analysis Workbench Project]
* [https://www.owasp.org/index.php/OWASP_Tiger OWASP Tiger]
* [https://www.owasp.org/index.php/Category:OWASP_Tools_Project OWASP Tools Project]
* [https://www.owasp.org/index.php/Projects/OWASP_Uniform_Reporting_Guidelines OWASP Uniform Reporting Guidelines]
* [https://www.owasp.org/index.php/Category:OWASP_WeBekci_Project OWASP Webekci Project]
* [https://www.owasp.org/index.php/JBroFuzz JBroFuzz]
* [https://owasp.org/index.php/Category:OWASP_SWAAT_Project OWASP SWAAT Project]
* [https://www.owasp.org/index.php/OWASP_Secure_Web_Application_Framework_Manifesto OWASP Secure Web Application Framework Manifesto]
* [https://www.owasp.org/index.php/Scrubbr OWASP Scrubbr]
* [https://www.owasp.org/index.php/OWASP_JavaScript_Sandboxes OWASP JavaScript Sandboxes Project]
* [https://www.owasp.org/index.php/Category:OWASP_Joomla_Vulnerability_Scanner_Project OWASP Joomla Vulnerability Scanner Project]
* [https://www.owasp.org/index.php/OWASP_Hatkit_Datafiddler_Project OWASP Hatkit Datafiddler Project]
* [https://www.owasp.org/index.php/OWASP_Hatkit_Proxy_Project OWASP Hatkit Proxy Project]
* [https://www.owasp.org/index.php/OWASP_Fiddler_Addons_for_Security_Testing_Project OWASP Fiddler Addons for Security Testing Project]
* [https://www.owasp.org/index.php/OWASP_Forward_Exploit_Tool_Project OWASP Forward Exploit Tool Project]
* [https://www.owasp.org/index.php/Category:OWASP_Fuzzing_Code_Database OWASP Fuzzing Code Database]
* [https://www.owasp.org/index.php/Category:OWASP_Cloud_‐_10_Project OWASP Cloud ‐ 10 Project]
* [https://www.owasp.org/index.php/OWASP_Web_Browser_Testing_System_Project OWASP Web Browser Testing System Project]
* [https://www.owasp.org/index.php/Webscarab OWASP WebScarab Project]
* [https://www.owasp.org/index.php/Project_Information:template_Webslayer_Project OWASP Webslayer Project]
* [https://www.owasp.org/index.php/Project_Information:template_WSFuzzer_Project OWASP WSFuzzer Project]
* [http://owasp.com/index.php/Category:OWASP_Security_Assurance_Testing_of_Virtual_Worlds_Project OWASP Security Assurance Testing of Virtual Worlds Project]
* [https://www.owasp.org/index.php/OWASP_WAF_Project OWASP WAF Project]
* [https://www.owasp.org/index.php/OWASP_VFW_Project OWASP VFW Project]
* [https://www.owasp.org/index.php/OWASP_SIMBA_Project OWASP SIMBA Project]
* [https://www.owasp.org/index.php/OWASP_ONYX OWASP ONYX]
* [https://www.owasp.org/index.php/OWASP_Java_Uncertain_Form_Submit_Prevention OWASP Java Uncertain Form Submit Prevention]
* [https://www.owasp.org/index.php/OWASP_Ecuador OWASP Ecuador]
* [https://www.owasp.org/index.php/OWASP_ESOP_Framework OWASP ESOP Framework]
* [https://www.owasp.org/index.php/OWASP_Alchemist_Project OWASP Alchemist Project]
* [https://www.owasp.org/index.php/OWASP_Secure_the_Flag_Competition_Project OWASP Secure the Flag Project]
* [https://www.owasp.org/index.php/OWASP_Browser_Security_ACID_Tests_Project OWASP Browser Security ACID Test Project]
* [https://www.owasp.org/index.php/OWASP_AJAX_Crawling_Tool OWASP AJAX Crawling Tool]
* [https://www.owasp.org/index.php/OWASP_Threat_Modelling_Project OWASP Threat Modeling Project]
* [https://www.owasp.org/index.php/OWASP_Crossword_of_the_Month OWASP Crossword of the Month]
* [https://www.owasp.org/index.php/OWASP_Secure_Password_Project OWASP Secure Password Project]
* [https://www.owasp.org/index.php/OWASP_Myth_Breakers_Project OWASP Myth Breakers Project]
* [http://owasp.com/index.php/OWASP_Project_Partnership_Model OWASP Project Partnership Model]
* [https://www.owasp.org/index.php/OWASP_Browser_Security_Project OWASP Browser Security Project]
* [https://www.owasp.org/index.php/OWASP_Application_Security_Program_for_Managers OWASP Application Security Program for Managers]
* [https://www.owasp.org/index.php/Category:OWASP_Favicon_Database_Project OWASP Favicon Database Project]
* [https://www.owasp.org/index.php/OWASP_Security_JDIs_Project OWASP Security JDIs Project]
* [https://www.owasp.org/index.php/OWASP_File_Hash_Repository OWASP File Hash Repository]
* [https://www.owasp.org/index.php/OWASP_Crowdtesting OWASP Crowdtesting]
* [https://www.owasp.org/index.php/OWASP_Application_Security_Skills_Assessment OWASP Application Security Skills Assessment]
* [https://www.owasp.org/index.php/OWASP_Common_Numbering_Project OWASP Common Numbering Project]
* [https://www.owasp.org/index.php/OWASP_WhatTheFuzz_Project#tab=Project_About OWASP WhatTheFuzz Project]
* [https://www.owasp.org/index.php/OWASP_Security_Tools_for_Developers_Project OWASP Security Tools for Developers Project]
* [https://www.owasp.org/index.php/Category:OWASP_Proxy OWASP Proxy Project]
* [https://www.owasp.org/index.php/OWASP_AW00T OWASP AW00t]
* [https://www.owasp.org/index.php/OWASP_Framework_Security_Project OWASP Framework Security Project]
* [https://www.owasp.org/index.php/OWASP_Desktop_Goat_and_Top_5_Project OWASP Desktop Goat and Top 5 Project]
* [https://www.owasp.org/index.php/OWASP_OVAL_Content_Project OWASP OVAL Content Project]
* [https://www.owasp.org/index.php/OWASP_Software_Security_Assurance_Process OWASP Software Security Assurance Process]
* [https://www.owasp.org/index.php/OWASP_Application_Fuzzing_Framework_Project OWASP Application Fuzzing Framework Project]
* [https://www.owasp.org/index.php/OWASP_Good_Component_Practices_Project OWASP Good Component Practices Project]

= Project Task Force =

===OWASP Project Task Force===

{{:Task_Force/OWASP_Projects}}

= Online Resources =

===Project Online Resources===

{{:Project_Online_Resources}}

= Starting a New Project =

== So you want to start a project... ==

Starting an OWASP Project is easy. You don't have to be an application security expert. You just have to have the drive and desire to make a contribution to the application security community.

Here are some of the guidelines for running a successful OWASP project:

* The best OWASP projects are strategic - they make it easier to produce secure applications by filling a gap in the application security knowledge-base or technology support.

* You ''can'' run a single person project, but it's usually best to get the community involved. You should be prepared to support a mailing list, build a team, speak at conferences, and promote your project.

