[Owasp-board] Flagship Announcement

Jim Manico jim.manico at owasp.org
Wed May 28 21:45:31 UTC 2014

So "go" with an announcement?

Jim Manico
(808) 652-3805

On May 28, 2014, at 3:43 PM, Tobias <tobias.gondrom at owasp.org> wrote:

 Looks ok to me.

On 24/05/14 03:08, Jim Manico wrote:

 Here is the proposed text for the flagship announcement to the leaders and
community lists. Is everyone from the board and staff happy with this text?
I took everyone's comment from Google Docs and made the requested changes.



* On April 30 2014, the OWASP Board voted to change all projects with
Flagship Status to Labs status. This message is intended to explain why we
did this and what the future of OWASP projects and project evaluation is.
It’s critical that the OWASP Foundation is sincere about the classification
of our project inventory. Our “customers” depend upon these projects to
provide a wide variety of critical security services. These include
discovery of security vulnerabilities, cryptographic services, developer
security education and a number of critical security controls. Some OWASP
projects are used in the very heart of our customers infrastructure! Our
current methodology of project classification is based on three categories:
Incubator Projects, Labs Projects and Flagship Projects. Let’s take a
moment to explore what these categories mean as they stand today.   OWASP
Incubator Projects are “proofs of concept, experimental, and classified as
prototypes” in their current state. OWASP Labs Projects represent projects
that have produced a deliverable of significant value but are not
guaranteed to be production ready. OWASP Flagship Projects clearly denote
production quality projects that organizations can trust and depend on.
Evaluating almost 200 projects is no small task. The OWASP project list has
not changed much over the last 2 years. Unfortunately, some of our flagship
projects have not been active and have languished to a point where flagship
status may not be appropriate.  Also, as OWASP continues to mature its
project management and review capabilities, these categories may go away.
In an effort to present a more accurate and up-to-date status of OWASP
projects, the OWASP Board has voted to reduce all Flagships projects to
LABS status and will require projects to go through an evaluation process
in order to be deemed flagship once again. This message states that current
flagship projects are still important projects that deliver significant
value, but may not be production ready or up to date. OWASP is in the midst
of building a new project review infrastructure and the processes to go
with that. Our new project review mechanism is not finalized yet, but the
OWASP Community is working to build that new strategy. But we need to
realize that while many of our projects are great ideas, not all of them
are “production quality projects”. Please look for a proposal with options
for comment and a community vote in the upcoming weeks. We know this may
upset some in our community, but we want to emphasize that we felt that
several OWASP Flagship projects (which are of great value) were languishing
in a variety of ways. Our goal was to present OWASP projects in a more
honest light. OWASP Labs status again denotes great value. Thanks you for
your consideration over this matter. We are eager to hear any feedback from
the community to help make OWASP projects better in the future. Regards,
The OWASP Board and Staff*

Owasp-board mailing
listOwasp-board at lists.owasp.orghttps://lists.owasp.org/mailman/listinfo/owasp-board
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20140528/d87055d9/attachment-0001.html>

More information about the Owasp-board mailing list