OWASP Global Projects Report

• Project Numbers
  • Active Projects: 132
  • Inactive Projects: 104

• New Project Applications
  • PHP Portscanner
  • OWASP Framework Security Project

• Projects Under Review
  • OWASP Cheat Sheets Project
  • OWASP Java HTML Sanitizer Project
  • Xenotix XSS Exploit Framework
  • OWASP Cornucopia Project
  • OWASP Java Encoder Project
  • Project reviews are on hold until the Technical Advisory group complete and test the updated assessment criteria.

Currently Working On

• Active Project Audit
  • The Project Audit is now complete.
  • I reached out to every project leader listed in our inventory, and asked them to confirm the status of their project.
  • The majority of our Leaders responded, and their project activity status was marked accordingly.
  • Those that did not respond were sent 3 messages before their project was marked inactive.
  • Due to the audit, the number of active OWASP Projects in our inventory went down from 169 to 132.
  • I have also created an OWASP Project Leader Mailing List, and I added all of our confirmed active Leaders to it.
  • The next audit will take place on February 2014.

• Women in AppSec: AppSec USA 2013
  • This week, I met with Dawn-Marie Hutchinson, Head of Information Security at Urban Outfitters.
  • We spoke about her participation in the Women in AppSec Panel.
  • Everything is ready to go on her end, and she will reach out to us closer to the date with any logistical questions she may have.
  • Additionally, the Women in AppSec Team are still putting together a selection committee to help review and select the winning candidates.
  • Women in AppSec Program Selection Criteria: 1st Draft.
  • We plan on beginning our selection process after the 9th of September once the application deadline has passed.
  • Women in AppSec Application Form.
  • The application deadline is Monday, September 09, 2013 at 5pm GMT.
  • The deadline for sponsors is Monday, September 09, 2013, as well.

• Grants & Fundraising Intern
  • I continue to search for a Grants & Fundraising intern.
  • I currently have 4 applicants for the role, but I would like to get a few more before the deadline.
  • Application Deadline: Monday August 26 2013 5PM GMT.
  • Interviews Scheduled: First Week of September.
  • Selection Announcement: Monday, September 09th 2013.
  • Start Date: Monday, September 16th 2013.
  • Internship End Date: Monday, January 13th 2014.
  • If you are interested, or know of anyone that might be interested, please contact me at [email protected].

• Projects in Salesforce
  • I worked closely with Kate this week to figure out a way to better integrate our project data into Salesforce.
  • The issue we are having is that many of the primary activities a Project Leader takes part in, happen outside of the wiki and Salesforce.
  • Moreover, project leaders do not have access to the information in Salesforce about their project.
  • This means that project leaders cannot update, add, or delete information about their projects.
  • The end result is that I have to make duplicate data lists, one in Salesforce and one in Google Docs where Leaders can have access to it.
  • Kate is looking into several applications that can help eliminate this duplication, and help with our workflow.

• Daily Project based queries and requests
  • This has not changed much since I began the post: questions are very similar in nature.
  • Global AppSec questions.
  • Funding queries.
  • Travel availability.
  • Project based administrative help.
  • Project status information.
  • Several project donation questions.
  • Marketing questions.
  • Grant funding questions.
  • OWASP social media updates.
  • What's happening with projects, questions.

Project Funding Updates

• OWASP OWTF Project: Brucon 5x5 Award

1. Amount: €5,000.00 (Approx. $6,670.00)
2. Status: Awarded. Congratulations, Abraham Aranguren and all involved in the project, for your award.

• OWASP OWTF Grant Proposal

1. Amount: $55,800 USD
2. Status: This proposal is complete, and has been submitted.

• OWASP AppSensor Grant Proposal

1. Amount: $15,000 USD
2. Status: This proposal is complete, and has been submitted.

• OWASP OpenSAMM Grant Proposal

1. Amount: $112,000 USD
2. Status: This proposal is complete, and has been submitted.

• OWASP Guidebooks Proposal

1. Amount: $25,000 USD
2. Status: Awarded. The first payment has been allocated to our project budgets. The second invoice has now been sent to Georgia Tech for payment.
3. OWASP Development Guide Plan
4. OWASP Testing Guide Plan
5. OWASP Code Review Guide Plan

• OWASP ESAPI Grant Proposal

1. Amount: $25,000 USD
2. Status: The ESAPI proposal is still being reviewed.

• OWASP ModSecurity CRS Proposal

1. Amount: $30,000 USD
2. Status: The ModSecurity proposal is still being reviewed.

• Google Grants Proposal

1. Amount: $120,000 USD in Adwords Funds
2. Status: Awarded.
3. Note: There is no link to show the proposal for this grant. There was a form that was submitted to Google, and we did not receive a record of this form.

• European Commission Grant Proposal

1. Amount: €250,000
2. Status: Denied.

• Google Summer of Code

1. Amount: $5,500
2. Status: Awarded

• Projects breakdown:
  • 4 ZAP Projects: $2,000
  • 4 OWTF Projects: $2,000
  • 1 PHP Security Project: $500
  • 1 Hackademics Project: $500
  • 1 Modsecurity Project: $500
  • Note: Big thank you to Fabio Cerullo for coordinating and managing this award.

• Total Funds Awarded: $157,170 USD for 2013.