[Owasp-leaders] Owasp projects reboot

Eoin eoin.keary at owasp.org
Sat Mar 31 16:18:14 UTC 2012


Thanks tobias for your input.
Indeed it's all about finding the people but if we can pay people a little for their time we can achieve our goals.


Eoin Keary
BCC Risk Advisory
Owasp Global Board
+353 87 977 2988


On 31 Mar 2012, at 17:06, Tobias <tobias.gondrom at owasp.org> wrote:

> Hi Eoin,
> 
> hm, interesting question.
> 
> Maybe before I answer, two remarks:
> - on a strategic level I would like to see us strengthen more the projects aimed at developers and industry (as this is where our expertise can scale up to the millions of applications out there...).
> - some of the projects that I find very important do not always require big funding but sometimes maybe only a bit more marketing. Funding does not drive the project, but people do. Though obviously money helps. ;-)
> 
> The top 6 projects I really like are:
> 1. OWASP Secure Coding Practices - Quick Reference Guide  (but I don't think it needs funding, only more marketing from us!)
> 2. OWASP Top Ten (this may sound boring, but we should start working on an update 2012 soon!) => and we should think about other Top-10s (for mobile applications and cloud web applications). People are gonna love that. ;-)
> 3. Cheat Sheets: => updates
> 4. OWASP Development Guide: update  (though I am concerned about this project as it is huge and possibly hard to handle from a project management as well as from an end user/reader perspective.)
> 5. WebGoat (don't think we need lot of investment here, as it is already very useful)
> 6. OWASP AppSensor Project: this project does not necessarily have a big lighthouse effect for OWASP, but it is so innovative, that I just love the idea! (things to do might be lighter and specific deployment package by reducing dependency on ESAPI, integration into reporting collection&consolidation systems, ...)
> 
> Just my 5cents, Tobias
> 
> 
> On 31/03/12 15:31, Dennis Groves, MSc wrote:
>> 
>> +1
>> 
>> On 31 Mar 2012, at 14:46, Jim Manico wrote:
>> 
>>> Yah Eoin, I have a real problem with being vocal... *cough*
>>> 
>>> Anyhow. I think we should reduce scope a little here. I say, let's just focus on the three main guides for pass one and see how that goes before further investment. These three really are the core of OWASP and they are crusty at best.
>>> 
>>> Testing guide
>>> Development Guide
>>> Code Review Guide
>>> 
>>> That's my 2 cents. You asked! :D
>>> 
>>> Aloha Eoin and team,
>>> -- 
>>> Jim Manico
>>> 
>>> Connections Committee Chair
>>> Cheatsheet Series Product Manager
>>> OWASP Podcast Producer/Host
>>> 
>>> jim at owasp.org
>>> www.owasp.org
>>>> Thanks jim,
>>>> Leaders let ur voice be heard.
>>>> 
>>>> 
>>>> I'll compile votes on tuesday and announce which projects make the initial cut for the first round of funding&  reboot!!!!
>>>> 
>>>> These projects shall be included in the proposal for the board.
>>>> 
>>>> Leaders, I ask you all to support this initiative.
>>>> 
>>>> "we are nothing without our projects"
>>>> 
>>>> 
>>>> 
>>>> Eoin Keary
>>>> BCC Risk Advisory
>>>> Owasp Global Board
>>>> +353 87 977 2988
>>>> 
>>>> 
>>>> On 31 Mar 2012, at 13:56, Jim Manico<jim at manico.net>  wrote:
>>>> 
>>>>> My vote:
>>>>> 
>>>>> Testing guide
>>>>> Development Guide
>>>>> Code Review Guide
>>>>> App Sensor
>>>>> ZAP
>>>>> Cheet Sheets
>>>>> 
>>>>> -- 
>>>>> Jim Manico
>>>>> 
>>>>> Connections Committee Chair
>>>>> Cheatsheet Series Product Manager
>>>>> OWASP Podcast Producer/Host
>>>>> 
>>>>> jim at owasp.org
>>>>> www.owasp.org
>>>>> 
>>>>>> Hello leaders,
>>>>>> I am developing a proposal to be put to the board next week in relation to rebooting a number of dormant owasp projects or improving current owasp projects to "production quality" items.
>>>>>> 
>>>>>> Question: May I kindly ask what projects do you think are the 6 most important projects within the foundation???
>>>>>> 
>>>>>> Can you respond with your top 6 by Monday, sorry for being demanding :)
>>>>>> 
>>>>>> (My choices are: testing guide, development guide, code review guide, O2, Zap, cheat sheets.)
>>>>>> 
>>>>>> "we are nothing without our projects."
>>>>>> 
>>>>>> Eoin.
>>>>>> 
>>>>>> 
>>>>>> Eoin Keary
>>>>>> Owasp Global Board
>>>>>> +353 87 977 2988
>>>>>> 
>>>>>> _______________________________________________
>>>>>> OWASP-Leaders mailing list
>>>>>> OWASP-Leaders at lists.owasp.org
>>>>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>> 
>>> 
>>> 
>>> _______________________________________________
>>> OWASP-Leaders mailing list
>>> OWASP-Leaders at lists.owasp.org
>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>> 
>> 
> 
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders


More information about the OWASP-Leaders mailing list