Projects Summit 2013

From OWASP
Revision as of 18:25, 15 October 2013 by Samantha Groves (Talk | contribs)

Jump to: navigation, search

AppSec USA 2013 Project Summit Home


Summit-logo.jpg
Summit NY Image.jpg


Introduction

The OWASP Project Summit is a smaller version of the much larger OWASP Summits. This event activity gives our project leaders the opportunity to showcase their project progress, and have attendees sit down and work on project tasks during the event. It is an excellent opportunity to engage the event attendees, and it gives project leaders the chance to move forward on their project milestones while meeting new potential volunteers that can assist with future milestones.

For more details see also the main Project Summit pages at the main OWASP AppSecUSA website: http://appsecusa.org/2013/activities/owasp-project-summit/

Working Sessions

Click on the working session name to see the home page for that particular session. During the Summit those working session home pages will be used to document discussions and outcomes.

If you're interested in adding a Working Session for the 2013 Summit, there still is time to start a session! Please review the Working Session methodology for Working Session rules.

NOTE: The current banners below are placeholders. Track topics are subject to change.

Summit Banners 2013 Projects.jpg

Name of Working Session Objective(s) Outcome(s) / Deliverable(s) Owner/Leader Members/Attendees
view
edit
Project Reviews
  1. Introduction to new assessment criteria to conduct reviews.
  2. Team in small groups (2 to 3 max) based on experience and background to asses a set of Projects (Code, Tool or Documentation).
  3. Fill in the Questionnaire (Google Forms) to complete assessment of Projects and provide the review with a final score and results (Project defined as Incubator, Lab or Flagship).
  4. Review results of questionnaire with your team.
  5. Present results and conclusions of assessment session.
  1. Review of all the current Flagship, some Lab, and some Incubator projects. Find here.
  2. Assign them an appropriate stage designation based on the review.
  3. Update the inventory based on reviews.
  4. Create banners that show what stage each project is on. To be placed on the wiki.
Johanna Curiel @


Summit Banners 2013 ESAPI.jpg

Name of Working Session Objective(s) Outcome(s) / Deliverable(s) Owner/Leader Members/Attendees
view
edit
ESAPI Hackathon
  1. Planning to sponsor 2 "senior developers" to attend the hack-a-thon and take the lead role on the development effort, they will be involved in the architecture aspect of the project and goal-building and attendees will be able to choose a component from the architecture to work on.
  2. We will purchase a prize for the developer/team that accomplishes the most quality work scored based on complexity of the component(s) they will be working on. The judges for the prizes will be Jeff Williams, Kevin Wall and Chris Schmidt.
  3. There will be a set of guidelines for entries – primarily, backwards compatibility and/or clear upgrade path from ESAPI 2.x, testability, and distribution model of the component.
  1. Identify the primary goals to deem the hack-a-thon a success.
  2. Layout the overall architecture vision for ESAPI 3.0.
  3. Lay down the infrastructure (Git, Continuous Integration, Testing Framework, etc.).
  4. Design the specification for the components that will be required.
  5. Close down all inactive ESAPI Projects.
Chris Schmidt @

Chris Schmidt @

Kevin Wall @

Jeff Williams @

view
edit
ESAPI Hackathon: 2nd Session
  1. Teams will be 1-4 developers; scores will be curved based on the size of the teams submitting the components. For example, a team of 4 developers submitting a key management component will score lower than a single developer submitting a key management component dependent on the quality of the submitted component. (These scoring guidelines are still under consideration).
  2. Jeff Williams will be "kicking off" the hackathon by giving a short speech about ESAPI as the founding member of the project. I will also be giving a short speech on the future vision of ESAPI to set up the teams. The prize will be awarded at the closing of the conference.
  1. Identify the primary goals to deem the hack-a-thon a success.
  2. Layout the overall architecture vision for ESAPI 3.0.
  3. Lay down the infrastructure (Git, Continuous Integration, Testing Framework, etc.).
  4. Design the specification for the components that will be required.
  5. Close down all inactive ESAPI Projects.
Chris Schmidt @

Chris Schmidt @

Kevin Wall @

Jeff Williams @


Summit Banners 2013 Education.jpg

Name of Working Session Objective(s) Outcome(s) / Deliverable(s) Owner/Leader Members/Attendees
view
edit
OWASP Training Development Session
  1. OWASP Boot camp development.
  2. OWASP Training events brainstorming session and planning.
  1. Develop a roadmap for an OWASP Bootcamp Program.
  2. Develop a handfull of ideas for an OWASP Training Program.
Konstantinos Papapanagiotou @

Martin Knobloch @

Konstantinos Papapanagiotou @

view
edit
OWASP Academies Development Session
  1. OWASP Academies discussion.
  2. OWASP University Outreach.
  3. OWASP Student Chapter.
  1. Develop a roadmap for OWASP Academies Program for 2014.
Martin Knobloch @

Konstantinos Papapanagiotou @

Martin Knobloch @


Summit Banners 2013 Writing.jpg

Name of Working Session Objective(s) Outcome(s) / Deliverable(s) Owner/Leader Members/Attendees
view
edit
Project Guide Review Session
  1. Figure out what else needs to be done for each project.
  2. Assign sections to each participant.
  3. Finish various sections assigned to you.
  4. Consolidate all finished sections.
  1. Finished content for AppSensor Book.
  2. Finished content for Development Guide Book.
  3. Finished content for Code Review Guide Book. .
  4. Finished content for Testing Guide Book.
Michael Hidalgo @


Summit Banners 2013 Product Dev.jpg

Name of Working Session Objective(s) Outcome(s) / Deliverable(s) Owner/Leader Members/Attendees
view
edit
OWASP Product Development Session
  1. Discussion on product development: What needs to be done, and how do we get to a finished product.
  2. Roadmap development for each project leader involved.
  3. Discussion on fundraising.
  1. Open discussion on product development.
  2. Create a roadmap for participating projects: Next steps in their development.


view
edit
OWASP Reference Implementation Session
  1. To determine reference implementation value for OWASP Projects.
  2. Identify and roadmap the building of the implementation where applicable.
  1. Open discussion on reference implementation needs.
  2. Development of roadmap for participating projects to action.



Summit Banners 2013 ZAP.jpg

Name of Working Session Objective(s) Outcome(s) / Deliverable(s) Owner/Leader Members/Attendees
view
edit
ZAP Hackathon Session
  1. Explain how people can contribute to ZAP
  2. Demonstrate how to set up a ZAP development environment
  3. Explain ZAP code structure
  4. Show people how to code scripts, active/passive scan rules, add-ons, core changes and improve the docs and localization
  5. Let people hack the ZAP code and docs with full support and guidance
  1. Identify set of enhancements attendees can work on
  2. Everyone with access to a ZAP dev environment
  3. An understanding of the ZAP code structure
  4. An understanding of how to develop ZAP code
  5. A set of small enhancements that can be committed immediately
Simon Bennetts @

Johanna Curiel


Summit Organisation Pages

These are pages with organization details about this event

Reference Links: