Saturday 12 May 2012

Some ideas for OWASP GSD Project

When I started talking about the OWASP GSD Project (GSD = Get Stuff Done) , with fellow OWAPS leaders, one of the questions I received was 'Ok so where will the money be used?'

The concept of GSD is to empower the OWASP Leaders to spend on OWASP projects, so in way the 'what would it be be used for' will be defined by them (the OWASP Leaders).

If you are an OWASP Leader, you are the one that will be empowered to spend GSD funds, so look in the mirror and ask yourself the question 'Where would I spend funds on OWASP Projects' :) .

Here are a couple ideas on where to use available GSD funds:
  • buy 20 copies of the (for example) Open SAMM book and distribute it at a local OWASP chapter meeting
  • support the OWASP Developer Guide and ASVS projects (for example with copywriting, formatting, design, research, proof-reading, pagination, etc...)
  • improve the formatting and presentation of the 'Cheat-Sheet' series,
  • hire a transcription service for key presentations done at OWASP chapters/events (or OWASP PodCasts)
  • create a DVD with all presentations from a specific OWASP event (or other video materials like the AppSec tutorial series)
  • sponsor a booth at an event to present OWASP Projects
  • sponsor travel expenses for a project leader to meet with other project leaders or collaborators (to work on a particular project)
  • organize a mini-summit around an OWASP project
  • create a mini-website focused on a particular project (like ESAPI.org) 
  • try out a specific commercial service that will make a particular project more effective (version control, bug tracking system, mailing lists, etc...)
  • hire designers to work on OWASP projects
  • translate OWASP content (to and from English)
  • sponsor students to work on OWASP projects (maybe even run a mini-OWASP Season of Code)
  • hire mediawiki editors for the OWASP website (the OWASP projects part of it :)  )
  • hire project manager(s) for OWASP projects
  • etc...
What I've found is that unless we remove just about all barriers of entry for the use of Funds on an OWASP project, what tends to happen is 'Nothing'.

Hopefully the GSD project will help in Getting Stuff Done :)