Difference between revisions of "OWASP Project Manager Activity Reports/May 13 2013"

Revision as of 20:12, 7 May 2013

New Incubator Projects
- OWASP iMAS - iOS Mobile Application Security Project
- OWASP Scytale Project

Project Applications
- OWASP WS-Amplification DoS Project
- OWASP Mutillidae 2 (Codename: NOWASP) Project
- OWASP Skanda - SSRF Exploitation Framework Project

Projects Under Review
- OWASP Cheat Sheets Project
- OWASP Java HTML Sanitizer Project
- Xenotix XSS Exploit Framework
- Project reviews are on hold until we can fill the Technical Project Advisor volunteer roles.

Identify and target 5-7 specific grants to pursue for 2013.
Develop Brand Usage Guidelines for Projects.
Need for consistent documentation of guidelines (similar to How To Host a Conference) that can apply to various events and venues.
Volunteer Management - identification of skills and supervision required to engage volunteers productively.

Ongoing Objectives for 2013
- Work with Project leaders to reach grant required milestones - ONGOING
- Develop a project charter outlining appropriate grant revenue spending and grant required milestones. - DUE IN SEPTEMBER - ONGOING
- Oversight of Marketing and Graphic Design deliverables (Phase 2/Phase 3) provided by 3rd party contractor

Grant Opportunities Recap & Updates
- Guidebooks Proposal: The first payment has been allocated to our project budgets.
- Amount: $25,000
- ESAPI Proposal: This proposal is still under review.
- Amount: $25,000
- Google Grants: We now have a better idea of the initiatives and tasks we must undertake to better leverage this award. We will discuss possible solutions during our Mid-Term (6-12 month) marketing planning.
- Amount: $120,000 a year in Google Adwords Money
- ModSecurity Proposal: This proposal is still under review.
- Amount: $30,000
- LSEC Web Attack Grant Opportunity
- Amount: €250,000
- Status: This proposal is currently being put together by a grant partner. We are still in the process of writing the proposal to the board and working out logistics.

Project Reviews Process: Workflow Adjustment
- Initiative jobs have been posted to our Volunteer jobs page.
- Jim and I will hold interviews within a month's time to select each volunteer for the role.
- You can find the job listings here.

Categorization of OWASP Projects
- I have begun categorizing our OWASP projects into the Builder, Breaker, and Defender categories.
- Currently, our categorization is limited so I have begun to increase the search criteria for our projects.
- Additionally, I have begun to label our projects based on OWASP Open SAMM criteria.
- The labels are as follows: Governance, Construction, Verification, Deployment.
- The plan is to allow users to find projects based on these labels on our projects wiki page.

OWASP Project Leaders: Brand Usage Guidelines
- I have begun developing brand usage guidelines for our project leaders with Jim Manico's help.
- We have decided to use the Apache Software Foundation's documentation on the subject as a guide for our own.
- We feel they developed excellent material, and we plan to use their guidelines as a starting point.
- I spent this week putting together our OWASP Project Leader Brand Usage Guidelines.

Project Leader Responsibilities & Expectations
- I have finished putting together documentation that outlines a project leader's responsibilities, and our foundation's expectations of them.
- This document was written to help project leaders understand their responsibilities as managers of their project(s).

Project Wiki Templates
- I am working towards developing new wiki templates for our OWASP Projects.
- Leaders have expressed frustrations with our current templates as they are not very user friendly.
- Our PLs also need to let our consumers know at which stage a project is in within our OWASP Projects Infrastructure.
- Development is ongoing.

Project Leader Cheat Sheet
- I am currently developing a "How to run a successful OWASP Project" document.
- I hope this document will help project leaders understand how to best leverage the OWASP Project Infrastructure for success.
- This is an ongoing project.
- I will have a first draft of this completed by the end of next week.

OWASP Marketing
- Sarah and I are working on transitioning the workflow for the 3rd phase of our marketing plan.
- We are currently finalizing our visual branding guide with our third party designer.
- The Operations Staff all plan on discussing our marketing plans in detail at our Staff Summit in New York.

@@ Line 34: / Line 34: @@
 ==Currently Working On==
 *'''Grant Opportunities Recap & Updates'''
-**Guidebooks Proposal: DHS and Georgia Tech have now sent payment. They have sent our first payment of $7,000.
+**Guidebooks Proposal: The first payment has been allocated to our project budgets.
 **Amount: $25,000
 **ESAPI Proposal: This proposal is still under review.
 **Amount: $25,000
-**Google Grants: We continue to test different keywords and strategies to try and find the best way to leverage this grant award. We are currently testing a strategy for the AppSec USA conference this year. I am seeking assistance from an AdWords expert next week.
+**Google Grants: We now have a better idea of the initiatives and tasks we must undertake to better leverage this award. We will discuss possible solutions during our Mid-Term (6-12 month) marketing planning.
 **Amount: $120,000 a year in Google Adwords Money
 **ModSecurity Proposal: This proposal is still under review.
 **Amount: $30,000
+**LSEC Web Attack Grant Opportunity
+**Amount: €250,000
+**Status: This proposal is currently being put together by a grant partner. We are still in the process of writing the proposal to the board and working out logistics.
 *'''Total Grant Funds Awarded: $145,000 for 2013 so far.'''