[Owasp-board] FW: great chatting with you + research proposal

dinis cruz dinis.cruz at owasp.org
Tue Mar 17 18:00:44 UTC 2009


Hi Jeffery,

Thanks for your answer. I'm sorry to be a pain, but until you deal with the
items I outlined on my initial email, we can't really move forward. For your
convenience here they are again:

*"...in order to quick start this process could you please: *

   - *Post your proposal online on the OWASP website (ideally on a WIKI
   page). As you can see here (
   https://www.owasp.org/index.php/OWASP_Summer_of_Code_2008_Applications )
   all OWASP grant sponsorships are first publicly posted for review and
   comment by our community and Season of Code Project (SoC) selection group
   *
   - *Please review the rules of engagement of the last SoC (here
   https://www.owasp.org/index.php/OWASP_Summer_of_Code_2008#Operational_Rules
)
   and how they were managed and documented (see links from here
   https://www.owasp.org/index.php/OWASP_Summer_of_Code_2008_Projects_Authors_Status_Target_and_Reviewers
    )*
   - *We also have an Project Assessment Criteria which your project will
   need to comply with (see
   https://www.owasp.org/index.php/Category:OWASP_Project_Assessment#Assessment_Scale_for_OWASP_DOCUMENTATION_Projects
) .
   And given the quality of your proposal your deliverables should be at
   RELEASE QUALITY *
   - *Do you have any ideas about who could be interested in sponsoring this
   project and what should be the rules of engagement? In fact it would be
   great if you could include in your proposal a 'business case' for sponsoring
   this project (at OWASP we have a very wide access to most of the AppSec
   community and its corporate users, so if we can make a strong case, it
   should be possible to get the 15k (or more) you need).*

*..."*

The reason we have to go down this path, is because we already have an well
established sponsorship program at OWASP (see
http://www.owasp.org/index.php/Category:OWASP_Season_of_Code) and we have to
make sure that our community is OK with this allocation of their funds
(specially on relative large sponsorships items like yours).

I also want to make sure you (and the other participants):

    a) are happy with our current project management structure and
    b) fully understand our delivery expectations.

