[Owasp-leaders] OWASP Spending Project

Tom Brennan tomb at owasp.org
Tue Mar 31 11:15:19 EDT 2009

How much security spending is enough? Security - whether processes,
policies, or technical measures- imposes a real cost on organizations.
The Security Spending Benchmarks Project seeks to establish an
industry accepted benchmark for justifying overall Web application
security spending. We want to quantify how many dollars and human
resources should be allocated towards the software development
life-cycle, security training, security software/tools, independent
third-party reviews, Web application firewalls, etc.

Results: http://www.owasp.org/images/b/b2/OWASP_SSB_Project_Report_March_2009.pdf

More information about the OWASP-Leaders mailing list