GPC Project Surveys 2009
As part of its 2009 agenda, the Global Projects Committee is undertaking the task of improving the OWASP Project structure. This task includes determining orphaned projects, updating and augmenting the existing project criteria, and reclassifying projects to help users find OWASP Projects that are relevant and important to them.
To help us with this task, we have created a number of surveys that we have distributed to the OWASP Community. Each survey serves a different purpose as explained below. For any questions, please contact the Global Projects Committee.
OWASP Project Owner Spring 2009 Self Update
The project owner(s) for each OWASP Project (both tools and documents) are asked to complete a self update on the status of their project. This information will help the Global Projects Committee discover orphan projects, create processes to help mature existing projects, and to collect metadata about projects that will allow us to re-design the OWASP Project pages. This self-update can be found here.
OWASP Project Sponsorship Survey
The Global Projects Committee is currently exploring corporate sponsorship of individual OWASP Projects. Any project that indicates they would be interested in corporate sponsorship should fill out this survey in addition to the Self Update.
OWASP Project Feedback
The Global Projects Committee would also like to facilitate feedback to OWASP Projects from the OWASP Community. Our first attempt to do so is the Project Feedback form. If you are interested in providing feedback for a particular project, please use this form. Also, if you are a project owner, please feel free to distribute this form to your users and we will forward you the feedback from any surveys for your project. Please be constructive in your feedback and note that all feedback will be made public.
The OWASP Project Owner Spring 2009 Self Update was closed on May 1st, 2009. Fifty-seven projects were updated by their owners (or a contributor/reviewer). The following is a summary of the results of the survey.
The following projects had leaders that responded to the survey and explicitly stated that they are willing to cede control of the project to a new project owner. The GPC will evaluate whether the project should have a new "leader", a "maintainer", or the project should be archived.
- CAL9000 - recommend that this should be given to a maintainer
- Java Project - recommend that this should be given to a new leader
- Sprajax - recommendation TBA
- SqliBench - recommendation TBA
- WebScarab - recommend that this should be given to a maintainer
- Google Hacking - recommend that this should be archived. The search API used by the Google Hacking project is due to be deprecated and discontinued by Google in August 2009.
The following projects are listed in the page but did not respond to the Self Update. As a result, these projects will be considered orphaned and inactive. The Global Projects Committee is working on determining whether a project is eligible for adoption or if the project should be archived.
- OWASP AIR Security Project
- OWASP AJAX Security Guide
- OWASP Application Security Assessment Standards Project
- OWASP Application Security Metrics Project
- OWASP AppSec FAQ Project
- OWASP Career Development Project
- OWASP Certification Criteria Project
- OWASP Communications Project
- OWASP Corporate Application Security Rating Guide
- CRM Project
- OWASP Education Project
- OWASP Encoding Project
- ESAPI Swingset - this should be a child project to ESAPI
- Flash Security Project
- OWASP Fuzzing Code Database
- OWASP Honeycomb Project - project absorved by ASDR
- OWASP Insecure Web App Project
- OWASP Interceptor Project
- OWASP JBroFuzz Project
- OWASP Jobs Project
- OWASP Joomla Vulnerability Scanner Project
- LAPSE Project
- LiveCD Education Project
- OWASP Logging Guide
- OWASP Mutillidae
- OpenSign Server Project
- Oracle Project
- OWASP Pantera Web Assessment Studio Project
- OWASP PHP AntiXSS Library Project
- OWASP PHP Project
- OWASP Report Generator
- OWASP Scholastic Application Security Assessment Project
- OWASP Security Spending Benchmarks
- OWASP Site Generator
- OWASP Source Code Review for OWASP-Projects
- OWASP Speakers Project
- OWASP SQLiX Project
- OWASP Stinger Project
- OWASP SWAAT Project
- OWASP Tiger
- OWASP Tools Project
- OWASP Validation Project
- OWASP Vicnum Project
- OWASP Web 2.0 Project
- OWASP Web Application Scanner Specification Project
- OWASP Web Application Security Metric using Attack Patterns Project
- OWASP Web Application Security Put Into Practice
- OWASP Web Services Security Project
- OWASP WeBekci Project
- OWASP WSFuzzer Project
- OWASP XML Security Gateway Evaluation Criteria
The following projects were identified as an OWASP "project" but should be recategorized as an OWASP Grant under the new grant framework.