OWASP Strategic Goals

From OWASP
Jump to: navigation, search


[edit]

2016 OWASP Foundation Strategic Goals

1. Education & Training

  • Objective: Continue to present existing OWASP training materials and content on global scale. Create new curriculum and content based on output from projects and key industry trends
  • Metric - Quantify & compare training activities & attendees in 2016 to past years.
  • Metric - Design new curriculum and produce series of video trainings.
  • Board & Community Sponsors: TBD - Seeking Volunteers with passion to participate. Outline needs, design high-level program plan. Contact Paul Ritchie, Executive Director.
  • Foundation Support: Foundation sponsored Events management, Foundation sponsored reimbursement for Speaker/Training travel expenses, Foundation supported tools including wiki documentation, webinar access and YouTube postings.


2. Expand Outreach, specifically to the Developer Community

  • Objective: Expand contact with Developer community to help educate developers on OWASP projects, tools and best practices.
  • Metric: ID key conference or Developer events in Q1, secure presentation space in minimum of 5 for 2016. Measure # of events attended and estimated number in audience for OWASP Presentations
  • Metric:
  • Board & Community Sponsors: Matt Konda, others TBD - Seeking Volunteers to Participate and design Developer outreach program.
  • Foundation Support: Financial support budget at $50K.


3. Mature the OWASP Projects Platform

  • Objective: Provide the OWASP projects community a mature project platform to encourage senior developers to participate in the various and many OWASP projects.
  • Metric: Defined step by step work flow for how to start a project and move it across all stages including what requirements needs to be met to advance to next stage with self-assessment.
  • Metric: Have all projects reaffirm, Have all projects perform a self assessment level
  • Board & Community Sponsors: Tom Brennan
  • Foundation Support: Project Coordinator on staff, Foundation funds for project support via Community engagement, Foundation reimbursement for Speaker travel expenses, Foundation support for Project Summit events, Foundation support for IT support of systems used by Project teams.

4. Community & Chapter Support

  • Objective: Retain all existing active chapters, Stimulate inactive chapters to jump start a new local ‘active’ community, Support creation of new chapters by, continuing all Community engagement support by Community, Staff and Community Manager
  • Metric: Track & report on Chapter growth & activity levels on a year over year basis
  • Board & Community Sponsors: Michael Coates, others TBD - Seeking Volunteers to Participate
  • Foundation Support: Local/Regional Events management and sponsor support, Events registration & financial support, wiki documentation & support for continuing language translations, Updates to Chapter leader handbook and Branding Tools/Guidelines, Updates to ‘How to’ Guides and New Chapter training materials, Continuous posting of Chapter budgets & transaction details, Foundation Contract & Co-Marketing support, Foundation Community Manager.

5. Enhance the OWASP Infrastructure

  • Objective: Identify current infrastructure requirements as well as weaknesses in current state of our infrastructure. Determine where repair or upgrade is needed to support community and strategic goals. Implement fix-its to improve infrastructure.
  • Metric: Qualitative measure via Community satisfaction survey, 2016 vs. prior years. Quantitative metric, TBD.
  • Board & Community Sponsors: Seeking Volunteers to Participate.


2015 OWASP Foundation Strategic Goals

1. Build a scalable OWASP training program that spreads security training around the world

  • Metric - Quantity & Geographic Distribution: Hold at least 2 Global AppSec Training conferences (US & EU), include training in LATAM and AsiaPac Tours in 2015, and support over 50 Chapter training events (live or online) during 2015.
  • Metric – Charitable, Not for Profit Training: Organize, promote & implement ‘free to attend’ training events - live or online.
  • Metric: Track & report on new OWASP related curriculum, and translations of current curriculum.
  • Metric: Track OWASP presence at developer events and conferences. Example - Speaker or Developer Training sessions. (secondary benefit: leverage that presence with booth and information about OWASP)
  • Board & Community Sponsors: Andrew van der Stock, others TBD
  • Foundation Support: Foundation sponsored Events management, Foundation sponsored reimbursement for Speaker/Training travel expenses, Foundation supported tools including wiki documentation, webinar access and YouTube postings.


2. Strengthen OWASP chapters and increase Chapter’s abilities to spread message of OWASP through locally organized and run events.

