Projects Reboot 2012
Welcome the the OWASP Project Reboot Page:
What is the OWASP Project ReBoot initiative?
OWASP needs to refresh, revitalize & update its projects. We need to make the software development community more aware of our efforts and demonstrate the foundations library of solutions & guidance designed to help with the secure application development lifecycle.
The proposal for this initiative is here:
Project Lead: Eoin Keary
Proposal Approval Team: Jim Manico, Rahim Jina, Tom Brennan,...
Reboot_Review_Criteria (For review team)
Board Approval can be seen here: 
To that end we have a budget to fund various project related activities. We hope putting some financial support behind projects will re-energise our community and hopefully deliver some great high quality material which can be used to support software developers and testers for years to come:
Projects Reboot 2012 - OWASP Application Security Guide For CISOs - Selected for Reboot
Projects Reboot 2012 - OWASP Development Guide - Selected for Reboot
Zed Attack Proxy - Selected for Reboot
Projects Reboot 2012 - OWASP Mobile Project - Selected for Reboot
OWASP Portuguese Language Project
Projects Reboot 2012 - OWASP Application_Testing_guide_v4
OWASP Eliminate Vulnerable Code Project
Projects Reboot 2012 - OWASP Code_Review_Guide
Submission closing date: July 30th 2012
First round of proposal selection: 15 June 2012
Second round of proposal selection: 10 Aug 2012
The following table shows to votes submitted by reviewers. 1 is first preference, 2 is second preference and so on.. You can have more than one first preference if you wish. Any Outstanding / additional proposals shall be voted on during the second round of proposal selection (10/8/2012).
|OWASP Development Guide (Selected)||1||1||1||2|
|OWASP CISO Guide (Selected)||2||7||2||1|
|OWASP Mobile Project (Selected)||1||4||4||4|
|OWASP WebGoat PHP (Selected)||2||6||6||6|
|OWASP Zed Attack Proxy (Selected)||1||3||3||3|
|OWASP AppSensor (Selected)||1||5||5||5|
|OWASP Testing Guide (Selected)||1||2||2||2|
|OWASP ESAPI (Selected)||1||10||5||3|
|OWASP Portuguese Language Project||1||8||9||8|
|OWASP Code review Guide (Selected)||1||3||3||1|
Projects selected via first round of review:
- OWASP Development Guide*: Funding Amount: $5000 initial funding
- OWASP CISO Guide: Funding Amount: $5000 initial funding
- OWASP Zed Attack Proxy: Funding Amount: $5000 initial funding
- OWASP Mobile Project: Funding Amount: $5000 initial funding
Projects selected via second round of review:
- OWASP WebGoat PHP : Funding Amount: $5000 initial funding
- OWASP AppSensor : Funding Amount: $5000 initial funding
- OWASP Testing Guide* : Funding Amount: $5000 initial funding
- OWASP ESAPI : Funding Amount: $5000 initial funding
- OWASP Code review Guide* : Funding Amount: $5000 initial funding
* Projects have additional external funding TBA.
Type 1: Update, rewrite & complete guides or tools.
This "type" is aimed at both existing and new tools or guides which require development effort to update, augment, rewrite, develop in order to achieve a high quality release quality product.
- "Mini" Project based summits: Expenses associated with getting global workshops, with the aim of releasing a new version of a project.
- Paying contributors for their time and effort.
- Paying for user guides etc to be professionally developed (technical writing etc).
Type 2: Market, Training, Awareness, increase adoption.
Existing, healthy robust tools and guides can utilise Type 2 activities to help with creating awareness and increasing adoption of that project.
- Assisting with expenses associated with marketing a project.
- Costs facilitating OWASP project focused training and awareness events
How are we going to fund this??
We are requesting all OWASP chapters which are in a healthy financial position to pledge 25% of their chapters funds to pay for this initiative.
Pledge some chapter funds here
Donate $1.00 to help save a current or future software application Click Here
The Foundation shall also support this initiative with additional funding.
The goal is to accumulate a budget of $100K which shall be appointed to projects undergoing this reboot.
Can I apply for this Reboot?
You certainly can, assuming you are an OWASP member.
If you feel your project is ready or has potential you can apply for the reboot programme.
How does funding work?
Type 1: Funding can be applied for as required if travel/mini summit etc is to be expensed as part of the reboot. Development activities; payment to contributors shall be at 50% and 100% milestones.
Milestones are agreed prior to project reboot initiation.
Once the 50% milestone is reached the work done to date shall be reviewed by a member of the - GPC and also another nominated OWASP reviewer (generally an OWASP leader).
Type 2: Funding is supplied as required. Items to be funded are agreed prior to reboot initiation.
Invoices for the required services are sent directly to the foundation for payment.
How do I apply? Send in a proposal with the following information:
- Project name and description. Including reboot project lead and any team members.
- Re boot type (Type 1 or Type 2)
- Goals of the reboot
- Timeline for the 50% milestone and the 100% milestone. Suggested milestone reviewers (Generally OWASP Leaders or other industry experts)
- Budget required and how you shall spend it.
Want to support this initiative or learn more? Contact Eoin Keary
The projects awarded $5,000 from project reboot last year are:
- OWASP Development Guide
- OWASP ZAP
- OWASP Testing Guide
- OWASP ESAPI
- OWASP Code Review Guide
- OWASP WebGoat PHP