* You can contribute existing documents or tools to OWASP! Assuming you have the intellectual property rights to a work, you can open it to the world as an OWASP Project. Please coordinate this with OWASP by contacting owasp(at)owasp.org.

* Available Grants to consider if you need funding - [https://www.owasp.org/index.php/Grants Click Here]

* You should promote your project through the OWASP channels as well as by outside means. Get people to blog about it!

== Creating a new project ==
The first thing you have to do if you want to start a new project is submit a new OWASP Project application. [http://www.tfaforms.com/263506 Please submit a new project application here].

* You will need to gather the following information together for your application:
A - PROJECT
# Project Name,
# Project purpose / overview,
# Project Roadmap,
# Project links (if any) to external sites,
# [http://www.owasp.org/index.php/Guidelines_for_OWASP_Projects#Project_Licensing Project License],
# Project Leader name,
# Project Leader email address,
# Project Leader wiki account - the username (you'll need this to edit the wiki),
# Project Contributor(s) (if any) - name email and wiki account (if any),
# Project Main Links (if any).

* Check out the '''[[Guidelines for OWASP Projects]]'''.
* [https://www.owasp.org/index.php/Grant_Spending_Policy Grant Spending Policy]
* [https://www.owasp.org/index.php/Project_Spending_Policy Project Spending Policy]
* [https://www.owasp.org/index.php/Project_Sponsorship_Operational_Guidelines Project Sponsorship Operational Guidelines]

==OWASP Recommended Licenses==

{{Recommended_Licenses}}

==Funding your Project==
An OWASP project does not receive any funding for development at project inception; however, a new project does have the opportunity to submit a request to receive funds if they are available for the year. Additionally, project leaders have the option of seeking sponsorship from outside organizations, but project leaders are required to seek funding through their own initiative. Please contact the OWASP Projects Manager for more information.

== Project Release ==

As your project reaches a point that you'd like OWASP to assist in its promotion, the will need the following information to help spread the word about your project:

# Short 5 sentence paragraph outlining what your project is about, what you hope to accomplish with your project, what value your project brings to software security, and contributor and project leader names and contact information.
# Link to your wiki page.
# Link to your code repository or a link to where readers can download your project.
# Latest Release description answering the following questions: What is it?, What does it do?, Where can I get it?, Who should I contact if something goes wrong?.

==Project Process Forms==
These forms were created to help project leaders, and those interested in a going through a process in the OWASP projects infrastructure. They facilitate the management of each query based on the specific task an applicant will need help with. The forms are described below, and they are linked with their designated online application form.

* [http://www.tfaforms.com/264422 Project Transition Application]:The OWASP project transition form gives current project leaders an easy way of handing over project administration information to individuals wishing to take over a project.

* [http://www.tfaforms.com/264413 Project Review Application]:This form is for current project leaders to request a review of their project based on OWASP graduation criteria. The aim is to designate an OWASP volunteer to review these projects within 3 months time.

* [http://www.tfaforms.com/264418 Project Donation Application]:This form is for projects outside of the OWASP project infrastructure. Project Leaders for these open source projects can choose to partner or give their project to OWASP directly through this form.

* [http://www.tfaforms.com/264428 Project Adoption Request]:This form is used when someone is interested in adopting an archived project.

* [http://www.tfaforms.com/264426 Project Abandonment Request]:The OWASP project abandonment form gives current project leaders an easy way of letting the OWASP Foundation know that they wish to resign their project leader duties. This form should be used when no replacement project leader exists to take over these duties.

* [http://www.tfaforms.com/264392 Incubator Project Graduation Application]:This application form is for Incubator Projects to apply for Labs Project status.

= Project Assessments =

==OWASP Project Lifecycle==
The OWASP Projects Lifecycle represents a balance between keeping a very loose structure around OWASP projects, and ensuring that OWASP consumers are not confused about a project’s maturity and quality. The lifecycle stage allows consumers to easily identify mature projects, and projects that are proofs of concept, experimental, and classified as prototypes in their current state. The greater the maturity of the project, the greater the level of responsibility for the project leader. These responsibilities are not trivial as OWASP provides incentives and benefits (Section 7) for projects who take on these added responsibilities.

'''The OWASP Project Lifecycle is broken down into the following stages:'''

'''Incubator Projects:''' OWASP Incubator projects represent the experimental playground where projects are still being designed, ideas are still being proven, and development is still underway. The “OWASP Incubator” label allows OWASP consumers to readily identify a project’s maturity; moreover, the label allows project leaders to leverage the OWASP name while their project is still maturing. OWASP Incubator projects are given a place on the OWASP Projects Portal to leverage the organizations' infrastructure, and establish their presence and project history.

'''Labs Projects:''' OWASP Labs projects represent projects that have produced a deliverable of significant value. Leaders of OWASP Labs projects are expected to stand behind the quality of their projects as these projects have matured to the point where they are accepted by a significant portion of the OWASP community. While these projects are typically not production ready, the OWASP community expects that an OWASP Labs project leader is producing releases that are ready for mainstream usage. OWASP Labs Projects are meant to be the collection of established projects that have gained community support and acclaim by undergoing the project review process.

'''Flagship Projects:''' The OWASP Flagship designation is given to projects that have demonstrated superior maturity, established quality, and strategic value to OWASP and application security as a whole. Eligible projects are selected from the OWASP Labs project pool. This selection process generally ensures that there is only one project of each type covering any particular security space. OWASP Flagship projects represent projects that are not only mature, but are also projects that OWASP as an organization provides direct support to maintaining. The core mission of OWASP is to make application security visible and so as an organization, OWASP has a vested interest in the success of its Flagship projects. Since Flagship projects have such high visibility, these projects are expected to uphold the most stringent requirements of all OWASP Projects.

== OWASP Project Stage Benefits==
This section outlines the benefits of starting an OWASP project, and the benefits of being at each different stage in the projects lifecycle. In my short time here at OWASP as the PM, I have had several potential project leaders ask me what the benefits are of starting their project with OWASP. Below is my proposal for each Stage’s benefits.

'''Incubator'''
* Financial Donation Management Assistance
* Project Review Support
* WASPY Awards Nominations
* OWASP OSS and OPT Participation
* Opportunity to submit proposal: $500 for Development.
* Community Engagement and Support
* Recognition and visibility of being associated with the OWASP Brand.

'''Labs'''
* All benefits given to Incubator Projects
* Technical Writing Support
* Graphic Design Support
* Project Promotion Support
* OWASP OSS and OPT: Preference

'''Flagship'''
* All benefits given to Incubator & Labs Projects
* Grant finding and proposal writing help
* Yearly marketing plan development
* OWASP OSS and OPT participation preference

For more detailed information on OWASP Project Stage Benefits, please see the 2013 Project Handbook.

== OWASP Project Graduation==
The Project Graduation Process is an optional process undertaken at the request of a project leader using the Incubator Graduation Form. The purpose of this process is to move a project from the OWASP Incubator into the OWASP Labs. In order to be considered for OWASP Labs, an Incubator project must have submitted an OWASP reviewed deliverable, and obtained at least two (2) positive responses for each of the core criteria project health questions.

