GPC/Meetings/2013-29-03

= Project Division Updates =


 * Project Numbers
 * Active Projects: 139
 * Inactive Projects: 67


 * Projects Under Review
 * OWASP Cheat Sheets Project
 * OWASP Java HTML Sanitizer Project
 * OWASP Codes of Conduct
 * Xenotix XSS Exploit Framework


 * Project Applications
 * OWASP Top 10 fuer Entwickler

Currently Working On

 * OWASP Asia Leadership Outreach Project
 * This Asia Leadership Outreach Project came about during the discussion Dhillon and I had about OWASP at the Kuala Lumpur, Hack in the Box event.
 * He mentioned that he has offered OWASP a booth at the Kuala Lumpur, Hack in the Box event for a few years, but local chapters have not represented OWASP very well.
 * We suggested developing an OWASP Malaysia and Singapore outreach project that would involve a workshop, and the co-running of the Hack in the Box booth by members of both chapters.
 * I have put together a proposal where I outline a 3 day outreach initiative that aims to bring more experienced chapter leaders to the region for a workshop.
 * Read the full proposal for more information.


 * Development of Technical Project Advisor Requirements
 * This item involves the new management work flow for project reviews that was proposed for 2013.
 * Projects Review Process Proposal
 * It will involve a working group of technical project advisors headed by a member of the board.
 * The working group will be made up of the following areas: Secure Development, Secure Lifecycle Activity, Static Analysis, Dynamic Analysis, Governance, and Education.
 * These roles will be responsible for reviewing projects, and increasing the quality of the project review process and criteria.
 * I have put together experience requirements for each technical advisor volunteer role.
 * To read the full descriptions, please visit the advisory role descriptions document.


 * Categorization of OWASP Projects
 * I have begun categorizing our OWASP projects into the Builder, Breaker, and Defender categories.
 * Currently, our categorization is limited so I have begun to increase the search criteria for our projects.
 * Additionally, I have begun to label our projects based on OWASP Open SAMM criteria.
 * The labels are as follows: Governance, Construction, Verification, Deployment.
 * The plan is to allow users to find projects based on these labels on our projects wiki page.


 * Project Leader Responsibilities & Expectations
 * I am currently working on putting together documentation that outlines a project leader's responsibilities, and our organizational expectations of them.
 * I am also developing a "How to run a successful OWASP project" document.
 * Jim and I are developing brand usage guidelines for our project leaders.
 * An OWASP project lifecycle info graphic is being developed as well.
 * I hope that these "How To" documents and graphics will help project leaders understand their responsibilities, and how to leverage the OWASP project infrastructure for success.


 * Daily Project based queries and requests
 * This has not changed much since I began the post: questions are very similar in nature.
 * Global AppSec questions.
 * Funding queries.
 * Travel availability.
 * Project based administrative help.
 * Project status information.
 * Several project donations questions.
 * OWASP LinkedIn Updates.
 * What's happening with projects, questions.

Grants Updates

 * Guidebooks Grant
 * 1) Amount: $25,000
 * 2) Status: We are still waiting for payment from DHS. I have reached out to our DHS and Georgia Tech representatives once again to ask for payment.


 * ESAPI Proposal
 * 1) Amount: $25,000
 * 2) Status: The ESAPI proposal is still being reviewed.


 * ModSecurity Grant Writing
 * 1) Amount: $30,000
 * 2) Status: The ModSecurity proposal is still being reviewed.


 * Google Grants Proposal
 * 1) Amount: $120,00 in Adwords Funds
 * 2) Status: I have begun managing the Adwords account regularly. I am waiting until we reach the implementation phase with our marketing company.


 * Total Grant Funds Awarded: $145,000 for 2013.