|
|
| (12 intermediate revisions by 4 users not shown) |
| Line 1: |
Line 1: |
| − | | + | #Redirect [[Category:OWASP_Project#Participating_in_a_Project]] |
| − | | |
| − | '''Welcome the the OWASP Project Reboot Page:
| |
| − | '''
| |
| − | | |
| − | ''What is the OWASP Project ReBoot initiative?''
| |
| − | | |
| − | OWASP needs to refresh, revitalize & update its projects. We need to make the software development community more aware of our efforts and demonstrate the foundations library of solutions & guidance designed to help with the secure application development lifecycle.
| |
| − | | |
| − | The proposal for this initiative is here:
| |
| − | | |
| − | '''[https://docs.google.com/a/owasp.org/file/d/0B5Z9zE0hx0LNSUZvOWVKd1JRWnlVaGJMcjB3SEN3Zw/edit Project Re-Boot Proposal]'''
| |
| − | | |
| − | '''Project Lead''': Eoin Keary <br>
| |
| − | '''Proposal Approval Team''': Jim Manico, Rahim Jina, Tom Brennan,...<br>
| |
| − | [[Reboot_Review_Criteria]] (For review team)
| |
| − | | |
| − | | |
| − | Board Approval can be seen here:
| |
| − | [https://www.owasp.org/index.php/May_14,2012]
| |
| − | | |
| − | To that end we have a budget to fund various project related activities. We hope putting some financial support behind projects will re-energise our community and hopefully deliver some great high quality material which can be used to support software developers and testers for years to come:<br><br>
| |
| − | | |
| − | '''Current Submissions''' <br>
| |
| − | '''[[OWASP Application Security Guide For CISOs]]''' - Selected for Reboot<br>
| |
| − | '''[[OWASP Development Guide]]''' - Selected for Reboot<br>
| |
| − | '''[[OWASP Zed Attack Proxy Reboot2012|Zed Attack Proxy]]''' - Selected for Reboot<br>
| |
| − | '''[[OWASP WebGoat Reboot2012|OWASP WebGoat]]''' <br>
| |
| − | '''[[OWASP AppSensor]]'''<br>
| |
| − | '''[[OWASP Mobile Project]]''' - Selected for Reboot<br>
| |
| − | '''[[OWASP_Portuguese_Project_Proposal | OWASP Portuguese Language Project]]'''<br>
| |
| − | '''[[OWASP_Application_Testing_guide_v4]]'''<br>
| |
| − | '''[[OWASP_ESAPI_Reboot2012 | OWASP ESAPI]]'''<br>
| |
| − | '''[[OWASP_Eliminate_Vulnerable_Code_Reboot | OWASP Eliminate Vulnerable Code Project]]'''<br>
| |
| − | '''[[OWASP_Code_Review_Guide_Reboot]]'''
| |
| − | <br>
| |
| − | | |
| − | | |
| − | '''Key Dates:'''<br>
| |
| − | '''Submission closing date''': July 30th 2012 <br>
| |
| − | '''First round of proposal selection''': 15 June 2012<br>
| |
| − | '''Second round of proposal selection''': 10 Aug 2012<br>
| |
| − | | |
| − | ----
| |
| − | | |
| − | '''First Round Decisions'''<br>
| |
| − | The following table shows to votes submitted by reviewers. 1 is first preference, 2 is second preference and so on..
| |
| − | '''Any Outstanding / additional proposals shall be voted on during the second round of proposal selection (10/8/2012).'''
