OWASP Education Project Roadmap

This page is split in 2 parts. The first part is the split-up of the current goals in tasks. Here you can add who is working on what module together with the status on progress. The second part lists longer term goals of the Eduction project. Do not hesitate to add goals and discuss them in the mailing list.

= Current Goal Tasks =

Sub Goal 1: Create overview of OWASP presentations (50%)
The following is a list of tasks that have to be performed for the project:
 * Add the majority of presentation material on the presentation overview page (50% - all)
 * Provide Guidance page on OWASP presentations and re-usability and link in other related presentation pages (50% - review asked on mailing list)

Sub Goal 2: Design agenda 2 Tracks (35%)
For the two 4 hour tracks: Perform the following:
 * A Web Application Security Primer Track for beginners (4 hours)
 * Describe track overview (25% - Grady)
 * Describe track target audience (25% - Grady)
 * Design a TOC with titles, one paragraph per title and timing (0% - Grady)
 * Perform a review cycle on the TOC and get external feedback (0% - volunteers needed)
 * Finish TOC for approval by the project team (0% - volunteers needed)

Perform the following:
 * What Developers Should Know on Web Application Security Track for developers (4 hours)
 * Describe track overview (100% - seba)
 * Describe track target audience (100% - volunteers needed)
 * Design a TOC with titles, one paragraph per title and timing (50% - seba)
 * Perform a review cycle on the TOC and get external feedback (50% - some feedback is inserted - external feedback required)
 * Finish TOC for approval by the project team (0% - volunteers needed)

Sub Goal 3: Create Modules (20 %)
To support the 2 target tracks and eventually other tracks, modules will have to be created. This means: For the two 4 hour tracks: Perform the following:
 * Work out some basic rules on module slides (100% - Seba)
 * From the 2 TOC's identify the necessary modules. There will probably be overlap with TOC entries (10% - Seba + ?)
 * A Web Application Security Primer Track for beginners (4 hours)
 * For each of the modules define a title, description and prerequisites (0% - volunteers needed)
 * For each of the modules search for resources that can be used (0% - volunteers needed)
 * Per module create a first draft from resources and further research (0% - volunteers needed)
 * Perform a review cycle by project members that did not create the module and get external feedback (0% - volunteers needed)
 * Rewrite the module, this time with detailed notes to support the individual slides and taking into account the review comments (0% - volunteers needed)
 * Finish the modules with final review for approval by the project team (0% - volunteers needed)

Perform the following:
 * What Developers Should Know on Web Application Security Track for developers (4 hours)
 * For each of the modules define a title, description and prerequisites (10% - Seba)
 * For each of the modules search for resources that can be used (0% - Seba)
 * Per module create a first draft from resources and further research (0% - Seba)
 * Perform a review cycle by project members that did not create the module and get external feedback (0% - Seba)
 * Rewrite the module, this time with detailed notes to support the individual slides and taking into account the review comments (0% - Seba)
 * Finish the modules with final review for approval by the project team (0% - Seba)

Sub Goal 4: Track try-outs (0%)
In further stages the tracks can be piloted on 'victim' audiences.
 * Feedback forms will be necessary to capture structured feedback (0% - volunteers needed)
 * (parts) of modules will need corrections (0% - volunteers needed)

Sub Goal 5: Track Distribution
To support further evolution of the existing tracks:
 * Teach the teacher sessions can be set up
 * Webinars can be created
 * Figure out a way to accompany module with audio/video support (0% - tbd)

= Future Goals =

When we get here, we can say that the project reached Beta Status and we should define goals to get it to Release Quality.
 * Define other tracks
 * Set up and maintain improvement tracks for existing tracks
 * Further support OWASP and other organisations to (re)use the OWASP Education Modules and Tracks
 * Set up certification mechanisms for trainers and attendees
 * Define a broader curriculum ...