Projects/Reports/2013-01-11

=PROJECT METRICS=



Metrics

 * Project Numbers
 * Active Projects: 143
 * Inactive Projects: 103
 * Incubator Projects: 110
 * Lab Projects:18
 * Flagship Projects: 15

New OWASP Projects

 * OWASP Vulnerable Web Applications Directory Project

Projects Under Review

 * OWASP Cheat Sheets Project
 * OWASP Java HTML Sanitizer Project (Testing)
 * Xenotix XSS Exploit Framework
 * OWASP Cornucopia Project (Testing)
 * OWASP Java Encoder Project (Testing)
 * Note: All Projects will be reviewed during the 2013 Project Summit.

=CURRENTLY WORKING ON=


 * 2013 Project Summit
 * I continue to work on organizing the 2013 OWASP Projects Summit.
 * We are now three weeks away.
 * I am primarily focusing on the project leader workshop content and getting logistics sorted for the summit and project talks.
 * Work is now underway to solidify the outcomes for each summit session.


 * Women in AppSec: AppSec USA 2013
 * I have gone ahead and put together a wiki page that explains how to run the Women in AppSec Program.
 * It outlines our lessons learned, and gives direction on what was done in the past.
 * You can find the wiki page here.
 * https://www.owasp.org/index.php/Women_In_AppSec


 * OWASP Marketing
 * I continue to work on finalizing our contract with the marketing and design agency we hired to create our OWASP identity package.
 * I have asked our designer to send us his final bill.
 * Kait, our grants and fundraising intern, has kindly put together a marketing resources page for our community.
 * You can find the the Marketing Resources page here.
 * You will also find brand usage rules and guidelines on this page.


 * Daily Project based queries and requests
 * This has not changed much since I began the post: questions are very similar in nature.
 * Global AppSec questions.
 * Funding queries.
 * Travel availability.
 * Project based administrative help.
 * Project status information.
 * Several project donation questions.
 * Marketing questions.
 * Grant funding questions.
 * OWASP social media updates.
 * What's happening with projects, questions.

=PROJECT GRANTS & FUNDING UPDATES=

General Awards

 * OWASP OWTF Project: Brucon 5x5 Award
 * 1) Amount: €5,000.00 (Approx. $6,670.00)
 * 2) Status: Awarded. Congratulations, Abraham Aranguren and all involved in the project, for your award.

Proposals Awarded

 * OWASP Guidebooks Proposal
 * 1) Amount: $25,000 USD
 * 2) Status: Awarded. The first payment has been allocated to our project budgets. The second invoice has now been sent to Georgia Tech and payment has been received.
 * 3) OWASP Development Guide Plan
 * 4) OWASP Testing Guide Plan
 * 5) OWASP Code Review Guide Plan


 * Google Grants Proposal
 * 1) Amount: $120,000 USD in Adwords Funds
 * 2) Status: Awarded.
 * 3) Note: There is no link to show the proposal for this grant. There was a form that was submitted to Google, and we did not receive a record of this form.


 * Google Summer of Code
 * 1) Amount: $5,500
 * 2) Status: Awarded


 * Projects breakdown:
 * 4 ZAP Projects: $2,000
 * 4 OWTF Projects: $2,000
 * 1 PHP Security Project: $500
 * 1 Hackademics Project: $500
 * 1 Modsecurity Project: $500
 * Note: Big thank you to Fabio Cerullo for coordinating and managing this award.


 * OWASP AppSensor Grant Proposal
 * 1) Amount: ￼$15,000 USD
 * 2) Status: This proposal is complete, and has been submitted.


 * Total Funds Awarded: $172,170 USD for 2013.

Proposals Denied

 * European Commission Grant Proposal
 * 1) Amount: €250,000
 * 2) Status: Denied.


 * OWASP OpenSAMM Grant Proposal
 * 1) Amount: $112,000 USD
 * 2) Status: Denied


 * OWASP ESAPI Grant Proposal
 * 1) Amount: $25,000 USD
 * 2) Status: Denied


 * OWASP ModSecurity CRS Proposal
 * 1) Amount: $30,000 USD
 * 2) Status: Denied


 * OWASP OWTF Grant Proposal
 * 1) Amount: $55,800 USD
 * 2) Status: Denied

=PROJECT ANNOUNCEMENTS=

2013 Project Summit
Monday: Nov 18th
 * The project summit is only 3 weeks away.
 * I urge everyone to add your name to the attendees list if you are interested in a session, or suggest new topics that you would be more interested in attending.
 * Please visit the 2013 Project Summit wiki page for more detailed information on how to join in.
 * Note: Exact session times will be announced closer to the date.
 * Current daily schedule and session topics include:
 * 1) OWASP Projects Review Session
 * 2) [http://sched.co/GG2eih OWASP Media Project Session
 * 3) OWASP PHP Security and RBAC Projects: An Introduction
 * 4) OWASP AppSensor 2.0 Hackathon
 * 5) ESAPI Hackathon Session
 * 6) Bug Bounty Hack Session

Tuesday: Nov. 19th
 * 1) OWASP Training Development Session
 * 2) OWASP Academies Development Session
 * 3) Mobile Security Session
 * 4) ESAPI Hackathon Session
 * 5) Bug Bounty Hack Session

Wednesday: Nov. 20th
 * 1) Writing and Documentation Review Session
 * 2) ESAPI Hackathon Session
 * 3) Bug Bounty Hack Session

Thursday: Nov. 21st
 * 1) ZAP Hackathon Session
 * 2) Open SAMM Session
 * 3) ESAPI Hackathon Session
 * 4) Bug Bounty Hack Session

AppSec USA Project Talks
Wednesday: Nov. 20th
 * I have now finalized the schedule for the AppSec USA Project Talks.
 * We had to make several adjustments to balance out the schedule.
 * Current talk schedule can be found below:
 * 1) 10AM - OWASP Project Leader Workshop
 * 2) 11AM - OWASP ESAPI
 * 3) 12PM - OWAS NIST NSTIC IDecosystem Initiative: Initial Discussion Meeting
 * 4) 1PM - OWASP OpenSAMM Talk
 * 5) 2PM - OWASP Education Projects
 * 6) 3PM - OWASP Security Principles Project Talk

Thursday: Nov. 21st
 * 1) 10AM - 12PM - OWASP O2 Platform Talk and Training
 * 2) 12PM - OWASP Testing Guide Talk
 * 3) 1PM - OWASP Development Guide Talk
 * 4) 2PM - OWASP AppSensor Talk
 * 5) 3PM - OWASP Code Review Guide Talk