OWASP Project Manager Activity Reports/October 10 2013

Work accomplished since August 06, 2013

 * Project Numbers
 * Active Projects: 135
 * Inactive Projects: 103


 * New Project Applications
 * OWASP JAWS Project
 * OWASP Media Project


 * New OWASP Projects
 * OWASP Framework Security Project
 * OWASP Ruby on Rails and friends Security Guide Project - Adoption


 * Projects Under Review
 * OWASP Cheat Sheets Project
 * OWASP Java HTML Sanitizer Project (Testing)
 * Xenotix XSS Exploit Framework
 * OWASP Cornucopia Project (Testing)
 * OWASP Java Encoder Project (Testing)
 * Project reviews are on hold until the Technical Advisory group complete and test the updated assessment criteria.

Project Manager Q3 2013 Objectives

 * 1) Marketing: Work with Sarah to solicit feedback from community on Marketing deliverables and finalize relationship with Patrick and Denita.
 * 2) Project Review Process - Work with new Technical Project advisors to finalize project review criteria and process.
 * 3) Grants: Develop a grant strategy for rest of 2013 and 2014, utilizing fundraising intern(s) as part of this strategy.


 * Ongoing Objectives for 2013
 * Work with Project leaders to reach grant required milestones - ONGOING
 * Develop a project charter outlining appropriate grant revenue spending and grant required milestones. - DUE IN SEPTEMBER - ONGOING
 * Oversight of Marketing and Graphic Design deliverables (Phase 2/Phase 3) provided by 3rd party contractor

Currently Working On

 * Active Project Audit
 * The Project Audit is now complete.
 * I reached out to every project leader listed in our inventory, and asked them to confirm the status of their project.
 * The majority of our Leaders responded, and their project activity status was marked accordingly.
 * Those that did not respond were sent 3 messages before their project was marked inactive.
 * Due to the audit, the number of active OWASP Projects in our inventory went down from 169 to 132.
 * I have also created an OWASP Project Leader Mailing List, and I added all of our confirmed active Leaders to it.
 * The next audit will take place on February 2014.


 * Technical Project Advisors: Work Update
 * The Advisors and I met last week to discuss their review of the current Assessment criteria.
 * We also reviewed Chuck's comments, and discussed each in more detail.
 * We made some changes to the original document, and I've put together a revised draft based on our conversation.
 * Here is Ly's original document with Chuck's comments and my notes.
 * Here is new revised draft.
 * We plan to use the revised draft to test 3 projects against the criteria.
 * Project being reviewed are the following:
 * OWASP Java HTML Sanitizer Project (Testing)
 * OWASP Cornucopia Project (Testing)
 * OWASP Java Encoder Project (Testing)


 * Women in AppSec: AppSec USA 2013
 * The team has now selected three new members for the Women in AppSec Selection Committee.
 * These individuals will help review the applications and select the two winners.
 * The following people make up the selection committee: Helen Gao, Bev Corwin, Jim Manico, Tom Ryan, Lucas Ferreira, and Samantha Groves.
 * Once the selection committee was established, we began discussing the selection criteria in more detail.
 * We are now in the fourth version of the criteria.
 * Women in AppSec Program Selection Criteria: 4th Draft.
 * We plan on beginning our selection process after the 9th of September once the application deadline has passed.
 * Women in AppSec Application Form.
 * The application deadline is Monday, September 09, 2013 at 5pm GMT.
 * The deadline for sponsors is Monday, September 09, 2013, as well.


 * Grants & Fundraising Intern
 * My search for a Grants & Fundraising intern is coming to an end
 * I received four applications for the role, and I had interviews with each applicant last week.
 * I have already made my decision, and I will announce the successful applicant on the 9th of September.
 * Application Deadline: Monday August 26 2013 5PM GMT. (Now Closed)
 * Interviews Scheduled: First Week of September. (Interviews Scheduled for Next Week)
 * Selection Announcement: Monday, September 09th 2013.
 * Start Date: Monday, September 16th 2013.
 * Internship End Date: Monday, January 13th 2014.


 * Projects at Conferences
 * The two conferences left to plan for this year are AppSec LATAM, and AppSec USA.
 * I have reached out to two project leaders in the Latin America region, and asked them if they would speak at the conference.
 * Both leaders agreed to give a talk at the conference.
 * I have been helping them with their travel, accommodation, and conference logistics planning.
 * Thank you to Michael Hidalgo and Rafael Gil Larios for representing OWASP Projects at AppSec LATAM.
 * AppSec USA planning for projects is going very well.
 * Now, all of the Project Leaders have booked their travel, and only one project leader hasn't confirmed his talk time slot.

Project Funding Updates

 * OWASP OWTF Project: Brucon 5x5 Award
 * 1) Amount: €5,000.00 (Approx. $6,670.00)
 * 2) Status: Awarded. Congratulations, Abraham Aranguren and all involved in the project, for your award.


 * OWASP OWTF Grant Proposal
 * 1) Amount: $55,800 USD
 * 2) Status: This proposal is complete, and has been submitted.


 * OWASP AppSensor Grant Proposal
 * 1) Amount: ￼$15,000 USD
 * 2) Status: This proposal is complete, and has been submitted.


 * OWASP OpenSAMM Grant Proposal
 * 1) Amount: $112,000 USD
 * 2) Status: This proposal is complete, and has been submitted.


 * OWASP Guidebooks Proposal
 * 1) Amount: $25,000 USD
 * 2) Status: Awarded. The first payment has been allocated to our project budgets. The second invoice has now been sent to Georgia Tech for payment.
 * 3) OWASP Development Guide Plan
 * 4) OWASP Testing Guide Plan
 * 5) OWASP Code Review Guide Plan


 * OWASP ESAPI Grant Proposal
 * 1) Amount: $25,000 USD
 * 2) Status: The ESAPI proposal is still being reviewed.


 * OWASP ModSecurity CRS Proposal
 * 1) Amount: $30,000 USD
 * 2) Status: The ModSecurity proposal is still being reviewed.


 * Google Grants Proposal
 * 1) Amount: $120,000 USD in Adwords Funds
 * 2) Status: Awarded.
 * 3) Note: There is no link to show the proposal for this grant. There was a form that was submitted to Google, and we did not receive a record of this form.


 * European Commission Grant Proposal
 * 1) Amount: €250,000
 * 2) Status: Denied.


 * Google Summer of Code
 * 1) Amount: $5,500
 * 2) Status: Awarded


 * Projects breakdown:
 * 4 ZAP Projects: $2,000
 * 4 OWTF Projects: $2,000
 * 1 PHP Security Project: $500
 * 1 Hackademics Project: $500
 * 1 Modsecurity Project: $500
 * Note: Big thank you to Fabio Cerullo for coordinating and managing this award.


 * Total Funds Awarded: $157,170 USD for 2013.

OWASP Project Manager Weekly Reports

 * 1) Project Manager Report: August 09 2013
 * 2) Project Manager Report: August 16 2013
 * 3) Project Manager Report: August 23 2013
 * 4) Project Manager Report: August 30 2013
 * 5) Project Manager Report: September 06 2013 - No Report this week. PM was out of the office.