This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "OWASP Project Manager Activity Reports/July 08 2013"

From OWASP
Jump to: navigation, search
 
(7 intermediate revisions by the same user not shown)
Line 1: Line 1:
 
== OWASP Projects Manager Report ==
 
== OWASP Projects Manager Report ==
==== Work accomplished since May 13, 2013 ====
+
==== Work accomplished since June 10, 2013 ====
  
*'''Project Numbers'''
+
*'''[https://docs.google.com/spreadsheet/ccc?key=0AllOCxlYdf1AdHBGbDhXQko4akJoVnMtMUpvZnJucVE&usp=sharing Project Numbers]'''
**Active Projects: 154
+
**Active Projects: 161
 
**Inactive Projects: 67
 
**Inactive Projects: 67
  
*'''New Incubator Projects'''
+
*'''New OWASP Projects'''
**[https://www.owasp.org/index.php/OWASP_WS_Amplification_DoS_Project OWASP WS-Amplification DoS Project]
+
**[https://www.owasp.org/index.php/OWASP_Windows_Binary_Executable_Files_Security_Checks_Project OWASP Windows Binary Executable Files Security Checks Project]
**[https://www.owasp.org/index.php/OWASP_Mutillidae_2_Project OWASP Mutillidae 2 Project]
+
**[https://www.owasp.org/index.php/OWASP_Wordpress_Security_Checklist_Project OWASP Wordpress Security Checklist Project]
**[https://www.owasp.org/index.php/OWASP_Skanda_SSRF_Exploitation_Framework OWASP Skanda - SSRF Exploitation Framework]
+
**[https://www.owasp.org/index.php/Simple_Host_Base_Incidence_Detection_System OWASP Simple Host Base Incidence Detection System Project]
**[https://www.owasp.org/index.php/OWASP_RBAC_Project OWASP RBAC Project]
+
**[https://www.owasp.org/index.php/OWASP_Supporting_Legacy_Web_Applications_in_the_Current_Environment_Project OWASP Supporting Legacy Web Applications in the Current Environment Project]
**[https://www.owasp.org/index.php/OWASP_PHP_Security_Project OWASP PHP Security Project]  
+
**[https://www.owasp.org/index.php/OWASP_SeraphimDroid_Project OWASP SeraphimDroid Project]
 +
**[https://www.owasp.org/index.php/OWASP_Unmaskme_Project OWASP Unmaskme Project]
  
*'''[https://docs.google.com/a/owasp.org/spreadsheet/ccc?key=0Amvv_7Gz8Z7TdHZfWGhHZ0Z4UFFwZU42djBXcVVLSlE#gid=0 Project Applications]'''
+
*'''[https://docs.google.com/spreadsheet/ccc?key=0Amvv_7Gz8Z7TdHZfWGhHZ0Z4UFFwZU42djBXcVVLSlE&usp=sharing Project Applications]'''
**VCR Project
+
**File Format Validation
**Windows Binary Executable Files Security Checks
+
**Androïck
**Wordpress Security Checklist
+
**SafeNuGet
**Simple Host Base Incidence Detection System
 
**Chat Application
 
**Supporting Legacy Web Applications in the Current Environment
 
**SeraphimDroid
 
  
 
*'''Projects Under Review'''
 
*'''Projects Under Review'''
Line 26: Line 23:
 
**[https://www.owasp.org/index.php/OWASP_Java_HTML_Sanitizer_Project OWASP Java HTML Sanitizer Project]
 
**[https://www.owasp.org/index.php/OWASP_Java_HTML_Sanitizer_Project OWASP Java HTML Sanitizer Project]
 
**[https://www.owasp.org/index.php/OWASP_Xenotix_XSS_Exploit_Framework Xenotix XSS Exploit Framework]
 
**[https://www.owasp.org/index.php/OWASP_Xenotix_XSS_Exploit_Framework Xenotix XSS Exploit Framework]
 +
**[https://www.owasp.org/index.php/OWASP_Cornucopia OWASP Cornucopia Project]
 
**Project reviews are on hold until we can fill the [https://www.owasp.org/index.php/Projects/Reviews_Management_Proposal_2013 Technical Project Advisor] [http://owasp.force.com/volunteers/GW_Volunteers__VolunteersJobListing?campaignid=701U0000000AUtE volunteer roles].  
 
**Project reviews are on hold until we can fill the [https://www.owasp.org/index.php/Projects/Reviews_Management_Proposal_2013 Technical Project Advisor] [http://owasp.force.com/volunteers/GW_Volunteers__VolunteersJobListing?campaignid=701U0000000AUtE volunteer roles].  
  
Line 37: Line 35:
 
**Work with Project leaders to reach grant required milestones - ONGOING
 
**Work with Project leaders to reach grant required milestones - ONGOING
 
**Develop a project charter outlining appropriate grant revenue spending and grant required milestones. - DUE IN SEPTEMBER - ONGOING
 
**Develop a project charter outlining appropriate grant revenue spending and grant required milestones. - DUE IN SEPTEMBER - ONGOING
**Oversight of Marketing and Graphic Design deliverables (Phase 3) provided by 3rd party contractor
+
**Oversight of Marketing and Graphic Design deliverables (Phase 3) provided by 3rd party contractor - ONGOING
  
 
==Currently Working On==   
 
==Currently Working On==   
 
   
 
   
*'''OWASP Projects at AppSec Conferences 2013'''
+
*'''Projects at Conferences'''
**Planning continues for the project event modules for AppSec USA 2013.
+
**AppSec USA: I continue to plan logistics for the [http://appsecusa.org/2013/activities/project-leader-workshop/ Project Leader Workshop], and the [http://appsecusa.org/2013/activities/owasp-project-summit/ Project Summits].  
**I continue to work with our project summit participating leaders to work out costs and logistics for their attendance.  
+
**AppSec EU: The OWASP Projects Track and the Open Source Showcase (OSS) are scheduled to take place at AppSec EU. The local AppSec EU team is working towards gathering submissions for the OSS.  
**I am in the process of putting together our project leader workshop materials.  
+
**AppSec LATAM: Now that AppSec LATAM is moving forward, I will reach out to the local event planners and discuss the possibility of having Projects at the conference.
**The workshop will be a 45 - 50 minute interactive presentation for current and potential OWASP Project Leaders.  
+
**AppSec APAC 2014: I briefly spoke to the local event planning team in Tokyo about our different Project Event Modules. I will send them more detailed information on each module so we can discuss further.  
**It will take place at the AppSec USA 2013 conference in New York.
 
**I will continue to provide support to the local event planning team for AppSec EU, as needed.  
 
  
 
*'''Women in Security: AppSec USA 2013'''
 
*'''Women in Security: AppSec USA 2013'''
**The team has finished a first draft of the Sponsorship Document.
+
**The team is now in the fundraising stage.
**The plan is to reach out to different organizations for sponsorship.  
+
**We have managed to raise $500.00 from the OWASP Boston Chapter. 
 +
**[https://www.owasp.org/images/e/ed/Women-in-appsec-sponsorship.pdf Women in Security Sponsorship Document: AppSec USA 2013]
 +
**We have reached out to several organizations and OWASP Chapters to seek sponsorship for this program.  
 
**You can find more information on the [http://appsecusa.org/2013/activities/owasp-women-in-application-security-appsec-program/ AppSec USA website].  
 
**You can find more information on the [http://appsecusa.org/2013/activities/owasp-women-in-application-security-appsec-program/ AppSec USA website].  
**We are currently attempting to raise $3,000.00 for each winner.
 
**We plan on having 2 winners for 2013.
 
 
**The total amount we are requesting is $6,000.00 to cover conference fee, training fee, travel and accommodation for both winners.  
 
**The total amount we are requesting is $6,000.00 to cover conference fee, training fee, travel and accommodation for both winners.  
**We are working hard to make this a possibility for our 2 potential winners.  
+
**We continue to work hard with our fundraising efforts to bringing this initiative to AppSec USA 2013.
 +
 
 +
*'''Marketing Phase 3 Update'''
 +
**Sisterworks Publishing has finalized their copywriting work, and they have sent their materials to the graphic design studio.
 +
**Design Foundry has now started designing their first drafts of our remaining marketing collateral.
 +
**The OWASP Team is currently working on a system that will allow community review of the design work. 
 +
**We will ask for community feedback once we get a more finalized version of each design. 
 +
**[https://www.owasp.org/images/7/7c/OWASP_Background-Research_Phase1_Final_%281%29.pdf Phase 1 Deliverable]
 +
**[https://www.owasp.org/images/c/c5/OWASP_Recommendations-Presentation2-April24.pdf Phase 2 Deliverable]
 +
**[https://www.owasp.org/images/4/48/OWASP-SEO-Content-Audit-Final-6-7-2013.pdf SEO Content Audit]
 +
***Note: Phase 2 Deliverable has recommendations made by Sisterworks and Design Foundry based on their research.
 +
***We are not necessarily moving forward with these recommendations towards implementation.
 +
***Sisterworks and Design Foundry are helping with our brand consistency and collateral design.
  
