1 / 33

About OWASP The story so far and beyond. Part 2

About OWASP The story so far and beyond. Part 2. Jason Li & Dinis Cruz (remotely) Jason.li@owasp.org , dinis.cruz@owasp.org August 16, 2008. Governance. OWASP Structure. OWASP Board OWASP leaders (Tools, Chapters & Working Groups) OWASP Members Subscribers to mailing lists

taipa
Download Presentation

About OWASP The story so far and beyond. Part 2

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. About OWASP The story so far and beyond.Part 2 Jason Li & Dinis Cruz (remotely) Jason.li@owasp.org , dinis.cruz@owasp.org August 16, 2008

  2. Governance

  3. OWASP Structure OWASP Board OWASP leaders (Tools, Chapters & Working Groups) OWASP Members Subscribers to mailing lists Anonymous consumers 3

  4. OWASP Board • OWASP Board members: • Jeff Williams: Chair, Wiki, Management • Dave Wichers: Conferences, Financials • Tom Brennan: OWASP Governance • Sebastien Deleersnyder: OWASP Chapters and Projects • Dinis Cruz: Firehose of Ideas and Money spender • OWASP Board ‘power’ • OWASP Financials (where does the money goes to), • leadership assignment, • conferences locations, • WIKI home page, • bank account details :) • The rest is ‘soft power’ • i.e. we have it until we screw up 4

  5. OWASP Employees Alison McNamee - Admin and Accounts (2 days week) Paulo Coimbra - Owasp Projects & Summer of Code Management Kate Hartmann - Operations manager These are the only ones directly paid by OWASP, apart from Seasons of Code sponsorships no Board Member, Project leader or chapter leader is paid 5

  6. How OWASP Works • Q: Do you have a project on XYZ at OWASP? • A: Nope, do you want to do it? • Q: Why don’t you do XYZ at OWASP? • A: There is nobody allocated to that, do you want to do it? • Q: Is there an OWASP chapter at XYZ? • A: Nope, do you want to do start one? • Q: The project/chapter XYZ is dead!!! • A: Ok, do you want to take over its leadership? • I want to start a project on XYZ, what happens next • A: Read the new project guidelines, create the wiki page and contact Paulo 6

  7. Improved Project Management

  8. Assessment Scale for OWASP TOOLS Projects – Release Quality

  9. Assessment Scale for OWASP TOOLS Projects – Beta Quality

  10. Assessment Scale for OWASP TOOLS Projects – Alpha Quality

  11. Project management in practice: SoC 08

  12. Finances and Grants Revenue source: Members 100% • Allmembership fees are used to fund grants 55% Revenue source: Conferences • Grants 45% • OWASP employees • Conferences costs • OWASP Admin 12

  13. OWASP finances: Balance 03/Mar/08 • Note: these are un-audited numbers (doesn’t include committed expenses such as SoC 08 & OWASPemployees) • The good news is that OWASP is doing OK financially • Any good ideas on whereto invest next?

  14. Membership

  15. OWASP Membership Members have the ability to allocate their membership fees to projects, working groups or chapters they are interested in Members will have the ability to vote of specific OWASP governance issues (Tom to figure this out) Membership makes a public statement of support to OWASP Very importart: There is no ‘member-only content’ Apart from the (under construction) OWASP Member packs, there is NOTHING that an member gets that it doesn’t already have (i.e. all OWASP materials and participation are available to everybody (members and non members)) 15

  16. Categories of Membership

  17. Benefits of Membership

  18. OWASP Corporate Members – Jul 2008 18

  19. Next Conferences

  20. Israel: Sep 14th

  21. USA – New York : Sept 24th  25th

  22. AppSec USA NYC, Day 1

  23. AppSec USA NYC, Day 2

  24. AppSec USA NYC, Training

  25. AppSec USA NYC, Training (cont)

  26. OWASP EU Summit 08, Portugal: Nov 4th 7th

  27. Participate

  28. Join an OWASP project

  29. Join an owasp mailing list

  30. Start a new project

  31. Start a new chapter

  32. Please Help OWASP Grow Push us to do better! Be an active contributor OWASP Chapter Leaders OWASP Project Leaders, Participants and Reviewer OWASP Conference Committee Stub articles – wiki contributions New technologies to analyze Be an OWASP members Corporate Members Individual Members Please join us and share what you know! 32

  33. Questions and Answers

More Related