[Owasp-board] Request for $15, 000 USD seed budget for the Website Reboot

Andrew van der Stock vanderaj at owasp.org
Sat Nov 12 05:39:47 UTC 2016

Matt T,

We have more than sufficient funds on hand to go ahead with this. You have
my approval.

@Matt Konda - as this is an expense over $10k, you will need to double
approve. We have $1.3m on hand as of about a week ago, and once the current
bills are paid, about $1.2m cash on hand.

@Matt T - Please make sure you review / renew all of our infrastructure in
FY17, either by taking it to virtual hosting and thus an op ex budget
request, or if you need physical servers, to put a request in for cap ex
funding. We need to retire fully depreciated servers, and I think it's a
good opportunity to review our footprint and security issues of our
infrastructure. I'd really like you to think about how we could do "OWASP
in a box", so Ansible scripts or Docker files or similar that would allow
our stuff to be bug bountied privately on tester's own laptops without
access or hitting to OWASP's systems and access to our data.


On Sat, Nov 12, 2016 at 12:17 PM Matt Tesauro <matt.tesauro at owasp.org>

This is my first time asking to encumber funds so excuse me if I'm asking
in the wrong way.

If this requires voting, please consider this a request to vote on the

*Request:*  $15,000 USD

*Source:*  2016 Funds for The Website Reboot (TWR) [1]

*Justification:* Encumber a seed budget to begin work on TWR during the
close of FY 2016.

Initially, funds will be used to hire a contractor to setup a new cloud
server/VM at Rackspace which will become the production instance of the
OWASP wiki running the latest version of MediaWiki (1.27.x) and the
VisualEditor (GUI for editing wiki pages).  Deliverable will be deploy
artifacts (e.g. Ansible) to install and configure the wiki web and DB
servers for future or sandbox deploys.  This initial use is NOT expected to
uses the full sum of encumbered funds.  Spending of these funds will be
restricted to activities to further TWR.

*Next steps:*

   - Board approval to use these funds and/or confirmation of their
   - Recruit and hire contractor
   - Create and test deploy artifacts for the OWASP wiki in Github
   - Deploy new instance of OWASP wiki via deploy artifacts
   - Migrate DNS from old wiki instance to new instance
   - Celebrate

Let me know if you need anything further for me to begin on the non-board
next steps.


[1] Also known as "The Website Project", "Website Taskforce", "Website
Effort" and several other names.

-- Matt Tesauro
OWASP AppSec Pipeline Lead
OWASP WTE Project Lead
http://AppSecLive.org <http://appseclive.org/> - Community and Download site

Owasp-board mailing list
Owasp-board at lists.owasp.org
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20161112/fc97266d/attachment.html>

More information about the Owasp-board mailing list