OWASP GSD Project

OWASP GSD (Get Stuff Done) project is focused on enabling and empowering other OWASP Projects with funds, resources, energy and ideas.

The first initiative is the 'Funds Available for OWASP Projects' (see details and rules-of-engagement below)


 * Project Leader: Dinis Cruz
 * Proposals Review Team: Dennis Groves, Daniel Cuthbert, Dinis Cruz ... (more to be announced)

Initiative: Funds Available for OWASP Projects
What: OWASP Project Sponsorship model where OWASP Leaders can spend up-to the current allocated budget on OWASP Projects

Rules-of-Engagement:


 * Funds are to be used on OWASP Projects
 * Funds to be personally allocated by an OWASP Leader (who takes responsibility for its use and execution)
 * OWASP leaders are free to spend the funds on OWASP Projects in anyway they feel relevant, with only the following KEY restrictions:
 * They can't pay another OWASP leaders or a company that an OWASP leader is directly connected to
 * For amounts less than $500 they add its description to the respective OWASP WIKI page 24h before they commit to make the expense
 * For amounts less than $5000 they add its description to the respective OWASP WIKI 7 days before they commit to make the expense
 * If there are no comments or objections by the 'Proposals Review Team', the funds are automatically approved
 * If a member of the 'Proposals Review Team' objects or asks for more information, the funds are NOT approved (until further clarifications)
 * Each expense item is mapped to an individual OWASP leader and multiple OWASP Leaders can work together.
 * Payments will be made by Alison on Invoice submission (by paypal or direct bank transfer)

In 6 months time, a review of the outcomes will be done and see these rules need to be changed

Current Funds Available

 * Total: 2000 USD
 * Sponsors: (could be OWASP Chapters, OWASP Members or 3rd party companies/organizations)
 * Security Innovation - allocation of OWASP Corporate membership

Proposed Use of Funds Available

 * None

FAQ
For Participants:


 * What is an OWASP Leader? : Everybody in the owasp-leaders list
 * Can these funds be used on other OWASP innitiatives (Chapters, Conferences, Summits, etc..) : Nope this is only for OWASP Projects
 *  What happens if the 'Proposals Review Team' objects or asks questions : The OWASP Leader behind the proposal needs to come back with a better idea or answer :)
 * Is there some kind of 'Gamification theory' behind this idea? : Yes :)

For Members of the 'Proposals Review Team':


 * What should I do if I like a proposal? : Nothing (unless you have time to help that proposal). Note that proposals with no 'doubts' are approved by default
 * What should I do if I have doubts about a proposal? : Write a comment and raise your doubts/questions. Note that proposals with (at least one ) 'doubt' comment and NOT approved by default

GSD Ideas
Here are a couple ideas on where to use available GSD funds:


 * buy 20 copies of the (for example) Open SAMM book and distribute it at a local OWASP chapter meeting
 * support the OWASP Developer Guide and ASVS projects (for example with copywriting, formatting, design, research, proof-reading, pagination, etc...)
 * improve the formatting and presentation of the 'Cheat-Sheet' series,
 * hire a transcription service for key presentations done at OWASP chapters/events (or OWASP PodCasts)
 * create a DVD with all presentations from a specific OWASP event (or other video materials like the AppSec tutorial series)
 * sponsor a booth at an event to present OWASP Projects
 * sponsor travel expenses for a project leader to meet with other project leaders or collaborators (to work on a particular project)
 * organize a mini-summit around an OWASP project
 * create a mini-website focused on a particular project (like ESAPI.org)
 * try out a specific commercial service that will make a particular project more effective (version control, bug tracking system, mailing lists, etc...)
 * hire designers to work on OWASP projects
 * translate OWASP content (to and from English)
 * sponsor students to work on OWASP projects (maybe even run a mini-OWASP Season of Code)
 * hire mediawiki editors for the OWASP website (the OWASP projects part of it :) )
 * hire project manager(s) for OWASP projects
 * etc...