This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit


Jump to: navigation, search

Project Division Updates

Currently Working On

  • OWASP Asia Leadership Outreach Project
    • This Asia Leadership Outreach Project came about during the discussion Dhillon and I had about OWASP at the Kuala Lumpur, Hack in the Box event.
    • He mentioned that he has offered OWASP a booth at the Kuala Lumpur, Hack in the Box event for a few years, but local chapters have not represented OWASP very well.
    • We suggested developing an OWASP Malaysia and Singapore outreach project that would involve a workshop, and the co-running of the Hack in the Box booth by members of both chapters.
    • I have put together a proposal where I outline a 3 day outreach initiative that aims to bring more experienced chapter leaders to the region for a workshop.
    • Read the full proposal for more information.
  • Development of Technical Project Advisor Requirements
    • This item involves the new management work flow for project reviews that was proposed for 2013.
    • Projects Review Process Proposal
    • It will involve a working group of technical project advisors headed by a member of the board.
    • The working group will be made up of the following areas: Secure Development, Secure Lifecycle Activity, Static Analysis, Dynamic Analysis, Governance, and Education.
    • These roles will be responsible for reviewing projects, and increasing the quality of the project review process and criteria.
    • I have put together experience requirements for each technical advisor volunteer role.
    • To read the full descriptions, please visit the advisory role descriptions document.
  • Categorization of OWASP Projects
    • I have begun categorizing our OWASP projects into the Builder, Breaker, and Defender categories.
    • Currently, our categorization is limited so I have begun to increase the search criteria for our projects.
    • Additionally, I have begun to label our projects based on OWASP Open SAMM criteria.
    • The labels are as follows: Governance, Construction, Verification, Deployment.
    • The plan is to allow users to find projects based on these labels on our projects wiki page.
  • Project Leader Responsibilities & Expectations
    • I am currently working on putting together documentation that outlines a project leader's responsibilities, and our organizational expectations of them.
    • I am also developing a "How to run a successful OWASP project" document.
    • Jim and I are developing brand usage guidelines for our project leaders.
    • An OWASP project lifecycle info graphic is being developed as well.
    • I hope that these "How To" documents and graphics will help project leaders understand their responsibilities, and how to leverage the OWASP project infrastructure for success.
  • Daily Project based queries and requests
    • This has not changed much since I began the post: questions are very similar in nature.
    • Global AppSec questions.
    • Funding queries.
    • Travel availability.
    • Project based administrative help.
    • Project status information.
    • Several project donations questions.
    • OWASP LinkedIn Updates.
    • What's happening with projects, questions.

Grants Updates

  • Guidebooks Grant
  1. Amount: $25,000
  2. Status: We are still waiting for payment from DHS. I have reached out to our DHS and Georgia Tech representatives once again to ask for payment.
  • ESAPI Proposal
  1. Amount: $25,000
  2. Status: The ESAPI proposal is still being reviewed.
  • ModSecurity Grant Writing
  1. Amount: $30,000
  2. Status: The ModSecurity proposal is still being reviewed.
  • Google Grants Proposal
  1. Amount: $120,00 in Adwords Funds
  2. Status: I have begun managing the Adwords account regularly. I am waiting until we reach the implementation phase with our marketing company.
  • Total Grant Funds Awarded: $145,000 for 2013.