This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "OWASP Project Manager Activity Reports/August 13 2012"

From OWASP
Jump to: navigation, search
 
(25 intermediate revisions by one other user not shown)
Line 1: Line 1:
 
== OWASP Project Manager Report ==
 
== OWASP Project Manager Report ==
==== Work accomplished since September 30, 2012 ====
+
==== Work accomplished since July 30, 2012 ====
===== OWASP Free Trainning Courses=====
+
===== DHS Funding Proposal =====
*Altogether with [[User:Kate Hartmann|Kate Hartmann]], I have [https://www.owasp.org/index.php?title=LatamTour2011&action=history assisted] [[User:Fabio.e.cerullo|Fabio Cerullo]] with the setting up of the [[LatamTour2011]].
+
*The [https://docs.google.com/a/owasp.org/document/d/1MA3TI5ssclxvheV8At_ffu2Fuic55SDpOokS3AOvBUc/edit#bookmark=id.ceef3790c8d6 DHS Host Project Funding proposal] has been submitted. We are waiting to hear back from DHS regarding possible interviews of our Host Project Team Leaders. We are in the process of scheduling a meeting with all involved to speak about this proposal and the interviews in more depth. Thank you to [[User:Kate Hartmann|Kate Hartmann]] and Eoin Keary for all of their hard work on this proposal. We hope to hear from Deb sometime this week. The proposal is for $25,000 USD.
 
===== Projects Set Up =====
 
===== Projects Set Up =====
*[[OWASP OVAL Content Project|OWASP OVAL Content Project]]
+
*[[OWASP Top 10 Defences|OWASP Top 10 Defences]]
*[[OWASP WAF Project|OWASP WAF Project]]
+
*[[OWASP OpenESSS Project|OWASP OpenESSS Project]]
*[[OWASP ESAPI Perl Project|OWASP ESAPI Perl Project]]
+
*[[OWASP Java J2EE Secure Development Curriculum|OWASP Java J2EE Secure Development Curriculum]]
*[[OWASP NAXSI Project|OWASP NAXSI Project]]
+
*[[OWASP AW00T|OWASP AW00T]]
===== Projects Reset Up =====
+
*[[OWASP Passfault|OWASP Passfault]]
*[[Projects/OWASP ESAPI for ColdFusion - CFML Project|OWASP ESAPI for ColdFusion/CFML Project]]
+
*[[OWASP OctoMS|OWASP OctoMS]]
*[[:Category:OWASP Open Review Project|OWASP Open Review Project]]
+
*[[OWASP OWTF|OWASP OWTF]]
*[[:Category:OWASP Best Practices: Use of Web Application Firewalls|OWASP Best Practices: Use of Web Application Firewalls]]
+
*[[OWASP Java Uncertain Form Submit Prevention|OWASP Java Uncertain Form Submit Prevention]]
===== Projects' Releases Under Assessement =====  
+
*[[OWASP Ecuador|OWASP Ecuador]]
*[[:Projects/OWASP Best Practices: Use of Web Application Firewalls/Releases/Use of Web Application Firewalls - v1.0.5|OWASP Best Practices: Use of Web Application Firewalls - Version 1.0.5]]
+
*[[OWASP Path Traverser|OWASP Path Traverser]]
*[[:Projects/OWASP NAXSI Project/Releases/Naxsi-alpha-v0.2|OWASP NAXSI Project - Release Naxsi-alpha-v0.2]]
+
*[[OWASP Watiqay|OWASP Watiqay]]
 +
*[[OWASP Mantra OS|OWASP Mantra OS]]
 +
*[[OWASP Security Shepherd|OWASP Security Shepherd]]
 +
*[[OWASP Xenotix XSS Exploit Framework|OWASP Xenotix XSS Exploit Framework]]
 +
===== Project Set Up Confirmations =====
 +
*[[OWASP File Hash Repository|OWASP File Hash Repository]]
 +
*[[:Category:OWASP WebGoat.NET|OWASP WebGoat.NET]]
 +
*[[OWASP AJAX Crawling Tool|OWASP AJAX Crawling Tool]]
 +
*[[OWASP Odz MultiCMSScanner|OWASP Odz MultiCMSScanner Project]]
 +
===== Pending Project Applications =====  
 +
*XSSER: Waiting to hear back from Project Leader. Will not confirm his identity.
 +
*OWASP BSI IT-Grundschutz Baustein Webanwendungen Review: Waiting to hear back from the Project Leader.
 +
*Forensic Guide: Waiting to hear back from the Project Leader.
 +
*Xelenium: Waiting to hear back from the Project Leader.
 +
*Intelligent Security: Waiting to hear back from the Project Leader.
 
