This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Projects/Reports/2013-30-08"

From OWASP
Jump to: navigation, search
(Undo revision 158115 by Samantha Groves (talk))
 
(4 intermediate revisions by the same user not shown)
Line 23: Line 23:
 
==Currently Working On==         
 
==Currently Working On==         
  
*'''[https://docs.google.com/spreadsheet/ccc?key=0AllOCxlYdf1AdEdCYVJpdmZHaWJYZ055WHROa19qN3c&usp=sharing Active Project Audit]'''
+
*'''Technical Project Advisors: Work Update'''
**The Project Audit is now complete.  
+
**The Advisors and I met this week to discuss their review of the current Assessment criteria.
**I reached out to every project leader listed in our inventory, and asked them to confirm the status of their project.
+
**We also reviewed Chuck's comments, and discussed each in more detail.
**The majority of our Leaders responded, and their project activity status was marked accordingly.
+
**We made some changes to the original document, and I've put together a revised draft based on our conversation.
**Those that did not respond were sent 3 messages before their project was marked inactive.
+
**Here is [https://docs.google.com/spreadsheet/ccc?key=0AllOCxlYdf1AdHliVUlMYVdPRWpqajF1bGtnSGtWckE&usp=sharing Ly's original document] with Chuck's comments and my notes.
**Due to the audit, the number of active OWASP Projects in our inventory went down from 169 to 132.
+
**Here is the [https://docs.google.com/spreadsheet/ccc?key=0AllOCxlYdf1AdHJUSl9rbGtscGJfSGRWVFNUM2JPMlE&usp=sharing new revised draft].  
**I have also created an [https://lists.owasp.org/mailman/listinfo/owasp_project_leader_list OWASP Project Leader Mailing List], and I added all of our confirmed active Leaders to it.
+
**We plan to use the revised draft to test 3 projects against the criteria.  
**The next audit will take place on February 2014.
+
***Project being reviewed are the following:
 +
***[https://www.owasp.org/index.php/OWASP_Java_HTML_Sanitizer_Project OWASP Java HTML Sanitizer Project] (Testing)
 +
***[https://www.owasp.org/index.php/OWASP_Cornucopia OWASP Cornucopia Project] (Testing)
 +
***[https://www.owasp.org/index.php/OWASP_Java_Encoder_Project OWASP Java Encoder Project] (Testing)
  
 
*'''Women in AppSec: AppSec USA 2013'''
 
*'''Women in AppSec: AppSec USA 2013'''
**This week, I met with Dawn-Marie Hutchinson, Head of Information Security at Urban Outfitters.
+
**This week, the team selected three new members for the Women in AppSec Selection Committee.  
**We spoke about her participation in the Women in AppSec Panel.
+
**These individuals will help review the applications and select the two winners.  
**Everything is ready to go on her end, and she will reach out to us closer to the date with any logistical questions she may have.  
+
**The following people make up the selection committee: Helen Gao, Bev Corwin, Jim Manico, Tom Ryan, Lucas Ferreira, and Samantha Groves.
**Additionally, the Women in AppSec Team are still putting together a selection committee to help review and select the winning candidates.
+
**Once the selection committee was established, we began discussing the selection criteria in more detail.
**[https://docs.google.com/document/d/1BLIM6QpXmCiHdI0zT2YbecmkhEBZqIZt1pGoUXuQxMk/edit?usp=sharing Women in AppSec Program Selection Criteria: 1st Draft].  
+
**We are now in the third version of the criteria.  
 +
**[https://docs.google.com/document/d/1GhskjNVGCfoADVauh-MrWphYoIEySahmzedXhZNdUqY/edit?usp=sharing Women in AppSec Program Selection Criteria: 3rd Draft].  
 
**We plan on beginning our selection process after the 9th of September once the application deadline has passed.  
 
**We plan on beginning our selection process after the 9th of September once the application deadline has passed.  
 
**[https://docs.google.com/forms/d/1WEtInvzlxLDXpTgfXh-E1E7e8H5FRfEOPIaTOizlBpk/viewform Women in AppSec Application Form.]
 
**[https://docs.google.com/forms/d/1WEtInvzlxLDXpTgfXh-E1E7e8H5FRfEOPIaTOizlBpk/viewform Women in AppSec Application Form.]
Line 44: Line 48:
  
 
*'''[https://www.owasp.org/index.php/Projects/Internships/Grants_and_Fundraising_Intern Grants & Fundraising Intern]'''
 
*'''[https://www.owasp.org/index.php/Projects/Internships/Grants_and_Fundraising_Intern Grants & Fundraising Intern]'''
**I continue to search for a Grants & Fundraising intern.
+
**My search for a Grants & Fundraising intern is coming to an end
**I currently have 4 applicants for the role, but I would like to get a few more before the deadline.
+
**I received four applications for the role, and I have scheduled interviews with each applicant for next week.
**Application Deadline: Monday August 26 2013 5PM GMT.
+
**I will make a decision next week, and announce the successful applicant on the 9th of September.  
**Interviews Scheduled: First Week of September.
+
**Application Deadline: Monday August 26 2013 5PM GMT. (Now Closed)
 +
**Interviews Scheduled: First Week of September. (Interviews Scheduled for Next Week)
 
**Selection Announcement: Monday, September 09th 2013.
 
**Selection Announcement: Monday, September 09th 2013.
 
**Start Date: Monday, September 16th 2013.
 
**Start Date: Monday, September 16th 2013.
 
**Internship End Date: Monday, January 13th 2014.
 
**Internship End Date: Monday, January 13th 2014.
**If you are interested, or know of anyone that might be interested, please contact me at [email protected].
 
