Difference between revisions of "Projects Reboot 2012"

From OWASP
Jump to: navigation, search
(5 intermediate revisions by one user not shown)
Line 44: Line 44:
 
----
 
----
  
'''First Round Decisions'''<br>
+
'''Selected Projects'''<br>
 
The following table shows to votes submitted by reviewers. 1 is first preference, 2 is second preference and so on..
 
The following table shows to votes submitted by reviewers. 1 is first preference, 2 is second preference and so on..
 +
You can have more than one first preference if you wish.
 
'''Any Outstanding / additional proposals shall be voted on during the second round of proposal selection (10/8/2012).'''
 
'''Any Outstanding / additional proposals shall be voted on during the second round of proposal selection (10/8/2012).'''
  
Line 57: Line 58:
 
   </tr>
 
   </tr>
 
   <tr><!-- Row 2 -->
 
   <tr><!-- Row 2 -->
     <td>OWASP Development Guide</td><!-- Col 1 -->
+
     <td>OWASP Development Guide (Selected)</td><!-- Col 1 -->
 
     <td>1</td><!-- Col 2 -->
 
     <td>1</td><!-- Col 2 -->
 
     <td>1</td><!-- Col 3 -->
 
     <td>1</td><!-- Col 3 -->
     <td>PI-1 PII-1</td><!-- Col 4 -->
+
     <td>1</td><!-- Col 4 -->
 
     <td>2</td><!-- Col 5 -->
 
     <td>2</td><!-- Col 5 -->
 
   </tr>
 
   </tr>
 
   <tr><!-- Row 3 -->
 
   <tr><!-- Row 3 -->
     <td>OWASP CISO Guide</td><!-- Col 1 -->
+
     <td>OWASP CISO Guide (Selected)</td><!-- Col 1 -->
 
     <td>2</td><!-- Col 2 -->
 
     <td>2</td><!-- Col 2 -->
 
     <td>7</td><!-- Col 3 -->
 
     <td>7</td><!-- Col 3 -->
     <td>PI-2 PII-3</td><!-- Col 4 -->
+
     <td>2</td><!-- Col 4 -->
 
     <td>1</td><!-- Col 5 -->
 
     <td>1</td><!-- Col 5 -->
 
   </tr>
 
   </tr>
 
   <tr><!-- Row 4 -->
 
   <tr><!-- Row 4 -->
     <td>OWASP Mobile Project</td><!-- Col 1 -->
+
     <td>OWASP Mobile Project (Selected)</td><!-- Col 1 -->
 
     <td>1</td><!-- Col 2 -->
 
     <td>1</td><!-- Col 2 -->
 
     <td>4</td><!-- Col 3 -->
 
     <td>4</td><!-- Col 3 -->
     <td>PI-4 PII-4</td><!-- Col 4 -->
+
     <td>4</td><!-- Col 4 -->
 
     <td>4</td><!-- Col 5 -->
 
     <td>4</td><!-- Col 5 -->
 
   </tr>
 
   </tr>
 
   <tr><!-- Row 5 -->
 
   <tr><!-- Row 5 -->
     <td>OWASP WebGoat PHP</td><!-- Col 1 -->
+
     <td>OWASP WebGoat PHP (Selected)</td><!-- Col 1 -->
 
     <td>2</td><!-- Col 2 -->
 
     <td>2</td><!-- Col 2 -->
 
     <td>6</td><!-- Col 3 -->
 
     <td>6</td><!-- Col 3 -->
     <td>PI-6 PII-10</td><!-- Col 4 -->
+
     <td>6 </td><!-- Col 4 -->
 
     <td>6</td><!-- Col 5 -->
 
     <td>6</td><!-- Col 5 -->
 
   </tr>
 
   </tr>
 
   <tr><!-- Row 6 -->
 
   <tr><!-- Row 6 -->
     <td>OWASP Zed Attack Proxy</td><!-- Col 1 -->
+
     <td>OWASP Zed Attack Proxy (Selected)</td><!-- Col 1 -->
 
     <td>1</td><!-- Col 2 -->
 
     <td>1</td><!-- Col 2 -->
 
     <td>3</td><!-- Col 3 -->
 
     <td>3</td><!-- Col 3 -->
     <td>PI-3 PII-6</td><!-- Col 4 -->
+
     <td>3</td><!-- Col 4 -->
 
     <td>3</td><!-- Col 5 -->
 
     <td>3</td><!-- Col 5 -->
 
   </tr>
 
   </tr>
 
   <tr><!-- Row 7 -->
 
   <tr><!-- Row 7 -->
     <td>OWASP AppSensor</td><!-- Col 1 -->
+
     <td>OWASP AppSensor (Selected)</td><!-- Col 1 -->
 
     <td>1</td><!-- Col 2 -->
 
     <td>1</td><!-- Col 2 -->
 
     <td>5</td><!-- Col 3 -->
 
     <td>5</td><!-- Col 3 -->
     <td>PI-5 PII-7</td><!-- Col 4 -->
+
     <td>5</td><!-- Col 4 -->
 
