This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Projects/Reports/2013-13-09"

From OWASP
Jump to: navigation, search
Line 25: Line 25:
  
 
*'''Technical Project Advisors: Work Update'''
 
*'''Technical Project Advisors: Work Update'''
**The Advisors and I met this week to discuss their review of the current Assessment criteria.
+
**The Advisors and I met this week to discuss their test reviews of the following projects:  
**We also reviewed Chuck's comments, and discussed each in more detail.
+
***[https://www.owasp.org/index.php/OWASP_Java_HTML_Sanitizer_Project OWASP Java HTML Sanitizer Project] (Complete)
**We made some changes to the original document, and I've put together a revised draft based on our conversation.
+
***[https://www.owasp.org/index.php/OWASP_Cornucopia OWASP Cornucopia Project] (Complete)
**Here is [https://docs.google.com/spreadsheet/ccc?key=0AllOCxlYdf1AdHliVUlMYVdPRWpqajF1bGtnSGtWckE&usp=sharing Ly's original document] with Chuck's comments and my notes.
+
***[https://www.owasp.org/index.php/OWASP_Java_Encoder_Project OWASP Java Encoder Project] (Complete)
**Here is the [https://docs.google.com/spreadsheet/ccc?key=0AllOCxlYdf1AdHJUSl9rbGtscGJfSGRWVFNUM2JPMlE&usp=sharing new revised draft].
+
**We went into a good amount of detail describing our experiences with the test assessments during our meeting.
**We plan to use the revised draft to test 3 projects against the criteria.
+
**We primarily found major redundancies throughout the assessment questions on both types of assessment. (Health and deliverable review)
***Project being reviewed are the following:
+
**We concluded that we will need to remove the redundancies, and create another version of the criteria that we can then re-test using the same projects above.
***[https://www.owasp.org/index.php/OWASP_Java_HTML_Sanitizer_Project OWASP Java HTML Sanitizer Project] (Testing)
+
**We also discussed the inconsistency between all three project templates.
***[https://www.owasp.org/index.php/OWASP_Cornucopia OWASP Cornucopia Project] (Testing)
+
**We all agreed that the Cornucopia Project template is very visually appealing and easy to read.
***[https://www.owasp.org/index.php/OWASP_Java_Encoder_Project OWASP Java Encoder Project] (Testing)
+
**It is a great example of what we would like OWASP project wiki templates to look like.
 +
**We decided to use the Cornucopia Project template as a starting point for creating a new wiki template for OWASP Projects.
 +
**I will touch base with the developer, and ask if he can help us create three dummy templates that we can use to create examples of what we want to see from each project category. 
  
 
*'''Women in AppSec: AppSec USA 2013'''
 
*'''Women in AppSec: AppSec USA 2013'''
**This week, the team selected three new members for the Women in AppSec Selection Committee.  
+
**The application period is now closed for the Women in AppSec Program for 2013.
**These individuals will help review the applications and select the two winners.
+
**We had a total of 36 respondents that applied to the program.  
**The following people make up the selection committee: Helen Gao, Bev Corwin, Jim Manico, Tom Ryan, Lucas Ferreira, and Samantha Groves.
+
**We are now in the process of collecting reference letters for all of the applicants.
**Once the selection committee was established, we began discussing the selection criteria in more detail.
+
**I am also creating grading sheets so the selection team can split the initial grading of the candidates.
**We are now in the third version of the criteria.  
+
**Candidates will be invited for a telephone interview with the selection team based on their scores.  
**[https://docs.google.com/document/d/1GhskjNVGCfoADVauh-MrWphYoIEySahmzedXhZNdUqY/edit?usp=sharing Women in AppSec Program Selection Criteria: 3rd Draft].
 
**We plan on beginning our selection process after the 9th of September once the application deadline has passed.  
 
**[https://docs.google.com/forms/d/1WEtInvzlxLDXpTgfXh-E1E7e8H5FRfEOPIaTOizlBpk/viewform Women in AppSec Application Form.]
 