The review centers around the following core questions. Each core question has three (3) specific questions made up of binary queries. A project must receive at least two (2) positive responses from each reviewer in two of the binary questions, to warrant a postive response for the core question. Each core question must receive a positive response from both project reviewers to pass the Project Health Assessment for Incubator Projects.

* [https://docs.google.com/spreadsheet/ccc?key=0AllOCxlYdf1AdG5NZGhzTjZpT1RDcnRibjd0aXhfOUE Project Graduation Criteria Checklist]

==OWASP Project Health Assessment==
The Project Health Assessment is an optional process undertaken at the request of a project leader when he/she applies for Project Graduation The purpose of this assessment is to determine whether a project meets the minimum criteria of an OWASP Project outlined in the [https://docs.google.com/spreadsheet/ccc?key=0AllOCxlYdf1AdG5NZGhzTjZpT1RDcnRibjd0aXhfOUE Project Health Assessment Criteria Document]. If a project passes the assessment, it then becomes eligible to graduate into the OWASP Labs Project stage. In order to be considered for OWASP Labs, an Incubator project must have submitted an OWASP reviewed deliverable, and obtained at least two (2) positive responses for each of the core criteria project health questions.

==OWASP Project Deliverable/Release Assessment==
The Project Deliverable/Release Review is an optional process undertaken at the request of a project leader using the Project Deliverable Review Form. The purpose of this process is to review a project’s progress, and to make sure the project is heading in the right direction based on the roadmap they provided at project inception.

Reviews must be performed by two (2) OWASP Chapter or Project Leaders, and their review must answer affirmatively to at least the first two (2) core Project Deliverable/Release Review questions. A project must pass the OWASP Project Deliverable/Release Assessment in order to graduate into the OWASP Labs Project stage.

* [https://docs.google.com/spreadsheet/ccc?key=0AllOCxlYdf1AdG5NZGhzTjZpT1RDcnRibjd0aXhfOUE Project Deliverable/Release Assessment Criteria Checklist]

= Brand Resources =


==The Brand Usage Rules==
OWASP's philosophy is that achieving security involves all parts of an organization, including people, process, and technology. We support the use of our brand consistent with this philosophy. However, we cannot allow the use of our brand when it implies something inconsistent with OWASP's comprehensive and balanced approach to application security. Therefore, we have defined these brand usage rules to clarify appropriate and inappropriate uses of the OWASP brand, including our name, domain, logos, project names, and other trademarks.

The Brand Guideline documents and rules below provide details and instruction on how to use the OWASP logo and brand. The quick reference sheet goes over the basics of the OWASP brand logo and a brief overview of customizable options. The Brand Guidelines document gives the entire description of the OWASP brand, its public use, and the options to customize the logo based on personal desire. The guidelines cover the OWASP signature, size and spacing, colors, imagery, and typefaces.

==Rules==

The following rules make reference to the OWASP Materials, meaning any tools, documentation, or other content from OWASP. The rules also make reference to "OWASP Published Standards" which are currently in the process of being developed and released. Currently there are no OWASP Published Standards.

#The OWASP Brand may be used to direct people to the OWASP website for information about application security.
#The OWASP Brand may be used in commentary about the materials found on the OWASP website.
#The OWASP Brand may be used by OWASP Members in good standing to promote a person or company's involvement in OWASP.
#The OWASP Brand may be used in association with an application security assessment only if a complete and detailed methodology, sufficient to reproduce the results, is disclosed.
#The OWASP Brand must not be used in a manner that suggests that The OWASP Foundation supports, advocates, or recommends any particular product or technology.
#The OWASP Brand must not be used in a manner that suggests that a product or technology is compliant with any OWASP Materials other than an OWASP Published Standard.
#The OWASP Brand must not be used in a manner that suggests that a product or technology can enable compliance with any OWASP Materials other than an OWASP Published Standard.
#The OWASP Brand must not be used in any materials that could mislead readers by narrowly interpreting a broad application security category. For example, a vendor product that can find or protect against forced browsing must not claim that they address all of the access control category.
#The OWASP Brand may be used by special arrangement with The OWASP Foundation.

==Project Icons & Templates==

The templates and icons below are the files used for our OWASP Projects. Here you will find icons that you can place on your wiki template to let viewers know what type of project they are looking at, and what stage the project is in. The operational OWASP Project wiki template can be copied onto another project page. If you require more assistance with these files and/or templates, please contact the OWASP staff for assistance

'''[https://www.owasp.org/index.php/OWASP_Operations_Project_Template OWASP Operational Wiki Template]'''

'''[https://www.owasp.org/index.php/OWASP_Documentation_Project_Template OWASP Example Template: DO NOT EDIT]'''

[[Image:OWASP_Project_Header.jpg|Owasp logo|500px]]

[[Image:Project_Type_Files_TOOL.jpg|Owasp logo|200px]] [[Image:Project_Type_Files_DOC.jpg||Owasp logo 1c|200px]]

[[Image:Project_Type_Files_CODE.jpg|Owasp logo|200px]] [[Image:Owasp-defenders-small.png|Owasp logo|100px]] [[Image:Owasp-builders-small.png|Owasp logo|100px]] [[Image:Owasp-breakers-small.png|Owasp logo|100px]]

[[Image:Owasp-incubator-trans-200.png|Owasp logo rev icon|100px]] [[Image:Owasp-labs-trans-85.png|Owasp logo flat|100px]] [[Image:Owasp-flagship-trans-85.png|Owasp logo icon|100px]]

==Book Cover Files==

[https://www.owasp.org/images/d/d3/Lulu-guide.pdf Lulu Guide]

Below you will find the Adobe Illustrator, Photoshop, and In-Design files for past OWASP Documentation books. You will need a copy of Adobe Creative Suite to edit these files. If you want to use these templates, but do not have Adobe Creative Suite, please contact the OWASP staff for assistance.

'''[https://www.dropbox.com/s/h27gsbe5m7idg0y/Finished%20Covers.zip Download the Book Cover Zip File]'''
{|
|-
! width="500" align="center" | 
! width="300" align="center" | 
|-
| align="center" | [[Image:BookImage_01.jpg‎|500px| link=https://www.dropbox.com/s/h27gsbe5m7idg0y/Finished%20Covers.zip]]
| align="center" |

|}

= Terminology =

== OWASP Project Infrastructure ==

*'''OWASP Project Lifecycle:''' The OWASP Projects Lifecycle represents a balance between keeping a very loose structure around OWASP projects, and ensuring that OWASP consumers are not confused about a project’s maturity and quality. The lifecycle stage allows consumers to easily identify mature projects, and projects that are proofs of concept, experimental, and classified as prototypes in their current state.

*'''Incubator Project:''' OWASP Incubator projects represent the experimental playground where projects are still being fleshed out, ideas are still being proven, and development is still underway. The “OWASP Incubator” label allows OWASP consumers to readily identify a project’s maturity. The label also allows project leaders to leverage the OWASP name while their project is still maturing.

*'''Labs Project:''' OWASP Labs projects represent projects that have produced a deliverable of value. While these projects are typically not production ready, the OWASP community expects that an OWASP Labs project leader is producing releases that are at least ready for mainstream usage.

*'''Flagship Project:''' The OWASP Flagship designation is given to projects that have demonstrated strategic value to OWASP and application security as a whole.

*'''Project Benefits:''' The standard list of resources and incentives made available to project leaders based on their project's current maturity level.