  • Metric: Chapter participation in at least 60 local events (events hosted by chapter or chapter participation in a non-OWASP outreach/AppSec event) by the end of the year.
  • Metric: Hold at least 3 virtual chapter leader meetings in addition to in-person chapter meetings (at global AppSec conferences) to promote more collaboration and support between chapter leaders
  • Metric: All chapters with funds in excess of $5,000 to be engaged in annual budgeting by submitting high level summary of 2015 Chapter activities and how funds are projected to be used in support of Chapter & Foundation Goals.
  • Board & Community Sponsors: Matt Konda, Josh Sokol, others TBD
  • Foundation Support: Local/Regional Events management and sponsor support, Events registration & financial support, wiki documentation & support for continuing language translations, Updates to Chapter leader handbook and Branding Tools/Guidelines, Updates to ‘How to’ Guides and New Chapter training materials, Continuous posting of Chapter budgets & transaction details, Foundation Contract & Co-Marketing support, Foundation Community Manager.


3. Mature the OWASP Projects Platform: Provide the OWASP projects community a mature project platform to encourage senior developers to participate in the various and many OWASP projects.

  • Metric: Identify and engage with at least 5 developer conferences to assist OWASP participation in developer conferences, with either free or paid training or speaker slots or track
  • Metric: OWASP presence at 100 developer events. Example - Speaker or Training sessions, booth presence, or other co-marketing
  • Metric: TBD re: definition and metrics in support of a ‘mature project platform.
  • Board & Community Sponsors: TBD
  • Foundation Support: Project Coordinator on staff, Foundation funds for project support via Community engagement, Foundation reimbursement for Speaker travel expenses, Foundation support for Project Summit events, Foundation support for IT support of systems used by Project teams.



2014 OWASP Foundation Strategic Goals


  • Mobilize OWASP volunteers to help address security issues in large software systems/applications/frameworks.
    • Metric: Build an OWASP program that incentivizes the security community to find and fix security problems in software.
    • Metric: By the end of the year we have at least two successful completed initiatives reviewing security issues in one or two of the major frameworks
    • Board Sponsor:
    • Operational Planning, Discussion, and Outcomes: https://www.owasp.org/index.php/OWASP_Strategic_Goals/2014/Address_Security_Issues


  • Strengthen OWASP chapters and increase Chapter’s abilities to spread message of OWASP through locally organized and run events.
    • Metric: Chapter participation in at least 60 local events (events hosted by chapter or chapter participation in a non-OWASP outreach/appsec event) by the end of the year.
    • Metric: Hold at least 4 (quarterly) virtual chapter leader meetings in addition to in person chapter meetings (at global appsec conferences) to incentivize more collaboration and support between chapter leaders
    • Metric: All chapters with funds in excess of $5000 and 10% of chapters with less than $5000 in funds engaged in annual budgeting.
    • Metric: Annual survey of all chapter leaders asking for their alignment to our mission and strategic goals.
    • Board Sponsor: Josh Sokol
    • Operational Planning, Discussion, and Outcomes: https://www.owasp.org/index.php/OWASP_Strategic_Goals/2014/Strengthen_Chapters


  • Build a scalable OWASP training program that spreads security training around the world
    • Metric: At least 6 total training events with at least 3 being free to attend by the end of the year (in addition to global appsec conferences) - live or online.
    • Metric: OWASP delivered training to 800 additional people (i.e. in addition to the number attending our AppSec training programs last year).
    • Board Sponsors: Fabio Cerullo, Tobias Gondrom, Eoin Keary
    • Operational Planning, Discussion, and Outcomes: https://www.owasp.org/index.php/OWASP_Strategic_Goals/2014/Build_Training_Program


2013 OWASP Foundation Strategic Goals

  • Volunteer Engagement - Define an engagement program that creates easy channel for volunteer involvement, expectation setting and recognition of individual efforts.
  • Expand Communication Channels - Establish effective communication channels into developer groups, universities, and industry groups
  • Financial Growth - Build plan for financial growth of foundation and create new sources of income for the organisation to achieve the goals of 2013 and future years.
  • Focus on OWASP Project Quality - Define processes, community involvement and structure to raise quality of key projects and easily identify experimental versus flagship projects.

2012 OWASP Foundation Strategic Goals

  • Build the OWASP Platform - Define the processes, resources, and tools to enable volunteers to quickly join and contribute to OWASP in the areas of projects, chapters, education, conferences and connections
  • Expand Communication Channels - Establish effective communication channels into developer groups, universities, and industry groups
  • Grow the OWASP Community - Build and grow the OWASP community throughout the world by focusing on the quality of projects, chapters, conferences, and social technologies
  • Financial Stability - Further build out a stable financial foundation and create new sources of income for the organisation to achieve the goals of 2012 and future years.