SpoC 007 (OWASP Spring of Code 2007) results

Dinis Cruz dinis at ddplus.net
Sun May 13 12:44:12 EDT 2007

Hello, It is my pleasure to announce the results of the OWASP Spring of Code
2007 <http://www.owasp.org/index.php/OWASP_Spring_Of_Code_2007> initiative.

After the submission of the
OWASP Board rated each one according to the agreed
selection criteria<http://www.owasp.org/index.php/OWASP_Spring_Of_Code_2007_:_Selection>and
by a weird magical coincidence we came up with a result where ALL
participants will receive a sponsorship. The submitted projects had enough
quality to qualify and the budget available could be organized in a way that
made sense (I think that the fact that the submissions had to be published
directly to the WIKI (which I don't got defaced :) ) gave a good 'quality
benchmark' to candidates. Boris was the exception since he submitted 3
projects and received a higher than average sponsorship for 1 project

The original plan was to allocate 110,000 USD (92k from OWASP , 9k from Spy
Dynamics  and 9k from EDS) and we ended with a total of 125,000 USD (with
OWASP's contribution raised to 99k)

We also had two new members joining OWASP: Cenzic (9k) and Vigilar (8k) and
two specific projects sponsorships: SANS (5k) and Fortify (5k).

At the end of this email you can find two tables: one with the SpoC results
and one with the dinancial calculations.

As you can see on the 2nd table, OWASP still has (at least) 18,000 USD to
allocate to specific projects (this value might be higher pending the result
of negotiations about a couple further projects sponsorships). I will be
sending a new email about how these funds will be allocated.

I am also very happy to announce that Giorgio Fedon will be managing the
SpoC 007 project, so for the ones participating please provide as much
support and help to him (i.e. do what he asks you to do :)  ).

As always I am here to help, so if you have any questions or need more
information do contact me.

Finally I want to thank to the wonderful participants who now have the hard
job to deliver on their projects :)  . For the participants, please remember
that the success of SpoC 007 is on your hands, so please make us proud, and
show the world how OWASP is a good host/enabler for the successful execution
of Open Web Application Security Projects.

Thanks to everybody who helped to make this possible,

A very proud,

Dinis Cruz
Chief OWASP Evangelist

Table 1: SpoC 007 Results

 Proposal ID Project Total Project *Mark Curphey* The OWASP Web Security
Certification Framework *20000* (tbd) Interim @ Aspect Offices *10000*
(tbd) 10x
1000USD to FOSS projects we all use *10000* *Boris* OWASP Site Generator *
7000* *NSRAV Security Research Group* Attacks Reference Guide *5000* *Eric
Sheridan and Dr. Goran Trajkovski* The Scholastic Application Security
Assessment Project *5000* *EdFinkler* A comprehensive input
retrieval/filtering system for PHP *5000* *Eoin Keary* Code review Project *
5000* *Mateo* OWASP Certification Project *5000* *Sebastien Deleersnyder* OWASP
Education Project *5000* *Arshan Dabirsiaghi* OWASP The Anti-Samy Project *
5000* *Caseydk* Security throughout the SDLC *3000* *Erwin Geirnaert* OWASP
WebGoat Solutions Guide 2500 *Bunyamin Demir* OWASP WeBekci Project 2500 *
Denis* Python Tainted Mode 2500 *Darren Edmonds* WebScarab NG Security Test
Automation 2500 *Przemyslaw 'rezos' Skowron* Refresh Attacks list 2500 *
Bernardo* sqlmap 2500 *Jim* Best Practices & Countermeasures 2500 *Paulo
Coimbra * OWASP brand 2500 *Heiko* Web Application Security put into
practice 2500 *Subere* OWASP JBroFuzz Project 2500 *Paolo Perego* Owasp
Orizon Project 2500 *Buanzo* Enigform: Firefox Addon for OpenPGP signing of
HTTP requests 2500 *Josh Sweeney* OWASP LiveCD Education Project 2500 *Erwin
Geirnaert* OWASP Java Project 2500 Giorgio Fedon
Help with SpoC project management 2500 Joshua Perrymon OWASP LiveCD Project
2500 Boris OWASP Report Generator *-* Boris OWASP Tiger *-* *
* *
* *125000*
Table 2: SpoC 007 Financial Calculations

     Who? Project              budget   Allocated   Still Available
                  OWASP Any   98000   98000   0  EDS     9000   9000   0
SPI SiteGen   9000   4000   5000  Cenzic SiteGen   3000   3000   0    Metr
3000   0   3000    SDL   3000   3000   0  Vigilar Certification   8000
8000   0  SANS Questions   5000       5000  Fortify Source code review
5000   0   5000

     Totals   143000   125000
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.owasp.org/pipermail/owasp-all/attachments/20070513/e4fc4e6c/attachment.html 

More information about the Owasp-all mailing list