== OWASP Project Reviews ==

*'''Project Reviews:''' Project reviews are the method OWASP uses to establish a minimal baseline of project characteristics and release quality. Reviews are not mandatory, but they are necessary if a project leader wishes to graduate to the next level of maturity within the OWASP Global Projects infrastructure. Projects can be reviewed when an Incubator project wishes to graduate into the OWASP Labs designation, and project releases can be reviewed if they want the quality of their deliverable to be vouched for by OWASP.

*'''Project Reviewer Pool:''' The project reviewer pool is made up of veteran reviewers who have proven themselves dedicated to executing quality reviews of projects.

*'''Project Graduation:''' The Project Graduation Process is an optional process undertaken at the request of a project leader using the Incubator Graduation Form. The purpose of this process is to move a project from the OWASP Incubator into the OWASP Labs.

*'''Project Health Assessment:''' The Project Health Assessment is an optional process undertaken at the request of a project leader when he/she applies for Project Graduation The purpose of this assessment is to determine whether a project meets the minimum criteria of an OWASP Project outlined in the [https://docs.google.com/a/owasp.org/spreadsheet/ccc?key=0AllOCxlYdf1AdG5NZGhzTjZpT1RDcnRibjd0aXhfOUE#gid=1 Project Health Assessment Criteria Document].

*'''Project Release:''' A project release refers to the final deliverable a project produces. It is the final product of the project.

*'''Project Deliverable/Release Review:''' The Project Deliverable/Release Review is an optional process undertaken at the request of a project leader using the Project Deliverable Review Form. The purpose of this process is to review a project’s progress, and to make sure the project is heading in the right direction based on the roadmap they provided at project inception.

== OWASP Projects Processes ==

*'''Project Processes:''' The set of streamlined processes that exist to help projects move smoothly through the OWASP Project Lifecycle.

*'''Project Inception Process:''' The Project Inception Process is how a brand new idea becomes an OWASP Project. Such projects are labeled as OWASP Incubator projects. The process involves submitting the proposed project name, project leader information, project description, project roadmap, and selecting an appropriate open-source license for the project using the New Project Form on the Projects Portal.

*'''Project Donation Process:''' The Project Donation Process is used for a project that has an existing functional release, but is not currently associated with OWASP. This process is the primary mechanism by which individuals or organizations can transfer the ownership of their project’s copyright to OWASP.

*'''Project Transition Process:''' The Project Transition Process is used to transition leadership of a project to a new project leader. This is a simple automated process to transfer the relevant accounts, mailing lists, and other project resources to the new project leader.

*'''Project Abandonment Process:''' The Project Abandonment Process was put in place for those occasions in which a project leader is no longer able to manage their project, and has not been able to find a suitable replacement for the leader role. Project Abandonment can also occur when the project leader feels his/her project has become obsolete. Under these circumstances, the acting project leader is encourage do submit the Project Abandonment Form found in the Projects Portal.

*'''Incubator Graduation Process:''' The Incubator Graduation Process is an optional process undertaken at the request of a project leader using the Incubator Graduation Form. The purpose of this process is to move a project from the OWASP Incubator into the OWASP Labs.

== Projects at Conferences ==

*'''AppSec Conferences:''' OWASP AppSec conferences bring together industry, government, security researchers, and practitioners to discuss the state of the art in application security. This series was launched in the United States in 2004 and Europe in 2005. Global AppSec conferences are held annually in North America, Latin America, Europe, and Asia Pacific.

*'''Open Source Showcase:''' The Open Source Showcase is an OWASP AppSec Conference event module designed to give Open Source project leaders the opportunity to demo their projects.

*'''OWASP Project Track:''' The OWASP Project Track is an OWASP AppSec Conference event module designed to give OWASP Project leaders the opportunity to showcase their projects as an official conference presenter.

== OWASP Projects General ==

*'''OWASP Code of Ethics:''' The OWASP Code of Ethics are the set of guidelines and principles that the OWASP Foundation expects all of its members and conference attendees to abide by. A copy of the Code of Ethics can be found here in the [https://www.owasp.org/index.php/About_The_Open_Web_Application_Security_Project#Code_of_Ethics OWASP About page].

= Sponsorships and Donations =


==Donate to OWASP Global Projects ==
OWASP Projects, a global division of the OWASP Foundation, is run under the same world wide not-for-profit charitable status as all the foundation strategic groups. OWASP provides a platform for contributors to share their work while providing them with the project and community support they need throughout their project development. All OWASP Projects are run by volunteers and they rely on personal donations and sponsorship to continue their development. Donate to OWASP Projects, and we promise to spend your money wisely on open source initiatives.

'''This is how your money can help:'''

* $20 could help us spread the word on the importance of open source initiatives in the Application Security industry.
* $100 could help fund OWASP project demos at major conferences.
* $250 could help get our volunteer Project Leaders to speaking engagements.

[[Image:Donate_Button.jpg | link=http://www.regonline.com/Register/Checkin.aspx?EventID=1044369]]

= PM Information =


==Samantha Groves: OWASP Program Manager: OWASP Projects==
{| style="background-color: transparent"
|-
! width="200" align="center" | 
! width="1000" align="center" | 
|-
| align="center" | [[Image:Sam3.jpg|100px]]
| align="justify" |Samantha Groves is the Program Manager at OWASP for our Global Projects. Samantha has led many projects in her career, some of which include website development, brand development, sustainability and socio-behavioral research projects, competitor analysis, event organization and management, volunteer engagement projects, staff recruitment and training, and marketing department organization and strategy implementation projects for a variety of commercial and not-for-profit organizations. She is eager to begin her work at OWASP and help the organization reach its project completion goals.

Samantha earned her MBA in International Management with a concentration in sustainability from Royal Holloway, University of London. She earned her Bachelor's degree majoring in Multimedia from The University of Advancing Technology in Mesa, Arizona, and she earned her Associate's degree from Scottsdale Community College in Scottsdale, Arizona. Additionally, Samantha attained her Prince2 (Foundation) project management certification, and she undertook executive management training in Intellectual Property Strategy from Harvard Business School. [https://www.owasp.org/index.php/Test2test .]

Please see the [https://www.owasp.org/index.php/OwaspPM OWASP Program Manager: Projects Role Description] for more information.

|}
 

==Program Reports==

'''2014'''

*[https://www.owasp.org/index.php/Projects/Reports/2014-10-01 Project Manager Report: January 10 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-17-01 Project Manager Report: January 17 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-25-01 Project Manager Report: January 25 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-31-01 Project Manager Report: January 31 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-07-02 Project Manager Report: February 07 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-16-02 Project Manager Report: February 16 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-21-02 Project Manager Report: February 21 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-28-02 Project Manager Report: February 28 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-07-03 Project Manager Report: March 07 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-14-03 Project Manager Report: March 14 2014]
*Project Manager Report: March 21 2014 - No Report this week. PM was away at AppSec APAC 2014.
*[https://www.owasp.org/index.php/Projects/Reports/2014-28-03 Project Manager Report: March 28 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-04-04 Project Manager Report: April 04 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-11-04 Project Manager Report: April 11 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-18-04 Project Manager Report: April 18 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-25-04 Project Manager Report: April 25 2014]
*[https://www.owasp.org/index.php/Projects/Reports/2014-02-05 Project Manager Report: May 02 2014]

