Revision as of 07:52, 29 March 2013 by Samantha Groves (talk | contribs)

Jump to: navigation, search

Project Division Updates

Currently Working On

  • OWASP Asia Leadership Outreach Project
    • This Asia Leadership Outreach Project came about during the discussion Dhillon and I had about OWASP at the Kuala Lumpur, Hack in the Box event.
    • He mentioned that he has offered OWASP a booth at the Kuala Lumpur, Hack in the Box event for a few years, but local chapters have not represented OWASP very well.
    • We suggested developing an OWASP Malaysia and Singapore outreach project that would involve a workshop, and the co-running of the Hack in the Box booth by members of both chapters.
    • I have put together a proposal where I outline a 3 day outreach initiative that aims to bring more experienced chapter leaders to the region for a workshop.
    • Read the full proposal for more information.
  • Development of Technical Project Advisor Requirements
    • This item involves the new management work flow for project reviews that was proposed for 2013.
    • Projects Review Process Proposal
    • It will involve a working group of technical project advisors headed by a member of the board.
    • The working group will be made up of the following areas: Secure Development, Secure Lifecycle Activity, Static Analysis, Dynamic Analysis, Governance, and Education.
    • These roles will be responsible for reviewing projects, and increasing the quality of the project review process and criteria.
    • I have put together experience requirements for each technical advisor volunteer role.
    • To read the full descriptions, please visit the advisory role descriptions document.
  • Categorization of OWASP Projects
    • I have begun categorizing our OWASP projects into the Builder, Breaker, and Defender categories.
    • Currently, our categorization is limited so I have begun to increase the search criteria for our projects.
    • Additionally, I have begun to label our projects based on OWASP Open SAMM criteria.
    • The labels are as follows: Governance, Construction, Verification, Deployment.
    • The plan is to allow users to find projects based on these labels on our projects wiki page.
  • Project Leader Responsibilities & Expectations
    • I am currently working on putting together documentation that outlines a project leader's responsibilities, and our organizational expectations of them.
    • I am also developing a "How to run a successful OWASP project" document.
    • Jim and I are developing brand usage guidelines for our project leaders.
    • An OWASP project lifecycle info graphic is being developed as well.
    • I hope that these "How To" documents and graphics will help project leaders understand their responsibilities, and how to leverage the OWASP project infrastructure for success.
  • Daily Project based queries and requests
    • This has not changed much since I began the post: questions are very similar in nature.
    • Global AppSec questions.
    • Funding queries.
    • Travel availability.
    • Project based administrative help.
    • Project status information.
    • Several project donations questions.
    • OWASP LinkedIn Updates.
    • What's happening with projects, questions.

Grants Updates

  • Guidebooks Grant
  1. Amount: $25,000
  2. Status: I have sent in our first project report to the DHS outlining the set backs we have had due to insufficient funds. This has prompted payment. We are due to receive our first check next week.
  • ESAPI Proposal
  1. Amount: $25,000
  2. Status: The ESAPI proposal is still being reviewed.
  • ModSecurity Grant Writing
  1. Amount: $30,000
  2. Status: The ModSecurity proposal is still being reviewed.
  • Google Grants Proposal
  1. Amount: $120,00 in Adwords Funds
  2. Status: We are now testing different keyword and campaign strategies for our global AppSec conferences.
  • Total Grant Funds Awarded: $145,000 for 2013.