Thanks

Dinis


2009/3/17 Jeffery Payne <jeff.payne at coveros.com>

> Hi Dinas,
>
> Great to hear from you.  I ran into Jeff Williams last week and he said you
> guys were still trying to figure out what to do with my proposal but that he
> didn't think it made sense to put it under the Summer of Code program and
> that I should sit tight until you guys discussed this further.  I haven't
> heard anything since then so I assumed you all were still discussing this.
>
> Regardless, I apologize for not getting back to you sooner as I meant to
> send you a note but wrongly assumed you were aware of this conversation with
> Jeff.  Please chat with Jeff and let me know collectively how you want me to
> proceed.
>
> Best regards,
>
> jeff
> On Tue, Mar 17, 2009 at 11:38 AM, dinis cruz <dinis.cruz at owasp.org> wrote:
>
>> Hi Jeffery
>>
>> Given your lack of reply to my questions below, shall we assume that you
>> NO logger want to apply this grant from OWASP to perform this project?
>>
>> We are having a call tonight for the Global Projects Committee, and
>> (unless I receive an update from you) will report to them (and later this
>> month to the OWASP board) that I received no comments from you and recommend
>> that we remove this item from tonight's agenda.
>>
>> Dinis Cruz
>> Owasp Board Member
>> Owasp Global Projects Committee
>>
>> 2009/3/12 dinis cruz <dinis.cruz at owasp.org>
>>
>> Hi Jeffery
>>> Did you reply to my questions below?
>>>
>>> We need to come back ASAP to you with our comments, but until you answer
>>> these we can't really move forward.
>>>
>>> Thanks
>>>
>>> Dinis Cruz
>>>
>>> 2009/3/6 dinis cruz <dinis.cruz at owasp.org>
>>>
>>>> Jeffery, in order to quick start this process could you please:
>>>>
>>>>    - Post your proposal online on the OWASP website (ideally on a WIKI
>>>>    page). As you can see here (
>>>>    https://www.owasp.org/index.php/OWASP_Summer_of_Code_2008_Applications )
>>>>    all OWASP grant sponsorships are first publicly posted for review and
>>>>    comment by our community and Season of Code Project (SoC) selection group
>>>>    - Please review the rules of engagement of the last SoC (here
>>>>    https://www.owasp.org/index.php/OWASP_Summer_of_Code_2008#Operational_Rules )
>>>>    and how they were managed and documented (see links from here
>>>>    https://www.owasp.org/index.php/OWASP_Summer_of_Code_2008_Projects_Authors_Status_Target_and_Reviewers
>>>>     )
>>>>    - We also have an Project Assessment Criteria which your project
>>>>    will need to comply with (see
>>>>    https://www.owasp.org/index.php/Category:OWASP_Project_Assessment#Assessment_Scale_for_OWASP_DOCUMENTATION_Projects ) .
>>>>    And given the quality of your proposal your deliverables should be at
>>>>    RELEASE QUALITY
>>>>    - Do you have any ideas about who could be interested in sponsoring
>>>>    this project and what should be the rules of engagement? In fact it would be
>>>>    great if you could include in your proposal a 'business case' for sponsoring
>>>>    this project (at OWASP we have a very wide access to most of the AppSec
>>>>    community and its corporate users, so if we can make a strong case, it
>>>>    should be possible to get the 15k (or more) you need).
>>>>
>>>> I'm also forwarding this email to  the Membership and Industry
>>>> Committees since they should also be involved in this project.
>>>>
>>>> Dinis
>>>>
>>>>  2009/3/6 Jeff Williams <jeff.williams at owasp.org>
>>>>
>>>>>  Hi Board,
>>>>>
>>>>>
>>>>>
>>>>> I’m forwarding a proposal from Jeff Payne (formerly of Cigital) who is
>>>>> proposing to lead a survey to gather data about how real companies are
>>>>> dealing with application security.  Could you all please review and be
>>>>> prepared to discuss at the board meeting next week?
>>>>>
>>>>>
>>>>>
>>>>> Thanks,
>>>>>
>>>>>
>>>>>
>>>>> --Jeff
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> *From:* Jeffery Payne [mailto:jeff.payne at coveros.com]
>>>>> *Sent:* Thursday, March 05, 2009 1:51 PM
>>>>> *To:* Jeff Williams
>>>>> *Subject:* great chatting with you + research proposal
>>>>>
>>>>>
>>>>>
>>>>> Hi Jeff,
>>>>>
>>>>>
>>>>>
>>>>> It was great catching up with you last week!  It sounds like things are
>>>>> great and I'd love to figure out how we can work together on training and
>>>>> other activities going forward.  Will you be at the upcoming DHS Software
>>>>> Assurance Forum?  I'm speaking on Wed and will be there then as well as
>>>>> attending the DHS / OWASP event on Friday.
>>>>>
>>>>>
>>>>>
>>>>> Also, I've enclosed a grant proposal for the application security
>>>>> survey that I mentioned to you.  I think this is a GREAT initiative that can
>>>>> not only continue to position OWASP as the go to place for application
>>>>> security resources but also raise the visibility of the entire app sec
>>>>> community.  I could not tell from the web site who I was supposed to send
>>>>> this to so I thought I'd send it to you directly.  A couple of questions: 1)
>>>>> how long does it take to get a decision on grant proposals?  2) when can we
>>>>> start ;-)  Seriously, the person I want to work with me on this comes off
>>>>> her previous project March 30 and I'd love to get her engaged before she is
>>>>> sucked into something else.  Not sure if your turnaround time on a decision
>>>>> is that quick or not.
>>>>>
>>>>>
>>>>>
>>>>> Best regards,
>>>>>
>>>>>
>>>>>
>>>>> jeff
>>>>>
>>>>> --
>>>>> Jeffery Payne
>>>>> Chief Executive Officer
>>>>> Coveros, Inc.
>>>>>
>>>>> jeff.payne at coveros.com
>>>>> 703-431-2920
>>>>>
>>>>> _______________________________________________
>>>>> Owasp-board mailing list
>>>>> Owasp-board at lists.owasp.org
>>>>> https://lists.owasp.org/mailman/listinfo/owasp-board
>>>>>
>>>>>
>>>>
>>>
>>
>
>
> --
> Jeffery Payne
> Chief Executive Officer
> Coveros, Inc.
>
> jeff.payne at coveros.com
> 703-431-2920
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20090317/c0a97945/attachment-0002.html>


More information about the Owasp-board mailing list