'''2013'''

*[https://www.owasp.org/index.php/GPC/Meetings/2013-04-01 GPC Meeting: January 04 2013 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-11-01 GPC Meeting: January 11 2013 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-18-01 GPC Meeting: January 18 2013 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-25-01 GPC Meeting: January 25 2013 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-01-02 GPC Meeting: February 01 2013 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-08-02 GPC Meeting: February 08 2013 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-15-02 GPC Meeting: February 15 2013 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-22-02 GPC Meeting: February 22 2013 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-01-03 Project Manager Report: March 01 2013]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-08-03 Project Manager Report: March 08 2013]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-15-03 Project Manager Report: March 15 2013]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-22-03 Project Manager Report: March 22 2013]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-29-03 Project Manager Report: March 29 2013]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-05-04 Project Manager Report: April 05 2013]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-12-04 Project Manager Report: April 12 2013]
*[https://www.owasp.org/index.php/GPC/Meetings/2013-19-04 Project Manager Report: April 19 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-26-04 Project Manager Report: April 26 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-03-05 Project Manager Report: May 03 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-10-05 Project Manager Report: May 10 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-17-05 Project Manager Report: May 17 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-24-05 Project Manager Report: May 24 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-31-05 Project Manager Report: May 31 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-07-06 Project Manager Report: June 07 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-14-06 Project Manager Report: June 14 2013]
*Project Manager Report: June 21 2013 - No Report this week. PM was away at a week long course.
*[https://www.owasp.org/index.php/Projects/Reports/2013-28-06 Project Manager Report: June 28 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-05-07 Project Manager Report: July 05 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-12-07 Project Manager Report: July 12 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-19-07 Project Manager Report: July 19 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-26-07 Project Manager Report: July 26 2013]
*Project Manager Report: August 02 2013 - No Report this week. PM was away at Black Hat & DEFCON 2013.
*[https://www.owasp.org/index.php/Projects/Reports/2013-09-08 Project Manager Report: August 09 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-16-08 Project Manager Report: August 16 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-23-08 Project Manager Report: August 23 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-30-08 Project Manager Report: August 30 2013]
*Project Manager Report: September 06 2013 - No Report this week. PM was away.
*[https://www.owasp.org/index.php/Projects/Reports/2013-13-09 Project Manager Report: September 13 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-20-09 Project Manager Report: September 20 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-27-09 Project Manager Report: September 27 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-04-10 Project Manager Report: October 04 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-12-10 Project Manager Report: October 12 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-18-10 Project Manager Report: October 18 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-25-10 Project Manager Report: October 25 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-01-11 Project Manager Report: November 01 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-08-11 Project Manager Report: November 08 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-15-11 Project Manager Report: November 15 2013]
*Project Manager Report: November 22 2013 - No Report this week. PM was away at AppSec USA 2013.
*Project Manager Report: November 29 2013 - No Report this week. National Holiday.
*[https://www.owasp.org/index.php/Projects/Reports/2013-06-12 Project Manager Report: December 06 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-13-12 Project Manager Report: December 13 2013]
*[https://www.owasp.org/index.php/Projects/Reports/2013-20-12 Project Manager Report: December 20 2013]

'''2012'''

*[https://www.owasp.org/index.php/GPC/Meetings/2012-24-08 GPC Meeting: August 24 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-07-09 GPC Meeting: September 07 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-14-09 GPC Meeting: September 14 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-21-09 GPC Meeting: September 21 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-28-09 GPC Meeting: September 28 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-05-10 GPC Meeting: October 05 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-12-10 GPC Meeting: October 12 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-19-10 GPC Meeting: October 19 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-09-11 GPC Meeting: November 09 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-16-11 GPC Meeting: November 16 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-30-11 GPC Meeting: November 30 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-07-12 GPC Meeting: December 07 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-14-12 GPC Meeting: December 14 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-21-12 GPC Meeting: December 21 2012 Project Manager Report]
*[https://www.owasp.org/index.php/GPC/Meetings/2012-27-12 GPC Meeting: December 27 2012 Project Manager Report]

==Board Meeting Reports==

*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/August_13_2012 Board Meeting: August 2012 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/September_10_2012 Board Meeting: September 2012 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/October_08_2012 Board Meeting: October 2012 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/November_12_2012 Board Meeting: November 2012 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/December_10_2012 Board Meeting: December 2012 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/January_14_2013 Board Meeting: January 2013 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/February_11_2013 Board Meeting: February 2013 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/March_11_2013 Board Meeting: March 2013 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/April_05_2013 Board Meeting: April 2013 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/May_13_2013 Board Meeting: May 2013 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/June_10_2013 Board Meeting: June 2013 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/July_08_2013 Board Meeting: July 2013 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/August_06_2013 Board Meeting: August 2013 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/September_09_2013 Board Meeting: September 2013 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/November_06_2013 Board Meeting: November 2013 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/December_03_2013 Board Meeting: December 2013 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/February_18_2013 Board Meeting: February 2014 Project Manager Report]
*[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/April_18_2014 Board Meeting: April 2014 Project Manager Report]

==Project Funds==

* [https://docs.google.com/a/owasp.org/spreadsheet/pub?hl=en_US&hl=en_US&key=0Atu4kyR3ljftdEdQWTczbUxoMUFnWmlTODZ2ZFZvaXc&output=html Chapter and Individual Project Funds]
* [https://www.owasp.org/index.php/Projects_Reboot_2012 Project Reboot 2012 Information]
* [https://www.owasp.org/images/a/ae/Project_Funds-Q1_2013.pdf Q1 2013: Funds Allocated to Projects]
* [https://www.owasp.org/images/a/a0/PROJECT_FUNDS_Q2_2013.pdf Q2 2013: Funds Allocated to Projects]
* [https://www.owasp.org/images/c/ce/Due_To_Projects_Q3.pdf Q3 2013: Funds Allocated to Projects]
* [https://www.owasp.org/images/b/b3/Due_To_Projects_Q4_2013.pdf Q4 2013: Funds Allocated to Projects]

==Program Grants: Proposals Awarded==

*'''[https://docs.google.com/document/d/1MA3TI5ssclxvheV8At_ffu2Fuic55SDpOokS3AOvBUc/edit?usp=sharing OWASP Guidebooks Proposal]'''
# Amount: $25,000 USD
# Status: Awarded. The first payment has been allocated to our project budgets. The second invoice has now been sent to Georgia Tech and payment has been received.
# [https://www.owasp.org/images/1/18/Development_Guide_Project_Gantt.pdf OWASP Development Guide Plan]
# [https://www.owasp.org/images/e/e9/Testing_Guide_Project_Gantt.pdf OWASP Testing Guide Plan]
# [https://www.owasp.org/images/d/da/Code_Review_Project_Gantt.pdf OWASP Code Review Guide Plan]

*'''Google Grants Proposal'''
#Amount: $120,000 USD in Adwords Funds
#Status: Awarded.
#Note: There is no link to show the proposal for this grant. There was a form that was submitted to Google, and we did not receive a record of this form.

