This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Projects/Reports/2013-18-10"

From OWASP
Jump to: navigation, search
(Created page with "__TOC__ = OWASP Global Projects Report = *'''[https://docs.google.com/spreadsheet/ccc?key=0AllOCxlYdf1AdHBGbDhXQko4akJoVnMtMUpvZnJucVE&usp=sharing Project Numbers]''' **Activ...")
 
 
(9 intermediate revisions by the same user not shown)
Line 3: Line 3:
  
 
*'''[https://docs.google.com/spreadsheet/ccc?key=0AllOCxlYdf1AdHBGbDhXQko4akJoVnMtMUpvZnJucVE&usp=sharing Project Numbers]'''
 
*'''[https://docs.google.com/spreadsheet/ccc?key=0AllOCxlYdf1AdHBGbDhXQko4akJoVnMtMUpvZnJucVE&usp=sharing Project Numbers]'''
**Active Projects: 142
+
**Active Projects: 143
 
**Inactive Projects: 103
 
**Inactive Projects: 103
  
*'''[https://docs.google.com/spreadsheet/ccc?key=0Amvv_7Gz8Z7TdHZfWGhHZ0Z4UFFwZU42djBXcVVLSlE&usp=sharing New Project Applications]'''
+
*'''New OWASP Projects'''
**OWASP Vulnerable Web Applications Directory
+
**[https://www.owasp.org/index.php/OWASP_Vulnerable_Web_Applications_Directory_Project OWASP Vulnerable Web Applications Directory Project]
  
 
*'''Projects Under Review'''
 
*'''Projects Under Review'''
Line 15: Line 15:
 
**[https://www.owasp.org/index.php/OWASP_Cornucopia OWASP Cornucopia Project] (Testing)
 
**[https://www.owasp.org/index.php/OWASP_Cornucopia OWASP Cornucopia Project] (Testing)
 
**[https://www.owasp.org/index.php/OWASP_Java_Encoder_Project OWASP Java Encoder Project] (Testing)
 
**[https://www.owasp.org/index.php/OWASP_Java_Encoder_Project OWASP Java Encoder Project] (Testing)
 +
**'''Note: All Projects will be reviewed during the 2013 Project Summit.'''
 
==Currently Working On==         
 
==Currently Working On==         
  
 
*'''[https://www.owasp.org/index.php/Projects_Summit_2013/Home 2013 Project Summit]'''
 
*'''[https://www.owasp.org/index.php/Projects_Summit_2013/Home 2013 Project Summit]'''
 
**I continue to work on organizing the 2013 OWASP Projects Summit.
 
**I continue to work on organizing the 2013 OWASP Projects Summit.
**Current session topics include:
 
***Projects Review Session
 
***ESAPI Hackathon
 
***ZAP Hackathon
 
***OWASP Training Development Session
 
***OWASP Academies Development Session
 
***Writing and Documentation Review Session
 
***Product Development and Reference Implementation
 
***Mobile Security Project Session
 
***Bug Bounty Session
 
 
**I urge everyone to add your name to the attendees list if you are interested in a session, or suggest new topics that you would be more interested in attending.  
 
**I urge everyone to add your name to the attendees list if you are interested in a session, or suggest new topics that you would be more interested in attending.  
 
**Please visit the [https://www.owasp.org/index.php/Projects_Summit_2013/Home 2013 Project Summit wiki page] for more detailed information on how to join in.  
 
**Please visit the [https://www.owasp.org/index.php/Projects_Summit_2013/Home 2013 Project Summit wiki page] for more detailed information on how to join in.  
 +
**Note: Exact session times will be announced closer to the date.
 +
**Current daily schedule and session topics include:
 +
'''Monday: Nov 18th'''
 +
#[http://sched.co/GFUey0 OWASP Projects Review Session]
 +
#[http://sched.co/1gFni6y ESAPI Hackathon Session]
 +
#[http://sched.co/GTPVPY Bug Bounty Hack Session]
 +
 +
'''Tuesday: Nov. 19th'''
 +
#[http://sched.co/1gFsc3D OWASP Training Development Session]
 +
#[http://sched.co/1gFquPG OWASP Academies Development Session]
 +
#[http://sched.co/1gFtxrb Mobile Security Session]
 +
#[http://sched.co/1gFtviT ESAPI Hackathon Session]
 +
#[http://sched.co/GTPWmQ Bug Bounty Hack Session]
 +
 +
'''Wednesday: Nov. 20th'''
 +
#[http://sched.co/1gFtOKA Writing and Documentation Review Session]
 +
#[http://sched.co/1gFqsXV ESAPI Hackathon Session]
 +
#[http://sched.co/16ky3r8 Bug Bounty Hack Session]
 +
 +
'''Thursday: Nov. 21st'''
 +
#[http://sched.co/1gFtXh1 ZAP Hackathon Session]
 +
#[http://sched.co/1gFtX0H Open SAMM Session]
 +
#[http://sched.co/1gFoJ54 ESAPI Hackathon Session]
 +
#[http://sched.co/1gFusI3 Bug Bounty Hack Session]
 +
 +
 +
*'''[http://appsecusa.org/2013/activities/project-talks/ AppSec USA Project Talks]'''
 +
**I have now finalized the schedule for the AppSec USA Project Talks.
 +
**We had to make several adjustments to balance out the schedule. 
 +
**Current talk schedule can be found below:
 +
'''Wednesday: Nov. 20th'''
 +
#10AM - OWASP Project Leader Workshop
 +
#11AM - OWASP Development Guide Talk
 +
#12PM - OWAS NIST NSTIC IDecosystem Initiative: Initial Discussion Meeting
 +
#1PM - OWASP OpenSAMM Talk
 +
#2PM - OWASP Education Projects
 +
#3PM - OWASP Security Principles Project Talk
 +
 +
'''Thursday: Nov. 21st'''
 +
#10AM - 12PM - OWASP O2 Platform Talk and Training
 +
#1PM - OWASP ESAPI Project Talk
 +
#2PM - OWASP AppSensor Talk
 +
#3PM - OWASP Code Review Guide Talk
 +
#4PM - OWASP Testing Guide Talk
  
