[GPC] contributing OWASP project

Paulo Coimbra paulo.coimbra at owasp.org
Wed Jun 23 12:12:37 EDT 2010



First of all, thank you for volunteering to lead an OWASP Project.  It is with volunteers like yourself that OWASP continues to succeed in making application security visible.

Second, regarding your new leadership of this project, I'd like to request that you send a project roadmap - basically the high level details of where you'd like to take the project.  The OWASP Global Projects Committee (GPC) will look at the roadmap and provide feedback on your project:  suggesting projects which are closely related, resources and contacts which may assist your efforts and any other suggestions to increase your project's success.


To get your project started, here are a couple of references for your review:

 - The Guidelines for OWASP Projects provide a quick overview of items key to a projects success - http://www.owasp.org/index.php/Guidelines_for_OWASP_Projects,

 - OWASP's Assessment Criteria is the metric by which projects are evaluated.  There are three categories for projects: Alpha, Beta, and Release.  The Assessment Criteria allows project leaders to know what aspects of projects OWASP values - http://www.owasp.org/index.php/Category:OWASP_Project_Assessment,


 - OWASP's GPC blog - http://globalprojectscommittee.wordpress.com/,

Your project will have an OWASP wiki page to inform and promote your project to the OWASP community.  To setup your project's page, please provide the details below so that the GPC can establish your initial project page.  The details provided will be used to complete OWASP's project template.  Feel free to add any additional information to wiki page or request assistance about how to add to your projects wiki page.

Details to create your project page:
(0) Project Name,

(1) Project purpose / overview,
(2) Project Roadmap (as mentioned above),
(3) Project links (if any) to external sites,
(4) Project License (http://www.owasp.org/index.php/Guidelines_for_OWASP_Projects#Project_Licensing),
(5) Project Leader name, 

(6) Project Leader email address,
(7) Project Leader wiki account - the username (you'll need this to edit the wiki),
(8) Project Contributor(s) (if any) - name email and wiki account (if any),

As your project reaches a point that you'd like OWASP to assist in its promotion, the GPC will need the following to help spread the word about your project:

 * Conference style presentation describing the project in at least 3 slides - http://globalprojectscommittee.wordpress.com/2009/07/27/what-is-the-3x-slide-presentation-thing/

 * Project Flyer/Pamphlet (PDF file) - http://globalprojectscommittee.wordpress.com/2009/07/21/what-is-this-project-flyerpamphlet-thing/

As work on your project progresses and you are ready to create a release, please let the GPC know of the change in status.  The GPC can work with you to get your project assessed and moved up the OWASP quality ladder from Alpha to Beta to Stable.  Every release does not require an assessment - feel free to email the GPC if you are unsure about your project's requirements.  For examples of projects at various quality levels, please see the OWASP Project page - http://www.owasp.org/index.php/Category:OWASP_Project

That is all for now - I wish you and your project great success.  Thank you for supporting OWASP's mission.

Should you have any questions or require any further information, please do not hesitate to contact me. 

Many thanks, best regards,


Paulo Coimbra,

 <https://www.owasp.org/index.php/Main_Page> OWASP Project Manager


From: Поляков Александр [mailto:sh2kerr at gmail.com] 
Sent: terça-feira, 22 de Junho de 2010 17:01
To: paulo.coimbra at owasp.org
Cc: dinis.cruz at owasp.org; jason.li at owasp.org; mtesauro at gmail.com; leonardocavallari at gmail.com; pravir.chandra at gmail.com; bradcausey at gmail.com
Subject: contributing OWASP project



Good afternoon dear colegues

I'm writing to you to express our wish to join to the OWASP contributors as there is definitely a project we would like to develop, more specifically OWASP_Enterprise_Application_Security_Project. 

 As we can see, for reasons unknown, it was brought to a halt and we if there's an opportunity would like to get engaged in the project as a project leader or make a similar new project and lead it.What should we do to lead this project?

We are very interested in the OWASP activities and can assure you we are well grounded in the topic and have a lot to develop and contribute to that is why below I provided the information about us in brief.

As for me i am an expert in enterprise application security in SAP, Oracle,JDedwards and other products. found many vulnerabilities (dsecrg.com) write pappers and talk in conferences(hitb,troopers,t2 and many russian).

I represent the Digital Security Research Group a part of Digital Security company which is the leading IT security company in Russia, providing information security consulting, ERP and enterprise application security assesment, audit and penetration testing services, risk analysis and ISMS-related services and certification for ISO/IEC 27001:2005 , PCI DSS and PA-DSS standards. 
Our company has its own Research Lab (called DSecRG) that focuses on enterprise application and database security problems with vulnerability reports, advisories and whitepapers posted regularly on our website.

For more information about Digital Security please visit: http://www.dsec.ru (in Russian) 

and our Research Lab website: http://www.dsecrg.com.(english)

-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/mailman/private/global-projects-committee/attachments/20100623/93881d03/attachment.html 

More information about the Global-projects-committee mailing list