Difference between revisions of "GPC/Meetings/2012-09-11"

From OWASP
Jump to: navigation, search
 
(8 intermediate revisions by one user not shown)
Line 12: Line 12:
  
 
*'''Pending Incubator Project Applications''':   
 
*'''Pending Incubator Project Applications''':   
**OWASP Periodic Table of Vulnerabilities
+
**OWASP Periodic Table of Vulnerabilities (Will set this up today)
**OWASP Application Security Awareness Top 10 E-Learning Project
+
**OWASP Application Security Awareness Top 10 E-Learning Project (Will set this up next week)
  
 
==Currently Working On==
 
==Currently Working On==
  
*'''AppSec USA'''
+
*'''Projects at Global AppSec Conferences'''
**Spent last week in Austin, Texas at AppSec USA: From Monday through Sunday.
+
**AppSec 2012 Images are up.
**Took care of the logistics for the OSS presenters: Set up their booths, printed and designed their signs, set up monitors and power cords, arranged for them to have food, water, notepads, etc.
+
**Currently preparing for AppSec APAC.
**Hoping to bring OSS to all four OWASP Global Conferences in 2013 on a larger scale.
+
**OSS and OWASP Projects Track preparations are currently taking place.
**Attended in-person board meeting.
+
**I was one of the conference photographers.
+
**Attended chapter leader workshop: Hoping to do something similar for Project Leaders.
+
**Attended 5 Hour in-person staff meeting.
+
**Had dinner with Nishi and Keith: Thank you, guys.
+
**Volunteered to bartend, and won 2nd place in the armadillo races. :)
+
**Misc. logistics support for the conference.  
+
  
 
*'''Salesforce Metadata Migration'''
 
*'''Salesforce Metadata Migration'''
 
**All project data is now in Salesforce.
 
**All project data is now in Salesforce.
 
**I continue to work with Kate to finish the migration.  
 
**I continue to work with Kate to finish the migration.  
**We are currently working on creating a template e-mail to send to all active project leaders asking them to update their information.   
+
**We are currently working on creating a template e-mail to send to all active project leaders asking them to update their information.  (Still seeking help for this)
 +
**Developed 8 forms to help with future requests: You can find them in the project handbook 2013 version, linked in their various sections.
 +
**Currently looking into developing the forms in Salesforce.
  
 
*'''Project Promotion Events'''
 
*'''Project Promotion Events'''
**Simon Bennetts and Jim Manico have registered to give talks at FOSDEM.
+
**We are looking into applying for a booth at FOSDEM
**[https://fosdem.org/2013/ FOSDEM: Free and Open Source Developers' European Meeting]. 
+
**Our application will depend on whether our OWASP main track speaker applicants get accepted.
**Date: February 2nd -3rd.
+
**The booth would be free.  
**If their applications are successful, they will have a great opportunity to promote their projects.  
+
**Simon is promoting ZAP.
+
**Jim will be promoting OWASP Projects in general, and using several Reboot 2012 projects as examples of success stories.
+
**Main track speakers get costs covered.  
+
  
 
*'''SourceForge Update'''
 
*'''SourceForge Update'''
**The sales people finally got back to me.
+
**I have reached out to the SourceForge people for a meeting.
**Evidently, we owe them $12,000.
+
**I have not had a response.
**Here is the [https://www.owasp.org/images/7/71/OWASP_Invoice_October_2012.pdf Invoice.]
+
**I will continue to reach out until I have a reply from them.
**Here is the [https://www.owasp.org/images/c/c8/Dice_Letter.pdf letter regarding the recent purchase of the Media Division of Geeknet.]
+
**We need to discuss what we are going to do with this.
+
**Moreover, we need to discuss how to close this account, and how we are going to migrate existing OWASP users to a different platform.
+
  
