[Owasp-board] Spoc 007 results, final data set. If all is OK will annouce this tomorrow to the participants

Dinis Cruz dinis at ddplus.net
Sat Apr 28 00:28:50 UTC 2007


Hi Dave

(Comments Inline)

On 4/27/07, Dave Wichers <dave.wichers at owasp.org> wrote:
>
>  Dinis,
>
>
>
> Wasn't one of the projects to be funded an OWASP Intern? There isn't money
> left for that it looks like.
>

Yes, sorry about that. I corrected it on the latest version

Can we get some of the sponsors to agree that some or all of their remaining
> funds go into the general OWASP fund to help fund this overall?
>

Well, currently these are the extra budget that we have:

SiteGenetator          5000
Metrics                   3000
SANS  Questions    5000
Fortify  Source code    5000

so there is not a lot of room for manuever here .

Note that the current plan is to send a 'request for participants' for this
projects once SpoC 007 results are announce (i.e. I will ask 'who wants to
do these projects?')

If we don't do something like this, then we won't have enough funding left
> for the Fall of Code to be of similar size.
>

I don't think that that will be a problem. Remember that we still have two
conferences this year, we will have new members joining in (and current
renewals) and I do think that SpoC's delivereables will give the confidence
for more companies to join and to 'match-fund' some of the projects.

Given the current trend, I will bet 20 USD that AoC 2007 will have a budget
of 250k USD :) .

Any takers on this bet?

Finally, where is the eval criteria posted? I couldn't find it at a quick
> glance.
>

it is here:
http://www.owasp.org/index.php/OWASP_Spring_Of_Code_2007_:_Selection
(ignore the 'Complete status' item since that was not used on SpoC's
ratings)


Dinis

-Dave
>
>
>
> *From:* owasp-board-bounces at lists.owasp.org [mailto:
> owasp-board-bounces at lists.owasp.org] *On Behalf Of *Dinis Cruz
> *Sent:* Thursday, April 26, 2007 7:34 PM
> *To:* OWASP Board
> *Subject:* [Owasp-board] Spoc 007 results, final data set. If all is OK
> will annouce this tomorrow to the participants
>
>
>
> Ok guys, using the data set from mine and Jeffs ratings, here is the final
> Spoc sponsorhip allocations:
>
> *Proposal ID*
>
> Project
>
> * OWASP Sponsorship*
>
> *Mark Curphey*
>
> *The OWASP Web Security Certification Framework*
>
> *20000*
>
> *----*
>
> *10x 1000USD to FOSS projects we all use*
>
> *10000*
>
> *Mateo*
>
> *OWASP Certification Project*
>
> *5000*
>
> *Eoin Keary*
>
> *Code review Project*
>
> *5000*
>
> *Boris*
>
> *OWASP Site Generator*
>
> *5000*
>
> *EdFinkler*
>
> *A comprehensive input retrieval/filtering system for PHP*
>
> *5000*
>
> *NSRAV Security Research Group*
>
> *Attacks Reference Guide*
>
> *5000*
>
> *Arshan Dabirsiaghi*
>
> *OWASP The Anti-Samy Project *
>
> *5000*
>
> *Sebastien Deleersnyder*
>
> *OWASP Education Project*
>
> *5000*
>
> *Eric Sheridan and Dr. Goran Trajkovski*
>
> *The Scholastic Application Security Assessment Project*
>
> *5000*
>
> *Caseydk*
>
> *Security throughout the SDLC*
>
> *3000*
>
> *Bunyamin Demir*
>
> OWASP WeBekci Project
>
> 2500
>
> *Erwin Geirnaert*
>
> OWASP Java Project
>
> 2500
>
> *Boris*
>
> OWASP Tiger
>
> 2500
>
> *Joshua Perrymon*
>
> OWASP LiveCD Project
>
> 2500
>
> *Erwin Geirnaert*
>
> OWASP WebGoat Solutions Guide
>
> 2500
>
> *Denis*
>
> Python Tainted Mode
>
> 2500
>
> *Jim*
>
> Best Practices & Countermeasures
>
> 2500
>
> *Josh Sweeney*
>
> OWASP LiveCD Education Project
>
> 2500
>
> *Heiko*
>
> Web Application Security put into practice
>
> 2500
>
> *Przemyslaw 'rezos' Skowron*
>
> Refresh Attacks list
>
> 2500
>
> *Boris*
>
> OWASP Report Generator
>
> 2500
>
> *Darren Edmonds*
>
> WebScarab NG Security Test Automation
>
> 2500
>
> *Subere*
>
> OWASP JBroFuzz Project
>
> 2500
>
> *Paulo Coimbra*
>
> OWASP brand
>
> 2500
>
> *Paolo Perego*
>
> Owasp Orizon Project
>
> 2500
>
> *Bernardo*
>
> sqlmap
>
> 2500
>
> *Buanzo*
>
> Enigform: Firefox Addon for OpenPGP signing of HTTP requests
>
> 2500
>
> (TBD)
>
> Help with SpoC project management
>
> 2500
>
>
>
>
>  *Total*
>
> *118000*
>
>
> which means that all proposals submited were accepted (an amazing sucess
> story) and acording to my numbers (please double check them) we are only 2k
> over our initial 91K invesment, and still have 20k to alocate:
>
>
>
>  *Total Investment*
>
>
>
>
>  *118000*
>
>
>
>
>
>
>
>
>
>
>
>   *Payer*
>
> *Project*
>
> *Initial budget*
>
> *Allocated*
>
> *Still Available*
>
>
>
>
>
>   *OWASP*
>
> Any
>
> 91000
>
> *91000*
>
> 0
>
> *EDS*
>
>  9000
>
> *9000*
>
> 0
>
> *SPI*
>
> SiteGen
>
> 9000
>
> *3000*
>
> 6000
>
> *Cenzic*
>
> SiteGen
>
> 3000
>
> *2000*
>
> 1000
>
>  Metr
>
> 3000
>
> *0*
>
> 3000
>
>  SDL
>
> 3000
>
> *3000*
>
> 0
>
> *Vigilar*
>
> Certification
>
> 8000
>
> *8000*
>
> 0
>
> *SANS*
>
> Questions
>
> 5000
>
>  5000
>
> *Fortify*
>
> Source code
>
> 5000
>
> *0*
>
> 5000
>
>
>
>
>
>
>
>
>
>
>
>  *Totals*
>
> *136000*
>
> *116000*
>
> *20000*
>
>
>
>
>
>
>
>
>
>
>   Total Allocated – Total investment =
>
>
>  *-2,000*
>
>
> If none of you complain, I will email the participants and the
> owasp-leaders this information tomorrow, and start working on the
> press-release and final operational details.
>
> very exited about what is going to be created by this iniciative
>
> Dinis
>



-- 
Dinis Cruz
Chief OWASP Evangelist, Are you a member yet?
http://www.owasp.org
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20070428/fba285ab/attachment-0002.html>


More information about the Owasp-board mailing list