Difference between revisions of "GPC/Meetings/2013-22-03"

From OWASP
Jump to: navigation, search
(Created page with "__TOC__ = Project Division Updates = *'''[https://docs.google.com/a/owasp.org/spreadsheet/ccc?key=0AllOCxlYdf1AdFdaYXJ6SDFXNXBaemNwbnNHN3N5RVE#gid=16 Project Numbers]''' **Ac...")
 
Line 17: Line 17:
 
==Currently Working On==     
 
==Currently Working On==     
  
*'''Black Hat EU 2013'''
+
*'''OWASP Asia Leadership Outreach Project'''
**I attended the Black Hat EU conference this week.  
+
**This Asia Leadership Outreach Project came about during the discussion Dhillon and I had about OWASP at the Kuala Lumpar, Hack in the Box event.  
**I helped set up and manage our OWASP Booth for two days.
+
**He mentioned that he has offered OWASP a booth at the Kuala Lumpar, Hack in the Box event for a few years, but local chapters have not represented OWASP very well.
**I was also able to attend the Netherlands Chapter meeting.  
+
**We suggested developing an OWASP Malaysia and Singapore outreach project that would involve a workshop, and the co-running of the Hack in the Box booth by members of both chapters.
**Martin Knobloch, Dennis Groves, and Anil Pazvant volunteered at the event as well.
+
**I have put together a proposal where I outline a 3 day outreach initiative that aims to bring more experienced chapter leaders to the region for a workshop.
**For more details, please read my [https://docs.google.com/document/d/1ghKPMKla3Ol1hhoCZWOhAgdnInRNmZr_7D1A6CULKyc/edit?usp=sharing Black Hat EU 2013 Post Conference Report.]  
+
**Read the [https://www.owasp.org/index.php/Projects/Asia_Leadership_Outreach_Proposal_2013 full proposal] for more information. 
  
*'''OWASP University Challenge & CTF at Global AppSecs'''
+
*'''Development of Technical Project Advisor Requirements'''
**Martin Knobloch and I were able to meet and talk about how to bring University Challenge and the Capture the Flag event modules to AppSec EU Research, USA, and Latam.
+
**This item involves the new management work flow for project reviews that was proposed for 2013. 
**There were some concerns over space availability for these event modules.  
+
**[https://www.owasp.org/index.php/Projects/Reviews_Management_Proposal_2013 Projects Review Process Proposal]
**We proposed having the OSS, CTF, and University Challenge event modules share a room.  
+
**It will involve a working group of technical project advisors headed by a member of the board.
**We are waiting to hear back from Dirk regarding logistics.  
+
**The working group will be made up of the following areas: Secure Development, Secure Lifecycle Activity, Static Analysis, Dynamic Analysis, Governance, and Education.  
 +
**These roles will be responsible for reviewing projects, and increasing the quality of the project review process and criteria.  
 +
**I have put together role description and experience requirements for each technical advisor volunteer role.
 +
**To read the full descriptions, please visit the [ advisory role descriptions document].  
  
*'''OWASP at Hack in the Box: Kuala Lumpur, Malaysia'''
+
*'''Categorisation of OWASP Projects'''
 
**I had the fantastic opportunity to meet with the CEO of Hack in the Box, Mr. Dhillon Kannabhiran.  
 
**I had the fantastic opportunity to meet with the CEO of Hack in the Box, Mr. Dhillon Kannabhiran.  
 
**We spoke about a possible partnership between OWASP and Hack in the Box.
 
**We spoke about a possible partnership between OWASP and Hack in the Box.
 
**We currently have a booth for the Amsterdam event, and I negotiated a booth for us at the Kuala Lumpar, Malaysia event as well.  
 
**We currently have a booth for the Amsterdam event, and I negotiated a booth for us at the Kuala Lumpar, Malaysia event as well.  
**Logistics are currently being developed and planned.  
+
**Logistics are currently being developed and planned.
  
*'''OWASP Asia Leadership Outreach Project'''
+
*'''Project Leader Responsibilities & Expectations'''
**This Asia Leadership Outreach Project came about during the discussion Dhillon and I had about OWASP at the Kuala Lumpar, Hack in the Box event.
+
**I had the fantastic opportunity to meet with the CEO of Hack in the Box, Mr. Dhillon Kannabhiran.  
**He mentioned that he has offered OWASP a booth at the Kuala Lumpar, Hack in the Box event for a few years.  
+
**We spoke about a possible partnership between OWASP and Hack in the Box.
**However, the local OWASP chapter volunteers have not been able to represent OWASP very well at his conference.
+
**We currently have a booth for the Amsterdam event, and I negotiated a booth for us at the Kuala Lumpar, Malaysia event as well.  
**We suggested developing an OWASP Malaysia and Singapore outreach project that would involve a workshop, and the co-running of the Hack in the Box booth by members of both chapters.
+
**Logistics are currently being developed and planned.
**Dhillon agreed that developing a workshop with more experienced leaders giving primary direction, will help the Malaysian and Singaporean chapters understand their responsibilities at similar outreach events.
+
**I am currently putting together a proposal for this project.  
+
  
 
*'''Daily Project based queries and requests'''
 
*'''Daily Project based queries and requests'''
Line 58: Line 59:
 
*'''Guidebooks Grant'''
 
*'''Guidebooks Grant'''
 
#Amount: $25,000
 
#Amount: $25,000
#Status: We are still waiting for payment from DHS.  
+
#Status: We are still waiting for payment from DHS. I have reached out to our DHS and Georgia Tech representatives once again to ask for payment.  
  
 
*'''ESAPI Proposal'''
 
*'''ESAPI Proposal'''

Revision as of 13:48, 21 March 2013

Project Division Updates

Currently Working On

  • OWASP Asia Leadership Outreach Project
    • This Asia Leadership Outreach Project came about during the discussion Dhillon and I had about OWASP at the Kuala Lumpar, Hack in the Box event.
    • He mentioned that he has offered OWASP a booth at the Kuala Lumpar, Hack in the Box event for a few years, but local chapters have not represented OWASP very well.
    • We suggested developing an OWASP Malaysia and Singapore outreach project that would involve a workshop, and the co-running of the Hack in the Box booth by members of both chapters.
    • I have put together a proposal where I outline a 3 day outreach initiative that aims to bring more experienced chapter leaders to the region for a workshop.
    • Read the full proposal for more information.
  • Development of Technical Project Advisor Requirements
    • This item involves the new management work flow for project reviews that was proposed for 2013.
    • Projects Review Process Proposal
    • It will involve a working group of technical project advisors headed by a member of the board.
    • The working group will be made up of the following areas: Secure Development, Secure Lifecycle Activity, Static Analysis, Dynamic Analysis, Governance, and Education.
    • These roles will be responsible for reviewing projects, and increasing the quality of the project review process and criteria.
    • I have put together role description and experience requirements for each technical advisor volunteer role.
    • To read the full descriptions, please visit the [ advisory role descriptions document].
  • Categorisation of OWASP Projects
    • I had the fantastic opportunity to meet with the CEO of Hack in the Box, Mr. Dhillon Kannabhiran.
    • We spoke about a possible partnership between OWASP and Hack in the Box.
    • We currently have a booth for the Amsterdam event, and I negotiated a booth for us at the Kuala Lumpar, Malaysia event as well.
    • Logistics are currently being developed and planned.
  • Project Leader Responsibilities & Expectations
    • I had the fantastic opportunity to meet with the CEO of Hack in the Box, Mr. Dhillon Kannabhiran.
    • We spoke about a possible partnership between OWASP and Hack in the Box.
    • We currently have a booth for the Amsterdam event, and I negotiated a booth for us at the Kuala Lumpar, Malaysia event as well.
    • Logistics are currently being developed and planned.
  • Daily Project based queries and requests
    • This has not changed much since I began the post: questions are very similar in nature.
    • Global AppSec questions.
    • Funding queries.
    • Travel availability.
    • Project based administrative help.
    • Project status information.
    • Several project donations questions.
    • OWASP LinkedIn Updates.
    • What's happening with projects, questions.

Grants Updates

  • Guidebooks Grant
  1. Amount: $25,000
  2. Status: We are still waiting for payment from DHS. I have reached out to our DHS and Georgia Tech representatives once again to ask for payment.
  • ESAPI Proposal
  1. Amount: $25,000
  2. Status: The ESAPI proposal is still being reviewed.
  • ModSecurity Grant Writing
  1. Amount: $30,000
  2. Status: The ModSecurity proposal is still being reviewed.
  • Google Grants Proposal
  1. Amount: $120,00 in Adwords Funds
  2. Status: I have begun managing the Adwords account regularly. I am waiting until we reach the implementation phase with our marketing company.
  • Total Grant Funds Awarded: $145,000 for 2013.