Difference between revisions of "OWASP Project Manager Activity Reports/September 09 2013"

Latest revision as of 14:49, 9 September 2013

OWASP Project Manager Report

Work accomplished since August 06, 2013

• Project Numbers
  • Active Projects: 135
  • Inactive Projects: 103

• New Project Applications
  • OWASP JAWS Project
  • OWASP Media Project

• New OWASP Projects
  • OWASP Framework Security Project
  • OWASP Ruby on Rails and friends Security Guide Project - Adoption

• Projects Under Review
  • OWASP Cheat Sheets Project
  • OWASP Java HTML Sanitizer Project (Testing)
  • Xenotix XSS Exploit Framework
  • OWASP Cornucopia Project (Testing)
  • OWASP Java Encoder Project (Testing)
  • Project reviews are on hold until the Technical Advisory group complete and test the updated assessment criteria.

Project Manager Q3 2013 Objectives

1. Marketing: Work with Sarah to solicit feedback from community on Marketing deliverables and finalize relationship with Patrick and Denita.
2. Project Review Process - Work with new Technical Project advisors to finalize project review criteria and process.
3. Grants: Develop a grant strategy for rest of 2013 and 2014, utilizing fundraising intern(s) as part of this strategy.

• Ongoing Objectives for 2013
  • Work with Project leaders to reach grant required milestones - ONGOING
  • Develop a project charter outlining appropriate grant revenue spending and grant required milestones. - DUE IN SEPTEMBER - ONGOING
  • Oversight of Marketing and Graphic Design deliverables (Phase 2/Phase 3) provided by 3rd party contractor

Currently Working On

• Active Project Audit
  • The Project Audit is now complete.
  • I reached out to every project leader listed in our inventory, and asked them to confirm the status of their project.
  • The majority of our Leaders responded, and their project activity status was marked accordingly.
  • Those that did not respond were sent 3 messages before their project was marked inactive.
  • Due to the audit, the number of active OWASP Projects in our inventory went down from 169 to 132.
  • I have also created an OWASP Project Leader Mailing List, and I added all of our confirmed active Leaders to it.
  • The next audit will take place on February 2014.

• Technical Project Advisors: Work Update
  • The Advisors and I met last week to discuss their review of the current Assessment criteria.
  • We also reviewed Chuck's comments, and discussed each in more detail.
  • We made some changes to the original document, and I've put together a revised draft based on our conversation.
  • Here is Ly's original document with Chuck's comments and my notes.
  • Here is new revised draft.
  • We plan to use the revised draft to test 3 projects against the criteria.
    • Project being reviewed are the following:
    • OWASP Java HTML Sanitizer Project (Testing)
    • OWASP Cornucopia Project (Testing)
    • OWASP Java Encoder Project (Testing)

• Women in AppSec: AppSec USA 2013
  • The team has now selected three new members for the Women in AppSec Selection Committee.
  • These individuals will help review the applications and select the two winners.
  • The following people make up the selection committee: Helen Gao, Bev Corwin, Jim Manico, Tom Ryan, Lucas Ferreira, and Samantha Groves.
  • Once the selection committee was established, we began discussing the selection criteria in more detail.
  • We are now in the fourth version of the criteria.
  • Women in AppSec Program Selection Criteria: 4th Draft.
  • We plan on beginning our selection process after the 9th of September once the application deadline has passed.
  • Women in AppSec Application Form.
  • The application deadline is Monday, September 09, 2013 at 5pm GMT.
  • The deadline for sponsors is Monday, September 09, 2013, as well.

• Grants & Fundraising Intern
  • My search for a Grants & Fundraising intern is coming to an end
  • I received four applications for the role, and I had interviews with each applicant last week.
  • I have already made my decision, and I will announce the successful applicant on the 9th of September.
  • Application Deadline: Monday August 26 2013 5PM GMT. (Now Closed)
  • Interviews Scheduled: First Week of September. (Interviews Scheduled for Next Week)
  • Selection Announcement: Monday, September 09th 2013.
  • Start Date: Monday, September 16th 2013.
  • Internship End Date: Monday, January 13th 2014.

• Projects at Conferences
  • The two conferences left to plan for this year are AppSec LATAM, and AppSec USA.
  • I have reached out to two project leaders in the Latin America region, and asked them if they would speak at the conference.
  • Both leaders agreed to give a talk at the conference.
  • I have been helping them with their travel, accommodation, and conference logistics planning.
  • Thank you to Michael Hidalgo and Rafael Gil Larios for representing OWASP Projects at AppSec LATAM.
  • AppSec USA planning for projects is going very well.
  • Now, all of the Project Leaders have booked their travel, and only one project leader hasn't confirmed his talk time slot.

Project Funding Updates

• OWASP OWTF Project: Brucon 5x5 Award

1. Amount: €5,000.00 (Approx. $6,670.00)
2. Status: Awarded. Congratulations, Abraham Aranguren and all involved in the project, for your award.

• OWASP OWTF Grant Proposal

1. Amount: $55,800 USD
2. Status: This proposal is complete, and has been submitted.

• OWASP AppSensor Grant Proposal

1. Amount: $15,000 USD
2. Status: This proposal is complete, and has been submitted.

• OWASP OpenSAMM Grant Proposal

1. Amount: $112,000 USD
2. Status: This proposal is complete, and has been submitted.

• OWASP Guidebooks Proposal

1. Amount: $25,000 USD
2. Status: Awarded. The first payment has been allocated to our project budgets. The second invoice has now been sent to Georgia Tech for payment.
3. OWASP Development Guide Plan
4. OWASP Testing Guide Plan
5. OWASP Code Review Guide Plan

• OWASP ESAPI Grant Proposal

1. Amount: $25,000 USD
2. Status: The ESAPI proposal is still being reviewed.

• OWASP ModSecurity CRS Proposal

1. Amount: $30,000 USD
2. Status: The ModSecurity proposal is still being reviewed.

• Google Grants Proposal

1. Amount: $120,000 USD in Adwords Funds
2. Status: Awarded.
3. Note: There is no link to show the proposal for this grant. There was a form that was submitted to Google, and we did not receive a record of this form.

• European Commission Grant Proposal

1. Amount: €250,000
2. Status: Denied.

• Google Summer of Code

1. Amount: $5,500
2. Status: Awarded

• Projects breakdown:
  • 4 ZAP Projects: $2,000
  • 4 OWTF Projects: $2,000
  • 1 PHP Security Project: $500
  • 1 Hackademics Project: $500
  • 1 Modsecurity Project: $500
  • Note: Big thank you to Fabio Cerullo for coordinating and managing this award.

• Total Funds Awarded: $157,170 USD for 2013.

OWASP Project Manager Weekly Reports

1. Project Manager Report: August 09 2013
2. Project Manager Report: August 16 2013
3. Project Manager Report: August 23 2013
4. Project Manager Report: August 30 2013
5. Project Manager Report: September 06 2013 - No Report this week. PM was out of the office.