*'''[https://docs.google.com/a/owasp.org/document/d/1MpZx5w4TaqS-FoQaEXDhncz6dhG4mdgC4id2HsJQhjc/edit# Projects Handbook]'''
+
*'''[https://docs.google.com/a/owasp.org/document/d/15lPNSxokO5ogGxWo-xvLNYh0C3c8-nWjgWnRfTfm0OU/edit Project Processes Development]'''
**I have made more edits to the new Handbook.
+
**Putting the handbook aside until these are fleshed out and agreed to.
**I have added an Appendix.
+
**I feel it is a much better idea to tackle individually, and them add them to the handbook.  
**The Project Donation agreement is finalised.
+
**Process form development
**Flagship Projects: I think I should keep a section in here that describes what flagship projects are, but note that this designation is given by The Foundation? Thoughts?
+
**Project Stage Benefits
**Project Release Review Criteria: I need a bit of help to come up with the technical qualifying criteria for each project category for their reviews. 
+
**Project Graduation Process
**Let's discuss this today, and I can explain the reasoning behind my idea.
+
**Project Graduation Criteria
  
 
*'''Daily Project based queries and requests'''
 
*'''Daily Project based queries and requests'''
 
**This has not changed much since I began the post: questions are very similar in nature.  
 
**This has not changed much since I began the post: questions are very similar in nature.  
**AppSec USA 2012 queries
+
**Global AppSec questions
**Travel queries
+
**Funding queries
**Budget based questions
+
**Travel availability
**Funding questions
+
 
**Project based administrative help
 
**Project based administrative help
 
**Project status information
 
**Project status information
 
**Several project donations questions
 
**Several project donations questions
 
**OWASP LinkedIn Updates
 
**OWASP LinkedIn Updates
 +
**What's happening with projects, questions
  
 
==More Funding Potential==
 
==More Funding Potential==
 
#[https://docs.google.com/a/owasp.org/document/d/16ZFXaML8C7aDAZdyTMDDg4BzLr1vUTOz9eqmYE8ZW8U/edit OWASP ESAPI FUNDING PROPOSAL]
 
#[https://docs.google.com/a/owasp.org/document/d/16ZFXaML8C7aDAZdyTMDDg4BzLr1vUTOz9eqmYE8ZW8U/edit OWASP ESAPI FUNDING PROPOSAL]
 
#The ESAPI proposal is done: Thank you Jim Manico and Kevin Wall for finalising the technical questions.  
 
#The ESAPI proposal is done: Thank you Jim Manico and Kevin Wall for finalising the technical questions.  
#I am submitting this proposal come Monday.  
+
#Submission was held up due to some budget questions raised by Kevin and Chris.
 +
#We re-evaluated the budget and made some changes.
 +
#I've already submitted the proposal this afternoon. Deborah, the DHS representative, has confirmed.  
 
#This is for $25,000 from the DHS.  
 
#This is for $25,000 from the DHS.  
#I have begun the application for our Google Grant.  
+
#The Google Grant process is a little trickier than expected
#If we are successful with the Google Grant, we will be awarded $10,000 a month for use in a Google Adwords Campaign.  
+
#Nevertheless, I am moving forward with the application with help from a Google for Non-Profits representative.  
#We potentially have another project for 2013 that we may get a much larger grant for from the DHS. (Yet to be determined)
+
#I hope to complete the application by next week, if all goes well. 
#DHS wants further involvement with OWASP with funding. (I have contacted Kevin Greene from DHS to set up a meeting. I am waiting to hear back).  
+
#I've already started the process for the OWASP ModSecurity Proposal as well.
#Thank you Matt Tesauro for putting Kevin and I together.  
+
#This will be for $30,000.
 +
 
 +
==Attendees==
 +
#Samantha Groves
 +
#Kate Hartmann
 +
#Jason Li
 +
#Nishi Kumar
 +
#Keith Turpin
 +
 
 +
==Primary Outcomes and Decisions==
 +
#Samantha: Continue to attempt to contact the SourceForge account people, and attempt to schedule a meeting with them.
 +
#There has been no communication back from SourceForge people. We have decided to close the account so they will not continue to charge us. Samantha will move forward with this plan.
 +
#Samantha: Develop a communications piece letting the community know why the account with SourceForge was closed.
 +
#Samantha: Send Kate the file for the OWASP Initiatives Technical banner.
 +
#Samantha: Finish Project Processes document and send to GPC for review.
 +
#GPC: Look through [https://docs.google.com/a/owasp.org/document/d/15lPNSxokO5ogGxWo-xvLNYh0C3c8-nWjgWnRfTfm0OU/edit Project Processes Document] and note down any critiques, objections, suggestions, etc
 +
#Nishi Announcement: Working on putting together the presentations and video for each speaker at AppSec 2012. Nishi will send us a link once work is completed.
 +
#Samantha: Move forward with ModSecurity Project Grant Proposal and Google Grants Application Process.
 +
#Kate: Will be in touch with Nishi regarding OWASP India initiatives.
 +
 
