[Owasp-leaders] OWASP CISO Cheat Sheet

Mordecai Kraushar mordecai.kraushar at owasp.org
Sun Sep 9 21:10:40 UTC 2012


All;

All that is referenced there is fine but I would also stress differences
between the network security space and the app security space.

Many CISO's have had previous experiences in the network arena.
Their networks have been pen tested and they have had network firewalls
deployed for years.
These are more mature spaces with traditionally fewer false positives.

They should be aware that purchasing the web scanner component of their
vulnerability scanner will not be providing  them with the same level of
assurance.

mordecai kraushar

On Sat, Sep 8, 2012 at 8:57 AM, Jim Manico <jim.manico at owasp.org> wrote:

> Folks,
>
> Mike Boberski was kind enough to get an OWASP CISO Cheat Sheet started.
>
> Any of you CISO influencing experts care to jump in and lend support?
>
> https://www.owasp.org/index.**php/CISO_Cheat_Sheet<https://www.owasp.org/index.php/CISO_Cheat_Sheet>
>
> Remember, this is a cheat. My suggestion is, if you had a chance to speak
> to a CISO about AppSec, what would be the three most important items you
> would focus on?
>
> Aloha,
>
> Jim Manico
> OWASP Volunteer
> (808) 652-3805
> ______________________________**_________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/**mailman/listinfo/owasp-leaders<https://lists.owasp.org/mailman/listinfo/owasp-leaders>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20120909/192bf7f5/attachment.html>


More information about the OWASP-Leaders mailing list