Minutes for the Security Team's Q1 2023 (July to September 2022) Quarterly Work Estimates
Attending: MMartorana_(WMF), MStyles_(WMF), SBassett_(WMF), CLemoisson_(WMF)
This a quarterly estimate of work allocations for members of the Application Security Team. These incorporate all types of work, from recurring operational activities to OKRs, 20% time and work done in our "spare time". These estimates should serve as a high level overview of "what is the AppSec Team working on this quarter?", which can otherwise be a bit difficult to parse with many separate sources of record: Phabricator, Gerrit, Betterworks, Know Your Team, Random Google docs, Random conversations with managers, etc.
Work
|
Time Spent, Est
|
Operational Work (Clinic, Sec Releases, Reviews)
|
50%
|
Other project work
|
20%
|
PDP/20% Time - SANS course, DevSecOps course
|
30%
|
Work
|
Time Spent, Est
|
Operational Work (Clinic, Sec Releases, Reviews)
|
50%
|
Pentesting Management
|
40%
|
PDP/20% Time - Phabricator Security Bot
|
10%
|
Work
|
Time Spent, Est
|
Operational Work (Clinic, Other Bugs)
|
25%
|
Security Release Work
|
50%
|
Code Quality Work
|
25%
|
Work
|
Time Spent, Est
|
Operational Work (Clinic, Sec Releases, Reviews)
|
50%
|
StopForumSpam Deploy Planning
|
20%
|
Other project work
|
10%
|
PDP/20% Time - How To Perform Review doc
|
20%
|