Wikimedia Security Team/AppSec Quarterly Roadmap Estimates/Q1 2023
Appearance
Minutes for the Security Team's Q1 2023 (July to September 2022) Quarterly Work Estimates
Attending: MMartorana_(WMF), MStyles_(WMF), SBassett_(WMF), CLemoisson_(WMF)
This a quarterly estimate of work allocations for members of the Application Security Team. These incorporate all types of work, from recurring operational activities to OKRs, 20% time and work done in our "spare time". These estimates should serve as a high level overview of "what is the AppSec Team working on this quarter?", which can otherwise be a bit difficult to parse with many separate sources of record: Phabricator, Gerrit, Betterworks, Know Your Team, Random Google docs, Random conversations with managers, etc.
MMartorana
[edit]Work | Time Spent, Est |
---|---|
Operational Work (Clinic, Sec Releases, Reviews) | 50% |
Other project work | 20% |
PDP/20% Time - SANS course, DevSecOps course | 30% |
MStyles
[edit]Work | Time Spent, Est |
---|---|
Operational Work (Clinic, Sec Releases, Reviews) | 50% |
Pentesting Management | 40% |
PDP/20% Time - Phabricator Security Bot | 10% |
Reedy
[edit]Work | Time Spent, Est |
---|---|
Operational Work (Clinic, Other Bugs) | 25% |
Security Release Work | 50% |
Code Quality Work | 25% |
SBassett
[edit]Work | Time Spent, Est |
---|---|
Operational Work (Clinic, Sec Releases, Reviews) | 50% |
StopForumSpam Deploy Planning | 20% |
Other project work | 10% |
PDP/20% Time - How To Perform Review doc | 20% |