| |
| − | | |
| − | <table border="1" width="50%">
| |
| − | <tr><!-- Row 1 -->
| |
| − | <td>Proposal</td><!-- Col 1 -->
| |
| − | <td>Tom</td><!-- Col 2 -->
| |
| − | <td>Jim</td><!-- Col 3 -->
| |
| − | <td>Rahim</td><!-- Col 4 -->
| |
| − | <td>Eoin</td><!-- Col 5 -->
| |
| − | </tr>
| |
| − | <tr><!-- Row 2 -->
| |
| − | <td>OWASP Development Guide</td><!-- Col 1 -->
| |
| − | <td>1</td><!-- Col 2 -->
| |
| − | <td>1</td><!-- Col 3 -->
| |
| − | <td>PI-1 PII-1</td><!-- Col 4 -->
| |
| − | <td>2</td><!-- Col 5 -->
| |
| − | </tr>
| |
| − | <tr><!-- Row 3 -->
| |
| − | <td>OWASP CISO Guide</td><!-- Col 1 -->
| |
| − | <td>2</td><!-- Col 2 -->
| |
| − | <td>7</td><!-- Col 3 -->
| |
| − | <td>PI-2 PII-3</td><!-- Col 4 -->
| |
| − | <td>1</td><!-- Col 5 -->
| |
| − | </tr>
| |
| − | <tr><!-- Row 4 -->
| |
| − | <td>OWASP Mobile Project</td><!-- Col 1 -->
| |
| − | <td>1</td><!-- Col 2 -->
| |
| − | <td>4</td><!-- Col 3 -->
| |
| − | <td>PI-4 PII-4</td><!-- Col 4 -->
| |
| − | <td>4</td><!-- Col 5 -->
| |
| − | </tr>
| |
| − | <tr><!-- Row 5 -->
| |
| − | <td>OWASP WebGoat PHP</td><!-- Col 1 -->
| |
| − | <td>2</td><!-- Col 2 -->
| |
| − | <td>6</td><!-- Col 3 -->
| |
| − | <td>PI-6 PII-10</td><!-- Col 4 -->
| |
| − | <td>6</td><!-- Col 5 -->
| |
| − | </tr>
| |
| − | <tr><!-- Row 6 -->
| |
| − | <td>OWASP Zed Attack Proxy</td><!-- Col 1 -->
| |
| − | <td>1</td><!-- Col 2 -->
| |
| − | <td>3</td><!-- Col 3 -->
| |
| − | <td>PI-3 PII-6</td><!-- Col 4 -->
| |
| − | <td>3</td><!-- Col 5 -->
| |
| − | </tr>
| |
| − | <tr><!-- Row 7 -->
| |
| − | <td>OWASP AppSensor</td><!-- Col 1 -->
| |
| − | <td>1</td><!-- Col 2 -->
| |
| − | <td>5</td><!-- Col 3 -->
| |
| − | <td>PI-5 PII-7</td><!-- Col 4 -->
| |
| − | <td>5</td><!-- Col 5 -->
| |
| − | </tr>
| |
| − | <tr><!-- Row 8 -->
| |
| − | <td>OWASP Testing Guide</td><!-- Col 1 -->
| |
| − | <td>1</td><!-- Col 2 -->
| |
| − | <td>2</td><!-- Col 3 -->
| |
| − | <td>PII-2</td><!-- Col 4 -->
| |
| − | <td></td><!-- Col 5 -->
| |
| − | </tr>
| |
| − | <tr><!-- Row 9 -->
| |
| − | <td>OWASP ESAPI</td><!-- Col 1 -->
| |
| − | <td>1</td><!-- Col 2 -->
| |
| − | <td>10</td><!-- Col 3 -->
| |
| − | <td>PII-5</td><!-- Col 4 -->
| |
| − | <td></td><!-- Col 5 -->
| |
| − | </tr>
| |
| − | <tr><!-- Row 10 -->
| |
| − | <td>OWASP_Eliminate_Vulnerable_Code</td><!-- Col 1 -->
| |
| − | <td>3</td><!-- Col 2 -->
| |
| − | <td>9</td><!-- Col 3 -->
| |
| − | <td>PII-8</td><!-- Col 4 -->
| |
| − | <td></td><!-- Col 5 -->
| |
| − | </tr>
| |
| − | <tr><!-- Row 9 -->
| |
| − | <td>OWASP Portuguese Language Project</td><!-- Col 1 -->
| |
| − | <td>1</td><!-- Col 2 -->
| |
| − | <td>8</td><!-- Col 3 -->
| |
| − | <td>PII-9</td><!-- Col 4 -->
| |
| − | <td></td><!-- Col 5 -->
| |
| − | </tr>
| |
| − | </table>
| |
| − | | |
| − | '''Projects selected via first round of review''': <br>
| |
| − | #'''OWASP Development Guide''': Funding Amount: $5000 initial funding | |
| − | #'''OWASP CISO Guide''': Funding Amount: $5000 initial funding
| |
| − | #'''OWASP Zed Attack Proxy''': Funding Amount: $5000 initial funding
| |
| − | #'''OWASP Mobile Project''': Funding Amount: $5000 initial funding
| |
| − | | |
| − | ----
| |
| − | | |
| − | | |
| − | | |
| − | '''Activity types''':<br>
| |
| − | | |
| − | '''Type 1''': Update, rewrite & complete guides or tools.<br>
| |
| − | This "type" is aimed at both existing and new tools or guides which require development effort to update, augment, rewrite, develop in order to achieve a high quality release quality product.<br><br>