===== Other Issues =====
 
===== Other Issues =====
*Supported Mark Curphey's efforts to engage OWASP community in the activity of producing videos to document the community's wide vitality and diversity;
+
*Updated Creating Project wiki page, studied Project handbook and Project Assessment Criteria
*Studied the [https://docs.google.com/a/owasp.org/document/d/1ilLGVEM4zWiPgMPDRHe8ARdeLSnoBTUtMq0C-Ta45tc/edit?authkey=CLTW_MUO&hl=en_US OWASP Projects Handbook] so to prepare my participation in the forthcoming GPC's working Session at OWASP AppSecUsa;
+
*Had a very successful on-boarding process. I was very quickly set up with all the necessary accounts, and went through training with [[User:Kate Hartmann|Kate Hartmann]] on the project management work flow for OWASP project set-ups.
*Had a week out of work - vacation time.
+
*Naming issue: If a project applicant refuses to give me his/her real name, should I set up the project any way? Would this violate the OWASP Core Value of Transparency?
=====Routine Tasks =====
+
=====Day-to-Day Tasks =====
*My daily routine always includes answering a relatively wide range of questions regularly posed by OWASP members and mainly by OWASP Projects leaders; I receive such inquiries either directly or through the [https://spreadsheets0.google.com/a/owasp.org/spreadsheet/ccc?key=0AhtB029bdcxGdFN1R2NIMTNROXN3dml4ZEcxXzJQYXc#gid=0 OWASP Website Global Feedback & Inquiry Form]. The variety of matters that I currently deal with can be checked in my email tool and the tree of folders built to store, follow up and organize them as follows [http://dl.dropbox.com/u/13817486/Screen%20Shots%20copy/1_Screen%20shot.png 1],[http://dl.dropbox.com/u/13817486/Screen%20Shots%20copy/2_Screen%20shot.png 2],[http://dl.dropbox.com/u/13817486/Screen%20Shots%20copy/3_Screen%20shot.png 3],[http://dl.dropbox.com/u/13817486/Screen%20Shots%20copy/4_Screen%20shot.png 4],[http://dl.dropbox.com/u/13817486/Screen%20Shots%20copy/5_Screen%20shot.png 5],[http://dl.dropbox.com/u/13817486/Screen%20Shots%20copy/6_Screen%20shot.png 6],[http://dl.dropbox.com/u/13817486/Screen%20Shots%20copy/7_Screen%20shot.png 7],[http://dl.dropbox.com/u/13817486/Screen%20Shots%20copy/8_Screen%20shot.png 8],[http://dl.dropbox.com/u/13817486/Screen%20Shots%20copy/9_Screen%20shot.png 9]. I would like to note that to perform this task, and all the others projects' related ones, I have always had relevant support and guidance from the OWASP Global Projects Committee.
+
*Answering daily project related queries from OWASP Project Leaders and Members
*I've kept all [[OWASP Projects Dashboard 2.0]]'s databases up-to-date as follows:
+
*Corresponding with project applicants on the status of their applications
** [[OWASP Reviews Dashboard]],
+
*Setting up projects that meet the 'Sanity Test' on the Incubator Project Applications document (IPA)
** [[OWASP Project Reviewers Database]],
+
*Confirming set up and status of projects on IPA document that seem to already be set up
** [[OWASP Projects Dashboard 2.0/By Set Up Order|Projects 2.0/By Set Up Date Order]],
+
*Creating mailing lists and roadmap pages for projects that are missing this on their wiki pages
** [[OWASP Projects Dashboard 2.0/By Alphabetical Order|Projects 2.0/By Alphabetic Order]],
+
*I've kept the following OWASP Project databases up-to-date for the past two weeks:
** [[OWASP Training]],
+
** [https://docs.google.com/a/owasp.org/spreadsheet/ccc?key=0Amvv_7Gz8Z7TdHZfWGhHZ0Z4UFFwZU42djBXcVVLSlE#gid=0 Incubator Project Applications].
 
