Difference between revisions of "OWASP Project Manager Activity Reports/May 13 2013"

Jump to: navigation, search
(Created page with "== OWASP Project Manager Report == ==== Work accomplished since April 05, 2013 ==== *'''Project Numbers''' **Active Projects: 149 **Inactive Projects: 67 *'''New Incubator ...")
Line 7: Line 7:
*'''New Incubator Projects'''
*'''New Incubator Projects'''
**[https://www.owasp.org/index.php/OWASP_Droid_Fusion OWASP Droid Fusion]
**[https://www.owasp.org/index.php/OWASP_iMAS_iOS_Mobile_Application_Security_Project OWASP iMAS - iOS Mobile Application Security Project]
**[https://www.owasp.org/index.php/OWASP_iSABEL_Proxy_Server OWASP iSABEL Proxy Server]
**[https://www.owasp.org/index.php/OWASP_Scytale_Project OWASP Scytale Project]
**[https://www.owasp.org/index.php/OWASP_Top_10_Fuer_Entwickler_Project OWASP Top 10 Fuer Entwickler]
**[https://www.owasp.org/index.php/OWASP_Rails_Goat_Project OWASP Rails Goat Project]
*'''Project Announcements'''
*'''[https://docs.google.com/a/owasp.org/spreadsheet/ccc?key=0Amvv_7Gz8Z7TdHZfWGhHZ0Z4UFFwZU42djBXcVVLSlE#gid=0 Project Applications]'''
**[https://www.owasp.org/index.php/OWASP_Codes_of_Conduct OWASP Codes of Conduct Project:  New Stable Release].
**OWASP WS-Amplification DoS Project
**The [https://www.owasp.org/index.php/Category:OWASP_Code_Review_Project OWASP Code Review Guide] is looking for authors. 
**OWASP Mutillidae 2 (Codename: NOWASP) Project
** The [https://www.owasp.org/index.php/OWASP_Testing_Project OWASP Testing Guide] is looking for authors.
**OWASP Skanda - SSRF Exploitation Framework Project
*'''Projects Under Review'''
*'''Projects Under Review'''
**[https://www.owasp.org/index.php/Cheat_Sheets OWASP Cheat Sheets Project]: Test Reviewed.
**[https://www.owasp.org/index.php/Cheat_Sheets OWASP Cheat Sheets Project]
**[https://www.owasp.org/index.php/OWASP_Java_HTML_Sanitizer_Project OWASP Java HTML Sanitizer Project]: Test Reviewed.
**[https://www.owasp.org/index.php/OWASP_Java_HTML_Sanitizer_Project OWASP Java HTML Sanitizer Project]
**[https://www.owasp.org/index.php/OWASP_Codes_of_Conduct OWASP Codes of Conduct]: Completed. 
**[https://www.owasp.org/index.php/OWASP_Xenotix_XSS_Exploit_Framework Xenotix XSS Exploit Framework]
**[https://www.owasp.org/index.php/OWASP_Xenotix_XSS_Exploit_Framework Xenotix XSS Exploit Framework]: New Review Submission.  
**Project reviews are on hold until we can fill the [https://www.owasp.org/index.php/Projects/Reviews_Management_Proposal_2013 Technical Project Advisor] [http://owasp.force.com/volunteers/GW_Volunteers__VolunteersJobListing?campaignid=701U0000000AUtE volunteer roles].  
==Project Manager Q2 2013 Objectives==
==Project Manager Q2 2013 Objectives==

Revision as of 14:07, 7 May 2013

OWASP Project Manager Report

Work accomplished since April 05, 2013

  • Project Numbers
    • Active Projects: 149
    • Inactive Projects: 67
  • Project Applications
    • OWASP WS-Amplification DoS Project
    • OWASP Mutillidae 2 (Codename: NOWASP) Project
    • OWASP Skanda - SSRF Exploitation Framework Project

