This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Projects/Reports/2013-23-08"
From OWASP
| (4 intermediate revisions by the same user not shown) | |||
| Line 8: | Line 8: | ||
*'''[https://docs.google.com/spreadsheet/ccc?key=0Amvv_7Gz8Z7TdHZfWGhHZ0Z4UFFwZU42djBXcVVLSlE&usp=sharing New Project Applications]''' | *'''[https://docs.google.com/spreadsheet/ccc?key=0Amvv_7Gz8Z7TdHZfWGhHZ0Z4UFFwZU42djBXcVVLSlE&usp=sharing New Project Applications]''' | ||
**PHP Portscanner | **PHP Portscanner | ||
| + | **OWASP Framework Security Project | ||
*'''Projects Under Review''' | *'''Projects Under Review''' | ||
| Line 19: | Line 20: | ||
==Currently Working On== | ==Currently Working On== | ||
| − | *'''Project | + | *'''[https://docs.google.com/spreadsheet/ccc?key=0AllOCxlYdf1AdEdCYVJpdmZHaWJYZ055WHROa19qN3c&usp=sharing Active Project Audit]''' |
| − | **I | + | **The Project Audit is now complete. |
| − | ** | + | **I reached out to every project leader listed in our inventory, and asked them to confirm the status of their project. |
| − | ** | + | **The majority of our Leaders responded, and their project activity status was marked accordingly. |
| − | ** | + | **Those that did not respond were sent 3 messages before their project was marked inactive. |
| − | **The | + | **Due to the audit, the number of active OWASP Projects in our inventory went down from 169 to 132. |
| + | **I have also created an [https://lists.owasp.org/mailman/listinfo/owasp_project_leader_list OWASP Project Leader Mailing List], and I added all of our confirmed active Leaders to it. | ||
| + | **The next audit will take place on February 2014. | ||
*'''Women in AppSec: AppSec USA 2013''' | *'''Women in AppSec: AppSec USA 2013''' | ||
| − | ** | + | **This week, I met with Dawn-Marie Hutchinson, Head of Information Security at Urban Outfitters. |
| − | **Additionally, | + | **We spoke about her participation in the Women in AppSec Panel. |
| + | **Everything is ready to go on her end, and she will reach out to us closer to the date with any logistical questions she may have. | ||
| + | **Additionally, the Women in AppSec Team are still putting together a selection committee to help review and select the winning candidates. | ||
| + | **[https://docs.google.com/document/d/1BLIM6QpXmCiHdI0zT2YbecmkhEBZqIZt1pGoUXuQxMk/edit?usp=sharing Women in AppSec Program Selection Criteria: 1st Draft]. | ||
**We plan on beginning our selection process after the 9th of September once the application deadline has passed. | **We plan on beginning our selection process after the 9th of September once the application deadline has passed. | ||
**[https://docs.google.com/forms/d/1WEtInvzlxLDXpTgfXh-E1E7e8H5FRfEOPIaTOizlBpk/viewform Women in AppSec Application Form.] | **[https://docs.google.com/forms/d/1WEtInvzlxLDXpTgfXh-E1E7e8H5FRfEOPIaTOizlBpk/viewform Women in AppSec Application Form.] | ||
| Line 34: | Line 40: | ||
**The deadline for sponsors is Monday, September 09, 2013, as well. | **The deadline for sponsors is Monday, September 09, 2013, as well. | ||
| − | *'''Projects | + | *'''[https://www.owasp.org/index.php/Projects/Internships/Grants_and_Fundraising_Intern Grants & Fundraising Intern]''' |
| − | **I have | + | **I continue to search for a Grants & Fundraising intern. |
| − | ** | + | **I currently have 4 applicants for the role, but I would like to get a few more before the deadline. |
| − | ** | + | **Application Deadline: Monday August 26 2013 5PM GMT. |
| − | ** | + | **Interviews Scheduled: First Week of September. |
| − | ** | + | **Selection Announcement: Monday, September 09th 2013. |
| − | ** | + | **Start Date: Monday, September 16th 2013. |
| + | **Internship End Date: Monday, January 13th 2014. | ||
| + | **If you are interested, or know of anyone that might be interested, please contact me at [email protected]. | ||
| − | *''' | + | *'''Projects in Salesforce''' |
| − | **I worked | + | **I worked closely with Kate this week to figure out a way to better integrate our project data into Salesforce. |
| − | ** | + | **The issue we are having is that many of the primary activities a Project Leader takes part in, happen outside of the wiki and Salesforce. |
| − | ** | + | **Moreover, project leaders do not have access to the information in Salesforce about their project. |
| − | ** | + | **This means that project leaders cannot update, add, or delete information about their projects. |
| − | **I | + | **The end result is that I have to make duplicate data lists, one in Salesforce and one in Google Docs where Leaders can have access to it. |
| − | ** | + | **Kate is looking into several applications that can help eliminate this duplication, and help with our workflow. |
| − | |||
*'''Daily Project based queries and requests''' | *'''Daily Project based queries and requests''' | ||
Latest revision as of 02:56, 24 August 2013
OWASP Global Projects Report
- Project Numbers
- Active Projects: 132
- Inactive Projects: 104
- New Project Applications
- PHP Portscanner
- OWASP Framework Security Project
- Projects Under Review
- OWASP Cheat Sheets Project
- OWASP Java HTML Sanitizer Project
- Xenotix XSS Exploit Framework
- OWASP Cornucopia Project
- OWASP Java Encoder Project
- Project reviews are on hold until the Technical Advisory group complete and test the updated assessment criteria.
