OWASP GSD Project

OWASP GSD (Get Stuff Done) project is focused on enabling and empowering other OWASP Projects with funds, resources, energy and ideas.

The first initiative is the 'Funds Available for OWASP Projects' (see details and rules-of-engagement below)


 * Project Leader: Dinis Cruz
 * Proposals Review Team: Dennis Groves, Daniel Cuthbert, Dinis Cruz (contact Dinis If want to be one)

Initiative: Funds Available for OWASP Projects
What: OWASP Project Sponsorship model where OWASP Leaders can spend up-to the current allocated budget on OWASP Projects

Rules-of-Engagement:


 * Funds are to be used on OWASP Projects
 * Funds to be personally allocated by an OWASP Leader (who takes responsibility for its use and execution)
 * OWASP leaders are free to spend the funds on OWASP Projects in anyway they feel relevant, with only the following KEY restrictions:
 * They can't pay another OWASP leaders or a company that an OWASP leader is directly connected to
 * For amounts less than $500 they add its description to the respective OWASP WIKI page 24h before they commit to make the expense
 * For amounts less than $5000 they add its description to the respective OWASP WIKI 7 days before they commit to make the expense
 * If there are no comments or objections by the 'Proposals Review Team', the funds are automatically approved
 * If a member of the 'Proposals Review Team' objects or asks for more information, the funds are NOT approved (until further clarifications)
 * Each expense item is mapped to an individual OWASP leader and multiple OWASP Leaders can work together.
 * Payments will be made by Alison on Invoice submission (by paypal or direct bank transfer)

In 6 months time, a review of the outcomes will be done and see these rules need to be changed

Funds Sources

 * Total: 2000 USD (soon to be 4000 USD)
 * Sponsors: (could be OWASP Chapters, OWASP Members or 3rd party companies/organizations)
 * Security Innovation - $2000 allocated from OWASP Corporate membership (2012)
 * Security Innovation - $2000 allocated from OWASP Corporate membership (2013)

Proposed Use of Funds Available
Current Fund Amount


 * $1,142.02

Active Projects using GSD funds (2):

OWASP HIVE PROJECT
Milestones that I anticipate are.
 * Funds allocated: $1764.95
 *  Cost Breakdown 
 * BeagleBone HIVE Cluster - Cost for 10 Environment Hive 1600.00 (Approx)
 * HIVE Power - 20Amp 5v power supply (approx 80$ before wiring and mounted)
 * HIVE Switches - 1G 5Port Switch Cost 40.00 (Approx)
 * Single HIVE-OFF - Cost 60.00 - 85.00 (MetalCase)(still need case Ideas for this)
 * WiFi Mod - Cost 6.00 (per BB)
 * '''The HIVE can have 10 20 50 and 100 environment HIVE. This start-up is for 10 environment. Large chapters may like the large HIVE.
 * '''QUOTE from element14 (NEWARK)
 * '''More information can be found on theHive Project
 * Sweet user interface.
 * Find a LCD for the BeagleBone Black for IP or stats scrolling. The HIVE setup currently shows the nodes in real time.
 * Make a proposal to OWASP for a more stable introducer and private GRID.

OWASP Media Project
Up until now, with GSD we managed to get 5 captures cards in order to record and stream presentation content. This translate to over 70 hours of content. Saving in money are also made by conference organisation as they don't have to rent costly equipment.

AppSecEurope 2014

 * Funds allocated: $1,065.75USD (estimated with shipping airmail to UK)
 *  Cost Breakdown 
 * 3x XCAPTURE-1 USB 3.0 HD Capture Unit - Capture card that will be used to live stream and record conferences. Will be used first at AppSecEU 2014.
 * '''QUOTE from (Solaris Japan)
 * '''https://www.owasp.org/index.php/OWASP_Media_Project
 * Cards will belong to OWASP Global but one will be kept after AppSecEU by project leader Jonathan Marcil for testing purpose.

AppSecUSA 2014

 * Funds allocated: $742USD (estimated with shipping airmail to US)
 *  Cost Breakdown 
 * 2x XCAPTURE-1 USB 3.0 HD Capture Unit - Capture card that will be used to live stream and record conferences. Will be used first at AppSecUSA 2014.
 * '''QUOTE from (Solaris Japan)
 * Cards will belong to OWASP Global and are to be shipped to next conference after AppSecUSA 2014

Completed:
 * FedEx Printing of Books - $185.24
 * Book Cover Source Files - $700.00
 * Purchase of 20 Codes of Conduct Books for 2013 Project Summit - Total Cost: $272.66
 * Transcritpion of 2013 Board Candidate Interviews - Total Cost: $350.68
 * Purchase of OWASP Book Cover Source Files - Total Cost: $700 USD
 * Transcription of Podcast - Total Cost: $70 USD (Approx)
 * Transcribe OWASP Board Member candidates interview.
 * contracted via Elance (see proposal here)
 * Cost: $92.05 USD
 * O2 Platform Stickers - Total Cost: $73.00 USD (Approx)

FAQ
For Participants:


 * What is an OWASP Leader? : Everybody in the owasp-leaders list
 * Can these funds be used on other OWASP innitiatives (Chapters, Conferences, Summits, etc..) : Nope this is only for OWASP Projects
 *  What happens if the 'Proposals Review Team' objects or asks questions : The OWASP Leader behind the proposal needs to come back with a better idea or answer :)
 * Is there some kind of 'Gamification theory' behind this idea? : Yes :)

For Members of the 'Proposals Review Team':


 * What should I do if I like a proposal? : Nothing (unless you have time to help that proposal). Note that proposals with no 'doubts' are approved by default
 * What should I do if I have doubts about a proposal? : Write a comment and raise your doubts/questions. Note that proposals with (at least one ) 'doubt' comment and NOT approved by default

GSD Ideas
Here are a couple ideas on where to use available GSD funds:


 * buy 20 copies of the (for example) Open SAMM book and distribute it at a local OWASP chapter meeting
 * support the OWASP Developer Guide and ASVS projects (for example with copywriting, formatting, design, research, proof-reading, pagination, etc...)
 * improve the formatting and presentation of the 'Cheat-Sheet' series,
 * hire a transcription service for key presentations done at OWASP chapters/events (or OWASP PodCasts)
 * create a DVD with all presentations from a specific OWASP event (or other video materials like the AppSec tutorial series)
 * sponsor a booth at an event to present OWASP Projects
 * sponsor travel expenses for a project leader to meet with other project leaders or collaborators (to work on a particular project)
 * organize a mini-summit around an OWASP project
 * create a mini-website focused on a particular project (like ESAPI.org)
 * try out a specific commercial service that will make a particular project more effective (version control, bug tracking system, mailing lists, etc...)
 * hire designers to work on OWASP projects
 * translate OWASP content (to and from English)
 * sponsor students to work on OWASP projects (maybe even run a mini-OWASP Season of Code)
 * hire mediawiki editors for the OWASP website (the OWASP projects part of it :) )
 * etc...