This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "GPC/Meetings/2013-08-03"

From OWASP
Jump to: navigation, search
(Created page with "__TOC__ = Project Division Updates = *'''[https://docs.google.com/a/owasp.org/spreadsheet/ccc?key=0AllOCxlYdf1AdFdaYXJ6SDFXNXBaemNwbnNHN3N5RVE#gid=16 Project Numbers]''' **Ac...")
 
 
(One intermediate revision by the same user not shown)
Line 3: Line 3:
  
 
*'''[https://docs.google.com/a/owasp.org/spreadsheet/ccc?key=0AllOCxlYdf1AdFdaYXJ6SDFXNXBaemNwbnNHN3N5RVE#gid=16 Project Numbers]'''
 
*'''[https://docs.google.com/a/owasp.org/spreadsheet/ccc?key=0AllOCxlYdf1AdFdaYXJ6SDFXNXBaemNwbnNHN3N5RVE#gid=16 Project Numbers]'''
**Active Projects: 130
+
**Active Projects: 136
 
**Inactive Projects: 67
 
**Inactive Projects: 67
  
Line 10: Line 10:
 
**[https://www.owasp.org/index.php/OWASP_Java_HTML_Sanitizer_Project OWASP Java HTML Sanitizer Project]
 
**[https://www.owasp.org/index.php/OWASP_Java_HTML_Sanitizer_Project OWASP Java HTML Sanitizer Project]
 
**[https://www.owasp.org/index.php/OWASP_Codes_of_Conduct OWASP Codes of Conduct]  
 
**[https://www.owasp.org/index.php/OWASP_Codes_of_Conduct OWASP Codes of Conduct]  
 +
**[https://www.owasp.org/index.php/OWASP_Xenotix_XSS_Exploit_Framework Xenotix XSS Exploit Framework]
  
 
*'''[https://docs.google.com/a/owasp.org/spreadsheet/ccc?key=0Amvv_7Gz8Z7TdHZfWGhHZ0Z4UFFwZU42djBXcVVLSlE#gid=0 Project Applications]'''
 
*'''[https://docs.google.com/a/owasp.org/spreadsheet/ccc?key=0Amvv_7Gz8Z7TdHZfWGhHZ0Z4UFFwZU42djBXcVVLSlE#gid=0 Project Applications]'''
**SCADA Security Project
 
**PHPRBAC Project
 
**Cornucopia Project
 
 
**Development of security framework based on Owasp Esapi for JSF2.0 (DSFE) Project
 
**Development of security framework based on Owasp Esapi for JSF2.0 (DSFE) Project
**Secure Application Design Project
+
**Barbarus
 +
**Droid Fusion
 +
**iSABEL Proxy Server
  
 
==Currently Working On==   
 
==Currently Working On==   
  
 
*'''AppSec USA: OPT &OSS'''
 
*'''AppSec USA: OPT &OSS'''
**Started creating documents for the AppSec USA Open Source Showcase and OWASP Projects Track.  
+
**We are developing two different event modules for AppSec USA.
**[https://docs.google.com/a/owasp.org/document/d/1zn3Gi2EH0LPoSomecZCRoskTLPpEf4KRZpAgK3raRMU/edit AppSec USA Projects Document.]
+
**OPT: This event module will be omitted for AppSec USA.
**[https://docs.google.com/a/owasp.org/spreadsheet/viewform?formkey=dHFkaFkwcWpzM09JQ0F4aTk3dHBFTFE6MA#gid=0 AppSec USA OPT Form.]
+
**OSS: This event module will be altered to include a full day of 30 minute, presentation like demos.
**[https://docs.google.com/a/owasp.org/spreadsheet/viewform?formkey=dGxhY0oxdndTUllTdndLWWEyNElxY1E6MA#gid=0 AppSec USA OSS Form.]
+
**Mini Project Working Groups: This event module will be developed for this conference. The idea is to coordinate working groups for a handfull of projects at the conference.  
**Waiting to hear from the local conference organisers on how they wish to proceed with this event module.  
+
**Project Leader Workshop: I will put together and run the Project Leader Workshop at AppSec USA.
  
*'''AppSec EU Research: OPT &OSS'''
+
*'''Project Reviews Process: Workflow Adjustment'''
**Started creating documents for the AppSec EU Research Open Source Showcase and OWASP Projects Track.  
+
**Testing of original Reviews Process developed in early 2013 produced these results: 1. Poor quality of reviewers; 2. Poor quality of the reviews.
**[https://docs.google.com/a/owasp.org/spreadsheet/viewform?formkey=dDMwck9VZC1ieWluekdsbUVFZGhGMnc6MA#gid=0 AppSec EU Research OPT Form.]
+
**Below is the new proposal:
**[https://docs.google.com/a/owasp.org/spreadsheet/viewform?formkey=dGhkUUhkeDBWOVZPcVdzcWloYWhla3c6MA#gid=0 AppSec EU Research OSS Form.]
+
**A working group of technical project advisors headed by a member of the board.  
**[https://docs.google.com/a/owasp.org/document/d/1dOrUYtwlBXwfhPyZa9JYqV1MeUUjSxvjm5mwgMqJXhE/edit AppSec EU Research Projects Document.]
+
**I feel this person should be you, Jim, since I think you have shown great dedication and support to our projects overall. (Lead Technical Project Advisor).
**Waiting to hear from the local conference organisers on how they wish to proceed with this event module.  
+
**The working group should be made up of the following areas: Secure Development, Secure Lifecycle Activity, Static Analysis, Dynamic Analysis, Governance, and Knowledge.
 +
**Each of these areas should be a project division role filled by one individual.  
 +
**Each role will have a six month limit, or the individual can resign the post if he/she can no longer fulfil the role's duties.  
 +
**These roles will be responsible for reviewing projects, and increasing the quality of the project review process and criteria.  
 +
**This working group will be managed by the Lead Technical Project Advisor (Jim) with updates and outcomes reported to the OWASP PM.  
  
