[Owasp-board] [Owasp-guide] - Grant

Paulo Coimbra paulo.coimbra at owasp.org
Wed Aug 25 18:26:09 UTC 2010


Board, GPC,

 

As you can see below, Eoin has asked that we confirm the Code Review is also
being granted 5,000 dollars to support the development of its 2.0 version
and so I am formally seeking your approval.

 

Please let me remind that a couple of you have already mentioned that we
should treat equally the three major OWASP Guides and, as project manager, I
also recommend we fund this effort.  

 

Thanks,

 

Paulo Coimbra,

 <https://www.owasp.org/index.php/Main_Page> OWASP Project Manager

 

From: eoinkeary at gmail.com [mailto:eoinkeary at gmail.com] On Behalf Of Eoin
Sent: terça-feira, 3 de Agosto de 2010 14:47
To: Paulo Coimbra
Subject: Re: [Owasp-guide] - Grant

 

Paulo,

firstly many congratulations on the family news, great news indeed. It will
be fun!!!

Secondly, Can you confirm the Code Review Guide is also getting the expenses
covered when the project is initiated.

Eoin



 

On 2 August 2010 13:08, Paulo Coimbra <paulo.coimbra at owasp.org> wrote:

Hello Anurag and Vishal,

 

It is my pleasure to inform you that OWASP Board, under GPC’s
recommendation, has decided to support Development Guide’s next phase by
making available a grant of 5,000 dollars.

 

In accordance with what had been previously defined when we first built the
un-launched SoC09 frame, “these expenses include things like marketing our
best projects, printing promotional samples of our best OWASP documents,
graphic design, travel expenses to hold mini-summits, etc.” 

 

To clarify, in a nutshell, the grant can be used to pay for any project's
development related expense with the exception of the project leader's and
the project contributors' time.

 

http://www.owasp.org/index.php/OWASP_Season_of_Code_2009

 

Also, I have created an excel file so as to we can keep track of the
expenses made. Please keep it updated and give me a heads-up whenever you
need a reimbursement.

 

https://spreadsheets.google.com/ccc?key=0An4Puwz7EA41dHM2MFhHTXlnYXlYcDhSTDl
0UE43cEE
<https://spreadsheets.google.com/ccc?key=0An4Puwz7EA41dHM2MFhHTXlnYXlYcDhSTD
l0UE43cEE&hl=en&authkey=COSkqvsK#gid=0> &hl=en&authkey=COSkqvsK#gid=0 

 

I take the opportunity to ask whether or not you already have a final
version of the Project’s Roadmap. If yes, please send it off so as to
upload. 

 

Many thanks, best regards,

 

Paulo Coimbra,

OWASP Project <https://www.owasp.org/index.php/Main_Page>  Manager

 

From: global-projects-committee-bounces at lists.owasp.org
[mailto:global-projects-committee-bounces at lists.owasp.org] On Behalf Of
Anurag Agarwal
Sent: sábado, 24 de Julho de 2010 15:19
To: 'Jeff Williams'; 'Dave Wichers'
Cc: 'Andrew van der Stock'; 'Vishal Garg'; 'owasp-testing';
owasp-guide at lists.owasp.org; 'OWASP Foundation BoardList'; 'Global Projects
Committee'
Subject: Re: [GPC] [Owasp-board] [Owasp-guide] Welcome to OWASP Foundation

 

Jeff – Even though this is pretty ambitious but I completely agree that this
should be the way to go. Linking these documents will make them even more
stickier and reflect the true brand of OWASP as a collaborative set of
standards. It would be nice to have a vision and the same message is
filtered down through various standards. But in order to achieve this, we
will require a leader who has an understanding of not only ASVS but
development standards, testing standards and code review standards. He will
be working with the vision (which can be refined by OWASP leaders) and will
work with other individual project leaders to make sure the message is
properly communicated through every individual standard.

 

Thoughts / Suggestions?