Project Manager Q2 2013 Objectives

  1. Identify and target 5-7 specific grants to pursue for 2013.
  2. Develop Brand Usage Guidelines for Projects.
  3. Need for consistent documentation of guidelines (similar to How To Host a Conference) that can apply to various events and venues.
  4. Volunteer Management - identification of skills and supervision required to engage volunteers productively.
  • Ongoing Objectives for 2013
    • Work with Project leaders to reach grant required milestones - ONGOING
    • Develop a project charter outlining appropriate grant revenue spending and grant required milestones. - DUE IN SEPTEMBER - ONGOING
    • Oversight of Marketing and Graphic Design deliverables (Phase 2/Phase 3) provided by 3rd party contractor

Currently Working On

  • Grant Opportunities Recap & Updates
    • Guidebooks Proposal: DHS and Georgia Tech have now sent payment. They have sent our first payment of $7,000.
    • Amount: $25,000
    • ESAPI Proposal: This proposal is still under review.
    • Amount: $25,000
    • Google Grants: We continue to test different keywords and strategies to try and find the best way to leverage this grant award. We are currently testing a strategy for the AppSec USA conference this year. I am seeking assistance from an AdWords expert next week.
    • Amount: $120,000 a year in Google Adwords Money
    • ModSecurity Proposal: This proposal is still under review.
    • Amount: $30,000
  • Total Grant Funds Awarded: $145,000 for 2013 so far.
  • Project Reviews Process: Workflow Adjustment
    • Initiative jobs have been posted to our Volunteer jobs page.
    • Jim and I will hold interviews within a month's time to select each volunteer for the role.
    • You can find the job listings here.
  • Categorization of OWASP Projects
    • I have begun categorizing our OWASP projects into the Builder, Breaker, and Defender categories.
    • Currently, our categorization is limited so I have begun to increase the search criteria for our projects.
    • Additionally, I have begun to label our projects based on OWASP Open SAMM criteria.
    • The labels are as follows: Governance, Construction, Verification, Deployment.
    • The plan is to allow users to find projects based on these labels on our projects wiki page.
  • OWASP Project Leaders: Brand Usage Guidelines
    • I have begun developing brand usage guidelines for our project leaders with Jim Manico's help.
    • We have decided to use the Apache Software Foundation's documentation on the subject as a guide for our own.
    • We feel they developed excellent material, and we plan to use their guidelines as a starting point.
    • I spent this week putting together our OWASP Project Leader Brand Usage Guidelines.
  • Project Leader Responsibilities & Expectations
    • I have finished putting together documentation that outlines a project leader's responsibilities, and our foundation's expectations of them.
    • This document was written to help project leaders understand their responsibilities as managers of their project(s).
  • Project Wiki Templates
    • I am working towards developing new wiki templates for our OWASP Projects.
    • Leaders have expressed frustrations with our current templates as they are not very user friendly.
    • Our PLs also need to let our consumers know at which stage a project is in within our OWASP Projects Infrastructure.
    • Development is ongoing.
  • Project Leader Cheat Sheet
    • I am currently developing a "How to run a successful OWASP Project" document.
    • I hope this document will help project leaders understand how to best leverage the OWASP Project Infrastructure for success.
    • This is an ongoing project.
    • I will have a first draft of this completed by the end of next week.
  • OWASP Marketing
    • Sarah and I are working on transitioning the workflow for the 3rd phase of our marketing plan.
    • We are currently finalizing our visual branding guide with our third party designer.
    • The Operations Staff all plan on discussing our marketing plans in detail at our Staff Summit in New York.

Important OWASP Projects Outcomes and Discussion Points

  1. Project Manager Report: March 15 2013
  2. Project Manager Report: March 22 2013
  3. Project Manager Report: March 29 2013
  4. Project Manager Report: April 05 2013
  5. Project Leader brand usage guidelines are under development.
  6. Project Leader responsibilities and expectations document is under development.
  7. DHS has sent our first $7,000 payment to OWASP.