| |
| − | | |
| − | Examples:<br>
| |
| − | #"Mini" Project based summits: Expenses associated with getting global workshops, with the aim of releasing a new version of a project.<br>
| |
| − | #Paying contributors for their time and effort.<br>
| |
| − | #Paying for user guides etc to be professionally developed (technical writing etc).<br><br>
| |
| − | | |
| − | '''Type 2''': Market, Training, Awareness, increase adoption.<br>
| |
| − | Existing, healthy robust tools and guides can utilise Type 2 activities to help with creating awareness and increasing adoption of that project.<br>
| |
| − | | |
| − | Examples:<br>
| |
| − | #Assisting with expenses associated with marketing a project.<br>
| |
| − | #Costs facilitating OWASP project focused training and awareness events<br>
| |
| − | | |
| − | | |
| − | '''How are we going to fund this??'''<br>
| |
| − | We are requesting all OWASP chapters which are in a healthy financial position to pledge 25% of their chapters funds to pay for this initiative.<br>
| |
| − | [https://www.surveymonkey.com/s/OWASP-REBOOT Pledge some chapter funds here] | |
| − | | |
| − | Donate $1.00 to help save a current or future software application [http://www.firstgiving.com/fundraiser/projectreboot/owasp-project-reboot Click Here]
| |
| − | | |
| − | The Foundation shall also support this initiative with additional funding.<br>
| |
| − | The goal is to accumulate a budget of $100K which shall be appointed to projects undergoing this reboot.<br>
| |
| − | | |
| − | [https://docs.google.com/a/owasp.org/spreadsheet/pub?hl=en_US&hl=en_US&key=0Atu4kyR3ljftdEdQWTczbUxoMUFnWmlTODZ2ZFZvaXc&output=html - Chapter Funds]
| |
| − | | |
| − | '''Can I apply for this Reboot?'''<br>
| |
| − | You certainly can, assuming you are an OWASP member.<br>
| |
| − | If you feel your project is ready or has potential you can apply for the reboot programme.<br>
| |
| − | | |
| − | | |
| − | '''How does funding work?'''<br><br>
| |
| − | '''Type 1''': Funding can be applied for as required if travel/mini summit etc is to be expensed as part of the reboot. Development activities; payment to contributors shall be at 50% and 100% milestones.<br>
| |
| − | Milestones are agreed prior to project reboot initiation.<br>
| |
| − | Once the 50% milestone is reached the work done to date shall be reviewed by a member of the [https://www.owasp.org/index.php/Category:Global_Projects_Committee - GPC] and also another nominated OWASP reviewer (generally an OWASP leader).<br>
| |
| − | | |
| − | '''Type 2''': Funding is supplied as required. Items to be funded are agreed prior to reboot initiation.<br>
| |
| − | Invoices for the required services are sent directly to the foundation for payment.
| |
| − | | |
| − | | |
| − | '''How do I apply?'''
| |
| − | Send in a proposal with the following information:
| |
| − | | |
| − | # Project name and description. Including reboot project lead and any team members.
| |
| − | # Re boot type (Type 1 or Type 2)
| |
| − | # Goals of the reboot
| |
| − | # Timeline for the 50% milestone and the 100% milestone. Suggested milestone reviewers (Generally OWASP Leaders or other industry experts)
| |
| − | # Budget required and how you shall spend it.
| |
| − | | |
| − | Want to support this initiative or learn more? Contact [mailto:[email protected] Eoin Keary] | |
