Difference between revisions of "OWASP Project Manager Activity Reports/March 11 2013"

From OWASP
Jump to: navigation, search
 
Line 46: Line 46:
 
**'''OWASP Static Analysis Tools Funding Opportunity: DHS'''
 
**'''OWASP Static Analysis Tools Funding Opportunity: DHS'''
 
**There is a possibility of funding some of our Static Analysis tools.
 
**There is a possibility of funding some of our Static Analysis tools.
**Kevin Greene is responsible for a different programme than the department who has already funded us.
+
**Kevin Greene is responsible for a different program than the DHS program that has already funded us.
 
**Kevin and I plan to discuss the possibility of moving forward with a project once their budgets are released for the year.   
 
**Kevin and I plan to discuss the possibility of moving forward with a project once their budgets are released for the year.   
  
Line 53: Line 53:
 
*'''Project Reviews Process: Workflow Adjustment'''
 
*'''Project Reviews Process: Workflow Adjustment'''
 
**Testing of original Reviews Process developed in early 2013 produced quality concerns.
 
**Testing of original Reviews Process developed in early 2013 produced quality concerns.
**I developed a new management work flow with Jim's assistance.   
+
**I developed a new management work flow with Jim Manico's assistance.   
 
**It will involve a working group of technical project advisors headed by a member of the board.  
 
**It will involve a working group of technical project advisors headed by a member of the board.  
**I feel this person should be you, Jim Manico, since I think he has shown great dedication and support to our projects overall. (Lead Technical Project Advisor).
+
**I feel this person should be, Jim Manico, as he has shown great dedication and support to our projects overall. (Lead Technical Project Advisor).
 
**The working group should be made up of the following areas: Secure Development, Secure Lifecycle Activity, Static Analysis, Dynamic Analysis, Governance, and Knowledge.
 
**The working group should be made up of the following areas: Secure Development, Secure Lifecycle Activity, Static Analysis, Dynamic Analysis, Governance, and Knowledge.
 
**Each of these areas should be a project division role filled by one individual.  
 
**Each of these areas should be a project division role filled by one individual.  
**Each role will have a six month limit, or the individual can resign the post if he/she can no longer fulfil the role's duties.  
+
**Each role will have a six month limit, or the individual can resign the post if he/she can no longer fulfill the role's duties.  
 
**These roles will be responsible for reviewing projects, and increasing the quality of the project review process and criteria.  
 
**These roles will be responsible for reviewing projects, and increasing the quality of the project review process and criteria.  
 
**This working group will be managed by the Lead Technical Project Advisor with updates and outcomes reported to the OWASP PM.
 
**This working group will be managed by the Lead Technical Project Advisor with updates and outcomes reported to the OWASP PM.
Line 67: Line 67:
 
**OPT: This event module will be omitted for AppSec USA.
 
**OPT: This event module will be omitted for AppSec USA.
 
**OSS: This event module will be altered to include a full day of 30 minute, presentation like demos.
 
**OSS: This event module will be altered to include a full day of 30 minute, presentation like demos.
**Mini Project Working Groups: This event module will be developed for this conference. The idea is to coordinate working groups for a handfull of projects at the conference.  
+
**Mini Project Working Groups: This event module will be developed for this conference. The idea is to coordinate working groups for a hand full of projects at the conference.  
 
**Project Leader Workshop: I will put together and run the Project Leader Workshop at AppSec USA.   
 
**Project Leader Workshop: I will put together and run the Project Leader Workshop at AppSec USA.   
  
 
*'''AppSec EU Research: OPT &OSS'''
 
*'''AppSec EU Research: OPT &OSS'''
**Started creating documents for the AppSec EU Research Open Source Showcase and OWASP Projects Track.  
+
**I started creating documents for the AppSec EU Research Open Source Showcase and OWASP Projects Track.  
 
