This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Projects/Reports/2013-25-10"
From OWASP
(17 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
− | = | + | =PROJECT METRICS= |
− | + | <div style="width:100%;height:160px;border:0,margin:0;overflow: hidden;">[[File:OWASP_Project_Header.jpg|link=]]</div> | |
− | + | ==Metrics== | |
− | |||
− | = | ||
− | |||
− | |||
*'''[https://docs.google.com/spreadsheet/ccc?key=0AllOCxlYdf1AdHBGbDhXQko4akJoVnMtMUpvZnJucVE&usp=sharing Project Numbers]''' | *'''[https://docs.google.com/spreadsheet/ccc?key=0AllOCxlYdf1AdHBGbDhXQko4akJoVnMtMUpvZnJucVE&usp=sharing Project Numbers]''' | ||
**Active Projects: 143 | **Active Projects: 143 | ||
**Inactive Projects: 103 | **Inactive Projects: 103 | ||
+ | **Incubator Projects: 110 | ||
+ | **Lab Projects:18 | ||
+ | **Flagship Projects: 15 | ||
− | + | ==New OWASP Projects== | |
− | + | *[https://www.owasp.org/index.php/OWASP_Vulnerable_Web_Applications_Directory_Project OWASP Vulnerable Web Applications Directory Project] | |
− | + | ==Projects Under Review== | |
− | + | *[https://www.owasp.org/index.php/Cheat_Sheets OWASP Cheat Sheets Project] | |
− | + | *[https://www.owasp.org/index.php/OWASP_Java_HTML_Sanitizer_Project OWASP Java HTML Sanitizer Project] (Testing) | |
− | + | *[https://www.owasp.org/index.php/OWASP_Xenotix_XSS_Exploit_Framework Xenotix XSS Exploit Framework] | |
− | + | *[https://www.owasp.org/index.php/OWASP_Cornucopia OWASP Cornucopia Project] (Testing) | |
− | + | *[https://www.owasp.org/index.php/OWASP_Java_Encoder_Project OWASP Java Encoder Project] (Testing) | |
− | + | *'''Note: All Projects will be reviewed during the 2013 Project Summit.''' | |
− | = | + | =CURRENTLY WORKING ON= |
*'''[https://www.owasp.org/index.php/Projects_Summit_2013/Home 2013 Project Summit]''' | *'''[https://www.owasp.org/index.php/Projects_Summit_2013/Home 2013 Project Summit]''' | ||
**I continue to work on organizing the 2013 OWASP Projects Summit. | **I continue to work on organizing the 2013 OWASP Projects Summit. | ||
− | ** | + | **We are now three weeks away. |
− | ** | + | **I am primarily focusing on the project leader workshop content and getting logistics sorted for the summit and project talks. |
− | + | **Work is now underway to solidify the outcomes for each summit session. | |
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | ** | ||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
*'''[http://appsecusa.org/2013/activities/owasp-women-in-application-security-appsec-program/ Women in AppSec: AppSec USA 2013]''' | *'''[http://appsecusa.org/2013/activities/owasp-women-in-application-security-appsec-program/ Women in AppSec: AppSec USA 2013]''' | ||
− | ** | + | **I have gone ahead and put together a wiki page that explains how to run the Women in AppSec Program. |
− | ** | + | **It outlines our lessons learned, and gives direction on what was done in the past. |
− | ** | + | **You can find the wiki page [https://www.owasp.org/index.php/Women_In_AppSec here]. |
− | ** | + | **https://www.owasp.org/index.php/Women_In_AppSec |
− | |||
− | |||
*'''OWASP Marketing''' | *'''OWASP Marketing''' | ||