 
*'''[https://docs.google.com/spreadsheet/ccc?key=0AllOCxlYdf1AdEdCYVJpdmZHaWJYZ055WHROa19qN3c&usp=sharing Determining Active Project Status]'''
 
*'''[https://docs.google.com/spreadsheet/ccc?key=0AllOCxlYdf1AdEdCYVJpdmZHaWJYZ055WHROa19qN3c&usp=sharing Determining Active Project Status]'''
Line 63: Line 71:
 
**Flagship projects are completed.
 
**Flagship projects are completed.
 
**Labs are completed.  
 
**Labs are completed.  
**Incubator projects are now in the 3rd phase of 4 phases.
+
**I am currently working on finalizing the Incubator projects.
 
 
*'''European Commission Grant Opportunity: Proposal Status'''
 
**Seba and I have finished our work on the OWASP section of the European Commission grant proposal.
 
**The grant opportunity has the potential to help a hand full of OWASP projects with resources and funds.
 
**Seba and I presented our internal proposal to proceed to the Board of Directors and it was approved.
 
**The proposal has now been submitted to the European Commission.
 
**We expect to hear back from the EU Commission with a decision towards the end of 2013.
 
  
 
*'''Technical Project Advisory Roles'''
 
*'''Technical Project Advisory Roles'''
**I am currently on the 1st stage of the interview process for each candidate.
+
**The interviews for the six advisory roles are complete.
**I created job descriptions for each role, and those roles were posted for over a month.
+
**I have finished choosing each advisor for each role.
**We had a good amount of candidates apply for each role.  
+
**I have let each successful candidate know of their role allocation.  
**I have sent out e-mails asking each candidate to answer 3 questions regarding their interest in these roles.
+
**I am now waiting for confirmation of acceptance for each role.  
**I will reach out to those individuals that responded to my request by this week.  
 
  
*'''Marketing Phase 3 Update'''
+
*'''Event Manager Interviews'''
**The marketing deliverables are going smoothly.
+
**The OWASP Team is currently reviewing resumés, and interviewing candidates for the Event Manager role.
**There is quite a bit of work to be done during this phase as this is where the back and forth approval process takes place.
+
**We are working together to tackle the 80+ applications we received for this position.  
**The Ops Team is diligently working on this phase with Sisterworks Publishing and Design Foundry.
+
**The team has a few more interviews to manage before we make our final selection.
**At the moment, we are working on finalizing the copy for several pieces of collateral that are scheduled to be designed.  
+
**We plan to have a new candidate in this role by mid July.
**[https://www.owasp.org/images/7/7c/OWASP_Background-Research_Phase1_Final_%281%29.pdf Phase 1 Deliverable]
 
**[https://www.owasp.org/images/c/c5/OWASP_Recommendations-Presentation2-April24.pdf Phase 2 Deliverable]
 
***Note: Phase 2 Deliverable has recommendations made by Sisterworks and Design Foundry based on their research.
 
***We are not necessarily moving forward with these recommendations towards implementation.
 
***Sisterworks and Design Foundry are helping with our brand consistency and collateral design.
 
 
 
*'''Strategic Goals Presentation'''
 
**Ludovic petit has requested that we put together a presentation that the community can use to communicate our 2013 Strategic Goals.
 
**Sarah and I have put together a first draft of the deck.
 
**We plan to add to it over the coming weeks to make certain we encompass the thinking behind each goals for this year.
 
**[https://www.owasp.org/images/1/13/OWASP_2013_Strategic_Goals.pdf 2013 Strategic Goals draft]
 
  
 
*'''Personal Development'''
 
*'''Personal Development'''
**I am currently reading ''Board Member Orientation: The Concise and Complete Guide to Non-Profit Board Service'' by Michael E. Batts.  
+
**I have finished reading ''Board Member Orientation: The Concise and Complete Guide to Non-Profit Board Service'' by Michael E. Batts.  
 
**I am still taking my online course from Coursera.
 
**I am still taking my online course from Coursera.
 
**The course topic is Information Security and Risk Management in Context.
 
**The course topic is Information Security and Risk Management in Context.
**I am currently in week 6 of the course.
+
**I was able to take a week long, personal development course this month in the UK.
**Additionally, I am going to take a week long course in late June in the UK.
+
**The program topic was Intellectual Property (IP) Strategy, and the material focused on the development and management of international IP systems for micro, SME, and multinational enterprises.  
**The course topic is Intellectual Property Strategy.
+
**The course material was eye opening, and I truly enjoyed the experience.
**I will write a report on my learnings for the community after the course ends.
+
**My primary objective was to become familiar with the different types of IP options that exist on an international level.
 +
**I felt it would help me manage this aspect of our OWASP Projects since most of the material created is IP related even if it is under a Commons license.
 +
**[https://www.owasp.org/index.php/Projects/Intellectual_Property_Report Intellectual Property Strategy Report.]
  
 
==Grants Updates==
 
==Grants Updates==
 
*'''[https://docs.google.com/document/d/1MA3TI5ssclxvheV8At_ffu2Fuic55SDpOokS3AOvBUc/edit?usp=sharing OWASP Guidebooks Proposal]'''
 
*'''[https://docs.google.com/document/d/1MA3TI5ssclxvheV8At_ffu2Fuic55SDpOokS3AOvBUc/edit?usp=sharing OWASP Guidebooks Proposal]'''
 
# Amount: $25,000 USD
 
# Amount: $25,000 USD
# Status: The first payment has been allocated to our project budgets.   
+
# Status: Awarded. The first payment has been allocated to our project budgets.   
 
# [https://www.owasp.org/images/1/18/Development_Guide_Project_Gantt.pdf OWASP Development Guide Plan]
 
# [https://www.owasp.org/images/1/18/Development_Guide_Project_Gantt.pdf OWASP Development Guide Plan]
 
# [https://www.owasp.org/images/e/e9/Testing_Guide_Project_Gantt.pdf OWASP Testing Guide Plan]
 
# [https://www.owasp.org/images/e/e9/Testing_Guide_Project_Gantt.pdf OWASP Testing Guide Plan]
Line 123: Line 114:
 
*'''Google Grants Proposal'''
 
*'''Google Grants Proposal'''
 
#Amount: $120,000 USD  in Adwords Funds
 
#Amount: $120,000 USD  in Adwords Funds
#Status: We will discuss possible solutions during our Mid-Term (6-12 month) marketing planning.  
+
#Status: Awarded.  
 
#Note: There is no link to show the proposal for this grant. There was a form that was submitted to Google, and we did not receive a record of this form.  
 
#Note: There is no link to show the proposal for this grant. There was a form that was submitted to Google, and we did not receive a record of this form.  
  
Line 129: Line 120:
 
#Amount: €250,000
 
#Amount: €250,000
 
#Status: This proposal has been completed and submitted.  
 
#Status: This proposal has been completed and submitted.  
 +
  
 
*'''Total Grant Funds Awarded: $145,000 USD for 2013.'''
 
*'''Total Grant Funds Awarded: $145,000 USD for 2013.'''
 +
  
 
==OWASP Projects Manager Weekly Reports==
 
==OWASP Projects Manager Weekly Reports==
Line 136: Line 129:
 
#[https://www.owasp.org/index.php/Projects/Reports/2013-14-06  Project Manager Report: June 14 2013]
 
#[https://www.owasp.org/index.php/Projects/Reports/2013-14-06  Project Manager Report: June 14 2013]
 
#Project Manager Report: June 21 2013 - No Report this week. PM was away at a week long course.  
 
#Project Manager Report: June 21 2013 - No Report this week. PM was away at a week long course.  
#[https://www.owasp.org/index.php/Projects/Reports/2013-28-06  Project Manager Report: June 28 2013
+
#[https://www.owasp.org/index.php/Projects/Reports/2013-28-06  Project Manager Report: June 28 2013]

Latest revision as of 00:17, 3 July 2013

OWASP Projects Manager Report

Work accomplished since June 10, 2013

Project Manager Q2 2013 Objectives

  1. Identify and target 5-7 specific grants to pursue for 2013.
  2. Develop Brand Usage Guidelines for Projects.
  3. Need for consistent documentation of guidelines (similar to How To Host a Conference) that can apply to various events and venues.
  4. Volunteer Management - identification of skills and supervision required to engage volunteers productively.
  • Ongoing Objectives for 2013
    • Work with Project leaders to reach grant required milestones - ONGOING
    • Develop a project charter outlining appropriate grant revenue spending and grant required milestones. - DUE IN SEPTEMBER - ONGOING
    • Oversight of Marketing and Graphic Design deliverables (Phase 3) provided by 3rd party contractor - ONGOING