**[https://docs.google.com/a/owasp.org/spreadsheet/viewform?formkey=dDMwck9VZC1ieWluekdsbUVFZGhGMnc6MA#gid=0 AppSec EU Research OPT Form.]
 
**[https://docs.google.com/a/owasp.org/spreadsheet/viewform?formkey=dDMwck9VZC1ieWluekdsbUVFZGhGMnc6MA#gid=0 AppSec EU Research OPT Form.]
 
**[https://docs.google.com/a/owasp.org/spreadsheet/viewform?formkey=dGhkUUhkeDBWOVZPcVdzcWloYWhla3c6MA#gid=0 AppSec EU Research OSS Form.]
 
**[https://docs.google.com/a/owasp.org/spreadsheet/viewform?formkey=dGhkUUhkeDBWOVZPcVdzcWloYWhla3c6MA#gid=0 AppSec EU Research OSS Form.]
 
**[https://docs.google.com/a/owasp.org/document/d/1dOrUYtwlBXwfhPyZa9JYqV1MeUUjSxvjm5mwgMqJXhE/edit AppSec EU Research Projects Document.]
 
**[https://docs.google.com/a/owasp.org/document/d/1dOrUYtwlBXwfhPyZa9JYqV1MeUUjSxvjm5mwgMqJXhE/edit AppSec EU Research Projects Document.]
**Waiting to hear from the local conference organisers on how they wish to proceed with this event module.  
+
**I am waiting to hear from the local conference organizers on how they wish to proceed with this event module.  
  
 
*'''Black Hat EU'''
 
*'''Black Hat EU'''
**I am scheduled to attend Black Hat EU in next weeks.
+
**I am scheduled to attend Black Hat EU this week.
**I am helping man our OWASP Booth for two days.
+
**I am helping manage our OWASP Booth for two days.
**Goal: Familiarise myself with Black Hat event management, branding, activities.  
+
**Goal: Familiarize myself with Black Hat event management, branding, activities.  
 
**Martin Knobloch and Ferdinand Vroom are scheduled to volunteer as well.
 
**Martin Knobloch and Ferdinand Vroom are scheduled to volunteer as well.
 
**I will be attending the Netherlands Chapter Meeting during the conference as well.  
 
**I will be attending the Netherlands Chapter Meeting during the conference as well.  
Line 88: Line 88:
 
**The next initiatives meeting will involve the Marketing Company we are currently working with.
 
**The next initiatives meeting will involve the Marketing Company we are currently working with.
 
**They will present their Phase 1 research findings to the entire community.  
 
**They will present their Phase 1 research findings to the entire community.  
**Goal: To develop a marketing and brand strategy for the organisation.  
+
**Goal: To develop a marketing and brand strategy for the organization.  
 
**I will coordinate Phase 3 & 4 of our Marketing Initiatives.  
 
**I will coordinate Phase 3 & 4 of our Marketing Initiatives.  
  
Line 97: Line 97:
 
#[https://www.owasp.org/index.php/GPC/Meetings/2013-08-03  Project Manager Report: March 08 2013]
 
#[https://www.owasp.org/index.php/GPC/Meetings/2013-08-03  Project Manager Report: March 08 2013]
 
#I will have a projects meeting each month that will be open to all the OWASP community starting in April.  
 
#I will have a projects meeting each month that will be open to all the OWASP community starting in April.  
#I continue to developing a template, visual branding, and review criteria to meet this need as I feel it is a very important distinction to make between our projects.
+
#I continue to developing a template, visual branding, and review criteria to meet our project identification needs as I feel this is a very important distinction to make between our projects.

