Difference between revisions of "Projects/Reports/2013-26-04"

Jump to: navigation, search
Line 12: Line 12:
*'''[https://docs.google.com/a/owasp.org/spreadsheet/ccc?key=0Amvv_7Gz8Z7TdHZfWGhHZ0Z4UFFwZU42djBXcVVLSlE#gid=0 Project Applications]'''
*'''[https://docs.google.com/a/owasp.org/spreadsheet/ccc?key=0Amvv_7Gz8Z7TdHZfWGhHZ0Z4UFFwZU42djBXcVVLSlE#gid=0 Project Applications]'''
**OWASP Scytale Project
**OWASP WS-Amplification DoS Project
**OWASP iMAS - iOS Mobile Application Security
**OWASP Mutillidae 2 (Codename: NOWASP) Project
**OWASP Testdemo
**OWASP Skanda - SSRF Exploitation Framework Project
*'''Projects Under Review'''
*'''Projects Under Review'''

Revision as of 13:30, 3 May 2013

OWASP Global Projects Report

  • Project Applications
    • OWASP WS-Amplification DoS Project
    • OWASP Mutillidae 2 (Codename: NOWASP) Project
    • OWASP Skanda - SSRF Exploitation Framework Project

Currently Working On

  • OWASP Marketing
    • I worked with Sisterworks Publishing this week on organizing a webinar for our community.
    • They were meant to present their Phase 2 recommendations to us on Thursday during a live webinar.
    • Unfortunately, the presenters were not able to make it during the regular time.
    • I stepped in and presented their recommendations to the community.
    • Webinar Video: Thank you to Kate for recording and uploading the video.
    • Sisterworks Publishing recommendations to OWASP.
  • Determining Active Project Status
    • All existing project meta data has been entered into SalesForce.
    • There are still quite a few challenges with managing all of this data.
    • I've determined that we must first confirm that our Active projects are indeed Active, and that the named project leader is accurate as well.
    • I am reaching out to each leader individually to confirm these two key pieces of data for all 148 projects.
  • Projects at AppSec EU
    • I have put together several communications pieces, instructions, forms, and scheduled deadlines for the AppSec EU Open Source Showcase (OSS).
    • As mentioned in my previous report, the local event organizers are already trying to allocate presenters for the OWASP Projects Track (OPT).
    • I don't anticipate needing to have a call for entries for the OPT, but I am prepared if we find we need to.
    • Projects at AppSec EU Document.
    • AppSec EU OSS Call for Entries.
  • Project Funds Proposal
    • Currently there is $44,654.26 due to projects.
    • Many projects have a very small budget.
    • In addition, some projects have funds that they have not spent in years.
    • Projects that are more active in completing their roadmaps, and moving forward with their milestones, can benefit more from these stagnant funds.
    • A project bounty initiative is proposed as well. It aims to help project leaders find talent and reward dedicated contributors.
    • This proposal aims to facilitate the spending of these stagnant funds, and assist project leaders with talent acquisition for their projects and rewards.
  • Personal Development
    • I am always looking for different ways of improving my skills so I have developed a list of personal development activities I wish to undertake for the year.
    • I have each activity separated into quarters.
    • This quarter, Q2, I am focusing on increasing my Information Security knowledge and understanding.
    • To do this, I am taking a 7 week course on Information Security and Risk Management in Context.
    • The course is made available through Coursera.
  • Daily Project based queries and requests
    • This has not changed much since I began the post: questions are very similar in nature.
    • Global AppSec questions.
    • Funding queries.
    • Travel availability.
    • Project based administrative help.
    • Project status information.
    • Several project donations questions.
    • OWASP Social Media Updates.
    • What's happening with projects, questions.

Grants Updates

  • Guidebooks Grant
  1. Amount: $25,000
  2. Status: We have received our first payment from DHS.
  • ESAPI Proposal
  1. Amount: $25,000
  2. Status: The ESAPI proposal is still being reviewed.
  • ModSecurity Grant Writing
  1. Amount: $30,000
  2. Status: The ModSecurity proposal is still being reviewed.
  • Google Grants Proposal
  1. Amount: $120,00 in Adwords Funds
  2. Status: We continue to test different keywords and strategies to try and find the best way to leverage this grant award. We are currently testing a strategy for the AppSec USA conference this year. I have contacted Joseph McElroy who is the CEO of Corporate Performance Artists in New York, USA. Corporate performance Artist is a community management firm that specializes in SEO, Google Analytics, and Google Grants Adwords campaigns. He had some amazing insights for me. I am currently reviewing these recommendations.
  • LSEC Web Attack Proposal
  1. Amount: TBD (Will be in Euros)
  2. Status: This proposal is currently being put together by a grant partner. This grant is from the European Commission (EC). They are looking for European organizations to collaborate on research and implementation activities for the EC. If OWASP participates in this initiative, the organization will partner with up to 7 different companies from across the European Union. We are still in the process of writing the proposal and working out logistics.

  • Total Grant Funds Awarded: $145,000 for 2013.