Difference between revisions of "GPC/Meetings/2013-08-02"

From OWASP
Jump to: navigation, search
(Created page with "__TOC__ = Project Division Updates = *'''[https://docs.google.com/a/owasp.org/spreadsheet/ccc?key=0AllOCxlYdf1AdFdaYXJ6SDFXNXBaemNwbnNHN3N5RVE#gid=16 Project Numbers]''' **Ac...")
 
Line 3: Line 3:
  
 
*'''[https://docs.google.com/a/owasp.org/spreadsheet/ccc?key=0AllOCxlYdf1AdFdaYXJ6SDFXNXBaemNwbnNHN3N5RVE#gid=16 Project Numbers]'''
 
*'''[https://docs.google.com/a/owasp.org/spreadsheet/ccc?key=0AllOCxlYdf1AdFdaYXJ6SDFXNXBaemNwbnNHN3N5RVE#gid=16 Project Numbers]'''
**Active Projects: 127
+
**Active Projects: 129
 
**Inactive Projects: 67
 
**Inactive Projects: 67
  
Line 10: Line 10:
 
**[https://www.owasp.org/index.php/OWASP_Java_HTML_Sanitizer_Project OWASP Java HTML Sanitizer Project]
 
**[https://www.owasp.org/index.php/OWASP_Java_HTML_Sanitizer_Project OWASP Java HTML Sanitizer Project]
  
*'''Project Announcements'''
+
*'''New Projects'''
**[http://code.google.com/p/zaproxy/downloads/list OWASP ZAP 2.0.0 is now available for download].
+
**[https://www.owasp.org/index.php/OWASP_Desktop_Goat_and_Top_5_Project OWASP Desktop Goat and Top 5 Project].
**Simon is hosting a Google hangout demonstrating many of these features at 17:00 UTC on Friday 8th Feb.
+
**[https://www.owasp.org/index.php/OWASP_Bricks OWASP Bricks].
**Details to be announced via https://twitter.com/zaproxy
+
**[https://www.owasp.org/index.php/Category:OWASP_AntiSamy_Project OWASP AntiSamy Version 1.5 is finally released].
+
  
 
==Currently Working On==   
 
==Currently Working On==   
  
 
*'''New Project Web Page'''
 
*'''New Project Web Page'''
**The web page has been launched.  
+
**Working on implementing suggestions, and fixing issues the community has made me aware of.
**It has replaced the [https://www.owasp.org/index.php/Category:OWASP_Project OWASP Projects Page]
+
**Organizing projects by: Governance, Construction, Verification, and Deployment.
**I am focusing on updating and maintaing our projects page at least twice a week.  
+
**Developing "how to maintain & make an OWASP Project successful" section.
 +
**Making a flow chart of project life cycle.
 +
**Looking into building searchable tables so people can re-order or filter information.
 +
**Putting together project stage wiki templates.  
  
 
*'''OWASP Initiatives Meeting'''
 
*'''OWASP Initiatives Meeting'''
Line 27: Line 28:
 
**[https://www3.gotomeeting.com/register/628299286 February 14, 2013 10am EST (GMT -5)]
 
**[https://www3.gotomeeting.com/register/628299286 February 14, 2013 10am EST (GMT -5)]
 
**[https://www3.gotomeeting.com/register/350619470 February 14, 2013 9pm EST (GMT -5]
 
**[https://www3.gotomeeting.com/register/350619470 February 14, 2013 9pm EST (GMT -5]
 +
 +
*'''Allocated Reboot Funds from 2012'''
 +
**OWASP Development Guide: $5,000 USD
 +
**OWASP ZAP: $5,000 USD
 +
**OWASP Testing Guide: $5,000 USD
 +
**OWASP ESAPI: $5,000 USD
 +
**OWASP Code Review Guide: $5,000 USD
 +
**OWASP WebGoat PHP: : $5,000 USD
  
*'''Projects Handbook 2013'''
+
*'''Current list of funds per project via donations'''
**The Projects Handbook is now live.
+
**OWASP Development Guide: $5,000 USD
**Users can download it on the [https://www.owasp.org/index.php/Category:OWASP_Project Projects Web Page].
+
**OWASP ZAP: $5,000 USD
 
+
**OWASP Testing Guide: $5,000 USD
*'''Preparation for FOSDEM'''
+
**OWASP ESAPI: $5,000 USD
**FOSDEM went very well for the Event team in Brussels.
+
**OWASP Code Review Guide: $5,000 USD
**The flyers went down very well.
+
**OWASP WebGoat PHP: : $5,000 USD
**Simon's presentation on ZAP went very well according to attendees.
+
**The OWASP representatives at the event mentioned that many developers were not aware of OWASP.
+
**It is suggested we attend more events like these for outreach.
+
 
+
*'''Preparation for London BSides'''
+
**Fabio Cerullo and I had a conversation about flyers and Schwag for this event.
+
**We are still in the process of creating, and sourcing items for this.
+
**[http://www.securitybsides.org.uk/ Security BSides London]
+
  
 
*'''Guidebooks Project Management'''
 
*'''Guidebooks Project Management'''
 
**The Guidebooks Projects have now begun their work.
 
**The Guidebooks Projects have now begun their work.
**We are using a collaborative Gantt chart tool to manage our work flow.
+
**We are in the process of choosing a collaborative platform that will satisfy our project needs.
 +
**GanttProject is a strong option, and Salesforce's free program is another option.
 
