[Owasp-leaders] New approach to OWAPS projects

psiinon psiinon at gmail.com
Wed May 11 11:12:44 UTC 2016


Sounds good to me :)

On Wed, May 11, 2016 at 12:04 PM, johanna curiel curiel <
johanna.curiel at owasp.org> wrote:

> >>But I still think the Flagship / Labs / Incubator classification is
> really useful, especially for those people outside of OWASP who want to
> know which projects they should start with.
>
> We keep this. The idea is to have the technical senior project coordinator
> + project coordinator maintain Openhub and to take those evaluations
> and verify the information from the CII Badge Criteria or Self-abasement
> questionnaire
>
> The reviews are published as I did here:
> https://github.com/jowasp/review-features/blob/master/example_review.md
>
> and we ask the community to review them too and provide 'ratings' in Open
> hub
> https://www.openhub.net/p/zaproxy/reviews/summary
>
> A project should fulfil indicators to get support. But we stop try
> measuring Quality because I don't think thats feasible.
>
> On Wed, May 11, 2016 at 6:56 AM, psiinon <psiinon at gmail.com> wrote:
>
>> I'm good with all of that.
>>
>> But I still think the Flagship / Labs / Incubator classification is
>> really useful, especially for those people outside of OWASP who want to
>> know which projects they should start with.
>> How to we manage the promotion and demotion of projects?
>> I dont think self certification will work here :/
>>
>> Cheers,
>>
>> Simon
>>
>> On Wed, May 11, 2016 at 11:26 AM, johanna curiel curiel <
>> johanna.curiel at owasp.org> wrote:
>>
>>> Project leaders,
>>>
>>> I think OWASP has failed multiple times to do a project assessments.
>>>
>>> This task has not been easy for anyone. Not in 2009 for the Global
>>> Committee lead by Jason Li, Neither for Samantha in 2013 and the project
>>> advisers(I was one of them) , not now.
>>>
>>> Instead a new realistic approach to projects should be introduced
>>>
>>>    - We already measure projects 'activity'
>>>    <https://www.openhub.net/p/zaproxy> using open hub (as long as we
>>>    keep on configuring this properly and maintaining but is simple)
>>>    - We could allow projects self asses wether  based on CII criteria
>>>    or an indicators through self assessment form like this one
>>>    <https://docs.google.com/a/owasp.org/forms/d/1fRL5Kg2vOWX3L6m2RDB0my3CS_WM9a95v-7b0ZFWzaY/edit?usp=sharing_eid&ts=56bdef81>
>>>    - We can use the results of self-assesment to evaluate as indicators
>>>    for providing sponsorship and support
>>>
>>> *For this part we don't need a team of specialist or reviewers. This
>>> could be published  and allow the community to  provide a rating star
>>> though Openhub (yes you can rate projects on Openhub!):*
>>> *https://www.openhub.net/p/zaproxy/reviews/new
>>> <https://www.openhub.net/p/zaproxy/reviews/new>*
>>>
>>> Measure the 'quality' of a project is not simple. We don't have a team
>>> for this.
>>>
>>> Instead we should empower:
>>>
>>>    - Measure activity and indicators to allow projects use OWASP
>>>    platform (Chapters and Conferences) to market projects
>>>    - Empower the community to rate projects on Openhub:
>>>    https://www.openhub.net/p/zaproxy/reviews/new
>>>    - Provide sponsorship and support projects after they requested
>>>    help. Such as run Bounty programs now that we have this platform available.
>>>    - sponsor traveling cost for leaders to talk at  OWAPS conferences
>>>
>>> Place focus on supporting projects instead of regulating what you can't.
>>>
>>>
>>> --
>>> Johanna Curiel
>>> OWASP Volunteer
>>>
>>> _______________________________________________
>>> OWASP-Leaders mailing list
>>> OWASP-Leaders at lists.owasp.org
>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>
>>>
>>
>>
>> --
>> OWASP ZAP <https://www.owasp.org/index.php/ZAP> Project leader
>>
>
>
>
> --
> Johanna Curiel
> OWASP Volunteer
>



-- 
OWASP ZAP <https://www.owasp.org/index.php/ZAP> Project leader
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20160511/ae84162e/attachment-0001.html>


More information about the OWASP-Leaders mailing list