[Owasp-board] Higher Criteria on Starting projects

johanna curiel curiel johanna.curiel at owasp.org
Sun Jun 21 17:49:52 UTC 2015

>Perhaps we could relabel incubator projects to not even be a project until
they hit lab level maturity?

Yes, maybe only when they reach the LAB status, we can call them OWASP
projects , including all the benefits that comes along with being an OWASP

Our concern is that :

   - Incubators are right now a huge part of the inventory and take time to
   - We want to graduate faster from Incubator to LAB a project that has
   produce a susbtantial deliverable such as a finalised document or a
   tool/code that works as a Beta version.(Example: OWASP top ten privacy
   risk, OWASP IoT, Proactive controls, Python Security project) .
   - These projects deserve more exposure and attention and is not fair get
   lost among others that have not even produce anything

We have some very good Incubators but they get 'lost' in this large list of
projects among other that have no value at all and where started once but
actually do not work or have incomplete work.



On Sun, Jun 21, 2015 at 12:49 PM, Jim Manico <jim.manico at owasp.org> wrote:

> This is tricky since it's important to encourage experimentation.
> Perhaps we could relabel incubator projects to not even be a project until
> they hit lab level maturity?
> I'll put some more brain matter into this and get back to you. Thank you
> Johanna...
> Aloha,
> --
> Jim Manico
> Global Board Member
> OWASP Foundation
> https://www.owasp.org
> Join me at AppSecUSA <http://appsecusa.org/> 2015 in San Francisco!
> On Jun 21, 2015, at 5:25 AM, johanna curiel curiel <
> johanna.curiel at owasp.org> wrote:
> Dear Board and members of the Project Task Force
> A while ago, Timo Goosen and some owasp members have expressed their
> concern regarding of Projects (Incubators) and their low level of quality.
> It has come to our attention that there are projects started and in the
> opinion of some community members have very little added value top the
> OWASP project inventory. Therefore we want to revise the actual criteria
> but also we want to be as fair as we can providing opportunity to anyone to
> start a project, however we want value and projects that have a certain
> level of quality.
> I think we need to revise this criteria and create incentives for
> researchers interested to join OWASP with their projects.
> Right now we are giving a free pass to anyone, but we have seen way too
> many low quality projects that add no new value at all, in our opinion.
> Tools that sometimes do absolutely nothing to improve security or even
> reach a level of at least being properly installed or used.
> We would like to get some feedback on this, because we are really concern
> that sometimes people use OWASP to start a project without substance or any
> added value.
> @Timo, feel free to comment on your concerns
> Regards
> Johanna
>  --
> You received this message because you are subscribed to the Google Groups
> "OWASP Projects Task Force" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to projects-task-force+unsubscribe at owasp.org.
> To post to this group, send email to projects-task-force at owasp.org.
> To view this discussion on the web visit
> https://groups.google.com/a/owasp.org/d/msgid/projects-task-force/CACxry_1%3DwJK4Mj9o3tpBxBP4H8qzKej7Uk0iXbyUVpWwGQdA2A%40mail.gmail.com
> <https://groups.google.com/a/owasp.org/d/msgid/projects-task-force/CACxry_1%3DwJK4Mj9o3tpBxBP4H8qzKej7Uk0iXbyUVpWwGQdA2A%40mail.gmail.com?utm_medium=email&utm_source=footer>
> .
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20150621/da292ad4/attachment.html>

More information about the Owasp-board mailing list