[Owasp-board] Website Project

Matt Tesauro matt.tesauro at owasp.org
Fri Nov 11 22:36:11 UTC 2016

Tom et al,

Its definitely hard to get any 2016 momentum when I don't have a clear
budget number available to me.  From the board meeting this week, I'm going
to request the lowest number I've heard from board members - aka $15K to at
least get something started in 2016.  Engaging vendors when I don't have
clear budget numbers behind the work needed seems a fools errand.

Next week, the staff is doing a virtual summit / online pow-wow where this
is the lead topic of conversation on Day 1.  We've got a draft document
that I should probably go ahead and publish - we were waiting to fill in
budget details and the timing that those details will drive. However, I'd
rather get stuff out sooner then later.  Its the joint work of the staff
and tried to corral all the various places info on this has been
deposited.  Since the staff now have the ball, we're calling it "The
Website Reboot" [1] - I'll wait to post the initial draft version until
after all the staff have had a last chance to review and update it next
week.  This project is going to spawn multiple large budget requests for

The basic idea is to break the work into several 'sprints' and, depending
on budget, farm those out or do the work with staff + community.
Obviously, budget will also impact the speed at which the works get done.
If its staff, it will have to be fit around our current workloads.

So look for a request to the board list for a vote on encumbering $15,000
to start with the first step in the process - getting the current sever
updated and running the latest version of MediaWiki.  There's a ton of
other activity that relies on that critical dependency being in place.

BTW, thanks for your time serving our shared country (USA) on this Veterans


[1] The reason for this is to stop using "project" for things that are
truly OWASP projects.  For an outside observer, this could look like a
project to help people setup websites. There's so many moving parts to this
that trying to fit it into one of the pre-existing OWASP labels is bound to
cause more confusion then clarity.

-- Matt Tesauro
OWASP AppSec Pipeline Lead
OWASP WTE Project Lead
http://AppSecLive.org <http://appseclive.org/> - Community and Download site

On Fri, Nov 11, 2016 at 1:21 PM, Tom Brennan - OWASP <tomb at owasp.org> wrote:

> Matt in review of the the last meeting we seemed to be stalled due to not
> having any budget to move forward, did I understand that correctly? The
> meeting mins., lacks substance on that
> https://docs.google.com/document/d/119FJ2G2EdsVnz8vnxWv0Ee0G3uWMT
> SVqyxt_1CVrHiY/edit
> Agenda
> https://www.owasp.org/index.php/November_8,_2016
> Concerning the website project that is the face of the organization, front
> end, backend and middle
> Project:
> https://www.owasp.org/index.php/OWASP_Initiatives_Global_
> Strategic_Focus/website_project
> Please huddle with the staff members and let us know a dollar amount of
> what you need to move forward and we will move the ball by electronic
> vote.  It was my understanding that we had approved 30k initially and had a
> $100k tagged.  We used less than $15k for the phase I needs assessment.
> Tom
> The information contained in this message and any attachments may be
> privileged, confidential, proprietary or otherwise protected from
> disclosure. If you, the reader of this message, are not the intended
> recipient, you are hereby notified that any dissemination, distribution,
> copying or use of this message and any attachment is strictly prohibited.
> If you have received this message in error, please notify the sender
> immediately by replying to the message, permanently delete it from your
> computer and destroy any printout.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20161111/980219a1/attachment.html>

More information about the Owasp-board mailing list