**Start Date: February 4th 2013
 
**Start Date: February 4th 2013
 
**End Date: June 4th 2013
 
**End Date: June 4th 2013
Line 72: Line 74:
 
*'''ModSecurity Grant Writing'''
 
*'''ModSecurity Grant Writing'''
 
#Amount: $30,000
 
#Amount: $30,000
#Status: This proposal has been submitted and received.   
+
#Status: The ModSecurity proposal is still being reviewed.   
  
 
*'''Google Grants Proposal'''
 
*'''Google Grants Proposal'''
 
#Amount: $120,00 in Adwords Funds
 
#Amount: $120,00 in Adwords Funds
 
#Status: I have begun managing the Adwords account regularly. I am waiting until we reach the implementation phase with our marketing company.  
 
#Status: I have begun managing the Adwords account regularly. I am waiting until we reach the implementation phase with our marketing company.  
 +
#Tom has asked for $25,000 for AppSec USA.
 +
#I am looking into how we can make this happen for him
  
 
*'''OWASP Static Analysis Tools Funding: DHS'''
 
*'''OWASP Static Analysis Tools Funding: DHS'''
 
#There is a possibility of funding some of our Static Analysis tools.
 
#There is a possibility of funding some of our Static Analysis tools.
 
#The interested party is a different department within the DHS.
 
#The interested party is a different department within the DHS.
#I am currently in talks with the DHS representative responsible for these initiatives.   
+
#I will reach out to him next week.
 +
#Question: Does he want to fund the development of our tools?  
  
 
*'''Total Grant Funds Awarded: $145,000 for 2013.'''   
 
*'''Total Grant Funds Awarded: $145,000 for 2013.'''   

Revision as of 17:37, 10 February 2013

Contents

Project Division Updates

Currently Working On

  • New Project Web Page
    • Working on implementing suggestions, and fixing issues the community has made me aware of.
    • Organizing projects by: Governance, Construction, Verification, and Deployment.
    • Developing "how to maintain & make an OWASP Project successful" section.
    • Making a flow chart of project life cycle.
    • Looking into building searchable tables so people can re-order or filter information.
    • Putting together project stage wiki templates.
  • Allocated Reboot Funds from 2012
    • OWASP Development Guide: $5,000 USD
    • OWASP ZAP: $5,000 USD
    • OWASP Testing Guide: $5,000 USD
    • OWASP ESAPI: $5,000 USD
    • OWASP Code Review Guide: $5,000 USD
    • OWASP WebGoat PHP: : $5,000 USD
  • Current list of funds per project via donations
    • OWASP Development Guide: $5,000 USD
    • OWASP ZAP: $5,000 USD
    • OWASP Testing Guide: $5,000 USD
    • OWASP ESAPI: $5,000 USD
    • OWASP Code Review Guide: $5,000 USD
    • OWASP WebGoat PHP: : $5,000 USD
  • Guidebooks Project Management
    • The Guidebooks Projects have now begun their work.
    • We are in the process of choosing a collaborative platform that will satisfy our project needs.
    • GanttProject is a strong option, and Salesforce's free program is another option.
    • Start Date: February 4th 2013
    • End Date: June 4th 2013
  • Daily Project based queries and requests
    • This has not changed much since I began the post: questions are very similar in nature.
    • Global AppSec questions.
    • Funding queries.
    • Travel availability.
    • Project based administrative help.
    • Project status information.
    • Several project donations questions.
    • OWASP LinkedIn Updates.
    • What's happening with projects, questions.

Grants Updates

  • Guidebooks Grant
  1. Amount: $25,000
  2. Status: We are still waiting for payment.
  • ESAPI Proposal
  1. Amount: $25,000
  2. Status: The ESAPI proposal is still being reviewed.
  • ModSecurity Grant Writing
  1. Amount: $30,000
  2. Status: The ModSecurity proposal is still being reviewed.
  • Google Grants Proposal
  1. Amount: $120,00 in Adwords Funds
  2. Status: I have begun managing the Adwords account regularly. I am waiting until we reach the implementation phase with our marketing company.
  3. Tom has asked for $25,000 for AppSec USA.
  4. I am looking into how we can make this happen for him
  • OWASP Static Analysis Tools Funding: DHS
  1. There is a possibility of funding some of our Static Analysis tools.
  2. The interested party is a different department within the DHS.
  3. I will reach out to him next week.
  4. Question: Does he want to fund the development of our tools?
  • Total Grant Funds Awarded: $145,000 for 2013.