[Owasp-board] ESAPI for Javascript Review

Dave Wichers dave.wichers at owasp.org
Thu Apr 14 21:17:56 UTC 2011


All,

 

In the interests of full disclosure, I met with Mario Heiderich at the OWASP
summit and we got to talking about getting some of his students to work on
OWASP projects. He found a student (Marcus Niemietz) that was interested in
reviewing the ESAPI for Javascript project and he (the student) was
wondering whether we were willing to provide him a small payment for his
effort and I agreed (using my board member budget). The amount was to be
determined after he did the work.

 

He has produced the attached paper and Chris Schmidt's (the project lead)
initial review was very positive. As such, I have agreed to pay him $500. He
spent 100 hours on this effort from what I understand, and so this seems
small compensation for his good work.

 

I'm also hoping we can find some more of Marios' students to work as either
volunteers or low cost interns on more OWASP projects but I'm still working
on that.

 

Anyway, since I spent $500 of OWASP's money I figured I would let you all
know. I think this is the first of my board member discretionary budget that
I have ever spent.

 

-Dave

 

p.s. I'm wondering if this discretionary budget will be going away and
delegated to the committees from now on??

 

From: schafos at googlemail.com [mailto:schafos at googlemail.com] On Behalf Of
Marcus Niemietz
Sent: Thursday, April 14, 2011 2:50 PM
To: Dave Wichers
Cc: Mario Heiderich; Chris Schmidt; Jeff Williams
Subject: Re: College students or others working on OWASP projects like ESAPI

 

Hi Dave, Chris, and Jeff,

 

In addition to the mail of Mario I send you my paper "JavaScript-based
ESAPI: An In-Depth Overview" (attachment).

 

Regards,

Marcus Niemietz

 

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20110414/61e5eab4/attachment-0002.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: ESAPI_Marcus_Niemietz.pdf
Type: application/pdf
Size: 657954 bytes
Desc: not available
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20110414/61e5eab4/attachment-0002.pdf>


More information about the Owasp-board mailing list