Difference between revisions of "Projects Summit 2013/Working Sessions/003"

Latest revision as of 18:37, 15 November 2013

Global Summit 2013 Home Page
Global Summit 2013 Tracks

Project Reviews
Please see/use the 'discussion' page for more details about this Working Session
Working Sessions Operational Rules - Please see here the general frame of rules.

WORKING SESSION IDENTIFICATION

Short Work Session Description

Review of all the current Flagship, some Lab, and some Incubator projects. The review of OWASP Projects will be based on the new assessment criteria.

Related Projects (if any)

Email Contacts & Roles

Chair
Johanna Curiel @

Operational Manager
Samantha Groves @

Mailing list
Google Groups: owasp-project-summit-2013

WORKING SESSION SPECIFICS
Objectives	Introduction to new assessment criteria to conduct reviews. Team in small groups (2 to 3 max) based on experience and background to asses a set of Projects (Code, Tool or Documentation). Fill in the Questionnaire (Google Forms) to complete assessment of Projects and provide the review with a final score and results (Project defined as Incubator, Lab or Flagship). Review results of questionnaire with your team. Present results and conclusions of assessment session.
Venue/Date&Time/Model	Venue/Room AppSec USA 2013: Times Square, New York City	Date & Time Monday, November 18, 9:00am to 1:00pm	Discussion Model Introduction, participants, and attendees.

WORKING SESSION OPERATIONAL RESOURCES
Projector, whiteboards, markers, Internet connectivity, power.

WORKING SESSION ADDITIONAL DETAILS

Chair: Johanna Curiel

Johanna has mainly worked in the area of C# and ASP.NET development, Testing and Quality Control. She is an experienced developer and understands different types of programming languages such as Java and PHP and different types of scripting languages. Johanna has ample experience in Microsoft Technologies and Security Engineering. At the moment she is working on a research to implement the Prime number theorem to calculate and predict prime numbers faster to break the RSA algorithm.

Operational Manager: Samantha Groves

Samantha Groves is the Project Manager at OWASP. Samantha has led many projects in her career, some of which include website development, brand development, sustainability and socio-behavioural research projects, competitor analysis, event organisation and management, volunteer engagement projects, staff recruitment and training, and marketing department organisation and strategy implementation projects for a variety of commercial and not-for-profit organisations.

WORKING SESSION OUTCOMES / DELIVERABLES
Proposed by Working Group	'Delivered by Working Group
Review of all the current Flagship, some Lab, and some Incubator projects. Find here.	After the Meeting - fill in here.
Assign them an appropriate stage designation based on the review.	After the Meeting - fill in here.
Update the inventory based on reviews.	After the Meeting - fill in here.
Create banners that show what stage each project is on. To be placed on the wiki.	After the Meeting - fill in here.
	After the Meeting - fill in here.
	After the Meeting - fill in here.
	After the Meeting - fill in here.
	After the Meeting - fill in here.

Working Session Participants

(Add you name by clicking "edit" on the tab on the upper left side of this page)

WORKING SESSION PARTICIPANTS
Name	Company	Notes & reason for participating, issues to be discussed/addressed
		Application Security Guide for CISOs
		OWASP AntiSamy Project
		OWASP Enterprise Security API
		OWASP ModSecurity Core Rule Set
		OWASP CSRFGuard
		OWASP Web Testing Environment
		Webgoat
		OWASP Zed Attack Proxy
		OWASP Application Security Verification Standard
		OWASP Code Review
		OWASP Codes of Conduct
		OWASP Development Guide Project
		OWASP Secure Coding Practices
		OWASP Software Assurance Maturity Model
		OWASP Testing Guide
		OWASP Top Ten
		OWASP Cornucopia
		OWASP Xenotix XSS Exploit Framework
		OWASP Cheat Sheets
		OWASP Java HTML Sanitizer
		OWASP AppSensor

@@ Line 9: / Line 9: @@
 |-
-| short_working_session_description= '''Review of entire inventory of OWASP Projects using the new assessment criteria.'''
+| short_working_session_description= '''Review of all the current Flagship, some Lab, and some Incubator projects.  The review of OWASP Projects will be based on the new assessment criteria.'''
@@ Line 23: / Line 23: @@
 | related_project_url_3 = https://www.owasp.org/index.php/OWASP_Project_Inventory
-| related_project_name4 =
+| related_project_name4 = Project Health Assessment Form
-| related_project_url_4 =
+| related_project_url_4 = https://docs.google.com/a/owasp.org/forms/d/1uhMBPM-jOL-zbRjW4Z9nd5JNWutY1nuSWJB_jGB6c8E/viewform
-| related_project_name5 =
+| related_project_name5 = Product Quality Assessment Form
-| related_project_url_5 =
+| related_project_url_5 = https://docs.google.com/a/owasp.org/forms/d/16fakSjwNY3w6B4vCF4NtQE96cyYeDyJYVM1NZTwDcjA/viewform
+| related_project_name6 = Comprehensive List of Assessment Criteria
+| related_project_url_6 = https://docs.google.com/spreadsheet/ccc?key=0AllOCxlYdf1AdGxrR29jZGRhRnVhX0FYbkxQa2ZmdlE&usp=sharing
+| related_project_name7 = Comprehensive List of Assessment Criteria
+| related_project_url_7 = http://sched.co/GFUey0
 |-
-| summit_session_objective_name1= Introduction to  new assessment criteria to conduct reviews
+| summit_session_objective_name1= Introduction to  new assessment criteria to conduct reviews.
+| summit_session_objective_name2 = Team in small groups (2 to 3 max) based on experience and background to asses a set of Projects (Code, Tool or Documentation).
-| summit_session_objective_name2 = Team in small groups(2 to 3 max) based on experience and background to asses a set of Projects (Code, Tool or Documentation)
+| summit_session_objective_name3 = Fill in the Questionnaire (Google Forms) to complete assessment of Projects and provide the review with a final score and results (Project defined as Incubator, Lab or Flagship).
-| summit_session_objective_name3 = Fill in the Questionnaire (Google Forms) to complete assessment of Projects and provide the review with a final score and results (Project defined as Incubator, Lab or Flagship)
+| summit_session_objective_name4 = Review results of questionnaire with your team.
-| summit_session_objective_name4 = Review results of questionnaire with your team
-| summit_session_objective_name5 =  Present results and conclusions of assessment session
+| summit_session_objective_name5 =  Present results and conclusions of assessment session.
 |-
-| working_session_date_and_time = Monday, November 18 9:00am to 1:00pm
+| working_session_date_and_time = Monday, November 18, 9:00am to 1:00pm
 |-
-| discussion_model = participants and attendees
+| discussion_model = Introduction, participants, and attendees.
 |-
-| operational_resources = Projector, whiteboards, markers, Internet connectivity, power
+| operational_resources = Projector, whiteboards, markers, Internet connectivity, power.
 |-
@@ Line 64: / Line 70: @@
 |-
-|summit_session_deliverable_name1 = Review all projects in the active inventory.
+|summit_session_deliverable_name1 = Review of all the current Flagship, some Lab, and some Incubator projects. Find here.
 |summit_session_deliverable_name2 = Assign them an appropriate stage designation based on the review.
@@ Line 104: / Line 110: @@
 |-
+| summit_session_attendee_name21 =
+| summit_session_attendee_email21 =
+| summit_session_attendee_username21 =
+| summit_session_attendee_company21=
+| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed21=[https://www.owasp.org/index.php/OWASP_Application_Security_Guide_For_CISOs_Project Application Security Guide for CISOs]
 | summit_session_attendee_name1 =
@@ Line 109: / Line 121: @@
 | summit_session_attendee_username1 =
 | summit_session_attendee_company1=
-| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed1=
+| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed1=[https://www.owasp.org/index.php/Category:OWASP_AntiSamy_Project OWASP AntiSamy Project]
 | summit_session_attendee_name2 =
@@ Line 115: / Line 127: @@
 | summit_session_attendee_username2 =
 | summit_session_attendee_company2=
-| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed2=
+| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed2=[https://www.owasp.org/index.php/Category:OWASP_Enterprise_Security_API OWASP Enterprise Security API]
 | summit_session_attendee_name3 =
@@ Line 121: / Line 133: @@
 | summit_session_attendee_username3 =
 | summit_session_attendee_company3=
-| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed3=
+| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed3=[https://www.owasp.org/index.php/Projects/OWASP_ModSecurity_Core_Rule_Set_Project OWASP ModSecurity Core Rule Set]
 | summit_session_attendee_name4 =
@@ Line 127: / Line 140: @@
 | summit_session_attendee_username4 =
 | summit_session_attendee_company4=
-| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed4=
+| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed4=[https://www.owasp.org/index.php/Category:OWASP_CSRFGuard_Project OWASP CSRFGuard]
 | summit_session_attendee_name5 =
@@ Line 133: / Line 146: @@
 | summit_session_attendee_username5 =
 | summit_session_attendee_company5=
-| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed5=
+| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed5=[https://www.owasp.org/index.php?title=OWASP_Web_Testing_Environment_Project OWASP Web Testing Environment]
 | summit_session_attendee_name6 =
@@ Line 139: / Line 152: @@
 | summit_session_attendee_username6 =
 | summit_session_attendee_company6=
-| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed6=
+| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed6=[https://www.owasp.org/index.php/Webgoat Webgoat]
 | summit_session_attendee_name7 =
@@ Line 145: / Line 158: @@
 | summit_session_attendee_username7 =
 | summit_session_attendee_company7=
-| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed7=
+| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed7=[https://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Project OWASP Zed Attack Proxy]
 | summit_session_attendee_name8 =
@@ Line 151: / Line 164: @@
 | summit_session_attendee_username8 =
 | summit_session_attendee_company8=
-| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed8=
+| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed8=[https://www.owasp.org/index.php/Category:OWASP_Application_Security_Verification_Standard_Project OWASP Application Security Verification Standard]
 | summit_session_attendee_name9 =
@@ Line 157: / Line 170: @@
 | summit_session_attendee_username9 =
 | summit_session_attendee_company9=
-| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed9=
+| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed9=[https://www.owasp.org/index.php/Category:OWASP_Code_Review_Project OWASP Code Review]
 | summit_session_attendee_name10 =
@@ Line 163: / Line 176: @@
 | summit_session_attendee_username10 =
 | summit_session_attendee_company10=
-| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed10=
+| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed10=[https://www.owasp.org/index.php/OWASP_Codes_of_Conduct OWASP Codes of Conduct]
 | summit_session_attendee_name11 =
@@ Line 169: / Line 182: @@
 | summit_session_attendee_username11 =
 | summit_session_attendee_company11=
-| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed11=
+| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed11=[https://www.owasp.org/index.php/Category:OWASP_Guide_Project OWASP Development Guide Project]
 | summit_session_attendee_name12 =
@@ Line 175: / Line 188: @@
 | summit_session_attendee_username12 =
 | summit_session_attendee_company12=
-| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed12=
+| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed12=[https://www.owasp.org/index.php/OWASP_Secure_Coding_Practices_-_Quick_Reference_Guide OWASP Secure Coding Practices]
 | summit_session_attendee_name13 =
@@ Line 181: / Line 194: @@
 | summit_session_attendee_username13 =
 | summit_session_attendee_company13=
-| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed13=
+| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed13=[https://www.owasp.org/index.php/Category:Software_Assurance_Maturity_Model OWASP Software Assurance Maturity Model]
 | summit_session_attendee_name14 =
@@ Line 187: / Line 200: @@
 | summit_session_attendee_username14 =
 | summit_session_attendee_company14=
-| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed14=
+| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed14=[https://www.owasp.org/index.php/OWASP_Testing_Project OWASP Testing Guide]
 | summit_session_attendee_name15 =
@@ Line 193: / Line 206: @@
 | summit_session_attendee_username15 =
 | summit_session_attendee_company15=
-| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed15=
+| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed15=[https://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project OWASP Top Ten]
 | summit_session_attendee_name16 =
@@ Line 199: / Line 212: @@
 | summit_session_attendee_username16 =
 | summit_session_attendee_company16=
-| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed16=
+| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed16=[https://www.owasp.org/index.php/OWASP_Cornucopia OWASP Cornucopia]
 | summit_session_attendee_name17 =
@@ Line 205: / Line 218: @@
 | summit_session_attendee_username17 =
 | summit_session_attendee_company17=
-| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed17=
+| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed17=[https://www.owasp.org/index.php/OWASP_Xenotix_XSS_Exploit_Framework OWASP Xenotix XSS Exploit Framework]
 | summit_session_attendee_name18 =
@@ Line 211: / Line 224: @@
 | summit_session_attendee_username18 =
 | summit_session_attendee_company18=
-| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed18=
+| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed18=[https://www.owasp.org/index.php/Cheat_Sheets OWASP Cheat Sheets]
 | summit_session_attendee_name19 =
@@ Line 217: / Line 230: @@
 | summit_session_attendee_username19 =
 | summit_session_attendee_company19=
-| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed19=
+| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed19=[https://www.owasp.org/index.php/OWASP_Java_HTML_Sanitizer OWASP Java HTML Sanitizer]
 | summit_session_attendee_name20 =
@@ Line 223: / Line 236: @@
 | summit_session_attendee_username20 =
 | summit_session_attendee_company20=
-| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed20=
+| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed20=[https://www.owasp.org/index.php/OWASP_AppSensor_Project OWASP AppSensor]

Difference between revisions of "Projects Summit 2013/Working Sessions/003"

Latest revision as of 18:37, 15 November 2013

Chair: Johanna Curiel

Operational Manager: Samantha Groves

Working Session Participants

Navigation menu

Personal tools

Namespaces

Variants

Views

More

Search

Navigation

Reference

Tools