This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
GPC/Meetings/2013-29-03
From OWASP
Revision as of 12:49, 29 March 2013 by Samantha Groves (talk | contribs)
Project Division Updates
- Project Numbers
- Active Projects: 141
- Inactive Projects: 67
- Projects Under Review
- Project Applications
- OWASP RailsGoat Project
Currently Working On
- OWASP Asia Leadership Outreach Project
- This Asia Leadership Outreach Project came about during the discussion Dhillon and I had about OWASP at the Kuala Lumpur, Hack in the Box event.
- He mentioned that he has offered OWASP a booth at the Kuala Lumpur, Hack in the Box event for a few years, but local chapters have not represented OWASP very well.
- We suggested developing an OWASP Malaysia and Singapore outreach project that would involve a workshop, and the co-running of the Hack in the Box booth by members of both chapters.
- I have put together a proposal where I outline a 3 day outreach initiative that aims to bring more experienced chapter leaders to the region for a workshop.
- Read the full proposal for more information.
- Development of Technical Project Advisor Requirements
- This item involves the new management work flow for project reviews that was proposed for 2013.
- Projects Review Process Proposal
- It will involve a working group of technical project advisors headed by a member of the board.
- The working group will be made up of the following areas: Secure Development, Secure Lifecycle Activity, Static Analysis, Dynamic Analysis, Governance, and Education.
- These roles will be responsible for reviewing projects, and increasing the quality of the project review process and criteria.
- I have put together experience requirements for each technical advisor volunteer role.
- To read the full descriptions, please visit the advisory role descriptions document.
- Categorization of OWASP Projects
- I have begun categorizing our OWASP projects into the Builder, Breaker, and Defender categories.
- Currently, our categorization is limited so I have begun to increase the search criteria for our projects.
- Additionally, I have begun to label our projects based on OWASP Open SAMM criteria.
- The labels are as follows: Governance, Construction, Verification, Deployment.
- The plan is to allow users to find projects based on these labels on our projects wiki page.
- Project Leader Responsibilities & Expectations
- I am currently working on putting together documentation that outlines a project leader's responsibilities, and our organizational expectations of them.
- I am also developing a "How to run a successful OWASP project" document.
- Jim and I are developing brand usage guidelines for our project leaders.
- An OWASP project lifecycle info graphic is being developed as well.
- I hope that these "How To" documents and graphics will help project leaders understand their responsibilities, and how to leverage the OWASP project infrastructure for success.
- Daily Project based queries and requests
- This has not changed much since I began the post: questions are very similar in nature.
- Global AppSec questions.
- Funding queries.
- Travel availability.
- Project based administrative help.
- Project status information.
- Several project donations questions.
- OWASP LinkedIn Updates.
- What's happening with projects, questions.
Grants Updates
- Guidebooks Grant
- Amount: $25,000
- Status: We are still waiting for payment from DHS. I have reached out to our DHS and Georgia Tech representatives once again to ask for payment.
- ESAPI Proposal
- Amount: $25,000
- Status: The ESAPI proposal is still being reviewed.
- ModSecurity Grant Writing
- Amount: $30,000
- Status: The ModSecurity proposal is still being reviewed.
- Google Grants Proposal
- Amount: $120,00 in Adwords Funds
- Status: I have begun managing the Adwords account regularly. I am waiting until we reach the implementation phase with our marketing company.
- Total Grant Funds Awarded: $145,000 for 2013.