** [https://spreadsheets0.google.com/a/owasp.org/spreadsheet/ccc?pli=1&key=tF9r45eprbpdY6xuSbwEuMw#gid=0 OWASP Project Inventory].
 
** [https://spreadsheets0.google.com/a/owasp.org/spreadsheet/ccc?pli=1&key=tF9r45eprbpdY6xuSbwEuMw#gid=0 OWASP Project Inventory].
 
==== Proposal of future activity ====
 
==== Proposal of future activity ====
*To continue answering all received projects' related questions.
+
*Continue answering all project related questions
*To continue setting up new projects and new releases as requested.
+
*Continue setting up new projects as they come in
*To implement all GPC requests and concretely to support its plans to:
+
*Continue to implement all GPC requests:
**Carry out the Project Hosting initiative as a tool to provide a centralized repository for OWASP;
+
**Meet with the Committee to discuss project lifecycle, project processes and Project Reboot
**Build a new OWASP Projects Portal;
+
**Build and implement marketing standards and offerings for OWASP Projects
*To set up all the [https://www.owasp.org/index.php/OWASP_Training#tab=Initiatives OWASP free training courses] that may be requested by OWASP Chapters.
+
**Continue managing Project databases and keeping them up-to-date
*To work with Dinis Cruz, Carlos Serrão and Konstantinos Papapanagiotou to produce an initial/draft proposal of an OWASP Training Academy.
+
*Manage the current 200+ OWASP projects
 +
*Research more project funding possibilities

Latest revision as of 21:22, 6 September 2012

OWASP Project Manager Report

Work accomplished since July 30, 2012

DHS Funding Proposal
  • The DHS Host Project Funding proposal has been submitted. We are waiting to hear back from DHS regarding possible interviews of our Host Project Team Leaders. We are in the process of scheduling a meeting with all involved to speak about this proposal and the interviews in more depth. Thank you to Kate Hartmann and Eoin Keary for all of their hard work on this proposal. We hope to hear from Deb sometime this week. The proposal is for $25,000 USD.
Projects Set Up
Project Set Up Confirmations
Pending Project Applications
  • XSSER: Waiting to hear back from Project Leader. Will not confirm his identity.
  • OWASP BSI IT-Grundschutz Baustein Webanwendungen Review: Waiting to hear back from the Project Leader.
  • Forensic Guide: Waiting to hear back from the Project Leader.
  • Xelenium: Waiting to hear back from the Project Leader.
  • Intelligent Security: Waiting to hear back from the Project Leader.
Other Issues
  • Updated Creating Project wiki page, studied Project handbook and Project Assessment Criteria
  • Had a very successful on-boarding process. I was very quickly set up with all the necessary accounts, and went through training with Kate Hartmann on the project management work flow for OWASP project set-ups.
  • Naming issue: If a project applicant refuses to give me his/her real name, should I set up the project any way? Would this violate the OWASP Core Value of Transparency?
Day-to-Day Tasks
  • Answering daily project related queries from OWASP Project Leaders and Members
  • Corresponding with project applicants on the status of their applications
  • Setting up projects that meet the 'Sanity Test' on the Incubator Project Applications document (IPA)
  • Confirming set up and status of projects on IPA document that seem to already be set up
  • Creating mailing lists and roadmap pages for projects that are missing this on their wiki pages
  • I've kept the following OWASP Project databases up-to-date for the past two weeks:

Proposal of future activity

  • Continue answering all project related questions
  • Continue setting up new projects as they come in
  • Continue to implement all GPC requests:
    • Meet with the Committee to discuss project lifecycle, project processes and Project Reboot
    • Build and implement marketing standards and offerings for OWASP Projects
    • Continue managing Project databases and keeping them up-to-date
  • Manage the current 200+ OWASP projects
  • Research more project funding possibilities