OWASP Project Manager Activity Reports/November 12 2012

Work accomplished since October 08, 2012

 * Project Numbers
 * Active Projects: 114
 * Archived Projects: 41
 * Merged Projects: 43


 * New Projects:
 * OWASP Periodic Table of Vulnerabilities


 * Pending Incubator Project Applications:
 * OWASP Application Security Awareness Top 10 E-Learning Project (Set up this week)
 * OWASP JSON Sanitizer (Set up this week)

Project Manager Q4 Objectives

 * 1) Identify and initiate 3 grant opportunities.
 * 2) Complete metadata for Salesforce import related to projects.
 * 3) Finalize and launch the Project database communication tool and webpage.
 * 4) Complete the project lifecycle redesign.
 * 5) Complete Version 2 of the Project Handbook.

Currently Working On

 * Grant Opportunities Updates
 * The ESAPI proposal is done and submitted: Thank you Chris Schmidt and Kevin Wall for helping to finalising the document.
 * Deborah, the DHS representative, has confirmed.
 * Submission was held up due to some budget questions raised by Kevin and Chris.
 * We re-evaluated the budget and made some changes.
 * This is for $25,000 from the DHS.
 * The Google Grant process is a little trickier than expected
 * Nevertheless, I am moving forward with the application with help from a Google for Non-Profits representative.
 * I hope to complete the application by this week, if all goes well.
 * I've already started the process for the OWASP ModSecurity Proposal as well.
 * Ryan has responded to my query regarding funding, and he is interested in pursuing the proposal.
 * I am putting together a reply with information on proposal procedure and budget requirements to send Ryan.


 * SalesForce Metadata Migration
 * All project data is now in Salesforce.
 * I continue to work with Kate to finish the migration.
 * We are currently working on creating a template e-mail to send to all active project leaders asking them to update their information. (Still seeking help for this)
 * Developed 8 forms to help with future requests: You can find them in the Project Processes Document: Section I.
 * Currently looking into developing the forms in Salesforce, and updating the active project information directly from Project Leaders.


 * Projects Communications Restructuring
 * The aim is to make this page live in January 2013.
 * I continue to update this with the relevant data.
 * Working on developing the project handbook, finalising project stage benefits, and finalising project graduation process before finalising updates to this page.


 * Project Processes & Lifecycle Development
 * Putting the handbook aside until these are fleshed out and agreed to.
 * I feel it is a much better idea to tackle individually, and them add them to the handbook.
 * Process form development
 * Project Stage Benefits
 * Project Graduation Process
 * Project Graduation Criteria
 * Project Migration Process


 * Projects Handbook
 * GPC and I have been working on completing the OWASP Projects Handbook.
 * Currently in the middle of developing a second version of the Handbook that is more relevant to the current state of OWASP Projects.
 * Emphasis on simplification of processes and creating a solid framework that we can later build on if needed.
 * Much of the handbook has been edited and discussed.
 * Areas that are still under development can be found in the Project Processes & Lifecycle Development section of this report.

Important GPC Meeting Outcomes and Discussion Points

 * 1) GPC Report: November 09, 2012
 * 2) Samantha: Continue to attempt to contact the SourceForge account people, and attempt to schedule a meeting with them.
 * 3) There has been no communication back from SourceForge people. We have decided to close the account so they will not continue to charge us. Samantha will move forward with this plan.
 * 4) Samantha: Develop a communications piece letting the community know why the account with SourceForge was closed.
 * 5) Samantha: Send Kate the file for the OWASP Initiatives Technical banner.
 * 6) Samantha: Finish Project Processes document and send to GPC for review.
 * GPC: Look through Project Processes Document and note down any critiques, objections, suggestions, etc
 * 1) Nishi Announcement: Working on putting together the presentations and video for each speaker at AppSec 2012. Nishi will send us a link once work is completed.
 * 2) Samantha: Move forward with ModSecurity Project Grant Proposal and Google Grants Application Process.
 * 3) Kate: Will be in touch with Nishi regarding OWASP India initiatives.