     <td>5</td><!-- Col 5 -->
 
     <td>5</td><!-- Col 5 -->
 
   </tr>
 
   </tr>
 
   <tr><!-- Row 8 -->
 
   <tr><!-- Row 8 -->
     <td>OWASP Testing Guide</td><!-- Col 1 -->
+
     <td>OWASP Testing Guide (Selected)</td><!-- Col 1 -->
 
     <td>1</td><!-- Col 2 -->
 
     <td>1</td><!-- Col 2 -->
 
     <td>2</td><!-- Col 3 -->
 
     <td>2</td><!-- Col 3 -->
     <td>PII-2</td><!-- Col 4 -->
+
     <td>2</td><!-- Col 4 -->
     <td></td><!-- Col 5 -->
+
     <td>2</td><!-- Col 5 -->
 
   </tr>
 
   </tr>
 
<tr><!-- Row 9 -->
 
<tr><!-- Row 9 -->
     <td>OWASP ESAPI</td><!-- Col 1 -->
+
     <td>OWASP ESAPI (Selected)</td><!-- Col 1 -->
 
     <td>1</td><!-- Col 2 -->
 
     <td>1</td><!-- Col 2 -->
 
     <td>10</td><!-- Col 3 -->
 
     <td>10</td><!-- Col 3 -->
     <td>PII-5</td><!-- Col 4 -->
+
     <td>5</td><!-- Col 4 -->
     <td></td><!-- Col 5 -->
+
     <td>3</td><!-- Col 5 -->
 
   </tr>
 
   </tr>
 
<tr><!-- Row 10 -->
 
<tr><!-- Row 10 -->
Line 116: Line 117:
 
     <td>3</td><!-- Col 2 -->
 
     <td>3</td><!-- Col 2 -->
 
     <td>9</td><!-- Col 3 -->
 
     <td>9</td><!-- Col 3 -->
     <td>PII-8</td><!-- Col 4 -->
+
     <td>8</td><!-- Col 4 -->
     <td></td><!-- Col 5 -->
+
     <td>4</td><!-- Col 5 -->
 
   </tr>
 
   </tr>
 
<tr><!-- Row 9 -->
 
<tr><!-- Row 9 -->
Line 123: Line 124:
 
     <td>1</td><!-- Col 2 -->
 
     <td>1</td><!-- Col 2 -->
 
     <td>8</td><!-- Col 3 -->
 
     <td>8</td><!-- Col 3 -->
     <td>PII-9</td><!-- Col 4 -->
+
     <td>9</td><!-- Col 4 -->
     <td></td><!-- Col 5 -->
+
    <td>8</td><!-- Col 5 -->
 +
  </tr>
 +
<tr><!-- Row 9 -->
 +
    <td>OWASP Code review Guide (Selected)</td><!-- Col 1 -->
 +
    <td>1</td><!-- Col 2 -->
 +
    <td>3</td><!-- Col 3 -->
 +
    <td>3</td><!-- Col 4 -->
 +
     <td>1</td><!-- Col 5 -->
 
   </tr>
 
   </tr>
 
</table>
 
</table>
  
 
'''Projects selected via first round of review''': <br>
 
'''Projects selected via first round of review''': <br>
#'''OWASP Development Guide''': Funding Amount: $5000 initial funding
+
#'''OWASP Development Guide*''': Funding Amount: $5000 initial funding
 
#'''OWASP CISO Guide''': Funding Amount: $5000 initial funding
 
#'''OWASP CISO Guide''': Funding Amount: $5000 initial funding
 
#'''OWASP Zed Attack Proxy''': Funding Amount: $5000 initial funding
 
#'''OWASP Zed Attack Proxy''': Funding Amount: $5000 initial funding
#'''OWASP Mobile Project''': Funding Amount: $5000 initial funding
+
#'''OWASP Mobile Project''': Funding Amount: $5000 initial funding <br>
 +
 
 +
'''Projects selected via second round of review''': <br>
 +
#'''OWASP WebGoat PHP''' : Funding Amount: $5000 initial funding
 +
#'''OWASP AppSensor''' : Funding Amount: $5000 initial funding
 +
#'''OWASP Testing Guide*''' : Funding Amount: $5000 initial funding
 +
#'''OWASP ESAPI''' : Funding Amount: $5000 initial funding
 +
# '''OWASP Code review Guide*'''  : Funding Amount: $5000 initial funding
 +
 
 +
<nowiki>*</nowiki> Projects have additional external funding TBA.
  
 
----
 
----

Revision as of 05:09, 25 September 2012


Welcome the the OWASP Project Reboot Page:

What is the OWASP Project ReBoot initiative?

OWASP needs to refresh, revitalize & update its projects. We need to make the software development community more aware of our efforts and demonstrate the foundations library of solutions & guidance designed to help with the secure application development lifecycle.