*'''Google Summer of Code'''
#Amount: $5,500
#Status: Awarded

*'''Projects breakdown:'''
**4 ZAP Projects: $2,000
**4 OWTF Projects: $2,000
**1 PHP Security Project: $500
**1 Hackademics Project: $500
**1 Modsecurity Project: $500
**Note: Big thank you to Fabio Cerullo for coordinating and managing this award.

*'''[https://docs.google.com/document/d/1cFbmOLqEQQG8eXPrMTlU6JUivgRIacUeL7D599bZm_E/edit?usp=sharing OWASP AppSensor Grant Proposal]'''
# Amount: $15,000 USD
# Status: Awarded.

*'''Total Funds Awarded: $172,170 USD for 2013.'''

==Proposals Denied==

*'''European Commission Grant Proposal'''
#Amount: €250,000
#Status: Denied.

*'''[https://docs.google.com/document/d/1Vz7BLFdt1h5AhmW-Zc2B_KlqhzsSkSAaEASML5U4VQs/edit?usp=sharing OWASP OpenSAMM Grant Proposal]'''
# Amount: $112,000 USD
# Status: Denied

*'''[https://docs.google.com/document/d/16ZFXaML8C7aDAZdyTMDDg4BzLr1vUTOz9eqmYE8ZW8U/edit?usp=sharing OWASP ESAPI Grant Proposal]'''
# Amount: $25,000 USD
# Status: Denied

*'''[https://docs.google.com/document/d/1dBTaRr-yl8wGhGKxacWACznZhCZnJ_sZeAdN-b2xPlw/edit?usp=sharing OWASP ModSecurity CRS Proposal]'''
#Amount: $30,000 USD
#Status: Denied

*'''[https://docs.google.com/file/d/0B1lOCxlYdf1AQm52T2xjX215M28/edit?usp=sharing OWASP OWTF Grant Proposal]'''
# Amount: $55,800 USD
# Status: Denied

==Program Presentations: Projects==

* [https://www.owasp.org/images/f/fb/OWASP_GLOBAL_PROJECTS.pdf OWASP Projects Presentation: Phoenix Chapter Talk]
* [https://www.owasp.org/images/b/bb/OWASP_Projects_Webinar.pdf OWASP Projects Webinar]
* [https://www.owasp.org/images/1/19/OWASP_PROJECTS_SOLUTIONS.pdf OWASP Project Infrastructure: Solutions]

==Program Manger's Quarterly Strategic Objectives==

'''[https://docs.google.com/document/d/1g9jJImMr0p6fLqixOJIXtrNvGtycmI7-ofT54vWExwo/edit?usp=sharing Goals and Objectives: 2013 Q4]'''
#Finish planning Project Summit & Execute Summit at AppSec USA.
#Develop & Finish Global Projects Strategy for 2014: Includes Budget
#Finish Fundraising Strategy for 2014: Includes Budget

*'''Ongoing Objectives for 2013'''
**Quarterly Report to DHS
**Continue helping leaders reach their grant required milestones
**Finalise graphic design delivery from Patrick: 2 pieces to go.

'''[https://docs.google.com/a/owasp.org/document/d/1wziu7cIMmnYZQ_fMxjNd614e0OWNacZLmcyQl7zWnZU/edit?usp=sharing Goals and Objectives: 2013 Q3]'''
#Marketing: Work with Sarah to solicit feedback from community on Marketing deliverables and finalize relationship with Patrick and Denita.
#Project Review Process - Work with new Technical Project advisors to finalize project review criteria and process.
#Grants: Develop a grant strategy for rest of 2013 and 2014, utilizing fundraising intern(s) as part of this strategy.

*'''Ongoing Objectives for 2013'''
**Work with Project leaders to reach grant required milestones - ONGOING
**Develop a project charter outlining appropriate grant revenue spending and grant required milestones. - DUE IN SEPTEMBER - ONGOING
**Oversight of Marketing and Graphic Design deliverables (Phase 2/Phase 3) provided by 3rd party contractor

==Contact the Program Manager==

If you need any help with anything projects related, or if you simply need some more information, please do not hesitate to contact the [http://owasp4.owasp.org/contactus.html OWASP Projects Manager, Samantha Groves].


= Contact US =


==OWASP Representation==
* [[User:Samantha Groves|Samantha Groves]]: OWASP Program Manager: OWASP Projects

If you need any help with anything projects related, or if you simply need some more information, please do not hesitate to contact the [http://owasp4.owasp.org/contactus.html OWASP Projects Manager, Samantha Groves].


<headertabs />

Projects/Reports/2014-02-05

2014-05-03T00:23:00Z

Samantha Groves: Created page with "=PROJECT METRICS= <div style="width:100%;height:160px;border:0,margin:0;overflow: hidden;">link=</div> ==Metrics== *'''[https://docs.googl..."

=PROJECT METRICS=

<div style="width:100%;height:160px;border:0,margin:0;overflow: hidden;">[[File:OWASP_Project_Header.jpg|link=]]</div>

==Metrics==

*'''[https://docs.google.com/spreadsheet/ccc?key=0AllOCxlYdf1AdFFOQlZKQ0VhYndKT0ZkUlVsdFhrV3c&usp=sharing Project Numbers]'''

*Active Projects: 172
*Inactive Projects: 111
*Incubator Projects: 139
*Lab Projects: 18
*Flagship Projects: 15

==OWASP Project of the Month ==

{|
|-
! width="400" align="left" |
! width="400" align="left" |
|-
| align="left" | [[Image:Reversepm.jpg|left|300px|link=https://www.owasp.org/index.php/OWASP_Reverse_Engineering_and_Code_Modification_Prevention_Project]] 
| align="left" | [[Image:AppSecEU_2014.jpg|left|300px|link=https://2014.appsec.eu/]] 

|}

=CURRENTLY WORKING ON=

*'''OSS in Cambridge'''
**I am happy to report that we now have 8 applicants for the Open Source Showcase.
**I asked the community to help spread the word, and we were successful in getting the applications we needed to move the activity forward.
**We put together this blog post to announce the opportunity: [http://owasp.blogspot.com/2014/04/open-source-showcase-demo-your-project.html OSS at AppSec EU]
**We hope to get more submissions in the coming weeks.
**I have also worked with Kelly this week to put together a sponsorship proposal so she cal sell to potential sponsors for the OSS.
**We are asking for $5K per sponsor.

*'''Project Summit 2014'''
**I have been working with the AppSec EU team to organize the 2014 Project Summit.
**I have been trying to promote the event like crazy these past few weeks, but I am not getting too many submissions.
**I am having to reach out to Leaders directly to invite them to join in.
**We currently have 3 summit sessions, but I need more.
**We are also seeking 10K USD sponsorship for the summit.
**I worked with Kelly this week to put together a sponsorship proposal so she cal sell to potential sponsors for the Summit.
**We are asking for $5K per sponsor, as well.

