[GPC] New OWASP project

Paulo Coimbra paulo.coimbra at owasp.org
Mon Jun 14 15:19:16 EDT 2010

Hello Leigh,


Hope you are well. First of all, thank you for volunteering to lead another
OWASP Project.  It is with volunteers like yourself that OWASP continues to
succeed in making application security visible.

Second, regarding your new leadership of this project, I'd like to request
that you send (if possible) a project roadmap - basically the high level
details of where you'd like to take the project.  The OWASP Global Projects
Committee (GPC) will look at the roadmap and provide feedback on your
project:  suggesting projects which are closely related, resources and
contacts which may assist your efforts and any other suggestions to increase
your project's success.


To get your project started, here are a couple of references for your

 - The Guidelines for OWASP Projects provide a quick overview of items key
to a projects success -

 - OWASP's Assessment Criteria is the metric by which projects are
evaluated.  There are three categories for projects: Alpha, Beta, and
Release.  The Assessment Criteria allows project leaders to know what
aspects of projects OWASP values -


 - OWASP's GPC blog - http://globalprojectscommittee.wordpress.com/,

Your project will have an OWASP wiki page to inform and promote your project
to the OWASP community.  To setup your project's page, please provide the
details below so that the GPC can establish your initial project page.  The
details provided will be used to complete OWASP's project template.  Feel
free to add any additional information to wiki page or request assistance
about how to add to your projects wiki page.

Details to create your project page:
(0) Project Name,

(1) Project purpose / overview,
(2) Project Roadmap (as mentioned above),
(3) Project links (if any) to external sites,
(4) Project License
(5) Project Leader name, 

(6) Project Leader email address,
(7) Project Leader wiki account - the username (you'll need this to edit the
(8) Project Maintainer (if any)  - name, email and wiki account (if any),
(9) Project Contributor(s) (if any) - name email and wiki account (if any),

As your project reaches a point that you'd like OWASP to assist in its
promotion, the GPC will need the following to help spread the word about
your project:

 * Conference style presentation describing the project in at least 3 slides

 * Project Flyer/Pamphlet (PDF file) -

As work on your project progresses and you are ready to create a release,
please let the GPC know of the change in status.  The GPC can work with you
to get your project assessed and moved up the OWASP quality ladder from
Alpha to Beta to Stable.  Every release does not require an assessment -
feel free to email the GPC if you are unsure about your project's
requirements.  For examples of projects at various quality levels, please
see the OWASP Project page -


To edit OWASP Wiki you will need to create a create
<https://www.owasp.org/index.php/Special:Userlogin>  a wiki account. Please
see here <https://www.owasp.org/index.php/Tutorial>  how to do it and here
<https://www.owasp.org/index.php/Category:OWASP_Live_CD_Project>  and here
<https://www.owasp.org/index.php/User:Mtesauro>  an example of how it will
be used.

That is all for now - I wish you and your project great success.  Thank you
for supporting OWASP's mission.

Should you have any questions or require any further information, please do
not hesitate to contact me. 


Many thanks, best regards,


Paulo Coimbra,

 <https://www.owasp.org/index.php/Main_Page> OWASP Project Manager


From: Matt Tesauro [mailto:mtesauro at gmail.com] 
Sent: sexta-feira, 4 de Junho de 2010 02:44
To: Paulo Coimbra
Cc: Leigh Honeywell
Subject: New OWASP project




Meet Leigh Honeywell.  I met Leigh at Security BSides un-conference in
Austin recently.  She's interested in starting a project with OWASP related
to the Rugged Software movement in which OWASP is involved.


Here's a quick overview of her idea:

"I wanted to follow up on putting together some Rugged training content that
can be used in the context of onboarding software engineering hires.  A
couple of open source projects I'm involved with have asked me to do some
security training for their communities, so I have a built-in crowd of
beta-testers. I'm going to start with the content in this talk: 

http://hypatia.ca/2009/04/meshu-2009-writing-more-secure-software/ but
updated to reflect the most recent OWASP Top Ten."


I've also introduced her to Nishi Kumar as this is fairly close to her CBT
project.  Personally, I think this warrants a separate project but I wanted
them both to be aware of each others work.


If I remember correctly, getting a wiki account is moderated currently due
to the SPAM bots and such.  If there's something Leigh needs to know to get
her wiki account, please forward that information as well.




BTW, best of luck on the move to Portugal!




-- Matt Tesauro

OWASP Board Member

OWASP Live CD Project Lead


http://AppSecLive.org - Community and Download site

-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/mailman/private/global-projects-committee/attachments/20100614/02e70617/attachment-0001.html 

More information about the Global-projects-committee mailing list