OWASP Development Guide
The following initial funding to be considered and allocated as can be agreed:
a) graphic design artist to re-do all the diagrams we will end up creating (badly). Although I love the artists at Deviant Art, I think it might be worth looking for a while to find someone with a great attention to detail, a good track record of creating software engineering diagrams, and most importantly design clean, consistent, and good looking diagrams. The diagrams in their native format must be licensed so we can re-use them with no further costs - i.e. we own the originals and can publish them as we see fit. We will need to work out a job lot cost and do it right near the end, and will likely be the largest single cost.
b) airfare + hotel funding for core team members this AppSec Research. If the Board feels there is adequate budget for the core members of the Development Guide project to meet at AppSec Research this year, happy for you to consider that possibility, especially as we could really use a solid planning session and most importantly, an initial hack-a-thon to get started. This could easily hit $20k, and I don't want you to splurge on that amount unless you feel that the Foundation has the sort of cash that would allow that to happen. Argh, I just realised that I have no leave left for a July conference. Hmmm. Let me think this one through - it might be worthwhile to consider this for AppSec US later in the year when I have a bit of leave.
c) Project management software. I'd like for one of the following to be considered and bought: Either Confluence + Calendars ($20 / month per 10 users). Considering how long it took to do 2.0, I would imagine the cost will be around 18 months @ $40 per month = $720 for the project. Or a copy of OmniPlan for me ($200 USD from the AppStore), and means we could continue to use Google Code for the Wiki. Relies on me exporting to PDF regularly enough for everyone to see where we are at. There are pluses and minuses for each solution. I think an earlier start would be had with OmniPlan, but more transparency with Confluence + calendaring.
The major minus of Confluence is the time to port existing material now, versus the saving in creating a PDF at the end will be much faster than with Google Code. OmniPlan is by far the stronger project management tool, but the minus is that it's pretty much my creature, and I hate being a road block. Additionally, OmniPlan is completely disassociated from the materials. (Swings and roundabouts. Your call.)
d) WebEx or other meeting software for up to one hour per month of virtual meetings for the wider project. I am not sure of costs for this, or if we have any such facilities at the moment.
e) Skype credits for major contributors. I would envisage about $50-100 all up per year per major contributor. This is to allow multi-window video chats between the core group
f) (probably next year's budget) airfare + hotel funding for me to release the Developer Guide at one of AppSec Research 2013 / AppSec US 2013 to release it. The Guide should not be released at BlackHat or Defcon. We got nearly no traction that way. I live at the bottom of the earth, so please consider $5000 to be a minimal workable amount here.
I am sure there will be more, but this will do for now. Let's see how many folks actually end up contributing! :)