*'''Project Reviews'''
**Sarah and I spoke about the reviews and the process that was created by the Technical Advisory Board.
**We decided to move forward with the reviews using the forms and process we created at the [https://www.owasp.org/images/c/c3/OWASP_2013_PROJECT_SUMMIT_REPORT.pdf 2013 Summit].
**The only catch is that we are dropping the Open Samm questionnaire, and we are only using the Project Quality and Health assessments.
**Here are the two forms we are using:
**[https://docs.google.com/a/owasp.org/forms/d/1mZ9QJDOS0jYaWDPCooxaa_BZPD7zm5U0REnMjt0RRoM/viewform Project Health]
**[https://docs.google.com/a/owasp.org/forms/d/1UUSrQySyvwQPq_KzhF6Q-9wvOptvLiDzNSjdXwiPOPg/viewform Project Quality: Code and Tool]
**[https://docs.google.com/a/owasp.org/forms/d/1TSj-V-rkngi1crB6BjOqabsCcjOVDjHKSelSitBqRU4/viewform Project Quality: Documentation]
**Simon Bennetts and Johanna Curiel completed a full review of the OWTF Project this week using this process.
**This is the first time the full process has been used to review and graduate a project.
**The OWASP OWTF Project is now a Lab Project.
**See the full review report here: [https://www.owasp.org/images/4/49/OWASP_Project_Review-OWTF_Project.pdf OWASP OWTF Project Review Results]

*'''Project Task Force'''
**The Project Task Force is getting on with operational project tasks.
**I am so glad this is working so well.
**We are underway with our project active/inactive audit.
**We have already eliminated over 10 projects from the active project inventory.
**This group will focus on getting stuff done for our OWASP Projects.
**There are quite a few tasks that we need to get sorted so please join in if you are interested in helping out.
**[https://www.owasp.org/index.php/Category:OWASP_Project#tab=Project_Task_Force Project Task Force Page]
**[https://groups.google.com/forum/#!forum/owasp-projects-task-force Google Group Page]

*'''Graphic Design: Hugo'''
**Hugo has completed some amazing design projects this week.
**Below are some of the examples of his work:
**[https://www.owasp.org/images/3/3a/CodeReviewCover_2014.pdf Code Review Guide Book Covers]
**[https://www.owasp.org/images/8/86/Testing_Guide_V4_final.pdf Testing Guide Book Cover]
**[https://www.owasp.org/images/8/8a/Cambridge_2014_flyer_curves.pdf AppSec EU Triptic Brochure]

*'''Projects Intern: Kait'''
**Kate has been helping me with different administrative project duties this week.
**She is working on getting some additional metrics we need for our project inventory.
**She is also working on reaching out to leaders and finding out if their projects are inactive or not.
**We will do this first pass, and then I want to give the list to Johanna so she can do a more thorough pass.
**Kait is also helping with promotion of the OSS, Summit, and Women in AppSec.

*'''Daily Project based queries and requests'''
**This has not changed much since I began the post: questions are very similar in nature.
**Global AppSec questions.
**Funding queries.
**Travel availability.
**Project based administrative help.
**Project status information.
**Several project donation questions.
**Marketing questions.
**Grant funding questions.
**OWASP social media updates.
**What's happening with projects, questions.
**Managing Salesforce cases.

=PROJECT GRANTS & FUNDING UPDATES=

==General Awards==

*'''OWASP OWTF Project: Brucon 5x5 Award'''
# Amount: €5,000.00 (Approx. $6,670.00)
# Status: Awarded. Congratulations, Abraham Aranguren and all involved in the project, for your award.

==Proposals Awarded==

*'''[https://docs.google.com/document/d/1MA3TI5ssclxvheV8At_ffu2Fuic55SDpOokS3AOvBUc/edit?usp=sharing OWASP Guidebooks Proposal]'''
# Amount: $25,000 USD
# Status: Awarded. The first payment has been allocated to our project budgets. The second invoice has now been sent to Georgia Tech and payment has been received.
# [https://www.owasp.org/images/1/18/Development_Guide_Project_Gantt.pdf OWASP Development Guide Plan]
# [https://www.owasp.org/images/e/e9/Testing_Guide_Project_Gantt.pdf OWASP Testing Guide Plan]
# [https://www.owasp.org/images/d/da/Code_Review_Project_Gantt.pdf OWASP Code Review Guide Plan]

*'''Google Grants Proposal'''
#Amount: $120,000 USD in Adwords Funds
#Status: Awarded.
#Note: There is no link to show the proposal for this grant. There was a form that was submitted to Google, and we did not receive a record of this form.
#[https://www.owasp.org/images/e/ed/2013_Campaign_Report.pdf Google Grants Usage Report]

*'''Google Summer of Code'''
#Amount: $5,500
#Status: Awarded

*'''Projects breakdown:'''
**4 ZAP Projects: $2,000
**4 OWTF Projects: $2,000
**1 PHP Security Project: $500
**1 Hackademics Project: $500
**1 Modsecurity Project: $500
**Travel Expenses: $1,896.38 (Reimbursement)
**Note: Big thank you to Fabio Cerullo for coordinating and managing this award.

*'''[https://docs.google.com/document/d/1cFbmOLqEQQG8eXPrMTlU6JUivgRIacUeL7D599bZm_E/edit?usp=sharing OWASP AppSensor Grant Proposal]'''
# Amount: $15,000 USD
# Status: Awarded.

*'''Total Funds Awarded: $172,170 USD for 2013.'''

==Proposals Denied==

*'''European Commission Grant Proposal'''
#Amount: €250,000
#Status: Denied.

*'''[https://docs.google.com/document/d/1Vz7BLFdt1h5AhmW-Zc2B_KlqhzsSkSAaEASML5U4VQs/edit?usp=sharing OWASP OpenSAMM Grant Proposal]'''
# Amount: $112,000 USD
# Status: Denied

*'''[https://docs.google.com/document/d/16ZFXaML8C7aDAZdyTMDDg4BzLr1vUTOz9eqmYE8ZW8U/edit?usp=sharing OWASP ESAPI Grant Proposal]'''
# Amount: $25,000 USD
# Status: Denied

*'''[https://docs.google.com/document/d/1dBTaRr-yl8wGhGKxacWACznZhCZnJ_sZeAdN-b2xPlw/edit?usp=sharing OWASP ModSecurity CRS Proposal]'''
#Amount: $30,000 USD
#Status: Denied

*'''[https://docs.google.com/file/d/0B1lOCxlYdf1AQm52T2xjX215M28/edit?usp=sharing OWASP OWTF Grant Proposal]'''
# Amount: $55,800 USD
# Status: Denied

==Current Project Funds==

* [https://docs.google.com/a/owasp.org/spreadsheet/pub?hl=en_US&hl=en_US&key=0Atu4kyR3ljftdEdQWTczbUxoMUFnWmlTODZ2ZFZvaXc&output=html Chapter and Individual Project Funds]
* [https://www.owasp.org/index.php/Projects_Reboot_2012 Project Reboot 2012 Information]
* [https://www.owasp.org/images/a/ae/Project_Funds-Q1_2013.pdf Q1 2013: Funds Allocated to Projects]
* [https://www.owasp.org/images/a/a0/PROJECT_FUNDS_Q2_2013.pdf Q2 2013: Funds Allocated to Projects]
* [https://www.owasp.org/images/c/ce/Due_To_Projects_Q3.pdf Q3 2013: Funds Allocated to Projects]
* [https://www.owasp.org/images/b/b3/Due_To_Projects_Q4_2013.pdf Q4 2013: Funds Allocated to Projects]

=PROJECT ANNOUNCEMENTS=

==2014 OWASP Project Summit: Need Working Session Ideas!==

The 2014 OWASP Project Summit will be taking place during AppSec EU 2014 in Cambridge, UK, and we need your help to make it our best Project Summit yet. We are calling on all OWASP Project Leaders to submit your project to participate in this year’s Summit. The Project Summit is a great opportunity to reach project milestones, as well as receive feedback from the OWASP community by enlisting new volunteers to your project.