Latest revision as of 10:21, 11 March 2013

Contents

OWASP Project Manager Report

Work accomplished since February 11, 2013

  • Project Numbers
    • Active Projects: 136
    • Inactive Projects: 67

Project Manager Q1 2013 Objectives

  1. Continue grant funding research: Target $150,000 in 2013. ($5000 left to raise to reach target for 2013)
  2. Finalize and Implement New Project Infrastructure processes. (Ongoing)
  3. Coordinate OSS and OWASP Track documentation, guidelines, and processes as they apply to Global AppSec Conferences. (Ongoing for 2013)
  4. Increase Sales Force use for project management. (Ongoing)
  5. Complete and Launch Projects page. (Completed)
  6. Finalize the Project Leader Handbook. (Completed)

Currently Working On

  • Grant Opportunities Recap & Updates
    • Guidebooks Proposal: We are still waiting for the first payment. DHS is currently reviewing their budgets for the year so their funds are frozen until then.
    • Amount: $25,000
    • ESAPI Proposal: This proposal is still under review.
    • Amount: $25,000
    • Google Grants: We have been awarded this grant. Working on developing strategies to implement/use these funds.
    • Amount: $120,000 a year in Google Adwords Money
    • ModSecurity Proposal: This proposal is still under review.
    • Amount: $30,000
    • OWASP Static Analysis Tools Funding Opportunity: DHS
    • There is a possibility of funding some of our Static Analysis tools.
    • Kevin Greene is responsible for a different program than the DHS program that has already funded us.
    • Kevin and I plan to discuss the possibility of moving forward with a project once their budgets are released for the year.
  • Total Grant Funds Awarded: $145,000 for 2013 so far.
  • Project Reviews Process: Workflow Adjustment
    • Testing of original Reviews Process developed in early 2013 produced quality concerns.
    • I developed a new management work flow with Jim Manico's assistance.
    • It will involve a working group of technical project advisors headed by a member of the board.
    • I feel this person should be, Jim Manico, as he has shown great dedication and support to our projects overall. (Lead Technical Project Advisor).
    • The working group should be made up of the following areas: Secure Development, Secure Lifecycle Activity, Static Analysis, Dynamic Analysis, Governance, and Knowledge.
    • Each of these areas should be a project division role filled by one individual.
    • Each role will have a six month limit, or the individual can resign the post if he/she can no longer fulfill the role's duties.
    • These roles will be responsible for reviewing projects, and increasing the quality of the project review process and criteria.
    • This working group will be managed by the Lead Technical Project Advisor with updates and outcomes reported to the OWASP PM.
    • Projects Review Process Proposal
  • AppSec USA: OPT &OSS
    • We are developing two different event modules for AppSec USA.
    • OPT: This event module will be omitted for AppSec USA.
    • OSS: This event module will be altered to include a full day of 30 minute, presentation like demos.
    • Mini Project Working Groups: This event module will be developed for this conference. The idea is to coordinate working groups for a hand full of projects at the conference.
    • Project Leader Workshop: I will put together and run the Project Leader Workshop at AppSec USA.
  • Black Hat EU
    • I am scheduled to attend Black Hat EU this week.
    • I am helping manage our OWASP Booth for two days.
    • Goal: Familiarize myself with Black Hat event management, branding, activities.
    • Martin Knobloch and Ferdinand Vroom are scheduled to volunteer as well.
    • I will be attending the Netherlands Chapter Meeting during the conference as well.
  • OWASP Marketing
    • I am taking a more active role in OWASP's Global Marketing Initiatives.
    • The next initiatives meeting will involve the Marketing Company we are currently working with.
    • They will present their Phase 1 research findings to the entire community.
    • Goal: To develop a marketing and brand strategy for the organization.
    • I will coordinate Phase 3 & 4 of our Marketing Initiatives.

Important Projects Division Outcomes and Discussion Points

  1. GPC Meeting: February 15 2013 Project Manager Report
  2. GPC Meeting: February 22 2013 Project Manager Report
  3. Project Manager Report: March 01 2013
  4. Project Manager Report: March 08 2013
  5. I will have a projects meeting each month that will be open to all the OWASP community starting in April.
  6. I continue to developing a template, visual branding, and review criteria to meet our project identification needs as I feel this is a very important distinction to make between our projects.