 

Anurag

 

 

From: Jeff Williams [mailto:jeff.williams at owasp.org] 
Sent: Friday, July 23, 2010 4:39 PM
To: Dave Wichers
Cc: Paulo Coimbra; OWASP Foundation BoardList; Global Projects Committee;
Andrew van der Stock; Anurag Agarwal; Vishal Garg
Subject: Re: [Owasp-board] [Owasp-guide] Welcome to OWASP Foundation

 

New items are absolutely encouraged.  We should give them OWASP numbers and
get alignment across all the guides.  Ultimately we want guidance for each
item from the following perspectives:

 

1. Requirement (asvs)

2. How to develop it right (dev guide)

3. How to verify it's right with testing (testing guide)

4. How to verify it's right with code review (CRT)

 

This is going to be awesome!


--Jeff

 

Jeff Williams

Aspect Security

work: 410-707-1487

main: 301-604-4882

 

 


On Jul 22, 2010, at 3:21 PM, "Dave Wichers" <dave.wichers at owasp.org> wrote:

I would recommend both goals, with the primary (and hopefully easier one),
being ASVS alignment, and then expanding or enhancing the guide as much as
the volunteers have the energy for.

 

The guide is a bit long in the tooth so it definitely needs
updating/refreshing in addition to reorganization to match ASVS.

 

My 0.02 anyway.

 

-Dave

 

From: owasp-board-bounces at lists.owasp.org
[mailto:owasp-board-bounces at lists.owasp.org] On Behalf Of Paulo Coimbra
Sent: Tuesday, July 20, 2010 7:00 AM
To: 'OWASP Foundation Board List'; 'Global Projects Committee'
Cc: 'Andrew van der Stock'; 'Anurag Agarwal'; 'Vishal Garg'
Subject: Re: [Owasp-board] [Owasp-guide] Welcome to OWASP Foundation

 

Board & GPC,

 

Please see below Anurag’s question regarding the OWASP Development Guide’s
positioning.

 

Thanks, 

 

Paulo Coimbra,

 <https://www.owasp.org/index.php/Main_Page> OWASP Project Manager

 

From: Anurag Agarwal [mailto:anurag.agarwal at yahoo.com] 
Sent: segunda-feira, 19 de Julho de 2010 22:36
To: 'Andrew van der Stock'; 'Vishal Garg'
Cc: 'Paulo Coimbra'
Subject: RE: [Owasp-guide] Welcome to OWASP Foundation

 

Will do.

 

On a different note, I was talking to Vishal and it appears there is no
clearly defined goal for this initiative. So my question to both of you is

 

Are we just looking at ASVS alignment or are we looking at revising the
content to adding new stuff as well? 

 

P.S. – Should I send this mail to GPC?

 

Thanks

Anurag

 

 

From: Andrew van der Stock [mailto:vanderaj at owasp.org] 
Sent: Monday, July 19, 2010 5:30 PM
To: Anurag Agarwal; Vishal Garg
Cc: Paulo Coimbra
Subject: Re: [Owasp-guide] Welcome to OWASP Foundation

 

Done - and Vishal is also admin.

 

I'm okay if you make me a contributor for the OWASP Guide project as I'm not
likely to be back in the short to medium term. 

 

Can you please add Paulo as a project admin - the GPC should be able to do
this for every OWASP project. 

 

thanks,

Andrew

 

On 19/07/2010, at 2:26 PM, Anurag Agarwal wrote:

 

anuraag.agarwwal at gmail.com

 

No virus found in this incoming message.
Checked by AVG - www.avg.com <http://www.avg.com/> 
Version: 9.0.839 / Virus Database: 271.1.1/3014 - Release Date: 07/19/10
14:36:00

_______________________________________________
Owasp-board mailing list
Owasp-board at lists.owasp.org
https://lists.owasp.org/mailman/listinfo/owasp-board

No virus found in this incoming message.
Checked by AVG - www.avg.com <http://www.avg.com/> 
Version: 9.0.851 / Virus Database: 271.1.1/3023 - Release Date: 07/23/10
02:36:00


_______________________________________________
Owasp-guide mailing list
Owasp-guide at lists.owasp.org
https://lists.owasp.org/mailman/listinfo/owasp-guide




-- 
Eoin Keary
OWASP Global Board Member
OWASP Code Review Guide Lead Author

Sent from my i-Transmogrifier
http://asg.ie/
https://twitter.com/EoinKeary

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20100825/1fe36649/attachment-0002.html>


More information about the Owasp-board mailing list