**I continue to work on finalizing our contract with the marketing and design agency we hired to create our OWASP identity package. | **I continue to work on finalizing our contract with the marketing and design agency we hired to create our OWASP identity package. | ||
− | ** | + | **I have asked our designer to send us his final bill. |
− | ** | + | **Kait, our grants and fundraising intern, has kindly put together a marketing resources page for our community. |
− | ** | + | **You can find the the [https://owasp.org/index.php/Marketing/Resources Marketing Resources page here]. |
+ | **You will also find brand usage rules and guidelines on this page. | ||
*'''Daily Project based queries and requests''' | *'''Daily Project based queries and requests''' | ||
Line 103: | Line 57: | ||
**What's happening with projects, questions. | **What's happening with projects, questions. | ||
− | = | + | =PROJECT GRANTS & FUNDING UPDATES= |
− | + | ==General Awards== | |
*'''OWASP OWTF Project: Brucon 5x5 Award''' | *'''OWASP OWTF Project: Brucon 5x5 Award''' | ||
Line 111: | Line 65: | ||
# Status: Awarded. Congratulations, Abraham Aranguren and all involved in the project, for your award. | # Status: Awarded. Congratulations, Abraham Aranguren and all involved in the project, for your award. | ||
− | + | ==Proposals Awarded== | |
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
*'''[https://docs.google.com/document/d/1MA3TI5ssclxvheV8At_ffu2Fuic55SDpOokS3AOvBUc/edit?usp=sharing OWASP Guidebooks Proposal]''' | *'''[https://docs.google.com/document/d/1MA3TI5ssclxvheV8At_ffu2Fuic55SDpOokS3AOvBUc/edit?usp=sharing OWASP Guidebooks Proposal]''' | ||
Line 159: | Line 91: | ||
**Note: Big thank you to Fabio Cerullo for coordinating and managing this award. | **Note: Big thank you to Fabio Cerullo for coordinating and managing this award. | ||
− | ''' | + | *'''[https://docs.google.com/document/d/1cFbmOLqEQQG8eXPrMTlU6JUivgRIacUeL7D599bZm_E/edit?usp=sharing OWASP AppSensor Grant Proposal]''' |
+ | # Amount: $15,000 USD | ||
+ | # Status: This proposal is complete, and has been submitted. | ||
+ | |||
+ | *'''Total Funds Awarded: $172,170 USD for 2013.''' | ||
+ | |||
+ | ==Proposals Denied== | ||
*'''European Commission Grant Proposal''' | *'''European Commission Grant Proposal''' | ||
Line 165: | Line 103: | ||
#Status: Denied. | #Status: Denied. | ||
+ | *'''[https://docs.google.com/document/d/1Vz7BLFdt1h5AhmW-Zc2B_KlqhzsSkSAaEASML5U4VQs/edit?usp=sharing OWASP OpenSAMM Grant Proposal]''' | ||
+ | # Amount: $112,000 USD | ||
+ | # Status: Denied | ||
+ | |||
+ | *'''[https://docs.google.com/document/d/16ZFXaML8C7aDAZdyTMDDg4BzLr1vUTOz9eqmYE8ZW8U/edit?usp=sharing OWASP ESAPI Grant Proposal]''' | ||
+ | # Amount: $25,000 USD | ||
+ | # Status: Denied | ||
+ | |||
+ | *'''[https://docs.google.com/document/d/1dBTaRr-yl8wGhGKxacWACznZhCZnJ_sZeAdN-b2xPlw/edit?usp=sharing OWASP ModSecurity CRS Proposal]''' | ||
+ | #Amount: $30,000 USD | ||
+ | #Status: Denied | ||
+ | |||
+ | *'''[https://docs.google.com/file/d/0B1lOCxlYdf1AQm52T2xjX215M28/edit?usp=sharing OWASP OWTF Grant Proposal]''' | ||
+ | # Amount: $55,800 USD | ||
+ | # Status: Denied | ||
+ | |||
+ | |||
+ | =PROJECT ANNOUNCEMENTS= | ||
+ | |||
+ | ==[https://www.owasp.org/index.php/Projects_Summit_2013/Home 2013 Project Summit]== | ||
+ | *The project summit is only 3 weeks away. | ||
