This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Funds available for OWASP Projects"
From OWASP
Dinis.cruz (talk | contribs) |
m (Edits made per email exchange between Dinis and Andy Lewis 20070619-21.) |
||
| Line 16: | Line 16: | ||
== OWASP Corporate Application Security Rating Guide (3k) == | == OWASP Corporate Application Security Rating Guide (3k) == | ||
| − | * '''Project description:''': As per https://www.owasp.org/index.php/OWASP_Corporate_Application_Security_Rating_Guide, finalize criteria, | + | * '''Project description:''': As per https://www.owasp.org/index.php/OWASP_Corporate_Application_Security_Rating_Guide, finalize criteria, research selected companies and publish a report with the results |
* '''Funds available:''': 3,000 USD | * '''Funds available:''': 3,000 USD | ||
* '''Sponsor''': Cenzic | * '''Sponsor''': Cenzic | ||
| Line 23: | Line 23: | ||
== Questions for SANS (5k) == | == Questions for SANS (5k) == | ||
| − | * '''Project description:''': Write JAVA/JSP questions for SANS's Software Security Institute certification exams(http://www.sans-ssi.org/). The candidate will need to write 200 questions and answers and must be a knowledgeable and respected member of the Java community. For obvious reasons only 10% to 20% of the questions created will be disclosed to the OWASP community, with the | + | * '''Project description:''': Write JAVA/JSP questions for SANS's Software Security Institute certification exams(http://www.sans-ssi.org/). The candidate will need to write 200 questions and answers and must be a knowledgeable and respected member of the Java community. For obvious reasons only 10% to 20% of the questions created will be disclosed to the OWASP community, with the remainder to be used in the certification's exams. |
| − | Note that although this first request is for questions in JAVA/JSP there are plans to | + | Note that although this first request is for questions in JAVA/JSP there are plans to run a similar project for C, C++, PHP, .NET, so if you are interested in these other languages feel free to contact us. |
* '''Funds available:''': 5,000 USD | * '''Funds available:''': 5,000 USD | ||
* '''Sponsor''': SANS | * '''Sponsor''': SANS | ||
Revision as of 20:09, 21 June 2007
[... this page is still in Draft mode since this has not yet been fully reviewed by OWASP's board]
This page contains details about funds available to OWASP projects.
The sponsorship model is different from the one used in AoC 06 and SpoC 007 since these are cases where specific money (throughout out the year) has been allocated to OWASP projects (for example by new OWASP members or by companies/organizations with specific requirements/projects)
ORG - OWASP Site Generator (5k)
- Project description:: Continue development of Site Generator, write new vulnerabilities, work on new dynamic engine, document findings
- Funds available:: 5,000 USD
- Sponsor: Spy Dynamics, Cenzic
OWASP Corporate Application Security Rating Guide (3k)
- Project description:: As per https://www.owasp.org/index.php/OWASP_Corporate_Application_Security_Rating_Guide, finalize criteria, research selected companies and publish a report with the results
- Funds available:: 3,000 USD
- Sponsor: Cenzic
Questions for SANS (5k)
- Project description:: Write JAVA/JSP questions for SANS's Software Security Institute certification exams(http://www.sans-ssi.org/). The candidate will need to write 200 questions and answers and must be a knowledgeable and respected member of the Java community. For obvious reasons only 10% to 20% of the questions created will be disclosed to the OWASP community, with the remainder to be used in the certification's exams.
Note that although this first request is for questions in JAVA/JSP there are plans to run a similar project for C, C++, PHP, .NET, so if you are interested in these other languages feel free to contact us.
- Funds available:: 5,000 USD
- Sponsor: SANS
Source Code Review OWASP Projects(5k)
- Project description::Use Fortify Software's source code scanning engine (http://opensource.fortifysoftware.com) to scan open source projects coded in JAVA. The objectives of this project will be:
- Develop and document a workflow for open source projects to incorporate static analysis into the Software Development Life Cycle (SDLC).
- Apply the above workflow as a required step for OWASP projects.
- Aid in auditing select open source projects to create a baseline for comparing security amongst open source projects.
- Funds available: 5,000 USD
- Sponsor: Fortify Software
