Difference between revisions of "OWASP Spring Of Code 2007 : Selection"

From OWASP
Jump to: navigation, search
 
(4 intermediate revisions by 2 users not shown)
Line 1: Line 1:
 
This page contains the Selection Criteria to select the projects sponsored on the [[OWASP Spring Of Code 2007]] and the final classification.
 
This page contains the Selection Criteria to select the projects sponsored on the [[OWASP Spring Of Code 2007]] and the final classification.
  
Jury: Andrew van der Stock, Jeff Williams and Dinis Cruz.
+
Jury: OWASP Board Members (Andrew van der Stock, Jeff Williams, Dave Wichers and Dinis Cruz).
  
 
== Selection Criteria ==
 
== Selection Criteria ==
Line 18: Line 18:
  
  
 +
== Table of Results - Approved SpoC Projects ==
  
== Summary table (Aggregated Results) ==
+
{| class="wikitable" WIDTH=100%
{| class="wikitable" style="text-align:center"
+
|-
|+ OWASP Spring of Code 2007 Results
+
! SpoC Project Name
! width="172" height="18" bgcolor="#FFFFFF" align="LEFT" valign="MIDDLE" | '''Proposal ID'''
+
! Author
! width="164" bgcolor="#FFFFFF" align="LEFT" valign="MIDDLE" | '''Project'''
+
! Value (US$)
! width="80" align="CENTER" | '''AJV Total'''
+
! width="80" align="CENTER" | '''DC Total'''
+
! width="80" align="CENTER" | '''JW Total'''
+
! width="80" align="CENTER" | '''Total'''
+
! width="108" align="LEFT" | '''Total Adjusted'''
+
! width="108" align="LEFT" | '''Sponsorship'''
+
 
|-
 
|-
! height="18" bgcolor="#FFFFFF" align="LEFT" valign="MIDDLE" | tbd
 
! bgcolor="#FFFFFF" align="LEFT" valign="MIDDLE" | (tbd)
 
| align="CENTER" | tbd
 
| align="CENTER" | tbd
 
| align="CENTER" | tbd
 
| align="CENTER" | tbd
 
| align="CENTER" | tbd
 
| align="CENTER" | tbd USD
 
|}
 
  
== AVJ results (Andrew) ==
+
|-
 +
! [[SpoC 007 - The OWASP Web Security Certification Framework|The OWASP Web Security Certification Framework]]
 +
| Mark Curphey
 +
| 20,000
 +
 +
|-
 +
! [[SpoC 007 - SqlMap|SqlMap]]
 +
| Bernardo Damele
 +
| 2,500
  
 +
|-
 +
! [[SpoC 007 - OWASP Site Generator|OWASP Site Generator]]
 +
| Boris
 +
| 7,000
  
{| class="wikitable" style="text-align:center"
 
! width="173" height="18" bgcolor="#FFFFFF" align="LEFT" valign="MIDDLE" | Proposal ID
 
! width="173" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''Project'''
 
! width="94" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''Complete State'''
 
! width="94" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''Complexity'''
 
! width="94" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''Member Value'''
 
! width="94" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''Brand Value'''
 
! width="94" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''Past Work'''
 
! width="94" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''Deliverably'''
 
! width="94" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''Proposal'''
 
! width="122" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''Total'''
 
! width="197" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''Project'''
 
 
|-
 
|-
| height="19" bgcolor="#FFFFFF" align="LEFT" | tbd
+
! [[SpoC 007 - Attacks Reference Guide|Attacks Reference Guide]]
| bgcolor="#FFFFFF" align="LEFT" | (tbd)
+
| NSRAV Security R&D
| bgcolor="#FFFFFF" align="CENTER" | tbd
+
| 5,000
| bgcolor="#FFFFFF" align="CENTER" | tbd
+
 
| bgcolor="#FFFFFF" align="CENTER" | tbd
+
| bgcolor="#FFFFFF" align="CENTER" | tbd
+
| bgcolor="#FFFFFF" align="CENTER" | tbd
+
| bgcolor="#FFFFFF" align="CENTER" | tbd
+
| bgcolor="#FFFFFF" align="CENTER" | tbd
+
| bgcolor="#FFFFFF" align="CENTER" | tbd
+
| bgcolor="#FFFFFF" align="LEFT" | (tbd)
+
 
|-
 
|-
|}
+
! [[SpoC 007 - The Scholastic Application Security Assessment Project|The Scholastic Application Security Assessment Project]]
 +
| Eric Sheridan and
 +
Dr. Goran Trajkovski
 +
| 5,000
  
== DC results (Dinis) ==
+
|-
 +
! [[SpoC 007 - Inspekt|Inspekt: Input filtering and validation library for PHP]]
 +
| Ed Finkler
 +
| 5,000
  
