[Owasp-leaders] OWASP Application Security Guide for CISO Project Lead Announcement

Samantha Groves samantha.groves at owasp.org
Sat Nov 16 01:32:02 UTC 2013


To all members of the global OWASP community,

I am delighted to announce the first release of the OWASP Application
Security Guide for CISOs.

This guide is specifically intended to help CISOs ( Chief Information
Security Officers) manage application security programs. The guide is
tailored to CISOs whose responsibility is to manage application security
programs according their specific functions. A survey was done to
understand how CISOs perceive application security so this guide can be
tailored to their specific needs, roles and responsibilities. The aim of
this guide is to help CISOs to take a strategic approach toward by
application security by considering it as a journey and not as a
destination. This guide specifically helps CISOs to deliver an application
security program by starting from the creation of the business cases to get
funding.

The key themes for these business cases are awareness of application
security risks, compliance with security standards, security policies and
consideration of the organisation capabilities in executing application
security processes. This guide helps CISOs to prioritize investment in
application security programs, tools and on what matters the most that is
application security training and awareness of software developers and
testers. Visibility to free OWASP guides and tools that can help CISOs in
the pursuit of these goals is provided throughout the guide.

The Application Security Guide For CISOs v1 is available now for
consultation on wiki on the following link
https://www.owasp.org/index.php/File:Owasp-ciso-guide.pdf

A print on demand book is also available on the following link
http://www.lulu.com/shop/owasp-foundation/application-security-guide-for-cisos-v10-nov-2013/paperback/product-21288580.html


If you are planing to attend AppSec USA the next week you also have the
opportunity to attend a presentation of the CISO guide and CISO survey.
This is scheduled on Wednesday, November 20 • 1:00pm - 1:50

For the details of the talk please visit the Appsec USA conference web page
at:
http://appsecusa2013.sched.org/event/d4023831663d85d7fd87294e36e631aciframe=yes&w=990&sidebar=yes&bg=no#iframe=yes&w=990&sidebar=yes&bg=no

Printed copies in book format will be also available for purchase during
the conference. As project leader of this project, I would like to
acknowledge the people that contributed to the guide such as Tobias
Gondrom, Eoin Keary, Andy Lewis, Stephanie Tan and Colin Watson. Special
thanks also to Samantha Groves for helping with all logistical hurdles and
to get the book printed on time for the Appsec conference.

A version of the guide in Spanish is also in the works and will be
announced soon.

Cheers,

Marco Morana

OWASP Application Security Guide for CISO Project Lead

Member of the OWASP London Chapter

-- 

*Samantha Groves, MBA*

*OWASP Projects Manager*


The OWASP Foundation

Phoenix, USA

Email: samantha.groves at owasp.org

Skype: samanthahz


OWASP Global Projects<https://www.owasp.org/index.php/Category:OWASP_Project>

Book a Meeting with Me <http://goo.gl/mZXdZ>

OWASP Contact US Form <http://owasp4.owasp.org/contactus.html>

New Project Application
Form<https://docs.google.com/a/owasp.org/spreadsheet/viewform?formkey=dHZfWGhHZ0Z4UFFwZU42djBXcVVLSlE6MQ#gid=0>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20131115/7f0693b5/attachment-0001.html>


More information about the OWASP-Leaders mailing list