Currently Working On
- Active Project Audit
- The Project Audit is now complete.
- I reached out to every project leader listed in our inventory, and asked them to confirm the status of their project.
- The majority of our Leaders responded, and their project activity status was marked accordingly.
- Those that did not respond were sent 3 messages before their project was marked inactive.
- Due to the audit, the number of active OWASP Projects in our inventory went down from 169 to 132.
- I have also created an OWASP Project Leader Mailing List, and I added all of our confirmed active Leaders to it.
- The next audit will take place on February 2014.
- Women in AppSec: AppSec USA 2013
- This week, I met with Dawn-Marie Hutchinson, Head of Information Security at Urban Outfitters.
- We spoke about her participation in the Women in AppSec Panel.
- Everything is ready to go on her end, and she will reach out to us closer to the date with any logistical questions she may have.
- Additionally, the Women in AppSec Team are still putting together a selection committee to help review and select the winning candidates.
- Women in AppSec Program Selection Criteria: 1st Draft.
- We plan on beginning our selection process after the 9th of September once the application deadline has passed.
- Women in AppSec Application Form.
- The application deadline is Monday, September 09, 2013 at 5pm GMT.
- The deadline for sponsors is Monday, September 09, 2013, as well.
- Grants & Fundraising Intern
- I continue to search for a Grants & Fundraising intern.
- I currently have 4 applicants for the role, but I would like to get a few more before the deadline.
- Application Deadline: Monday August 26 2013 5PM GMT.
- Interviews Scheduled: First Week of September.
- Selection Announcement: Monday, September 09th 2013.
- Start Date: Monday, September 16th 2013.
- Internship End Date: Monday, January 13th 2014.
- If you are interested, or know of anyone that might be interested, please contact me at [email protected].
- Projects in Salesforce
- I worked closely with Kate this week to figure out a way to better integrate our project data into Salesforce.
- The issue we are having is that many of the primary activities a Project Leader takes part in, happen outside of the wiki and Salesforce.
- Moreover, project leaders do not have access to the information in Salesforce about their project.
- This means that project leaders cannot update, add, or delete information about their projects.
- The end result is that I have to make duplicate data lists, one in Salesforce and one in Google Docs where Leaders can have access to it.
- Kate is looking into several applications that can help eliminate this duplication, and help with our workflow.
- Daily Project based queries and requests
- This has not changed much since I began the post: questions are very similar in nature.
- Global AppSec questions.
- Funding queries.
- Travel availability.
- Project based administrative help.
- Project status information.
- Several project donation questions.
- Marketing questions.
- Grant funding questions.
- OWASP social media updates.
- What's happening with projects, questions.
Project Funding Updates
- OWASP OWTF Project: Brucon 5x5 Award
- Amount: €5,000.00 (Approx. $6,670.00)
- Status: Awarded. Congratulations, Abraham Aranguren and all involved in the project, for your award.
- Amount: $55,800 USD
- Status: This proposal is complete, and has been submitted.
- Amount: $15,000 USD
- Status: This proposal is complete, and has been submitted.
- Amount: $112,000 USD
- Status: This proposal is complete, and has been submitted.
- Amount: $25,000 USD
- Status: Awarded. The first payment has been allocated to our project budgets. The second invoice has now been sent to Georgia Tech for payment.
- OWASP Development Guide Plan
- OWASP Testing Guide Plan
- OWASP Code Review Guide Plan
- Amount: $25,000 USD
- Status: The ESAPI proposal is still being reviewed.
- Amount: $30,000 USD
- Status: The ModSecurity proposal is still being reviewed.
- Google Grants Proposal
- Amount: $120,000 USD in Adwords Funds
- Status: Awarded.
- Note: There is no link to show the proposal for this grant. There was a form that was submitted to Google, and we did not receive a record of this form.
- European Commission Grant Proposal
- Amount: €250,000
- Status: Denied.
- Google Summer of Code
- Amount: $5,500
- Status: Awarded
- Projects breakdown:
- 4 ZAP Projects: $2,000
- 4 OWTF Projects: $2,000
- 1 PHP Security Project: $500
- 1 Hackademics Project: $500
- 1 Modsecurity Project: $500
- Note: Big thank you to Fabio Cerullo for coordinating and managing this award.
- Total Funds Awarded: $157,170 USD for 2013.