{| class="wikitable" style="text-align:center"
 
! width="173" height="18" bgcolor="#FFFFFF" align="LEFT" valign="MIDDLE" | Proposal ID
 
! width="173" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''Project'''
 
! width="94" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''Complete State'''
 
! width="94" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''Complexity'''
 
! width="94" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''Member Value'''
 
! width="94" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''Brand Value'''
 
! width="94" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''Past Work'''
 
! width="94" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''Deliverably'''
 
! width="94" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''Proposal'''
 
! width="122" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''Total'''
 
! width="197" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''Project'''
 
 
|-
 
|-
| height="19" bgcolor="#FFFFFF" align="LEFT" | tbd
+
! [[SpoC 007 - Code review Project|Code review Project]]
| bgcolor="#FFFFFF" align="LEFT" | (tbd)
+
| Eoin Keary
| bgcolor="#FFFFFF" align="CENTER" | tbd
+
| 5,000
| bgcolor="#FFFFFF" align="CENTER" | tbd
+
 
| bgcolor="#FFFFFF" align="CENTER" | tbd
+
| bgcolor="#FFFFFF" align="CENTER" | tbd
+
| bgcolor="#FFFFFF" align="CENTER" | tbd
+
| bgcolor="#FFFFFF" align="CENTER" | tbd
+
| bgcolor="#FFFFFF" align="CENTER" | tbd
+
| bgcolor="#FFFFFF" align="CENTER" | tbd
+
| bgcolor="#FFFFFF" align="LEFT" | (tbd)
+
 
|-
 
|-
|}
+
! [[SpoC 007 - OWASP Certification Project|OWASP Certification Project]]
 +
| Matteo Meucci
 +
| 5,000
  
== JW results (Jeff) ==
+
|-
 +
! [[SpoC 007 - OWASP Education Project|OWASP Education Project]]
 +
| Sebastien Deleersnyder
 +
| 5,000
  
{| class="wikitable" style="text-align:center"
 
! width="173" height="18" bgcolor="#FFFFFF" align="LEFT" valign="MIDDLE" | Proposal ID
 
! width="173" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''Project'''
 
! width="94" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''Complete State'''
 
! width="94" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''Complexity'''
 
! width="94" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''Member Value'''
 
! width="94" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''Brand Value'''
 
! width="94" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''Past Work'''
 
! width="94" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''Deliverably'''
 
! width="94" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''Proposal'''
 
! width="122" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''Total'''
 
! width="197" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''Project'''
 
 
|-
 
|-
| height="19" bgcolor="#FFFFFF" align="LEFT" | tbd
+
! [[SpoC 007 - OWASP The Anti-Samy Project|OWASP The Anti-Samy Project]]
| bgcolor="#FFFFFF" align="LEFT" | (tbd)
+
| Arshan Dabirsiaghi
| bgcolor="#FFFFFF" align="CENTER" | tbd
+
| 5,000
| bgcolor="#FFFFFF" align="CENTER" | tbd
+
 
| bgcolor="#FFFFFF" align="CENTER" | tbd
+
| bgcolor="#FFFFFF" align="CENTER" | tbd
+
| bgcolor="#FFFFFF" align="CENTER" | tbd
+
| bgcolor="#FFFFFF" align="CENTER" | tbd
+
| bgcolor="#FFFFFF" align="CENTER" | tbd
+
| bgcolor="#FFFFFF" align="CENTER" | tbd
+
| bgcolor="#FFFFFF" align="LEFT" | (tbd)
+
 
