Sunday, July 2, 2017

OWASP Operations Update for July 2017

Welcome to the operations update for July 2017, the ongoing series of updates on what's happening at the OWASP Foundation.  Last month's post is available here.

In a bit of a departure from previous formats, we're starting with an announcement you may have already heard - OWASP Foundation employee #1 and #2 have left OWASP.  Alison (November 2007) and Kate (May 2008) had their last days at OWASP on Friday, June 30th.  The entire OWASP community owes a huge debt of gratitude to these two employees who helped turn a scrappy group of AppSec people into the thriving community that is OWASP today.  They've dealt with problems great and small while always keeping the OWASP core values in mind and seen drastic changes from:

  • Discovering there wasn't a signed contract for a venue a week out of start of AppSec USA 2008 in NYC
      to
  • Hosting AppSec conferences in the US, EU, LATAM, APAC and many, many regional events
      or
  • Staff growing from an accountant to 8 (and now back to 6)
      or
  • Spreadsheets to Salesforce to over 10,000 community submitted cases worked
I"m not sure how you do this in a blog, but here goes:  <silence>moment</silence> 

Please thank them for all their hard work over a decade and, if you see them in person, treat them to the beverage of their choice.  Now back to our regularly scheduled blog post...

OWASP IT Infrastructure Hosting - Modernizing and migrating the OWASP infrastructure 
  • Remaining hosts at Rackspace: OWASP wiki, Mailman server, Virtual-host server providing redirects and static content
    • These are on hold until staff is back to full strength
  • For the current status, see last month's update.
The Website Reboot - aka TWR - a major effort to update and modernize the OWASP web presence
  • Phase 1 is complete
  • Phase 2, 3 and 4 are in process
  • These are oh hold until staff is back to full strength
  • For the current status, see last month's update.
The OWASP Communication Plan 
  • Discourse as a replacement for Mailman
    • On hold until staff is back to full strength
    • For the current status, see last month's update
  • Beta program for the Foundation's Global Meetup account continues
OWASP 2017 Strategic Goal 
  • TLDR: Host 4 trainings worldwide of ~500 attendees geared toward developers and entry-level security professionals - further details on the wiki.
  • 4 locations finalized: Israel, Tokyo, Boston, Bangalore
  • Call for Trainers anticipated to launch mid-July
Association Management System (AMS)_Upgrade 
  • Highly complex multi-step process taking 8 to 12 weeks
  • 95%+ complete
    • Membership, Renewals, Conference Registration, Multi-currency support, reduced need for discount codes and many more improvements
  • A few minor issues, tweaks, changes and bugs to work through before 100% complete
Projects 
  • AppSec USA 2017
    • CFP and CFT closed - Speakers and Trainers notified by July 5th
    • Final schedule upload to Shcd.org is nearly complete
    • Loads of final details being hammered out
  • AppSec EU 2018
    • Finalizing Gantt Chart
    • Conference budget built out
    • Multiple RFPs out for bid
  • AppSec APAC 2018 - proposal under review
Membership 
  • 59 Corporate Members
    • $180,000 (45% of yearly goal)
  • 2,733 Individual Members
    • $69,335 (63% of yearly goal)
  • 2017 WASPY Awards
    • Call for nominees closed on June 30th
    • 32 submissions excluding any last minute additions
  • 2017 Global Board of Directors Elections
    • 16 candidates as of June 30th
    • Milestone reminders are being sent to the community
  • Developer Summit at AppSec USA 2017
    • Looking for trainer/volunteers to present at this event!
  • Blackhat USA 2017
    • Kelly and Matt will be attending at the OWASP booth representing the OWASP staff
    • Volunteer slots have all been filled to help with the booth
    • Swag and other booth items ordered and will be shipped to the event
Community  
  • The first of several volunteer portal surveys is going out early July
  • Presentation from the Leaders Meeting at AppSec EU 2017
  • OWASP Summit in London retrospective
    • EU chapter leaders raised concerns about chapter legal status in the EU
    • EU VAT/tax issues were also raised
    • Storage of physical assets of chapters is a growing concern
    • Leaders would like reimbursement system to include standardized budget codes
  • OWASP LATAM
    • Spanish translation of the chapter orientation is in progress
Serving the Community 

Per the request of the OWASP Board, we've included these charts of the staff's interaction with the broader OWASP community via submitted cases to the Foundation.  We passed the 10,000 case mark in early 2017.

Cases for 2017


As always, the OWASP staff are here to make the OWASP community even stronger.  If you have a question, concern or need something please let us know by using the 'Contact Us' form.  Also, feel free to attend, suggest or otherwise engage the OWASP Foundation further at the July 5th Board meeting.

Your friendly neighborhood OWASP staff:
  Kate, Kelly, Alison, Laura, Claudia, Tiffany, Dawn and Matt

No comments: