OWASP Summer of Code 2008 Applications - Proposal Type

Suggested Proposal Type
Project name : Parvathy.N.Iyer

Educational and professional background: CIA, CISA with over seven years experience in information technology and  application security audits.

Application security experience and accomplishments : I have experience in ensuring that equity application solution conforms to security compliance requirements of the stock exchanges and the Security Exchange Board of India.

Participation and leadership in open communities : Member of ISACA and IIA, NJ Chapters.

The opportunity, challenges, issues or need your proposal addresses : The project will be the first of its kind that I have ever attempted and in that sense its my first challenge. The project will help me organize and structure publicly available data that large companies will share of the lessons learned about how to organize an application security initiative, best practices for training and testing, and more.

Objectives or ways in which you will meet the goal(s) : Analysis of publicly available data such as interviews, presentations, briefings for details. The project will link to all source material used in creating the rating. The rating will involve application security and awareness training; defining security requirements and verification for each application; establishing a dedicated application team and process for responding to security issues and allocating points to each issues. '''

Specific activities and who will carry out these activities : Parvathy.N.Iyer will carry out the entire analysis and rating. Neal Kirschner, Director of IT services at Eisner LLP with over 20 years work experience will be the reviewer on the project.

Specific deliverables and a rough project schedule so we can track progress : A project update will be provided on May 31, 2008 and the project shall be completed by August 31, 2008.

Long-term vision for the project: The project will be used as a guide for rating applications.

Any other reasons why you and your project should be selected: I feel that I should be selected for the project is because this would be a fun challenge for me and also because I am competent and committed to doing this project.