This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "OWASP Summer of Code 2008 Applications - Proposal Type"

From OWASP
Jump to: navigation, search
(Undo revision 27111 by Pauloc (Talk))
 
Line 1: Line 1:
'''Project name''' : P006 - '''OWASP Corporate Application Security Rating Guide'''
+
== Suggested Proposal Type ==
  
'''Educational and professional background''': CIA, CISA with over seven years experience in information technology and  application security audits.
+
* We strongly suggest that you include the following information in your proposal:
 
+
** First name or Alias,
'''Application security experience and accomplishments''' : I have experience in ensuring that equity application solution conforms to security compliance requirements of the stock exchanges and the Security Exchange Board of India.
+
** Project name,
 
+
** Educational and professional background,
'''Participation and leadership in open communities''' : Member of ISACA and IIA, NJ Chapters.
+
** Application security experience and accomplishments,
 
+
** Participation and leadership in open communities,
'''The opportunity, challenges, issues or need your proposal addresses''' : The project will be the first of its kind that I have ever attempted and in that sense its my first challenge. The project will help me organize and structure publicly available data that large companies will share of the lessons learned about how to organize an application security initiative, best practices for training and testing, and more.
+
** The opportunity, challenges, issues or need your proposal addresses,
 
+
** Objectives or ways in which you will meet the goal(s),
 
+
** Specific activities and who will carry out these activities,
'''Objectives or ways in which you will meet the goal(s)''' : Analysis of publicly available data such as interviews, presentations, briefings for details. The project will link to all source material used in creating the rating. The rating will involve application security and awareness training; defining security requirements and verification for each application; establishing a dedicated application team and process for responding to security issues and allocating points to each issues. '''
+
** Specific deliverables and a rough project schedule so we can track progress,
 
+
** Long-term vision for the project,
 
+
** Any other reasons why you and your project should be selected.
'''Specific activities and who will carry out these activities''' : Parvathy.N.Iyer will carry out the entire analysis and rating. Neal Kirschner, Director of IT services at Eisner LLP with over 20 years work experience will be the reviewer on the project.
 
 
 
 
 
'''Specific deliverables and a rough project schedule so we can track progress''' : A project update will be provided on May 31, 2008 and the project shall be completed by August 31, 2008.
 
 
 
'''Long-term vision for the project''': The project will be used as a guide for rating applications.
 
 
 
'''Any other reasons why you and your project should be selected''': I feel that I should be selected for the project is because this would be a fun challenge for me and also because I am competent and committed to doing this project.
 
 
 
 
 
 
 
Project Application submitted by: Parvathy Iyer
 
 
 
Current occupation: IT Audit- Senior, Eisner LLP
 

Latest revision as of 16:24, 26 March 2008

Suggested Proposal Type

  • We strongly suggest that you include the following information in your proposal:
    • First name or Alias,
    • Project name,
    • Educational and professional background,
    • Application security experience and accomplishments,
    • Participation and leadership in open communities,
    • The opportunity, challenges, issues or need your proposal addresses,
    • Objectives or ways in which you will meet the goal(s),
    • Specific activities and who will carry out these activities,
    • Specific deliverables and a rough project schedule so we can track progress,
    • Long-term vision for the project,
    • Any other reasons why you and your project should be selected.
Retrieved from "https://wiki.owasp.org/index.php?title=OWASP_Summer_of_Code_2008_Applications_-_Proposal_Type&oldid=27116"