+ | *I urge everyone to add your name to the attendees list if you are interested in a session, or suggest new topics that you would be more interested in attending. | ||
+ | *Please visit the [https://www.owasp.org/index.php/Projects_Summit_2013/Home 2013 Project Summit wiki page] for more detailed information on how to join in. | ||
+ | *Note: Exact session times will be announced closer to the date. | ||
+ | *Current daily schedule and session topics include: | ||
+ | '''Monday: Nov 18th''' | ||
+ | #[http://sched.co/GFUey0 OWASP Projects Review Session] | ||
+ | #[http://sched.co/1gFni6y ESAPI Hackathon Session] | ||
+ | #[http://sched.co/GTPVPY Bug Bounty Hack Session] | ||
+ | |||
+ | '''Tuesday: Nov. 19th''' | ||
+ | #[http://sched.co/1gFsc3D OWASP Training Development Session] | ||
+ | #[http://sched.co/1gFquPG OWASP Academies Development Session] | ||
+ | #[http://sched.co/1gFtxrb Mobile Security Session] | ||
+ | #[http://sched.co/1gFtviT ESAPI Hackathon Session] | ||
+ | #[http://sched.co/GTPWmQ Bug Bounty Hack Session] | ||
+ | |||
+ | '''Wednesday: Nov. 20th''' | ||
+ | #[http://sched.co/1gFtOKA Writing and Documentation Review Session] | ||
+ | #[http://sched.co/1gFqsXV ESAPI Hackathon Session] | ||
+ | #[http://sched.co/16ky3r8 Bug Bounty Hack Session] | ||
+ | |||
+ | '''Thursday: Nov. 21st''' | ||
+ | #[http://sched.co/1gFtXh1 ZAP Hackathon Session] | ||
+ | #[http://sched.co/1gFtX0H Open SAMM Session] | ||
+ | #[http://sched.co/1gFoJ54 ESAPI Hackathon Session] | ||
+ | #[http://sched.co/1gFusI3 Bug Bounty Hack Session] | ||
− | |||
− | =Project Leader | + | ==[http://appsecusa.org/2013/activities/project-talks/ AppSec USA Project Talks]== |
+ | * I have now finalized the schedule for the AppSec USA Project Talks. | ||
+ | * We had to make several adjustments to balance out the schedule. | ||
+ | * Current talk schedule can be found below: | ||
+ | '''Wednesday: Nov. 20th''' | ||
+ | #10AM - OWASP Project Leader Workshop | ||
+ | #11AM - OWASP ESAPI | ||
+ | #12PM - OWAS NIST NSTIC IDecosystem Initiative: Initial Discussion Meeting | ||
+ | #1PM - OWASP OpenSAMM Talk | ||
+ | #2PM - OWASP Education Projects | ||
+ | #3PM - OWASP Security Principles Project Talk | ||
+ | |||
+ | '''Thursday: Nov. 21st''' | ||
+ | #10AM - 12PM - OWASP O2 Platform Talk and Training | ||
+ | #12PM - OWASP Testing Guide Talk | ||
+ | #1PM - OWASP Development Guide Talk | ||
+ | #2PM - OWASP AppSensor Talk | ||
+ | #3PM - OWASP Code Review Guide Talk | ||
− | |||
− | <headertabs /> | + | __NOTOC__ <headertabs /> |
Latest revision as of 05:32, 29 October 2013
Metrics
- Project Numbers
- Active Projects: 143
- Inactive Projects: 103
- Incubator Projects: 110
- Lab Projects:18
- Flagship Projects: 15
New OWASP Projects
Projects Under Review
- OWASP Cheat Sheets Project
- OWASP Java HTML Sanitizer Project (Testing)
- Xenotix XSS Exploit Framework
- OWASP Cornucopia Project (Testing)
- OWASP Java Encoder Project (Testing)
- Note: All Projects will be reviewed during the 2013 Project Summit.
- 2013 Project Summit
- I continue to work on organizing the 2013 OWASP Projects Summit.
- We are now three weeks away.
- I am primarily focusing on the project leader workshop content and getting logistics sorted for the summit and project talks.
- Work is now underway to solidify the outcomes for each summit session.