**The application deadline is Monday, September 09, 2013 at 5pm GMT.
 
**The deadline for sponsors is Monday, September 09, 2013, as well.
 
  
*'''[https://www.owasp.org/index.php/Projects/Internships/Grants_and_Fundraising_Intern Grants & Fundraising Intern]'''
+
*'''[http://owasp.blogspot.com/2013/09/meet-our-new-grants-and-fundraising.html Meet our new Grants & Fundraising Intern]'''
**My search for a Grants & Fundraising intern is coming to an end
+
**My search for a Grants & Fundraising intern is now over.
**I received four applications for the role, and I have scheduled interviews with each applicant for next week.
+
**Kait Disney-Leugers has been chosen to take on the role.
**I will make a decision next week, and announce the successful applicant on the 9th of September.
+
**I am currently setting her up with all of her accounts, and I have sent her an orientation packet.
**Application Deadline: Monday August 26 2013 5PM GMT. (Now Closed)
+
**We will be having a phone based orientation on Monday.
**Interviews Scheduled: First Week of September. (Interviews Scheduled for Next Week)
 
**Selection Announcement: Monday, September 09th 2013.
 
 
**Start Date: Monday, September 16th 2013.
 
**Start Date: Monday, September 16th 2013.
 
**Internship End Date: Monday, January 13th 2014.
 
**Internship End Date: Monday, January 13th 2014.
  
 
*'''Projects at Conferences'''
 
*'''Projects at Conferences'''
**The two conferences left to plan for this year are AppSec LATAM, and AppSec USA.
+
**The schedule for our Project Summit talks is now complete, and it is now updated on the [http://appsecusa.org/2013/schedule/ AppSec USA website].  
**I have reached out to two project leaders in the Latin America region, and asked them if they would speak at the conference.
+
**We now have 10 projects participating in the summit this year.
**Both leaders agreed to give a talk at the conference.
+
**The O2 Project was the final addition to this year's lineup.
**I have been helping them with their travel, accommodation, and conference logistics planning.  
+
**There is now only one project leader that is left to book his travel.
**Thank you to Michael Hidalgo and Rafael Gil Larios for representing OWASP Projects at AppSec LATAM.
+
 
**AppSec USA planning for projects is going very well.  
+
*'''OWASP Global Marketing'''
**I only have one project leader that hasn't booked his travel yet, and only one project leader that hasn't confirmed his talk time slot.  
+
**I spoke with out graphic design contractor this Monday, and we worked out a schedule of delivery for the final pieces.
**I hope to have this completed by next week.  
+
**Brand Guidelines (we just need the final pdf): Delivery by Monday, Sept. 16th
 +
**Brand Reference Sheet: Delivery by Monday, Sept. 16th
 +
**PPT Templates using the new logo: Delivery by Monday, Sept. 16th
 +
**About Us Flyer: (2 versions): Delivery by Wed, Sept. 18th.
 +
**New Member Welcome Letter Flyer (2 versions): Delivery by Wed, Sept. 18th.
 +
**E-Brochure: Delivery by Monday, Sept. 23rd.  
 +
**E-mail Newsletter Template: Delivery by Friday, Sept. 20th.
  
 
*'''Daily Project based queries and requests'''
 
*'''Daily Project based queries and requests'''

