[Owasp-board] SpoC results now with Andrew's data

Dinis Cruz dinis at ddplus.net
Sat Apr 28 00:13:55 UTC 2007

Ok, here are the final data set (with mine, Jeff and Andrew's rating).

The values are just about the same, with the following changes:

   - I removed boris applications for ORG (OWASP Report Generator) and
   OWASP Tiger since he is already on OSG (OWASP Site Generator)
   - Since we have extra budget for OSG, I increased Boris OSG
   sponsorship from 5k to 7k (and this still leaves 5k for another SpoC
   - I added the interim at 10k
   - I removed the 'Complete State' column since both Jeff and I missed
   that one (my fault, but this was a bit redundant criteria).  For reference
   the Criteria is published here:

On the new total we are now 'short' 7k which means that the OWASP investment
is going to be 98k (close to the original 100k), and it makes the total
investment on SpoC 125,000 USD (which is a nice and round number :)  )

I will respond to Andrews comments as a response to his email.

Here is the final analysis and attached is the Excel/Open Office doc:

  *Proposal ID* Project *Total Project*  *Mark Curphey* The OWASP Web
Security Certification Framework *20000*  (tbd) Interim @ Aspect Offices *
10000*  (tbd) 10x 1000USD to FOSS projects we all use *10000*  *Boris* OWASP
Site Generator *7000*  *NSRAV Security Research Group* Attacks Reference
Guide *5000*  *Eric Sheridan and Dr. Goran Trajkovski* The Scholastic
Application Security Assessment Project *5000*  *EdFinkler* A comprehensive
input retrieval/filtering system for PHP *5000*  *Eoin Keary* Code review
Project *5000*  *Mateo* OWASP Certification Project *5000*  *Sebastien
Deleersnyder* OWASP Education Project *5000*  *Arshan Dabirsiaghi* OWASP The
Anti-Samy Project *5000*  *Caseydk* Security throughout the SDLC *3000*  *Erwin
Geirnaert* OWASP WebGoat Solutions Guide 2500  *Bunyamin Demir* OWASP
WeBekci Project 2500  *Denis* Python Tainted Mode 2500  *Darren
Edmonds* WebScarab
NG Security Test Automation 2500  *Przemyslaw 'rezos' Skowron* Refresh
Attacks list 2500  *Bernardo* sqlmap 2500  *Jim* Best Practices &
Countermeasures 2500  *Paulo Coimbra* OWASP brand 2500  *Heiko* Web
Application Security put into practice 2500  *Subere* OWASP JBroFuzz Project
2500  *Paolo Perego* Owasp Orizon Project 2500  *Buanzo* Enigform: Firefox
Addon for OpenPGP signing of HTTP requests 2500  *Josh Sweeney* OWASP LiveCD
Education Project 2500  *Erwin Geirnaert* OWASP Java Project 2500  (tbd) Help
with SpoC project management 2500  Joshua Perrymon OWASP LiveCD Project 2500
Boris OWASP Report Generator *-*  Boris OWASP Tiger *-*  *
* *
* *125000*

  *Total Investment*



 *Payer* *Project* *Initial budget* *Allocated* *Still Available*

 *OWASP* Any 91000 *91000* 0  *EDS*
9000 *9000* 0  *SPI* SiteGen 9000 *4000* 5000  *Cenzic* SiteGen 3000 *3000*
0  *
* Metr 3000 *0* 3000  *
* SDL 3000 *3000* 0  *Vigilar* Certification 8000 *8000* 0  *SANS* Questions
5000 *
* 5000  *Fortify* Source code 5000 *0* 5000

*Totals* *136000* *118000* *18000*

 Total Allocated – Total investment =


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20070428/61b21a15/attachment-0002.html>

More information about the Owasp-board mailing list