|-
 
|-
 +
! [[SpoC 007 - Security throughout the SDLC|Security throughout the SDLC]]
 +
| Keith Casey
 +
| 3,000
 +
 +
|-
 +
! [[SpoC 007 - OWASP WebGoat Solutions Guide|OWASP WebGoat Solutions Guide]]
 +
| Erwin Geirnaert
 +
| 2,500
 +
 +
|-
 +
! [[SpoC 007 - OWASP WeBekci Project|OWASP WeBekci Project]]
 +
| Bunyamin Demir
 +
| 2,500
 +
 +
|-
 +
! [[SpoC 007 - Python Tainted Mode|Python Tainted Mode]]
 +
| Denis
 +
| 2,500
 +
 +
|-
 +
! [[SpoC 007 - WebScarab NG Security Test Automation|WebScarab NG Security Test Automation]]
 +
| Darren Edmonds
 +
| 2,500
 +
 +
|-
 +
! [[SpoC 007 - Refresh Attacks list|Refresh Attacks list]]
 +
| Przemyslaw 'rezos' Skowron
 +
| 2,500
 +
 +
|-
 +
! [[SpoC 007 - Best Practices & Countermeasures|Best Practices & Countermeasures]]
 +
| Jim
 +
| 2,500
 +
 +
|-
 +
! [[SpoC 007 - OWASP Brand|OWASP brand]]
 +
| Paulo Coimbra
 +
| 2,500
 +
 +
|-
 +
! [[SpoC 007 - Web Application Security put into practice|Web Application Security put into practice]]
 +
| Heiko Webers
 +
| 2,500
 +
 +
|-
 +
! [[SpoC 007 - OWASP JBroFuzz Project|OWASP JBroFuzz Project]]
 +
| Subere
 +
| 2,500
 +
 +
|-
 +
! [[SpoC 007 - Owasp Orizon Project|Owasp Orizon Project]]
 +
| Paolo Perego
 +
| 2,500
 +
 +
|-
 +
! [[SpoC 007 - Enigform: Firefox Addon for OpenPGP signing of HTTP requests|Enigform: Firefox Addon for OpenPGP signing of HTTP requests]]
 +
| Arturo (Buanzo) Busleiman
 +
| 2,500
 +
 +
|-
 +
! [[SpoC 007 - OWASP LiveCD Education Project|OWASP LiveCD Education Project]]
 +
| Josh Sweeney
 +
| 2,500
 +
 +
|-
 +
! [[SpoC 007 - OWASP Java Project|OWASP Java Project]]
 +
| Erwin Geirnaert
 +
| 2,500
 +
 +
|-
 +
! [[SpoC 007 - OWASP LiveCD Project|OWASP LiveCD Project]]
 +
| Joshua Perrymon
 +
| 2,500
 +
 +
|-
 +
! [[SpoC 007 - Interim @ Aspect Offices|Interim @ Aspect Offices]]
 +
| Andy Gocke
 +
| 10,000
 +
 +
|-
 +
! [[SpoC 007 - Help with SpoC project management|Help with SpoC project management]]
 +
| Paulo Coimbra
 +
| 2,500
 +
 +
|-
 +
! [[SpoC 007 - OWASP Corporate Application Security Rating Guide|OWASP Corporate Application Security Rating Guide]]
 +
| Erwin Geirnaert
 +
| 3,000
 +
 
|}
 
|}

Latest revision as of 12:04, 19 February 2008

This page contains the Selection Criteria to select the projects sponsored on the OWASP Spring Of Code 2007 and the final classification.

Jury: OWASP Board Members (Andrew van der Stock, Jeff Williams, Dave Wichers and Dinis Cruz).

Selection Criteria

Each project will receive a rating from 1 to 5 on the following categories by each jury. The final result will be the medium value.

  • On the Project:
    • Complete status - What will be the final Completeness State?
    • Complexity - What is the project Complexity and its Size
    • Member Value - How big is the potential added value to Owasp Members
    • Brand Value - How big is the potential added value to the Owasp Brand
  • On the Candidate:
    • Past Work - Value of past contributions to OWASP Projects
    • Deliverably - Proven capability to deliver
    • Proposal - What was the quality of proposal submited?


Table of Results - Approved SpoC Projects

SpoC Project Name Author Value (US$)
The OWASP Web Security Certification Framework Mark Curphey 20,000
SqlMap Bernardo Damele 2,500
OWASP Site Generator Boris 7,000
Attacks Reference Guide NSRAV Security R&D 5,000
The Scholastic Application Security Assessment Project Eric Sheridan and

Dr. Goran Trajkovski

5,000
Inspekt: Input filtering and validation library for PHP Ed Finkler 5,000
Code review Project Eoin Keary 5,000
OWASP Certification Project Matteo Meucci 5,000
OWASP Education Project Sebastien Deleersnyder 5,000
OWASP The Anti-Samy Project Arshan Dabirsiaghi 5,000
Security throughout the SDLC Keith Casey 3,000
OWASP WebGoat Solutions Guide Erwin Geirnaert 2,500
OWASP WeBekci Project Bunyamin Demir 2,500
Python Tainted Mode Denis 2,500
WebScarab NG Security Test Automation Darren Edmonds 2,500
Refresh Attacks list Przemyslaw 'rezos' Skowron 2,500
Best Practices & Countermeasures Jim 2,500
OWASP brand Paulo Coimbra 2,500
Web Application Security put into practice Heiko Webers 2,500
OWASP JBroFuzz Project Subere 2,500
Owasp Orizon Project Paolo Perego 2,500
Enigform: Firefox Addon for OpenPGP signing of HTTP requests Arturo (Buanzo) Busleiman 2,500
OWASP LiveCD Education Project Josh Sweeney 2,500
OWASP Java Project Erwin Geirnaert 2,500
OWASP LiveCD Project Joshua Perrymon 2,500
Interim @ Aspect Offices Andy Gocke 10,000
Help with SpoC project management Paulo Coimbra 2,500
OWASP Corporate Application Security Rating Guide Erwin Geirnaert 3,000