Over the past number of months the Board of Directors has been working on the feedback received from the community. This feedback aligned with our key strategic goals for the year. One of our key goals was to further strengthen the "P" in OWASP. To this end we have been working with the Open Security Summit to put more of a focus on improving project development and growth and hope to enable projects through events such as this.
Another goal is to strengthen our student outreach. One idea I had was to work with colleges all over the world to support our projects development as part of their internships. I wonder if there would be anyone in the community to assist in this effort by creating a Committee under the revised Committee 2.0 model - https://www.owasp.org/index.php/Governance/OWASP_Committees. To simplify things I have added a quick start guide at the beginning of the document.
Diversity is something that we hold dear to our hearts. There are a number of people in our community that have driven this initiative to enable OWASP to be a more diverse community, without naming any names, we would like to thank them and encourage more of those in and outside of the OWASP community to get involved and help OWASP grow.
Last but not least, planning for our global conferences is well under way with OWASP Global AppSec Tel Aviv coming up at the end of May – one small ask is that everyone share information on this conference in your communities,https://telaviv.appsecglobal.org.
Thanks for all your hard work.
Owen Pendlebury OWASP Vice Chairman
OWASP FOUNDATION UPDATE FROM INTERIM EXECUTIVE DIRECTOR:
For these first few months I have been focused on business operations retooling. As you know, Mailman was recently retired. There is now an online static archive of historical messages. Our goal before Q3 is to have most of our tools on managed, trusted hosted services.
We have increased our use of JIRA to manage inbound requests and last month the team closed 98.6% of service tickets within their prescribed SLA. In January it was 20.4%. This is a very big accomplishment and demonstrates our progress on this work effort. There have also been a number of back office changes that most members won't notice, but we're focused on stronger business continuity for the long term.
In addition to all our upcoming events, the staff along with some members of the community are actively prototyping how we will completely update the website this summer. This effort will not be simply cosmetic, it will be a foundational change in how we manage and publish content that we believe will better connect with our community - and more importantly help us grow. Expect more updates on this in the coming months.
The Project Showcase at Global AppSec Tel Aviv has received a great deal of interest. Anyone attending will be in for a steady stream of information on OWASP Projects. The following projects are proposed for the showcase (the actual schedule has not been developed so the order is not indicative of time slots):
Omer Levi Hevroni
Internet of Things
Software Assurance Maturity Model (SAMM)
Erez Yalon, Inon Shkedy
Mod Security Core Rule Set
Christian Folini, Tin Zaw
Application Security Curriculum Project
Web Honeypot Project
Damned Vulnerable Serverless Application
The scheduled for project reviews at Global AppSec Tel Aviv are the following:
If you are attending Global AppSec Tel Aviv 2019 and can participate in the project reviews (to be held on Monday and Tuesday prior to the conference, schedule pending), then please send an email to firstname.lastname@example.org
New OWASP Chapters Amaravathi, India Belo Horizonte, Brazil Bhopal, India Cusco, Peru Dindigul, India Kharkiv, Ukraine Meerut, India Rio de Janeiro, Brazil San Jacinto College, Texas San Pedro Sula, Honduras Seoul, Korea West Delhi, Delhi
We welcome the following Contributor Corporate Members