- Women in AppSec: AppSec USA 2013
- I have gone ahead and put together a wiki page that explains how to run the Women in AppSec Program.
- It outlines our lessons learned, and gives direction on what was done in the past.
- You can find the wiki page here.
- https://www.owasp.org/index.php/Women_In_AppSec
- OWASP Marketing
- I continue to work on finalizing our contract with the marketing and design agency we hired to create our OWASP identity package.
- I have asked our designer to send us his final bill.
- Kait, our grants and fundraising intern, has kindly put together a marketing resources page for our community.
- You can find the the Marketing Resources page here.
- You will also find brand usage rules and guidelines on this page.
- Daily Project based queries and requests
- This has not changed much since I began the post: questions are very similar in nature.
- Global AppSec questions.
- Funding queries.
- Travel availability.
- Project based administrative help.
- Project status information.
- Several project donation questions.
- Marketing questions.
- Grant funding questions.
- OWASP social media updates.
- What's happening with projects, questions.
General Awards
- OWASP OWTF Project: Brucon 5x5 Award
- Amount: €5,000.00 (Approx. $6,670.00)
- Status: Awarded. Congratulations, Abraham Aranguren and all involved in the project, for your award.
Proposals Awarded
- Amount: $25,000 USD
- Status: Awarded. The first payment has been allocated to our project budgets. The second invoice has now been sent to Georgia Tech and payment has been received.
- OWASP Development Guide Plan
- OWASP Testing Guide Plan
- OWASP Code Review Guide Plan
- Google Grants Proposal
- Amount: $120,000 USD in Adwords Funds
- Status: Awarded.
- Note: There is no link to show the proposal for this grant. There was a form that was submitted to Google, and we did not receive a record of this form.
- Google Summer of Code
- Amount: $5,500
- Status: Awarded
- Projects breakdown:
- 4 ZAP Projects: $2,000
- 4 OWTF Projects: $2,000
- 1 PHP Security Project: $500
- 1 Hackademics Project: $500
- 1 Modsecurity Project: $500
- Note: Big thank you to Fabio Cerullo for coordinating and managing this award.
- Amount: $15,000 USD
- Status: This proposal is complete, and has been submitted.
- Total Funds Awarded: $172,170 USD for 2013.
Proposals Denied
- European Commission Grant Proposal
- Amount: €250,000
- Status: Denied.
- Amount: $112,000 USD
- Status: Denied
- Amount: $25,000 USD
- Status: Denied
- Amount: $30,000 USD
- Status: Denied
- Amount: $55,800 USD
- Status: Denied
2013 Project Summit
- The project summit is only 3 weeks away.
- I urge everyone to add your name to the attendees list if you are interested in a session, or suggest new topics that you would be more interested in attending.
- Please visit the 2013 Project Summit wiki page for more detailed information on how to join in.
- Note: Exact session times will be announced closer to the date.
- Current daily schedule and session topics include:
Monday: Nov 18th
Tuesday: Nov. 19th
- OWASP Training Development Session
- OWASP Academies Development Session
- Mobile Security Session
- ESAPI Hackathon Session
- Bug Bounty Hack Session
Wednesday: Nov. 20th
Thursday: Nov. 21st
AppSec USA Project Talks
- I have now finalized the schedule for the AppSec USA Project Talks.
- We had to make several adjustments to balance out the schedule.
- Current talk schedule can be found below:
Wednesday: Nov. 20th
- 10AM - OWASP Project Leader Workshop
- 11AM - OWASP ESAPI
- 12PM - OWAS NIST NSTIC IDecosystem Initiative: Initial Discussion Meeting
- 1PM - OWASP OpenSAMM Talk
- 2PM - OWASP Education Projects
- 3PM - OWASP Security Principles Project Talk
Thursday: Nov. 21st
- 10AM - 12PM - OWASP O2 Platform Talk and Training
- 12PM - OWASP Testing Guide Talk
- 1PM - OWASP Development Guide Talk
- 2PM - OWASP AppSensor Talk
- 3PM - OWASP Code Review Guide Talk