This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "OWASP Summer of Code 2008 Applications - Proposal Type"
| Line 21: | Line 21: | ||
'''Any other reasons why you and your project should be selected''': I feel that I should be selected for the project is because this would be a fun challenge for me and also because I am competent and committed to doing this project. | '''Any other reasons why you and your project should be selected''': I feel that I should be selected for the project is because this would be a fun challenge for me and also because I am competent and committed to doing this project. | ||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
Revision as of 16:19, 26 March 2008
Project name : P006 - OWASP Corporate Application Security Rating Guide
Educational and professional background: CIA, CISA with over seven years experience in information technology and application security audits.
Application security experience and accomplishments : I have experience in ensuring that equity application solution conforms to security compliance requirements of the stock exchanges and the Security Exchange Board of India.
Participation and leadership in open communities : Member of ISACA and IIA, NJ Chapters.
The opportunity, challenges, issues or need your proposal addresses : The project will be the first of its kind that I have ever attempted and in that sense its my first challenge. The project will help me organize and structure publicly available data that large companies will share of the lessons learned about how to organize an application security initiative, best practices for training and testing, and more.
Objectives or ways in which you will meet the goal(s) : Analysis of publicly available data such as interviews, presentations, briefings for details. The project will link to all source material used in creating the rating. The rating will involve application security and awareness training; defining security requirements and verification for each application; establishing a dedicated application team and process for responding to security issues and allocating points to each issues.
Specific activities and who will carry out these activities : Parvathy.N.Iyer will carry out the entire analysis and rating. Neal Kirschner, Director of IT services at Eisner LLP with over 20 years work experience will be the reviewer on the project.
Specific deliverables and a rough project schedule so we can track progress : A project update will be provided on May 31, 2008 and the project shall be completed by August 31, 2008.
Long-term vision for the project: The project will be used as a guide for rating applications.
Any other reasons why you and your project should be selected: I feel that I should be selected for the project is because this would be a fun challenge for me and also because I am competent and committed to doing this project.