Revision as of 03:38, 14 September 2013

OWASP Global Projects Report

Currently Working On

  • Technical Project Advisors: Work Update
    • The Advisors and I met this week to discuss their test reviews of the following projects:
    • We went into a good amount of detail describing our experiences with the test assessments during our meeting.
    • We primarily found major redundancies throughout the assessment questions on both types of assessment. (Health and deliverable review)
    • We concluded that we will need to remove the redundancies, and create another version of the criteria that we can then re-test using the same projects above.
    • We also discussed the inconsistency between all three project templates.
    • We all agreed that the Cornucopia Project template is very visually appealing and easy to read.
    • It is a great example of what we would like OWASP project wiki templates to look like.
    • We decided to use the Cornucopia Project template as a starting point for creating a new wiki template for OWASP Projects.
    • I will touch base with the developer, and ask if he can help us create three dummy templates that we can use to create examples of what we want to see from each project category.
  • Women in AppSec: AppSec USA 2013
    • The application period is now closed for the Women in AppSec Program for 2013.
    • We had a total of 36 respondents that applied to the program.
    • We are now in the process of collecting reference letters for all of the applicants.
    • I am also creating grading sheets so the selection team can split the initial grading of the candidates.
    • Candidates will be invited for a telephone interview with the selection team based on their scores.
  • Meet our new Grants & Fundraising Intern
    • My search for a Grants & Fundraising intern is now over.
    • Kait Disney-Leugers has been chosen to take on the role.
    • I am currently setting her up with all of her accounts, and I have sent her an orientation packet.
    • We will be having a phone based orientation on Monday.
    • Start Date: Monday, September 16th 2013.
    • Internship End Date: Monday, January 13th 2014.
  • Projects at Conferences
    • The schedule for our Project Summit talks is now complete, and it is now updated on the AppSec USA website.
    • We now have 10 projects participating in the summit this year.
    • The O2 Project was the final addition to this year's lineup.
    • There is now only one project leader that is left to book his travel.
  • OWASP Global Marketing
    • I spoke with out graphic design contractor this Monday, and we worked out a schedule of delivery for the final pieces.
    • Brand Guidelines (we just need the final pdf): Delivery by Monday, Sept. 16th
    • Brand Reference Sheet: Delivery by Monday, Sept. 16th
    • PPT Templates using the new logo: Delivery by Monday, Sept. 16th
    • About Us Flyer: (2 versions): Delivery by Wed, Sept. 18th.
    • New Member Welcome Letter Flyer (2 versions): Delivery by Wed, Sept. 18th.
    • E-Brochure: Delivery by Monday, Sept. 23rd.
    • E-mail Newsletter Template: Delivery by Friday, Sept. 20th.
  • Daily Project based queries and requests
    • This has not changed much since I began the post: questions are very similar in nature.
    • Global AppSec questions.
    • Funding queries.
    • Travel availability.
    • Project based administrative help.
    • Project status information.
    • Several project donation questions.
    • Marketing questions.
    • Grant funding questions.
    • OWASP social media updates.
    • What's happening with projects, questions.

Project Funding Updates

  • OWASP OWTF Project: Brucon 5x5 Award
  1. Amount: €5,000.00 (Approx. $6,670.00)
  2. Status: Awarded. Congratulations, Abraham Aranguren and all involved in the project, for your award.
  1. Amount: $55,800 USD
  2. Status: This proposal is complete, and has been submitted.
  1. Amount: $15,000 USD
  2. Status: This proposal is complete, and has been submitted.
  1. Amount: $112,000 USD
  2. Status: This proposal is complete, and has been submitted.
  1. Amount: $25,000 USD
  2. Status: Awarded. The first payment has been allocated to our project budgets. The second invoice has now been sent to Georgia Tech for payment.
  3. OWASP Development Guide Plan
  4. OWASP Testing Guide Plan
  5. OWASP Code Review Guide Plan
  1. Amount: $25,000 USD
  2. Status: The ESAPI proposal is still being reviewed.
  1. Amount: $30,000 USD
  2. Status: The ModSecurity proposal is still being reviewed.
  • Google Grants Proposal
  1. Amount: $120,000 USD in Adwords Funds
  2. Status: Awarded.
  3. Note: There is no link to show the proposal for this grant. There was a form that was submitted to Google, and we did not receive a record of this form.
  • European Commission Grant Proposal
  1. Amount: €250,000
  2. Status: Denied.
  • Google Summer of Code
  1. Amount: $5,500
  2. Status: Awarded
  • Projects breakdown:
    • 4 ZAP Projects: $2,000
    • 4 OWTF Projects: $2,000
    • 1 PHP Security Project: $500
    • 1 Hackademics Project: $500
    • 1 Modsecurity Project: $500
    • Note: Big thank you to Fabio Cerullo for coordinating and managing this award.


  • Total Funds Awarded: $157,170 USD for 2013.
Retrieved from "https://wiki.owasp.org/index.php?title=Projects/Reports/2013-13-09&oldid=158441"