OWASP Global Projects Report

• Project Numbers
  • Active Projects: 148
  • Inactive Projects: 67

• New OWASP Projects
  • OWASP Web Application Security Quick Reference Guide Project
  • OWASP Application Fuzzing Framework Project
  • OWASP Security JDIs Project

• Project Applications
  • OWASP Scytale Project
  • OWASP iMAS - iOS Mobile Application Security
  • OWASP Testdemo

• Projects Under Review
  • OWASP Cheat Sheets Project
  • OWASP Java HTML Sanitizer Project
  • Xenotix XSS Exploit Framework
  • Project reviews are on hold until we can fill the Technical Project Advisor volunteer roles.

Currently Working On

• OWASP Marketing
  • I am managing the OWASP Marketing deliverables for the foundation.
  • I am managing the relationship with the Marketing company hired to deliver some materials for us.
  • The Ops Team and I discussed our current relationship with them, and the deliverables they have provided us.
  • We made decisions on these pieces, and recommendations on creative brief adjustments.
  • We met with the Marketing company this week, and communicated our decisions to them.
  • I am currently coordinating a webinar with the Marketing company, to communicate out their recommendations to us to our community.

• Determining Active Project Status
  • All existing project meta data has been entered into SalesForce.
  • The challenge now is implementing a workflow that will help me manage the data and the relationships between each piece of information.
  • I am currently working with Kate to figure out a short term solution for this.
  • The long term solution is to build SalesForce portals that will allow project leaders the ability to self manage their data.

• Projects at AppSec EU
  • Several members of the Ops Team and I met with Dirk, the local events planner for AppSec EU 2013.
  • We decided on bringing the Open Source Showcase, and the OWASP Projects Track (OPT) to the conference this year.
  • Dirk already has speakers lined up for the OPT, and I am putting together a "Call for Entries" for the OSS.

• Personal Development
  • I met with several volunteers at the New York City volunteer meeting for AppSec USA 2013.
  • Some of these volunteers are interested in bringing the Women in Security event module back to AppSec USA this year.
  • I helped collect volunteer information, created a mailing list, and I am managing the conversation to help get this event module to the conference this year.
  • We are currently developing guidelines and entry requirements for new candidates.

• Potential Role Change for the PM
  • I met with several volunteers at the New York City volunteer meeting for AppSec USA 2013.
  • Some of these volunteers are interested in bringing the Women in Security event module back to AppSec USA this year.
  • I helped collect volunteer information, created a mailing list, and I am managing the conversation to help get this event module to the conference this year.
  • We are currently developing guidelines and entry requirements for new candidates.

• Daily Project based queries and requests
  • This has not changed much since I began the post: questions are very similar in nature.
  • Global AppSec questions.
  • Funding queries.
  • Travel availability.
  • Project based administrative help.
  • Project status information.
  • Several project donations questions.
  • OWASP Social Media Updates.
  • What's happening with projects, questions.

Grants Updates

• Guidebooks Grant

1. Amount: $25,000
2. Status: We have received our first payment from DHS.

• ESAPI Proposal

1. Amount: $25,000
2. Status: The ESAPI proposal is still being reviewed.

• ModSecurity Grant Writing

1. Amount: $30,000
2. Status: The ModSecurity proposal is still being reviewed.

• Google Grants Proposal

1. Amount: $120,00 in Adwords Funds
2. Status: We continue to test different keywords and strategies to try and find the best way to leverage this grant award. We are currently testing a strategy for the AppSec USA conference this year. I have contacted Joseph McElroy who is the CEO of Corporate Performance Artists in New York, USA. Corporate performance Artist is a community management firm that specialises in SEO, Google Analytics, and Google Grants Adwords campaigns. He had some amazing insights for me. I am currently reviewing these recommendations.

• LSEC Web Attack Proposal

1. Amount: TBD (Will be in Euros)
2. Status: This proposal is currently being put together by a grant partner. This grant is from the European Commission (EC). They are looking for European organisations to collaborate on research and implementation activities for the EC. If OWASP participates in this initiative, the organisation will partner with up to 7 different companies from across the European Union. We are still in the process of writing the proposal and working out logistics.

• Total Grant Funds Awarded: $145,000 for 2013.