The proposal for this initiative is here:

Project Re-Boot Proposal

Project Lead: Eoin Keary
Proposal Approval Team: Jim Manico, Rahim Jina, Tom Brennan,...
Reboot_Review_Criteria (For review team)


Board Approval can be seen here: [1]

To that end we have a budget to fund various project related activities. We hope putting some financial support behind projects will re-energise our community and hopefully deliver some great high quality material which can be used to support software developers and testers for years to come:

Current Submissions
OWASP Application Security Guide For CISOs - Selected for Reboot
OWASP Development Guide - Selected for Reboot
Zed Attack Proxy - Selected for Reboot
OWASP WebGoat
OWASP AppSensor
OWASP Mobile Project - Selected for Reboot
OWASP Portuguese Language Project
OWASP_Application_Testing_guide_v4
OWASP ESAPI
OWASP Eliminate Vulnerable Code Project
OWASP_Code_Review_Guide_Reboot


Key Dates:
Submission closing date: July 30th 2012
First round of proposal selection: 15 June 2012
Second round of proposal selection: 10 Aug 2012


Selected Projects
The following table shows to votes submitted by reviewers. 1 is first preference, 2 is second preference and so on.. You can have more than one first preference if you wish. Any Outstanding / additional proposals shall be voted on during the second round of proposal selection (10/8/2012).

Proposal Tom Jim Rahim Eoin
OWASP Development Guide (Selected) 1 1 1 2
OWASP CISO Guide (Selected) 2 7 2 1
OWASP Mobile Project (Selected) 1 4 4 4
OWASP WebGoat PHP (Selected) 2 6 6 6
OWASP Zed Attack Proxy (Selected) 1 3 3 3
OWASP AppSensor (Selected) 1 5 5 5
OWASP Testing Guide (Selected) 1 2 2 2
OWASP ESAPI (Selected) 1 10 5 3
OWASP_Eliminate_Vulnerable_Code 3 9 8 4
OWASP Portuguese Language Project 1 8 9 8
OWASP Code review Guide (Selected) 1 3 3 1

Projects selected via first round of review:

  1. OWASP Development Guide*: Funding Amount: $5000 initial funding
  2. OWASP CISO Guide: Funding Amount: $5000 initial funding
  3. OWASP Zed Attack Proxy: Funding Amount: $5000 initial funding
  4. OWASP Mobile Project: Funding Amount: $5000 initial funding

Projects selected via second round of review:

  1. OWASP WebGoat PHP : Funding Amount: $5000 initial funding
  2. OWASP AppSensor : Funding Amount: $5000 initial funding
  3. OWASP Testing Guide* : Funding Amount: $5000 initial funding
  4. OWASP ESAPI : Funding Amount: $5000 initial funding
  5. OWASP Code review Guide*  : Funding Amount: $5000 initial funding

* Projects have additional external funding TBA.



Activity types:

Type 1: Update, rewrite & complete guides or tools.
This "type" is aimed at both existing and new tools or guides which require development effort to update, augment, rewrite, develop in order to achieve a high quality release quality product.

Examples:

  1. "Mini" Project based summits: Expenses associated with getting global workshops, with the aim of releasing a new version of a project.
  2. Paying contributors for their time and effort.
  3. Paying for user guides etc to be professionally developed (technical writing etc).

Type 2: Market, Training, Awareness, increase adoption.
Existing, healthy robust tools and guides can utilise Type 2 activities to help with creating awareness and increasing adoption of that project.

Examples:

  1. Assisting with expenses associated with marketing a project.
  2. Costs facilitating OWASP project focused training and awareness events


How are we going to fund this??
We are requesting all OWASP chapters which are in a healthy financial position to pledge 25% of their chapters funds to pay for this initiative.
Pledge some chapter funds here

Donate $1.00 to help save a current or future software application Click Here

The Foundation shall also support this initiative with additional funding.
The goal is to accumulate a budget of $100K which shall be appointed to projects undergoing this reboot.

- Chapter Funds

Can I apply for this Reboot?
You certainly can, assuming you are an OWASP member.
If you feel your project is ready or has potential you can apply for the reboot programme.


How does funding work?

Type 1: Funding can be applied for as required if travel/mini summit etc is to be expensed as part of the reboot. Development activities; payment to contributors shall be at 50% and 100% milestones.
Milestones are agreed prior to project reboot initiation.
Once the 50% milestone is reached the work done to date shall be reviewed by a member of the - GPC and also another nominated OWASP reviewer (generally an OWASP leader).

Type 2: Funding is supplied as required. Items to be funded are agreed prior to reboot initiation.
Invoices for the required services are sent directly to the foundation for payment.


How do I apply? Send in a proposal with the following information:

  1. Project name and description. Including reboot project lead and any team members.
  2. Re boot type (Type 1 or Type 2)
  3. Goals of the reboot
  4. Timeline for the 50% milestone and the 100% milestone. Suggested milestone reviewers (Generally OWASP Leaders or other industry experts)
  5. Budget required and how you shall spend it.

Want to support this initiative or learn more? Contact Eoin Keary