Difference between revisions of "Projects/Reports/2013-03-05"

Jump to: navigation, search
Line 7: Line 7:
*'''New OWASP Projects'''
*'''New OWASP Projects'''
**[https://www.owasp.org/index.php/OWASP_Web_Application_Security_Quick_Reference_Guide_Project OWASP Web Application Security Quick Reference Guide Project]
**[https://www.owasp.org/index.php/OWASP_iMAS_iOS_Mobile_Application_Security_Project OWASP iMAS - iOS Mobile Application Security Project]
**[https://www.owasp.org/index.php/OWASP_Application_Fuzzing_Framework_Project OWASP Application Fuzzing Framework Project]
**[https://www.owasp.org/index.php/OWASP_Scytale_Project OWASP Scytale Project]
**[https://www.owasp.org/index.php/OWASP_Security_JDIs_Project OWASP Security JDIs Project]
*'''[https://docs.google.com/a/owasp.org/spreadsheet/ccc?key=0Amvv_7Gz8Z7TdHZfWGhHZ0Z4UFFwZU42djBXcVVLSlE#gid=0 Project Applications]'''
*'''[https://docs.google.com/a/owasp.org/spreadsheet/ccc?key=0Amvv_7Gz8Z7TdHZfWGhHZ0Z4UFFwZU42djBXcVVLSlE#gid=0 Project Applications]'''

Revision as of 13:36, 3 May 2013

OWASP Global Projects Report

  • Project Applications
    • OWASP WS-Amplification DoS Project
    • OWASP Mutillidae 2 (Codename: NOWASP) Project
    • OWASP Skanda - SSRF Exploitation Framework Project

Currently Working On

  • OWASP Projects at AppSec USA
    • I worked with Sisterworks Publishing this week on organizing a webinar for our community.
    • They were meant to present their Phase 2 recommendations to us on Thursday during a live webinar.
    • Unfortunately, the presenters were not able to make it during the regular time.
    • I stepped in and presented their recommendations to the community.
    • Webinar Video: Thank you to Kate for recording and uploading the video.
    • Sisterworks Publishing recommendations to OWASP.
  • Determining Active Project Status
    • All existing project meta data has been entered into SalesForce.
    • There are still quite a few challenges with managing all of this data.
    • I've determined that we must first confirm that our Active projects are indeed Active, and that the named project leader is accurate as well.
    • I am reaching out to each leader individually to confirm these two key pieces of data for all 148 projects.
  • European Commission Grant Opportunity: Proposal Status
    • I have put together several communications pieces, instructions, forms, and scheduled deadlines for the AppSec EU Open Source Showcase (OSS).
    • As mentioned in my previous report, the local event organizers are already trying to allocate presenters for the OWASP Projects Track (OPT).
    • I don't anticipate needing to have a call for entries for the OPT, but I am prepared if we find we need to.
    • Projects at AppSec EU Document.
    • AppSec EU OSS Call for Entries.
  • Technical Project Advisors: Status Update on Recruitment
    • Currently there is $44,654.26 due to projects.
    • Many projects have a very small budget.
    • In addition, some projects have funds that they have not spent in years.
    • Projects that are more active in completing their roadmaps, and moving forward with their milestones, can benefit more from these stagnant funds.
    • A project bounty initiative is proposed as well. It aims to help project leaders find talent and reward dedicated contributors.
    • This proposal aims to facilitate the spending of these stagnant funds, and assist project leaders with talent acquisition for their projects and rewards.
  • Personal Development
    • I am always looking for different ways of improving my skills so I have developed a list of personal development activities I wish to undertake for the year.
    • I have each activity separated into quarters.
    • This quarter, Q2, I am focusing on increasing my Information Security knowledge and understanding.
    • To do this, I am taking a 7 week course on Information Security and Risk Management in Context.
    • The course is made available through Coursera.
  • Daily Project based queries and requests
    • This has not changed much since I began the post: questions are very similar in nature.
    • Global AppSec questions.
    • Funding queries.
    • Travel availability.
    • Project based administrative help.
    • Project status information.
    • Several project donations questions.
    • Marketing questions.
    • Grant funding questions.
    • OWASP Social Media Updates.
    • What's happening with projects, questions.

Grants Updates

  • Guidebooks Grant
  1. Amount: $25,000
  2. Status: The first payment has been allocated to our project budgets.
  • ESAPI Proposal
  1. Amount: $25,000
  2. Status: The ESAPI proposal is still being reviewed.
  • ModSecurity Grant Writing
  1. Amount: $30,000
  2. Status: The ModSecurity proposal is still being reviewed.
  • Google Grants Proposal
  1. Amount: $120,00 in Adwords Funds
  2. Status: We now have a better idea of the initiatives and tasks we must undertake to better leverage this award. We will discuss possible solutions during our Mid-Term (6-12 month) marketing planning.
  • LSEC Web Attack Proposal
  1. Amount: TBD (Will be in Euros)
  2. Status: This proposal is currently being put together by a grant partner. We are still in the process of writing the proposal and working out logistics.

  • Total Grant Funds Awarded: $145,000 for 2013.