Difference between revisions of "Funds available for OWASP Projects"

From OWASP
Jump to: navigation, search
 
(16 intermediate revisions by 6 users not shown)
Line 1: Line 1:
''[... this page is still in Draft mode since this has not yet been fully reviewed by OWASP's board]''
 
 
 
This page contains details about funds available to OWASP projects.
 
This page contains details about funds available to OWASP projects.
  
The sponsorship model is different from the one used in [[OWASP Autumn Of Code 2006|AoC 06]] and [[OWASP Spring Of Code 2007|SpoC 007]] since these are cases where specific money (throughout out the year) has been allocated to OWASP projects (for example by new OWASP members or by companies/organizations with specific requirements/projects)  
+
The sponsorship model is different from the one used in [[OWASP Autumn Of Code 2006]], [[OWASP Spring Of Code 2007]], [[OWASP Summer of Code 2008]] and [[OWASP Season of Code 2009]] since these are cases where specific money (throughout out the year) has been allocated to OWASP projects (for example by new OWASP members or by companies/organizations with specific requirements/projects)  
 
+
 
+
 
+
== ORG - OWASP Site Generator (5k) ==
+
 
+
* '''Project description:''': Continue development of [[OWASP SiteGenerator|Site Generator]], write new vulnerabilities, work on new dynamic engine, document findings
+
* '''Funds available:''': 5,000 USD
+
* '''Sponsor''': Spy Dynamics, Cenzic
+
 
+
 
+
== OWASP Corporate Application Security Rating Guide (3k) ==
+
 
+
* '''Project description:''': As per https://www.owasp.org/index.php/OWASP_Corporate_Application_Security_Rating_Guide, finalize criteria, perform a research to selected companies and publish a report with the results
+
* '''Funds available:''': 3,000 USD
+
* '''Sponsor''': Cenzic
+
 
+
 
+
== Questions for SANS (5k) ==
+
  
* '''Project description:''': Write JAVA/JSP questions for SANS's Software Security Institute certification exams(http://www.sans-ssi.org/). The candidate will need to write 200 questions and answers and must be a knowledgeable and respected member of the Java community. For obvious reasons only 10% to 20% of the questions created will be disclosed to the OWASP community, with the remaining used in the certification's exams.  
+
== Available Projects/THIS FIELD IS UNDER REVIEW ==
 +
 +
OWASP is requesting proposals for the following OWASP projects:
 +
* Under review.
  
Note that although this first request is for questions in JAVA/JSP there are plans to also run a similar project for C, C++, PHP, .NET, so if you are interrested in these other languages feel free to contact us.  
+
== How to Apply ==
* '''Funds available:''': 5,000 USD
+
If you are interested, email your proposal to Dinis.cruz at owasp.net including responses to the following items:
* '''Sponsor''': SANS
+
  
 +
* Your educational and professional background
 +
* Application security experience and accomplishments
 +
* Participation and leadership in open communities
 +
* The opportunity, challenges, issues or need your proposal addresses
 +
* Milestones and objectives
 +
* Specific activities and who will carry out these activities
 +
* Specific deliverables and a rough project schedule so we can track progress
 +
* Long-term vision for the project
 +
* Any other reasons why you and your project should be selected
  
== Source Code Review OWASP Projects(5k) ==
+
The proposed project delivery time is 3 months and the payment will be made in two 50% parts (one at the 50% mark and one at 100% mark (i.e. project completed))
  
* '''Project description:''':Use Fortify Software's source code scanning engine (http://opensource.fortifysoftware.com) to scan open source projects coded in JAVA. The objectives of this project will be:
+
OWASP will also put the applicants in touch with the contacts at the sponsoring companies so that the brief and project deliverables can be finalized.
** Develop and document a workflow for open source projects to incorporate static analysis into the Software Development Life Cycle (SDLC).
+
** Apply the above workflow as a required step for OWASP projects.
+
** Aid in auditing select open source projects to create a baseline for comparing security amongst open source projects.
+
* '''Funds available:''' 5,000 USD
+
* '''Sponsor''': Fortify Software
+

Latest revision as of 10:56, 10 November 2009

This page contains details about funds available to OWASP projects.

The sponsorship model is different from the one used in OWASP Autumn Of Code 2006, OWASP Spring Of Code 2007, OWASP Summer of Code 2008 and OWASP Season of Code 2009 since these are cases where specific money (throughout out the year) has been allocated to OWASP projects (for example by new OWASP members or by companies/organizations with specific requirements/projects)

Available Projects/THIS FIELD IS UNDER REVIEW

OWASP is requesting proposals for the following OWASP projects:

  • Under review.

How to Apply

If you are interested, email your proposal to Dinis.cruz at owasp.net including responses to the following items:

  • Your educational and professional background
  • Application security experience and accomplishments
  • Participation and leadership in open communities
  • The opportunity, challenges, issues or need your proposal addresses
  • Milestones and objectives
  • Specific activities and who will carry out these activities
  • Specific deliverables and a rough project schedule so we can track progress
  • Long-term vision for the project
  • Any other reasons why you and your project should be selected

The proposed project delivery time is 3 months and the payment will be made in two 50% parts (one at the 50% mark and one at 100% mark (i.e. project completed))

OWASP will also put the applicants in touch with the contacts at the sponsoring companies so that the brief and project deliverables can be finalized.