OWASP Global Projects Report

• Project Numbers
  • Active Projects: 139
  • Inactive Projects: 103

• New Project Applications
  • OWASP Pygoat Project

• New OWASP Projects
  • OWASP This I Believe Security Project

• Projects Under Review
  • OWASP Cheat Sheets Project
  • OWASP Java HTML Sanitizer Project (Testing)
  • Xenotix XSS Exploit Framework
  • OWASP Cornucopia Project (Testing)
  • OWASP Java Encoder Project (Testing)
  • Project reviews are on hold until the Technical Advisory group complete and test the updated assessment criteria.

Currently Working On

• Technical Project Advisors: Work Update
  • The Advisors and I met this week to discuss their test reviews of the following projects:
    • OWASP Java HTML Sanitizer Project (Complete)
    • OWASP Cornucopia Project (Complete)
    • OWASP Java Encoder Project (Complete)
  • We went into a good amount of detail describing our experiences with the test assessments during our meeting.
  • We primarily found major redundancies throughout the assessment questions on both types of assessment. (Health and deliverable review)
  • We concluded that we will need to remove the redundancies, and create another version of the criteria that we can then re-test using the same projects above.
  • We also discussed the inconsistency between all three project templates.
  • We all agreed that the Cornucopia Project template is very visually appealing and easy to read.
  • It is a great example of what we would like OWASP project wiki templates to look like.
  • We decided to use the Cornucopia Project template as a starting point for creating a new wiki template for OWASP Projects.

• Women in AppSec: AppSec USA 2013
  • The application period is now closed for the Women in AppSec Program for 2013.
  • We had a total of 36 respondents that applied to the program.
  • We are now in the process of collecting reference letters for all of the applicants.
  • I am also creating grading sheets so the selection team can split the initial grading of the candidates.
  • Candidates will be invited for a telephone interview with the selection team based on their scores.

• Meet our new Grants & Fundraising Intern
  • My search for a Grants & Fundraising intern is now over.
  • Kait Disney-Leugers has been chosen to take on the internship.
  • I am currently setting her up with all of her accounts, and I have sent her an orientation packet.
  • We will be having a phone based orientation on Monday.
  • Start Date: Monday, September 16th 2013.
  • Internship End Date: Monday, January 13th 2014.

• Projects at Conferences
  • The schedule for our Project Summit talks is now complete, and it is now updated on the AppSec USA website.
  • We now have 10 projects participating in the summit this year.
  • The O2 Project was the final addition to this year's lineup.
  • There is now only one project leader that is left to book his travel.

• OWASP Global Marketing
  • I spoke with our graphic design contractor this Monday, and we worked out a schedule of delivery for the final pieces.
  • Brand Guidelines (we just need the final pdf): Delivery by Monday, Sept. 16th
  • Brand Reference Sheet: Delivery by Monday, Sept. 16th
  • PPT Templates using the new logo: Delivery by Monday, Sept. 16th
  • About Us Flyer: (2 versions): Delivery by Wed, Sept. 18th.
  • New Member Welcome Letter Flyer (2 versions): Delivery by Wed, Sept. 18th.
  • E-Brochure: Delivery by Monday, Sept. 23rd.
  • E-mail Newsletter Template: Delivery by Friday, Sept. 20th.

• Daily Project based queries and requests
  • This has not changed much since I began the post: questions are very similar in nature.
  • Global AppSec questions.
  • Funding queries.
  • Travel availability.
  • Project based administrative help.
  • Project status information.
  • Several project donation questions.
  • Marketing questions.
  • Grant funding questions.
  • OWASP social media updates.
  • What's happening with projects, questions.

Project Funding Updates

• OWASP OWTF Project: Brucon 5x5 Award

1. Amount: €5,000.00 (Approx. $6,670.00)
2. Status: Awarded. Congratulations, Abraham Aranguren and all involved in the project, for your award.

• OWASP OWTF Grant Proposal

1. Amount: $55,800 USD
2. Status: This proposal is complete, and has been submitted.

• OWASP AppSensor Grant Proposal

1. Amount: $15,000 USD
2. Status: This proposal is complete, and has been submitted.

• OWASP OpenSAMM Grant Proposal

1. Amount: $112,000 USD
2. Status: This proposal is complete, and has been submitted.

• OWASP Guidebooks Proposal

1. Amount: $25,000 USD
2. Status: Awarded. The first payment has been allocated to our project budgets. The second invoice has now been sent to Georgia Tech for payment.
3. OWASP Development Guide Plan
4. OWASP Testing Guide Plan
5. OWASP Code Review Guide Plan

• OWASP ESAPI Grant Proposal

1. Amount: $25,000 USD
2. Status: The ESAPI proposal is still being reviewed.

• OWASP ModSecurity CRS Proposal

1. Amount: $30,000 USD
2. Status: The ModSecurity proposal is still being reviewed.

• Google Grants Proposal

1. Amount: $120,000 USD in Adwords Funds
2. Status: Awarded.
3. Note: There is no link to show the proposal for this grant. There was a form that was submitted to Google, and we did not receive a record of this form.

• European Commission Grant Proposal

1. Amount: €250,000
2. Status: Denied.

• Google Summer of Code

1. Amount: $5,500
2. Status: Awarded

• Projects breakdown:
  • 4 ZAP Projects: $2,000
  • 4 OWTF Projects: $2,000
  • 1 PHP Security Project: $500
  • 1 Hackademics Project: $500
  • 1 Modsecurity Project: $500
  • Note: Big thank you to Fabio Cerullo for coordinating and managing this award.

• Total Funds Awarded: $157,170 USD for 2013.