Currently Working On

  • Projects at Conferences
    • AppSec USA: I continue to plan logistics for the Project Leader Workshop, and the Project Summits.
    • AppSec EU: The OWASP Projects Track and the Open Source Showcase (OSS) are scheduled to take place at AppSec EU. The local AppSec EU team is working towards gathering submissions for the OSS.
    • AppSec LATAM: Now that AppSec LATAM is moving forward, I will reach out to the local event planners and discuss the possibility of having Projects at the conference.
    • AppSec APAC 2014: I briefly spoke to the local event planning team in Tokyo about our different Project Event Modules. I will send them more detailed information on each module so we can discuss further.
  • Women in Security: AppSec USA 2013
    • The team is now in the fundraising stage.
    • We have managed to raise $500.00 from the OWASP Boston Chapter.
    • Women in Security Sponsorship Document: AppSec USA 2013
    • We have reached out to several organizations and OWASP Chapters to seek sponsorship for this program.
    • You can find more information on the AppSec USA website.
    • The total amount we are requesting is $6,000.00 to cover conference fee, training fee, travel and accommodation for both winners.
    • We continue to work hard with our fundraising efforts to bringing this initiative to AppSec USA 2013.
  • Marketing Phase 3 Update
    • Sisterworks Publishing has finalized their copywriting work, and they have sent their materials to the graphic design studio.
    • Design Foundry has now started designing their first drafts of our remaining marketing collateral.
    • The OWASP Team is currently working on a system that will allow community review of the design work.
    • We will ask for community feedback once we get a more finalized version of each design.
    • Phase 1 Deliverable
    • Phase 2 Deliverable
    • SEO Content Audit
      • Note: Phase 2 Deliverable has recommendations made by Sisterworks and Design Foundry based on their research.
      • We are not necessarily moving forward with these recommendations towards implementation.
      • Sisterworks and Design Foundry are helping with our brand consistency and collateral design.
  • Determining Active Project Status
    • This is a status update on this initiative.
    • I am reaching out to each leader individually to confirm these pieces of data for all 154 projects.
    • Flagship projects are completed.
    • Labs are completed.
    • I am currently working on finalizing the Incubator projects.
  • Technical Project Advisory Roles
    • The interviews for the six advisory roles are complete.
    • I have finished choosing each advisor for each role.
    • I have let each successful candidate know of their role allocation.
    • I am now waiting for confirmation of acceptance for each role.
  • Event Manager Interviews
    • The OWASP Team is currently reviewing resumés, and interviewing candidates for the Event Manager role.
    • We are working together to tackle the 80+ applications we received for this position.
    • The team has a few more interviews to manage before we make our final selection.
    • We plan to have a new candidate in this role by mid July.
  • Personal Development
    • I have finished reading Board Member Orientation: The Concise and Complete Guide to Non-Profit Board Service by Michael E. Batts.
    • I am still taking my online course from Coursera.
    • The course topic is Information Security and Risk Management in Context.
    • I was able to take a week long, personal development course this month in the UK.
    • The program topic was Intellectual Property (IP) Strategy, and the material focused on the development and management of international IP systems for micro, SME, and multinational enterprises.
    • The course material was eye opening, and I truly enjoyed the experience.
    • My primary objective was to become familiar with the different types of IP options that exist on an international level.
    • I felt it would help me manage this aspect of our OWASP Projects since most of the material created is IP related even if it is under a Commons license.
    • Intellectual Property Strategy Report.

Grants Updates

  1. Amount: $25,000 USD
  2. Status: Awarded. The first payment has been allocated to our project budgets.
  3. OWASP Development Guide Plan
  4. OWASP Testing Guide Plan
  5. OWASP Code Review Guide Plan
  1. Amount: $25,000 USD
  2. Status: The ESAPI proposal is still being reviewed.
  1. Amount: $30,000 USD
  2. Status: The ModSecurity proposal is still being reviewed.
  • Google Grants Proposal
  1. Amount: $120,000 USD in Adwords Funds
  2. Status: Awarded.
  3. Note: There is no link to show the proposal for this grant. There was a form that was submitted to Google, and we did not receive a record of this form.
  • European Commission Grant Proposal
  1. Amount: €250,000
  2. Status: This proposal has been completed and submitted.


  • Total Grant Funds Awarded: $145,000 USD for 2013.


OWASP Projects Manager Weekly Reports

  1. Project Manager Report: June 07 2013
  2. Project Manager Report: June 14 2013
  3. Project Manager Report: June 21 2013 - No Report this week. PM was away at a week long course.
  4. Project Manager Report: June 28 2013
Retrieved from "https://wiki.owasp.org/index.php?title=OWASP_Project_Manager_Activity_Reports/July_08_2013&oldid=154908"