  
 
 
[[Category:GPC_Meetings]]
 
[[Category:GPC_Meetings]]
 
[[Category:GPC_Meetings/2012]]
 
[[Category:GPC_Meetings/2012]]

Latest revision as of 15:17, 9 November 2012

Contents

Project Division Updates

  • Project Numbers
    • Active Projects: 113
    • Archived Projects: 41
    • Merged Projects: 43
  • Pending Incubator Project Applications:
    • OWASP Periodic Table of Vulnerabilities (Will set this up today)
    • OWASP Application Security Awareness Top 10 E-Learning Project (Will set this up next week)

Currently Working On

  • Projects at Global AppSec Conferences
    • AppSec 2012 Images are up.
    • Currently preparing for AppSec APAC.
    • OSS and OWASP Projects Track preparations are currently taking place.
  • Salesforce Metadata Migration
    • All project data is now in Salesforce.
    • I continue to work with Kate to finish the migration.
    • We are currently working on creating a template e-mail to send to all active project leaders asking them to update their information. (Still seeking help for this)
    • Developed 8 forms to help with future requests: You can find them in the project handbook 2013 version, linked in their various sections.
    • Currently looking into developing the forms in Salesforce.
  • Project Promotion Events
    • We are looking into applying for a booth at FOSDEM
    • Our application will depend on whether our OWASP main track speaker applicants get accepted.
    • The booth would be free.
  • SourceForge Update
    • I have reached out to the SourceForge people for a meeting.
    • I have not had a response.
    • I will continue to reach out until I have a reply from them.
  • Project Processes Development
    • Putting the handbook aside until these are fleshed out and agreed to.
    • I feel it is a much better idea to tackle individually, and them add them to the handbook.
    • Process form development
    • Project Stage Benefits
    • Project Graduation Process
    • Project Graduation Criteria
  • Daily Project based queries and requests
    • This has not changed much since I began the post: questions are very similar in nature.
    • Global AppSec questions
    • Funding queries
    • Travel availability
    • Project based administrative help
    • Project status information
    • Several project donations questions
    • OWASP LinkedIn Updates
    • What's happening with projects, questions

More Funding Potential

  1. OWASP ESAPI FUNDING PROPOSAL
  2. The ESAPI proposal is done: Thank you Jim Manico and Kevin Wall for finalising the technical questions.
  3. Submission was held up due to some budget questions raised by Kevin and Chris.
  4. We re-evaluated the budget and made some changes.
  5. I've already submitted the proposal this afternoon. Deborah, the DHS representative, has confirmed.
  6. This is for $25,000 from the DHS.
  7. The Google Grant process is a little trickier than expected
  8. Nevertheless, I am moving forward with the application with help from a Google for Non-Profits representative.
  9. I hope to complete the application by next week, if all goes well.
  10. I've already started the process for the OWASP ModSecurity Proposal as well.
  11. This will be for $30,000.

Attendees

  1. Samantha Groves
  2. Kate Hartmann
  3. Jason Li
  4. Nishi Kumar
  5. Keith Turpin

Primary Outcomes and Decisions

  1. Samantha: Continue to attempt to contact the SourceForge account people, and attempt to schedule a meeting with them.
  2. There has been no communication back from SourceForge people. We have decided to close the account so they will not continue to charge us. Samantha will move forward with this plan.
  3. Samantha: Develop a communications piece letting the community know why the account with SourceForge was closed.
  4. Samantha: Send Kate the file for the OWASP Initiatives Technical banner.
  5. Samantha: Finish Project Processes document and send to GPC for review.
  6. GPC: Look through Project Processes Document and note down any critiques, objections, suggestions, etc
  7. Nishi Announcement: Working on putting together the presentations and video for each speaker at AppSec 2012. Nishi will send us a link once work is completed.
  8. Samantha: Move forward with ModSecurity Project Grant Proposal and Google Grants Application Process.
  9. Kate: Will be in touch with Nishi regarding OWASP India initiatives.