May 4, 2010

Agenda
1-866-534-4754 Code: "OWASP" (69277)

Follow up from April

 * Q1 P&L Review

Please click for the revised 2010 Q1 Financial Reports.


 * ESAPI Project Manager vote from April postponed until June

Approval required to hire OWASP intern for summer. Would be 40 hrs/week at $10/hr. Intern will provide technical development support to OWASP projects, currently targeting ESAPI, but we are looking for other high priority OWASP projects that we should support if the board has other suggestions. Will work out of the Columbia office under the guidence of Jeff and Dave.


 * '''Outsourcing OWASP's IT

Clarification of the scope of the RFQ for Dedicated Hosting
 * Is this just moving the 'iron' to another place or is this application maintenance as well?
 * Do we also need to look for a hosted Wiki service?
 * What does success look like for this project?

Original RFQ

Vote Required

 * Vote: continuation of 60/40 split or donation funding status for projects (see GPC update below on this topic)
 * Do we continue to allow companies designate a portion of their membership fees to a specific project?
 * Should be money directly allocated to projects, chapters or committees be a 100/0 split (i.e. 0% to OWASP)


 * Vote: Should OWASP take a stand or publicise an opinion on the F5 suit vs. Imperva?


 * Vote: Approval of OWASP Annual Report.


 * Vote: Which training logo do you like best?

Committees updates

 * OWASP Connections Committee
 * by Eoin Keary
 * OWASP Annual Report
 * OWASP April Newsletter
 * OWASP Top 10 Release (Marketing efforts and Book)
 * Getting Stats for OWASP Website and impact of Media efforts
 * by Dinis Cruz
 * Meeting with a Portuguese government agency/(UMIC)
 * UMIC will participate in the OWASP's IBWAS10
 * UMIC has challenged OWASP to jointly work on a concept of a ICT/WebAppSec Academy
 * OWASP Training
 * First course has been delivered
 * Second course already scheduled
 * Currently finalizing the arrangements for the next batch of courses: Portugal, Ireland, Italy.
 * Global Projects Committee
 * by Dinis Cruz
 * Projects Sponsorship Model
 * We have received a email from Softtek that has triggered this issue
 * Paulo is proposing we use a model similar to this one
 * We need to discuss whether or not the policy, that we have been pushing to set up but haven’t implemented still and under which projects leaders and contributors can’t be paid for their work, is to be enforced.
 * We need to discuss and find out one solution to acknowledge the sponsor role in those cases in which a project leader time is being paid by his employer for him to work in a OWASP project.
 * Project Details Tab
 * http://www.owasp.org/index.php/Projects/Live_CD/GPC
 * http://www.owasp.org/index.php/Projects/Top_10/GPC


 * Global Chapters Committee
 * by Dinis Cruz
 * Still trying to get what is the status of this committee
 * Issue with 'Commercial' bias of OWASP local chapters
 * Global Education Committee
 * by Dinis Cruz
 * Working with them to create Training Packs (to be used on the Chapter-lead training events


 * Global Membership Committee
 * by Seba
 * See April's meeting minutes


 * Global Conferences Committee
 * by ______________
 * Board Member