[GPC] New OWASP project

Matt Tesauro mtesauro at gmail.com
Mon Jun 14 16:56:26 EDT 2010


Also, if you have any questions about what some of those specific items 
Paulo has asked for, you can ping me.  I wrote many of the requirements 
and guidelines for them so I can hopefully clear up anything that isn't, 
well, clear.

-- Matt Tesauro
OWASP Board Member
OWASP Live CD Project Lead
http://AppSecLive.org - Community and Download site

On 6/14/10 2:19 PM, Paulo Coimbra wrote:
> Hello Leigh,
> Hope you are well. First of all, thank you for volunteering to lead
> another OWASP Project. It is with volunteers like yourself that OWASP
> continues to succeed in making application security visible.
> Second, regarding your new leadership of this project, I'd like to
> request that you send (if possible) a project roadmap - basically the
> high level details of where you'd like to take the project. The OWASP
> Global Projects Committee (GPC) will look at the roadmap and provide
> feedback on your project: suggesting projects which are closely related,
> resources and contacts which may assist your efforts and any other
> suggestions to increase your project's success.
> To get your project started, here are a couple of references for your
> review:
> - The Guidelines for OWASP Projects provide a quick overview of items
> key to a projects success -
> http://www.owasp.org/index.php/Guidelines_for_OWASP_Projects,
> - OWASP's Assessment Criteria is the metric by which projects are
> evaluated. There are three categories for projects: Alpha, Beta, and
> Release. The Assessment Criteria allows project leaders to know what
> aspects of projects OWASP values -
> http://www.owasp.org/index.php/Category:OWASP_Project_Assessment,
> - OWASP's GPC blog - http://globalprojectscommittee.wordpress.com/,
> Your project will have an OWASP wiki page to inform and promote your
> project to the OWASP community. To setup your project's page, please
> provide the details below so that the GPC can establish your initial
> project page. The details provided will be used to complete OWASP's
> project template. Feel free to add any additional information to wiki
> page or request assistance about how to add to your projects wiki page.
> Details to create your project page:
> (0) Project Name,
> (1) Project purpose / overview,
> (2) Project Roadmap (as mentioned above),
> (3) Project links (if any) to external sites,
> (4) Project License
> (http://www.owasp.org/index.php/Guidelines_for_OWASP_Projects#Project_Licensing),
> (5) Project Leader name,
> (6) Project Leader email address,
> (7) Project Leader wiki account - the username (you'll need this to edit
> the wiki),
> (8) Project Maintainer (if any) - name, email and wiki account (if any),
> (9) Project Contributor(s) (if any) - name email and wiki account (if any),
> As your project reaches a point that you'd like OWASP to assist in its
> promotion, the GPC will need the following to help spread the word about
> your project:
> * Conference style presentation describing the project in at least 3
> slides -
> http://globalprojectscommittee.wordpress.com/2009/07/27/what-is-the-3x-slide-presentation-thing/
> * Project Flyer/Pamphlet (PDF file) -
> http://globalprojectscommittee.wordpress.com/2009/07/21/what-is-this-project-flyerpamphlet-thing/
> As work on your project progresses and you are ready to create a
> release, please let the GPC know of the change in status. The GPC can
> work with you to get your project assessed and moved up the OWASP
> quality ladder from Alpha to Beta to Stable. Every release does not
> require an assessment - feel free to email the GPC if you are unsure
> about your project's requirements. For examples of projects at various
> quality levels, please see the OWASP Project page -
> http://www.owasp.org/index.php/Category:OWASP_Project
> To edit OWASP Wiki you will need to create a create a wiki account
> <https://www.owasp.org/index.php/Special:Userlogin>. Please see here
> <https://www.owasp.org/index.php/Tutorial> how to do it and here
> <https://www.owasp.org/index.php/Category:OWASP_Live_CD_Project> and
> here <https://www.owasp.org/index.php/User:Mtesauro> an example of how
> it will be used.
> That is all for now - I wish you and your project great success. Thank
> you for supporting OWASP's mission.
> Should you have any questions or require any further information, please
> do not hesitate to contact me.
> Many thanks, best regards,
> Paulo Coimbra,
> OWASP Project Manager <https://www.owasp.org/index.php/Main_Page>
> *From:* Matt Tesauro [mailto:mtesauro at gmail.com]
> *Sent:* sexta-feira, 4 de Junho de 2010 02:44
> *To:* Paulo Coimbra
> *Cc:* Leigh Honeywell
> *Subject:* New OWASP project
> Paulo,
> Meet Leigh Honeywell. I met Leigh at Security BSides un-conference in
> Austin recently. She's interested in starting a project with OWASP
> related to the Rugged Software movement in which OWASP is involved.
> Here's a quick overview of her idea:
> "I wanted to follow up on putting together some Rugged training content
> that can be used in the context of onboarding software engineering
> hires. A couple of open source projects I'm involved with have asked me
> to do some security training for their communities, so I have a built-in
> crowd of beta-testers. I'm going to start with the content in this talk:
> http://hypatia.ca/2009/04/meshu-2009-writing-more-secure-software/ but
> updated to reflect the most recent OWASP Top Ten."
> I've also introduced her to Nishi Kumar as this is fairly close to her
> CBT project. Personally, I think this warrants a separate project but I
> wanted them both to be aware of each others work.
> If I remember correctly, getting a wiki account is moderated currently
> due to the SPAM bots and such. If there's something Leigh needs to know
> to get her wiki account, please forward that information as well.
> Thanks!
> BTW, best of luck on the move to Portugal!
> --
> --
> -- Matt Tesauro
> OWASP Board Member
> OWASP Live CD Project Lead
> http://www.owasp.org/index.php/Category:OWASP_Live_CD_Project
> http://AppSecLive.org - Community and Download site

More information about the Global-projects-committee mailing list