*'''Technical Project Advisors: Work Update'''
 
**We are now finalizing the documentation so we can present the final version of the assessment criteria and project requirements to the community. 
 
**[https://docs.google.com/spreadsheet/ccc?key=0AllOCxlYdf1AdExnNnA2OHFjdUlPNHNMU1FDV2llTnc&usp=sharing Assessment Criteria V7]
 
**Note: We have separated out the focus of each assessment.
 
**The Project Assessment focuses on the project health based on OWASP best practices.
 
**The Product Assessment focuses on the quality of the deliverable.
 
  
 
*'''[http://appsecusa.org/2013/activities/owasp-women-in-application-security-appsec-program/ Women in AppSec: AppSec USA 2013]'''
 
*'''[http://appsecusa.org/2013/activities/owasp-women-in-application-security-appsec-program/ Women in AppSec: AppSec USA 2013]'''
**The Women in AppSec grading process is now complete.
+
**The two winners have now finalized their travel arrangements.  
**We have now selected 2 winners for this year's sponsorship.
+
**The pre-planning is now complete for this year.  
**We are now in the process of booking their flights, setting them up with registration, and booking accommodations for them.
 
 
**The two winners are:  
 
**The two winners are:  
 
***Nancy Lorntson
 
***Nancy Lorntson
 
***Carrie Schaper
 
***Carrie Schaper
 
***Congratulations Nancy and Carrie!
 
***Congratulations Nancy and Carrie!
 
*'''[http://owasp.blogspot.com/2013/09/meet-our-new-grants-and-fundraising.html Meet our new Grants & Fundraising Intern]'''
 
**Kait continues to do an excellent job with all of her tasks.
 
**This week, she worked on helping us manage the Board Election Candidate Interviews transcripts.
 
**We have finalized the transcript work, and Kait has attached the documents on the [https://www.owasp.org/index.php/2013_Board_Elections Board Election Candidate page].
 
**Kait is also now working on project summit related activities, helping organize the schedule of sessions and creating content for the summit wiki pages. 
 
**You can read more about her week by reading her [https://www.owasp.org/index.php/Projects/Internships/Grants_and_Fundraising_Intern/Kait_Disney_Leugers#tab=Biography Intern Weekly Report].
 
**Start Date: Monday, September 16th 2013.
 
**Internship End Date: Monday, January 13th 2014.
 
  
 
*'''OWASP Marketing'''
 
*'''OWASP Marketing'''
Line 61: Line 80:
 
**We have finalized the majority of the design pieces we requested from the graphic designer.
 
**We have finalized the majority of the design pieces we requested from the graphic designer.
 
**There is only one design piece left to create as of today.
 
**There is only one design piece left to create as of today.
**I will work with the graphic designer to finalize this last piece in the next coming weeks.  
+
**I will continue to work with Patrick to finish off the e-newsletter graphics we need for the OWASP Connector.  
  
 
*'''Daily Project based queries and requests'''
 
*'''Daily Project based queries and requests'''
Line 76: Line 95:
 
**What's happening with projects, questions.
 
**What's happening with projects, questions.
  
==Project Funding Updates==
+
==Project Grant & Award Updates==
 
*'''OWASP OWTF Project: Brucon 5x5 Award'''
 
*'''OWASP OWTF Project: Brucon 5x5 Award'''
 
# Amount: €5,000.00 (Approx. $6,670.00)
 
# Amount: €5,000.00 (Approx. $6,670.00)

Latest revision as of 22:06, 18 October 2013

OWASP Global Projects Report

Currently Working On

  • 2013 Project Summit
    • I continue to work on organizing the 2013 OWASP Projects Summit.
    • I urge everyone to add your name to the attendees list if you are interested in a session, or suggest new topics that you would be more interested in attending.
    • Please visit the 2013 Project Summit wiki page for more detailed information on how to join in.
    • Note: Exact session times will be announced closer to the date.
    • Current daily schedule and session topics include:

Monday: Nov 18th

  1. OWASP Projects Review Session
  2. ESAPI Hackathon Session
  3. Bug Bounty Hack Session

Tuesday: Nov. 19th

  1. OWASP Training Development Session
  2. OWASP Academies Development Session
  3. Mobile Security Session
  4. ESAPI Hackathon Session
  5. Bug Bounty Hack Session

Wednesday: Nov. 20th

  1. Writing and Documentation Review Session
  2. ESAPI Hackathon Session
  3. Bug Bounty Hack Session

Thursday: Nov. 21st

  1. ZAP Hackathon Session
  2. Open SAMM Session
  3. ESAPI Hackathon Session
  4. Bug Bounty Hack Session


  • AppSec USA Project Talks
    • I have now finalized the schedule for the AppSec USA Project Talks.
    • We had to make several adjustments to balance out the schedule.
    • Current talk schedule can be found below:

Wednesday: Nov. 20th

  1. 10AM - OWASP Project Leader Workshop
  2. 11AM - OWASP Development Guide Talk
  3. 12PM - OWAS NIST NSTIC IDecosystem Initiative: Initial Discussion Meeting
  4. 1PM - OWASP OpenSAMM Talk
  5. 2PM - OWASP Education Projects
  6. 3PM - OWASP Security Principles Project Talk

Thursday: Nov. 21st

  1. 10AM - 12PM - OWASP O2 Platform Talk and Training
  2. 1PM - OWASP ESAPI Project Talk
  3. 2PM - OWASP AppSensor Talk
  4. 3PM - OWASP Code Review Guide Talk
  5. 4PM - OWASP Testing Guide Talk


  • Women in AppSec: AppSec USA 2013
    • The two winners have now finalized their travel arrangements.
    • The pre-planning is now complete for this year.
    • The two winners are:
      • Nancy Lorntson
      • Carrie Schaper
      • Congratulations Nancy and Carrie!
  • OWASP Marketing
    • I continue to work on finalizing our contract with the marketing and design agency we hired to create our OWASP identity package.
    • We have finalized the majority of the design pieces we requested from the graphic designer.
    • There is only one design piece left to create as of today.
    • I will continue to work with Patrick to finish off the e-newsletter graphics we need for the OWASP Connector.
  • Daily Project based queries and requests
    • This has not changed much since I began the post: questions are very similar in nature.
    • Global AppSec questions.
    • Funding queries.
    • Travel availability.
    • Project based administrative help.
    • Project status information.
    • Several project donation questions.
    • Marketing questions.
    • Grant funding questions.
    • OWASP social media updates.
    • What's happening with projects, questions.

Project Grant & Award Updates

  • OWASP OWTF Project: Brucon 5x5 Award
  1. Amount: €5,000.00 (Approx. $6,670.00)
  2. Status: Awarded. Congratulations, Abraham Aranguren and all involved in the project, for your award.
  1. Amount: $55,800 USD
  2. Status: This proposal is complete, and has been submitted.
  1. Amount: $15,000 USD
  2. Status: This proposal is complete, and has been submitted.
  1. Amount: $112,000 USD
  2. Status: This proposal is complete, and has been submitted.
  1. Amount: $25,000 USD
  2. Status: Awarded. The first payment has been allocated to our project budgets. The second invoice has now been sent to Georgia Tech and payment has been received.
  3. OWASP Development Guide Plan
  4. OWASP Testing Guide Plan
  5. OWASP Code Review Guide Plan
  1. Amount: $25,000 USD
  2. Status: The ESAPI proposal is still being reviewed.
  1. Amount: $30,000 USD
  2. Status: The ModSecurity proposal is still being reviewed.
  • Google Grants Proposal
  1. Amount: $120,000 USD in Adwords Funds
  2. Status: Awarded.
  3. Note: There is no link to show the proposal for this grant. There was a form that was submitted to Google, and we did not receive a record of this form.
  • European Commission Grant Proposal
  1. Amount: €250,000
  2. Status: Denied.
  • Google Summer of Code
  1. Amount: $5,500
  2. Status: Awarded
  • Projects breakdown:
    • 4 ZAP Projects: $2,000
    • 4 OWTF Projects: $2,000
    • 1 PHP Security Project: $500
    • 1 Hackademics Project: $500
    • 1 Modsecurity Project: $500
    • Note: Big thank you to Fabio Cerullo for coordinating and managing this award.


  • Total Funds Awarded: $157,170 USD for 2013.
Retrieved from "https://wiki.owasp.org/index.php?title=Projects/Reports/2013-18-10&oldid=161108"