[Owasp-leaders] [Owasp_project_leader_list] OWASP Application Security Guide for CISO Project Lead Announcement
tobias.gondrom at owasp.org
Sun Nov 17 18:18:29 UTC 2013
yeah the team work was fabulous!
Small comment: although we have most of the finding of the survey, I did
not have enough time to write down the text for the document yet. :-(
It took me more time then expected to fulfil my homework on the CISO
guide and other stuff, so the CISO survey is a little behind.... and the
CISO guide is the first to reach the release goal and I hope the survey
report will be second with release in 2-4 weeks, latest by mid of December.
And yes, the two projects go very nicely hand in hand. :-)
On 17/11/13 05:39, Eoin Keary wrote:
> Congrats Marco, tobias, Colin, Andy, Stephanie and Sam.
> Fab to see ciso finally going live.
> The survey and book complement each other very well.
> Hope it is a Christmas best seller!'
> Eoin Keary
> Owasp Global Board
> +353 87 977 2988
> On 16 Nov 2013, at 01:32, Samantha Groves <samantha.groves at owasp.org
> <mailto:samantha.groves at owasp.org>> wrote:
>> To all members of the global OWASP community,
>> I am delighted to announce the first release of the OWASP Application
>> Security Guide for CISOs.
>> This guide is specifically intended to help CISOs ( Chief Information
>> Security Officers) manage application security programs. The guide is
>> tailored to CISOs whose responsibility is to manage application
>> security programs according their specific functions. A survey was
>> done to understand how CISOs perceive application security so this
>> guide can be tailored to their specific needs, roles and
>> responsibilities. The aim of this guide is to help CISOs to take a
>> strategic approach toward by application security by considering it
>> as a journey and not as a destination. This guide specifically helps
>> CISOs to deliver an application security program by starting from the
>> creation of the business cases to get funding.
>> The key themes for these business cases are awareness of application
>> security risks, compliance with security standards, security policies
>> and consideration of the organisation capabilities in executing
>> application security processes. This guide helps CISOs to prioritize
>> investment in application security programs, tools and on what
>> matters the most that is application security training and awareness
>> of software developers and testers. Visibility to free OWASP guides
>> and tools that can help CISOs in the pursuit of these goals is
>> provided throughout the guide.
>> The Application Security Guide For CISOs v1 is available now for
>> consultation on wiki on the following link
>> A print on demand book is also available on the following link
>> If you are planing to attend AppSec USA the next week you also have
>> the opportunity to attend a presentation of the CISO guide and CISO
>> survey. This is scheduled on Wednesday, November 20 . 1:00pm - 1:50
>> For the details of the talk please visit the Appsec USA conference
>> web page at:
>> Printed copies in book format will be also available for purchase
>> during the conference. As project leader of this project, I would
>> like to acknowledge the people that contributed to the guide such as
>> Tobias Gondrom, Eoin Keary, Andy Lewis, Stephanie Tan and Colin
>> Watson. Special thanks also to Samantha Groves for helping with all
>> logistical hurdles and to get the book printed on time for the Appsec
>> A version of the guide in Spanish is also in the works and will be
>> announced soon.
>> Marco Morana
>> OWASP Application Security Guide for CISO Project Lead
>> Member of the OWASP London Chapter
>> *Samantha Groves, MBA*
>> /OWASP Projects Manager/
>> The OWASP Foundation
>> Phoenix, USA
>> Email: samantha.groves at owasp.org <mailto:samantha.groves at owasp.org>
>> Skype: samanthahz
>> OWASP Global Projects
>> Book a Meeting with Me <http://goo.gl/mZXdZ>
>> OWASP Contact US Form <http://owasp4.owasp.org/contactus.html>
>> New Project Application Form
>> Owasp_project_leader_list mailing list
>> Owasp_project_leader_list at lists.owasp.org
>> <mailto:Owasp_project_leader_list at lists.owasp.org>
> Owasp_project_leader_list mailing list
> Owasp_project_leader_list at lists.owasp.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the OWASP-Leaders