[Owasp-leaders] Owasp projects reboot

Andrew van der Stock vanderaj at owasp.org
Sun Apr 1 09:55:57 UTC 2012


Hi all,

I think this is a great idea. I would be up for a revision of the OWASP Developer Guide. But I am not an island, I would need help. In particular, I think we need to hit a few different output mechanisms. I've looked into iBooks Author and we can provide a freebie download from the OWASP website for folks with iPads without losing our distribution or other rights. As long as the material has a single source of truth that allows low barriers to entry for collaboration and revision control, I don't think we need to make the process of contributing too onerous. 

My hit list if you had a large bucket of cash:

{Dev, test, code} Guides (call me biased)
ESAPI for {Java, .NET, PHP} (again biased)

We also need to fund the development of new materials on the oft forgotten but really fundamental left hand side of equation

Education project, in particular take my sorta two day dev deck and really give it a good polish and some train the trainer videos so folks can give it all over the world
Top 10 Proactive Controls (again I'm pretty biased)
OWASP Architecture and Design Guide 

Plus, for what it's worth, we really need to have an outreach project or champion to discuss security with key application frameworks and apps. I think .NET and GWT is doing fine without a great deal of help, but the others (Zend, Symfony, Spring, Rails, WordPress, MediaWiki, etc) could all use a bit of help, either to integrate ESAPI for their platform, or contribute ideas and be a security sounding board for them (we have to listen to their needs instead of unilaterally deciding what help they actually "need"). 

thanks,
Andrew

On 31/03/2012, at 9:31 PM, Eoin wrote:

> Hello leaders,
> I am developing a proposal to be put to the board next week in relation to rebooting a number of dormant owasp projects or improving current owasp projects to "production quality" items.
> 
> Question: May I kindly ask what projects do you think are the 6 most important projects within the foundation??? 
> 
> Can you respond with your top 6 by Monday, sorry for being demanding :)
> 
> (My choices are: testing guide, development guide, code review guide, O2, Zap, cheat sheets.)
> 
> "we are nothing without our projects."
> 
> Eoin.
> 
> 
> Eoin Keary
> Owasp Global Board
> +353 87 977 2988
> 
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders



More information about the OWASP-Leaders mailing list