Help shape the 2014 Project Summit by submitting to lead a working session. We would also, like your feedback on what tracks and session you would like to see at the Summit. The planning team would like your input on ideas to creating a productive event this year. The Summit team will take your ideas, and develop a comprehensive schedule that suits the needs of our Project Leaders and community.

Help make the 2014 Project Summit in Cambridge a great success for OWASP Projects. Submit your ideas for tracks and sessions to Samantha Groves (Samantha.Groves@owasp.org) and Kait Disney-Leugers (Kait.Disney.Leugers@owasp.org).

==Open Source Showcase: Demo your Project at AppSec EU 2014!==

As part of AppSec EU, the conference organizers are looking for projects to participate in the Open Source Showcase. The Open Source Showcase is a unique event module that allows project leaders and/or project contributors to showcase their work in a demo setting and gain exposure for their projects without the need to conduct a full talk session. The showcase allows a more personal view of the project between attendees.

The guidelines for submitting to the Open Source Showcase are simple: the Open Source Showcase is open to ANY project - not just OWASP projects. The only requirement for submission is that the project must be licensed under an approved Open Source License.

All open source projects are encouraged to apply to take part in the Open Source Showcase at AppSec EU 2014 in Cambridge, UK. The application form can be found here: [https://docs.google.com/forms/d/1IKKpfDL66bnzXbCglyLx1wXA4OdPmVZUUsRg1NgsYhk/viewform Submission Form].

If you have additional questions, please contact the AppSec EU 2014 Planning Team (appseceu2014@owasp.org).

==Webinar Opportunity for OWASP Project Leaders==

We are still in need for Project Leaders to showcase their projects via our Webinar series. The webinars will be held every third (3) Wednesday of every month at 10am EST. Below are the dates when each webinar will be held, and you can indicate the month if you are interested:

*May 21: Jonathan Carter
*June 18
*July 16
*August 20
*September 17
*October 15
*November 19
*December 17

Please reach out to Samantha Groves (Samantha.Groves@owasp.org) if you are interested in giving a 45 minute webinar on your OWASP Project.

=OWASP 24/7 BROADCAST SERIES=

[https://www.owasp.org/index.php/OWASP_Podcast "OWASP 24/7"] with Mark Miller is a series of recorded broadcasts, highlighting OWASP projects and people from around the world. With over 43,000 members in 100 countries, the OWASP 24/7 channel is available on demand, at anytime, anywhere on the planet. You are welcome to embed the broadcasts on your page, download them for your personal listening or keep up to date by subscribing to the iTunes channel. Please view the [https://www.owasp.org/index.php/OWASP_Podcast Podcast Project page] for a list of current interviews.

'''View [https://soundcloud.com/owasp-podcast All Available Broadcasts] or choose a single episode below'''

* [http://trustedsoftwarealliance.com/2014/03/21/the-owasp-cornucopia-project-with-colin-watson/ The OWASP Cornucopia Project with Colin Watson]
* [http://trustedsoftwarealliance.com/2014/03/24/the-owasp-top-ten-proactive-controls-project-with-jim-bird/ The OWASP Top Ten Proactive Controls Project with Jim Bird]
* [http://trustedsoftwarealliance.com/2014/03/27/owasp-hacky-easter-challenge/ The OWASP Hacky Easter Challenge with Ivan Bütler]
* [https://soundcloud.com/owasp-podcast/2014-appsec-apac-history-and/ AppSec APAC: What to Expect - Riotaro Okada & Robert Dracea]
* [https://soundcloud.com/owasp-podcast/appsec-europe-2014-what-to/ AppSec Europe What to Expect - Adrian Winckles]
* [http://trustedsoftwarealliance.com/2014/01/31/not-making-a-statement-is-a-statement-in-its-own-right-tobias-gondrom/ Not Making a Statement is a Statement in its Own Right - Tobias Gondrom and Eoin Keary]
* [http://trustedsoftwarealliance.com/2014/01/14/appsec-apac-2014-with-tobias-gondrom-what-to-expect/ AppSec APAC 2014 with Tobias Gondrom - What to Expect]
* [http://trustedsoftwarealliance.com/2014/01/13/appsec-usa-2013-larry-conklin-and-the-code-review-book-project/ AppSec USA 2013: Larry Conklin and the Code Review Book Project]
* [http://trustedsoftwarealliance.com/2014/01/07/jim-manico-life-after-owasp-podcasting/ AppSec USA 2013: Jim Manico - Life After OWASP Podcasting]
* [http://trustedsoftwarealliance.com/2013/12/13/appsec-usa-2013-zed-attack-proxy-project-with-simon-bennetts-interview/ AppSec USA 2013: Zed Attack Proxy Project with Simon Bennetts ]
* [http://trustedsoftwarealliance.com/2013/12/19/appsec-usa-2013-abbas-naderi-and-the-owasp-php-security-project/ AppSec USA 2013: Abbas Naderi and the OWASP PHP Security Project)]
* [http://trustedsoftwarealliance.com/2013/12/10/appsec-usa-2013-michael-coates-on-the-appsensor-project/ AppSec USA 2013: Michael Coates on the AppSensor Project]
* [http://trustedsoftwarealliance.com/2013/12/02/the-owasp-application-security-ciso-guide-with-marco-morana-and-tobias-gondrom/ The OWASP Application Security CISO Guide with Marco Morana and Tobias Gondrom]
* [http://trustedsoftwarealliance.com/2013/11/27/the-purpose-of-owasp-an-interview-with-co-founder-dennis-groves/ The Purpose of OWASP, an Interview with Co-Founder Dennis Groves]
* [http://trustedsoftwarealliance.com/2013/11/25/wait-wait-dont-pwn-me-full-recording-from-appsec-usa-2013/ Wait wait... don’t pwn me! - Full recording from AppSec USA 2013]
* [https://soundcloud.com/owasp-podcast/sarah-baso-43-000-members-160 Sarah Baso - What does it take to support 43,000 members in 100+ countries?]
* [https://soundcloud.com/owasp-podcast/samantha-groves-owasp-projects Samantha Groves - Getting the Most from OWASP Projects]
* [https://soundcloud.com/owasp-podcast/kate-hartmann-the-future-of Kate Hartmann - The Future of Virtual Chapter Meetings]
* [https://soundcloud.com/owasp-podcast/kelly-santalucia-growing-owasp Kelly Santalucia - Growing OWASP and the Outreach Programs]
* [https://soundcloud.com/owasp-podcast/tom-brennan-what-to-expect-at Tom Brennan - What to Expect at AppSecUSA 2013]

'''Upcoming interviews'''
* Kevin Wall (ESAPI)
* Andrew van der Stock (Pro-Active Controls)
* Andrew van der Stock
* Chetan Karande - Node.jsGoat
* Mark Arnold - OWASP Boston Chapter Lead
* Mike McCabe, Ken Johnson
* Rafael Gil
* Seba Deleersnyder

__NOTOC__ <headertabs />