[Owasp-board] Higher Criteria on Starting projects

psiinon psiinon at gmail.com
Sun Jun 21 19:14:24 UTC 2015

I like the fact that we have a low bar of entry, but definitely agree that
we need to do a better job of making the useful/mature projects more

Perhaps we could have a new 'Candidate' or 'Prospective' category, which
has the existing low bar of entry, but doenst confer full 'OWASP Project'
These could then be listed on a separate page to the 'full' projects.
Such projects would need to show a useful and significant deliverable to be
even considered for promotion to labs.



On Sun, Jun 21, 2015 at 6:49 PM, johanna curiel curiel <
johanna.curiel at owasp.org> wrote:

> >Perhaps we could relabel incubator projects to not even be a project
> until they hit lab level maturity?
> Yes, maybe only when they reach the LAB status, we can call them OWASP
> projects , including all the benefits that comes along with being an OWASP
> project.
> Our concern is that :
>    - Incubators are right now a huge part of the inventory and take time
>    to evaluate
>    - We want to graduate faster from Incubator to LAB a project that has
>    produce a susbtantial deliverable such as a finalised document or a
>    tool/code that works as a Beta version.(Example: OWASP top ten privacy
>    risk, OWASP IoT, Proactive controls, Python Security project) .
>    - These projects deserve more exposure and attention and is not fair
>    get lost among others that have not even produce anything
> We have some very good Incubators but they get 'lost' in this large list
> of projects among other that have no value at all and where started once
> but actually do not work or have incomplete work.
> Regards
> Johanna
> On Sun, Jun 21, 2015 at 12:49 PM, Jim Manico <jim.manico at owasp.org> wrote:
>> This is tricky since it's important to encourage experimentation.
>> Perhaps we could relabel incubator projects to not even be a project
>> until they hit lab level maturity?
>> I'll put some more brain matter into this and get back to you. Thank you
>> Johanna...
>> Aloha,
>> --
>> Jim Manico
>> Global Board Member
>> OWASP Foundation
>> https://www.owasp.org
>> Join me at AppSecUSA <http://appsecusa.org/> 2015 in San Francisco!
>> On Jun 21, 2015, at 5:25 AM, johanna curiel curiel <
>> johanna.curiel at owasp.org> wrote:
>> Dear Board and members of the Project Task Force
>> A while ago, Timo Goosen and some owasp members have expressed their
>> concern regarding of Projects (Incubators) and their low level of quality.
>> It has come to our attention that there are projects started and in the
>> opinion of some community members have very little added value top the
>> OWASP project inventory. Therefore we want to revise the actual criteria
>> but also we want to be as fair as we can providing opportunity to anyone to
>> start a project, however we want value and projects that have a certain
>> level of quality.
>> I think we need to revise this criteria and create incentives for
>> researchers interested to join OWASP with their projects.
>> Right now we are giving a free pass to anyone, but we have seen way too
>> many low quality projects that add no new value at all, in our opinion.
>> Tools that sometimes do absolutely nothing to improve security or even
>> reach a level of at least being properly installed or used.
>> We would like to get some feedback on this, because we are really concern
>> that sometimes people use OWASP to start a project without substance or any
>> added value.
>> @Timo, feel free to comment on your concerns
>> Regards
>> Johanna
>>  --
>> You received this message because you are subscribed to the Google Groups
>> "OWASP Projects Task Force" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to projects-task-force+unsubscribe at owasp.org.
>> To post to this group, send email to projects-task-force at owasp.org.
>> To view this discussion on the web visit
>> https://groups.google.com/a/owasp.org/d/msgid/projects-task-force/CACxry_1%3DwJK4Mj9o3tpBxBP4H8qzKej7Uk0iXbyUVpWwGQdA2A%40mail.gmail.com
>> <https://groups.google.com/a/owasp.org/d/msgid/projects-task-force/CACxry_1%3DwJK4Mj9o3tpBxBP4H8qzKej7Uk0iXbyUVpWwGQdA2A%40mail.gmail.com?utm_medium=email&utm_source=footer>
>> .
> _______________________________________________
> Owasp-board mailing list
> Owasp-board at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-board

OWASP ZAP <https://www.owasp.org/index.php/ZAP> Project leader
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20150621/c819fca7/attachment-0001.html>

More information about the Owasp-board mailing list