  
*'''Projects in Salesforce'''
+
*'''Projects at Conferences'''
**I worked closely with Kate this week to figure out a way to better integrate our project data into Salesforce.
+
**The two conferences left to plan for this year are AppSec LATAM, and AppSec USA.
**The issue we are having is that many of the primary activities a Project Leader takes part in, happen outside of the wiki and Salesforce.
+
**I have reached out to two project leaders in the Latin America region, and asked them if they would speak at the conference.
**Moreover, project leaders do not have access to the information in Salesforce about their project.
+
**Both leaders agreed to give a talk at the conference.
**This means that project leaders cannot update, add, or delete information about their projects.
+
**I have been helping them with their travel, accommodation, and conference logistics planning.
**The end result is that I have to make duplicate data lists, one in Salesforce and one in Google Docs where Leaders can have access to it.
+
**Thank you to Michael Hidalgo and Rafael Gil Larios for representing OWASP Projects at AppSec LATAM.
**Kate is looking into several applications that can help eliminate this duplication, and help with our workflow.
+
**AppSec USA planning for projects is going very well.  
 +
**I only have one project leader that hasn't booked his travel yet, and only one project leader that hasn't confirmed his talk time slot.  
 +
**I hope to have this completed by next week.  
  
 
*'''Daily Project based queries and requests'''
 
*'''Daily Project based queries and requests'''

Latest revision as of 14:29, 9 September 2013

OWASP Global Projects Report

Currently Working On

  • Technical Project Advisors: Work Update
  • Women in AppSec: AppSec USA 2013
    • This week, the team selected three new members for the Women in AppSec Selection Committee.
    • These individuals will help review the applications and select the two winners.
    • The following people make up the selection committee: Helen Gao, Bev Corwin, Jim Manico, Tom Ryan, Lucas Ferreira, and Samantha Groves.
    • Once the selection committee was established, we began discussing the selection criteria in more detail.
    • We are now in the third version of the criteria.
    • Women in AppSec Program Selection Criteria: 3rd Draft.
    • We plan on beginning our selection process after the 9th of September once the application deadline has passed.
    • Women in AppSec Application Form.
    • The application deadline is Monday, September 09, 2013 at 5pm GMT.
    • The deadline for sponsors is Monday, September 09, 2013, as well.
  • Grants & Fundraising Intern
    • My search for a Grants & Fundraising intern is coming to an end
    • I received four applications for the role, and I have scheduled interviews with each applicant for next week.
    • I will make a decision next week, and announce the successful applicant on the 9th of September.
    • Application Deadline: Monday August 26 2013 5PM GMT. (Now Closed)
    • Interviews Scheduled: First Week of September. (Interviews Scheduled for Next Week)
    • Selection Announcement: Monday, September 09th 2013.
    • Start Date: Monday, September 16th 2013.
    • Internship End Date: Monday, January 13th 2014.
  • Projects at Conferences
    • The two conferences left to plan for this year are AppSec LATAM, and AppSec USA.
    • I have reached out to two project leaders in the Latin America region, and asked them if they would speak at the conference.
    • Both leaders agreed to give a talk at the conference.
    • I have been helping them with their travel, accommodation, and conference logistics planning.
    • Thank you to Michael Hidalgo and Rafael Gil Larios for representing OWASP Projects at AppSec LATAM.
    • AppSec USA planning for projects is going very well.
    • I only have one project leader that hasn't booked his travel yet, and only one project leader that hasn't confirmed his talk time slot.
    • I hope to have this completed by next week.
  • Daily Project based queries and requests
    • This has not changed much since I began the post: questions are very similar in nature.
    • Global AppSec questions.
    • Funding queries.
    • Travel availability.
    • Project based administrative help.
    • Project status information.
    • Several project donation questions.
    • Marketing questions.
    • Grant funding questions.
    • OWASP social media updates.
    • What's happening with projects, questions.

Project Funding Updates

  • OWASP OWTF Project: Brucon 5x5 Award
  1. Amount: €5,000.00 (Approx. $6,670.00)
  2. Status: Awarded. Congratulations, Abraham Aranguren and all involved in the project, for your award.
  1. Amount: $55,800 USD
  2. Status: This proposal is complete, and has been submitted.
  1. Amount: $15,000 USD
  2. Status: This proposal is complete, and has been submitted.
  1. Amount: $112,000 USD
  2. Status: This proposal is complete, and has been submitted.
  1. Amount: $25,000 USD
  2. Status: Awarded. The first payment has been allocated to our project budgets. The second invoice has now been sent to Georgia Tech for payment.
  3. OWASP Development Guide Plan
  4. OWASP Testing Guide Plan
  5. OWASP Code Review Guide Plan
  1. Amount: $25,000 USD
  2. Status: The ESAPI proposal is still being reviewed.
  1. Amount: $30,000 USD
  2. Status: The ModSecurity proposal is still being reviewed.
  • Google Grants Proposal
  1. Amount: $120,000 USD in Adwords Funds
  2. Status: Awarded.
  3. Note: There is no link to show the proposal for this grant. There was a form that was submitted to Google, and we did not receive a record of this form.
  • European Commission Grant Proposal
  1. Amount: €250,000
  2. Status: Denied.
  • Google Summer of Code
  1. Amount: $5,500
  2. Status: Awarded
  • Projects breakdown:
    • 4 ZAP Projects: $2,000
    • 4 OWTF Projects: $2,000
    • 1 PHP Security Project: $500
    • 1 Hackademics Project: $500
    • 1 Modsecurity Project: $500
    • Note: Big thank you to Fabio Cerullo for coordinating and managing this award.


  • Total Funds Awarded: $157,170 USD for 2013.
Retrieved from "https://wiki.owasp.org/index.php?title=Projects/Reports/2013-30-08&oldid=158116"