Friday, January 6, 2017

OWASP Operations Update for January 2017

Welcome to the first operations update for 2017.  We started monthly blogs about what's happening at the OWASP Foundation back in December.

Here's our major efforts and status of those in process starting with updates from last time:

The Website Reboot aka TWR - a major effort to update and modernize OWASP's web presence.  Since last month, we've

  • Made progress on Phase 1 - updating the wiki to 1.27.x
    • Got the wiki source and all extensions in Git repos
    • Started coding Ansible to automate our deploys and updates
    • Production roll-out - mid-January
  • Next up Phase 2 - Updating the look and feel of the OWASP Wiki
    • Blocked: waiting for the 2017 Budget to get approved by the OWASP Board
The OWASP Communications Plan - a staff-created plan to professionalize how OWASP interacts with its community and the world at large.  There’s a ton of moving parts to this effort but here’s what we focusing on currently:

  • Migration to Discourse
    • Evaluation of Discourse showed it would fit our needs
    • Worked with/reverse engineered the Discourse API to ensure we can automate:
      • Migration from Mailman
      • Future operational tasks
    • An empty production site is expected mid-January
  • Beta program for the Foundation's Global Meetup account is continuing.
Two new major, interlinked efforts

Two major efforts are starting this month - a significant upgrade to OWASP's Association Management System (AMS) and the proposed plan for updating our membership models.
  • Association Management System
    • Runs atop the OWASP Foundation's Salesforce account
    • Handles many operational aspects: membership, conference registrations, etc
    • New AMS allows us to re-think our past membership model
    • Beginning the first week of February, we'll start the migration to the new AMS
  • Updating Membership Models
    • New plans created by staff based on past community, board and staff discussions
    • Account for diverse membership 
    • Developed to optimize accessibility and growth
    • Request to the OWASP Community: Please provide feedback prior to the Jan 11th Board Meeting when staff is asking for approval of the new membership plans.  The links above allow for public comments.
Projects
  • New projects
    • 2 Documenation projects
    • 5 Tool projects
    • 2 New Code Projects
  • Project Reviews
    • Multiple projects under review - look for requests for feedback this month!
Updates on Events for 2017
  • AppSec EU 2017
    • CFP & CFT Final Review
  • AppSec USA 2017
    • CFP and CFT planned to open by the end of January - look for announcements soon!
  • AppSec California 2017 happens January 23 - 25 in lovely Santa Monica CA
Membership and Outreach
  • Member numbers for January
    • 2048 Individual members
    • 70 Corporate members
  • Membership drive planning begins - tentative June launch
Community
  • Claudia and Tiffany have started the planning for an updated OWASP Volunteer program
    • Planned enhancements include searchable descriptions of opportunities, details including expected time commitment and volunteer profiles
  • Women in AppSec (WIA) Committee has been formed - Congrats!
  • Chapter Leader Handbook updates continue - draft version tentatively available at Feb Board Meeting
  • Pending a board vote: Request for a committee to be invite only as an exception to the Committee 2.0 rules
As always, the OWASP staff are here to help make the OWASP community even stronger.  If you have any question, concern or need, let us know by using the ‘Contact Us’ form here.

Your friendly neighborhood OWASP staff:
          Kate, Kelly, Alison, Laura, Claudia, Tiffany, Dawn and Matt


2 comments:

Tom Brennan said...

Good update

Suggestion #1
Add a link to the upcoming meeting page and agenda if anyone reading this update wants to join the upcoming meeting that drives the motions forward. The meetings are open to all members of the association and the general public that has something to put on the agenda before the meeting starts.

Suggestion #2
Update all the staff on the https://www.owasp.org/index.php/About_OWASP#Employees_and_Contractors_of_the_OWASP_Foundation page so the community can see faces with names and know what everyone is responsible for.

dune73 said...

Great overview, Matt.

I used to do something really similar in a different organisation I was running and it really boosted the community.

Thank you.

Christian Folini