 
*'''Black Hat EU'''
 
*'''Black Hat EU'''
**I am scheduled to attend Black Hat EU in two weeks.
+
**I am scheduled to attend Black Hat EU in next weeks.
 
**I am helping man our OWASP Booth for two days.
 
**I am helping man our OWASP Booth for two days.
 
**Goal: Familiarise myself with Black Hat event management, branding, activities.  
 
**Goal: Familiarise myself with Black Hat event management, branding, activities.  
 +
**Martin Knobloch and Ferdinand Vroom are scheduled to volunteer as well.
 +
**I will be attending the Netherlands Chapter Meeting during the conference as well.
  
 
*'''OWASP Marketing'''
 
*'''OWASP Marketing'''
 
**I am taking a more active role in OWASP's Global Marketing Initiatives.
 
**I am taking a more active role in OWASP's Global Marketing Initiatives.
**I am meeting with Marketing Company responsible for developing our strategy and brand guidelines.
+
**The next initiatives meeting will involve the Marketing Company we are currently working with.
 +
**They will present their Phase 1 research findings to the entire community.  
 
**Goal: To develop a marketing and brand strategy for the organisation.  
 
**Goal: To develop a marketing and brand strategy for the organisation.  
 +
**I will coordinate Phase 3 & 4 of our Marketing Initiatives.
  
 
*'''Daily Project based queries and requests'''
 
*'''Daily Project based queries and requests'''

Latest revision as of 22:08, 8 March 2013

Project Division Updates

  • Project Applications
    • Development of security framework based on Owasp Esapi for JSF2.0 (DSFE) Project
    • Barbarus
    • Droid Fusion
    • iSABEL Proxy Server

Currently Working On

  • AppSec USA: OPT &OSS
    • We are developing two different event modules for AppSec USA.
    • OPT: This event module will be omitted for AppSec USA.
    • OSS: This event module will be altered to include a full day of 30 minute, presentation like demos.
    • Mini Project Working Groups: This event module will be developed for this conference. The idea is to coordinate working groups for a handfull of projects at the conference.
    • Project Leader Workshop: I will put together and run the Project Leader Workshop at AppSec USA.
  • Project Reviews Process: Workflow Adjustment
    • Testing of original Reviews Process developed in early 2013 produced these results: 1. Poor quality of reviewers; 2. Poor quality of the reviews.
    • Below is the new proposal:
    • A working group of technical project advisors headed by a member of the board.
    • I feel this person should be you, Jim, since I think you have shown great dedication and support to our projects overall. (Lead Technical Project Advisor).
    • The working group should be made up of the following areas: Secure Development, Secure Lifecycle Activity, Static Analysis, Dynamic Analysis, Governance, and Knowledge.
    • Each of these areas should be a project division role filled by one individual.
    • Each role will have a six month limit, or the individual can resign the post if he/she can no longer fulfil the role's duties.
    • These roles will be responsible for reviewing projects, and increasing the quality of the project review process and criteria.
    • This working group will be managed by the Lead Technical Project Advisor (Jim) with updates and outcomes reported to the OWASP PM.
  • Black Hat EU
    • I am scheduled to attend Black Hat EU in next weeks.
    • I am helping man our OWASP Booth for two days.
    • Goal: Familiarise myself with Black Hat event management, branding, activities.
    • Martin Knobloch and Ferdinand Vroom are scheduled to volunteer as well.
    • I will be attending the Netherlands Chapter Meeting during the conference as well.
  • OWASP Marketing
    • I am taking a more active role in OWASP's Global Marketing Initiatives.
    • The next initiatives meeting will involve the Marketing Company we are currently working with.
    • They will present their Phase 1 research findings to the entire community.
    • Goal: To develop a marketing and brand strategy for the organisation.
    • I will coordinate Phase 3 & 4 of our Marketing Initiatives.
  • Daily Project based queries and requests
    • This has not changed much since I began the post: questions are very similar in nature.
    • Global AppSec questions.
    • Funding queries.
    • Travel availability.
    • Project based administrative help.
    • Project status information.
    • Several project donations questions.
    • OWASP LinkedIn Updates.
    • What's happening with projects, questions.

Grants Updates

  • Guidebooks Grant
  1. Amount: $25,000
  2. Status: We are still waiting for payment from DHS.
  • ESAPI Proposal
  1. Amount: $25,000
  2. Status: The ESAPI proposal is still being reviewed.
  • ModSecurity Grant Writing
  1. Amount: $30,000
  2. Status: The ModSecurity proposal is still being reviewed.
  • Google Grants Proposal
  1. Amount: $120,00 in Adwords Funds
  2. Status: I have begun managing the Adwords account regularly. I am waiting until we reach the implementation phase with our marketing company.
  • Total Grant Funds Awarded: $145,000 for 2013.