On April 5th, 2018, OWASP clarified their sponsorship requirements to note that time, software, or any other quantifiable contribution can be counted towards the $1000 threshold outlined by the OWASP Global Policy.
Below is our sponsorship guidelines to provide further clarification specific to our project for non-monetary contributions:
As a maintainer, you invest a significant number of hours reviewing code, contributing code, validating architecture, and helping the community. With the time you contribute, maintainers are entitled to name a sponsor, whether it be your employer or yourself, as long as you have written permission to have the entity’s logo displayed on the wiki and on our github repository. Should your relationship end with the entity you have designated (i.e. change of jobs) the entity will be grandfathered for calendar year at the time of your change.
Contributors who earn 100 Sponsorship Points in a calendar year will qualify for sponsorship status. Sponsorship Points are available in the following forms.
For reporting a bug that is verified, the contributor will receive 10 point.
For merged pull requests, points will be awarded as follows:
1 - 10 lines = 1 Point
11 - 20 lines = 2 Points
21- 30 lines = 3 Points
Issues will also be labeled with points. When a fix is merged, the contributor will receive the corresponding points, and the points associated with the line rewards above.