[Owasp-leaders] [Owasp_project_leader_list] OWASP Application Security Guide for CISO Project Lead Announcement

Tobias tobias.gondrom at owasp.org
Sun Nov 17 18:18:29 UTC 2013

Hi Eoin,

yeah the team work was fabulous!

Small comment: although we have most of the finding of the survey, I did
not have enough time to write down the text for the document yet. :-(
It took me more time then expected to fulfil my homework on the CISO
guide and other stuff, so the CISO survey is a little behind.... and the
CISO guide is the first to reach the release goal and I hope the survey
report will be second with release in 2-4 weeks, latest by mid of December.

And yes, the two projects go very nicely hand in hand. :-)

Cheers, Tobias

On 17/11/13 05:39, Eoin Keary wrote:
> Congrats Marco, tobias, Colin, Andy, Stephanie and Sam.
> Fab to see ciso finally going live.
> The survey and book complement each other very well.
> Hope it is a Christmas best seller!'
> Eoin Keary
> Owasp Global Board
> +353 87 977 2988
> On 16 Nov 2013, at 01:32, Samantha Groves <samantha.groves at owasp.org
> <mailto:samantha.groves at owasp.org>> wrote:
>> To all members of the global OWASP community,
>> I am delighted to announce the first release of the OWASP Application
>> Security Guide for CISOs.
>> This guide is specifically intended to help CISOs ( Chief Information
>> Security Officers) manage application security programs. The guide is
>> tailored to CISOs whose responsibility is to manage application
>> security programs according their specific functions. A survey was
>> done to understand how CISOs perceive application security so this
>> guide can be tailored to their specific needs, roles and
>> responsibilities. The aim of this guide is to help CISOs to take a
>> strategic approach toward by application security by considering it
>> as a journey and not as a destination. This guide specifically helps
>> CISOs to deliver an application security program by starting from the
>> creation of the business cases to get funding. 
>> The key themes for these business cases are awareness of application
>> security risks, compliance with security standards, security policies
>> and consideration of the organisation capabilities in executing
>> application security processes. This guide helps CISOs to prioritize
>> investment in application security programs, tools and on what
>> matters the most that is application security training and awareness
>> of software developers and testers. Visibility to free OWASP guides
>> and tools that can help CISOs in the pursuit of these goals is
>> provided throughout the guide.
>> The Application Security Guide For CISOs v1 is available now for
>> consultation on wiki on the following link
>> https://www.owasp.org/index.php/File:Owasp-ciso-guide.pdf 
>> A print on demand book is also available on the following link
>> http://www.lulu.com/shop/owasp-foundation/application-security-guide-for-cisos-v10-nov-2013/paperback/product-21288580.html 
>> If you are planing to attend AppSec USA the next week you also have
>> the opportunity to attend a presentation of the CISO guide and CISO
>> survey. This is scheduled on Wednesday, November 20 . 1:00pm - 1:50
>> For the details of the talk please visit the Appsec USA conference
>> web page at: 
>> http://appsecusa2013.sched.org/event/d4023831663d85d7fd87294e36e631aciframe=yes&w=990&sidebar=yes&bg=no#iframe=yes&w=990&sidebar=yes&bg=no
>> Printed copies in book format will be also available for purchase
>> during the conference. As project leader of this project, I would
>> like to acknowledge the people that contributed to the guide such as
>> Tobias Gondrom, Eoin Keary, Andy Lewis, Stephanie Tan and Colin
>> Watson. Special thanks also to Samantha Groves for helping with all
>> logistical hurdles and to get the book printed on time for the Appsec
>> conference.
>> A version of the guide in Spanish is also in the works and will be
>> announced soon.
>> Cheers,
>> Marco Morana
>> OWASP Application Security Guide for CISO Project Lead
>> Member of the OWASP London Chapter
>> -- 
>> *Samantha Groves, MBA*
>> /OWASP Projects Manager/
>> /
>> /
>> The OWASP Foundation
>> Phoenix, USA
>> Email: samantha.groves at owasp.org <mailto:samantha.groves at owasp.org>
>> Skype: samanthahz 
>> OWASP Global Projects
>> <https://www.owasp.org/index.php/Category:OWASP_Project>
>> Book a Meeting with Me <http://goo.gl/mZXdZ>
>> OWASP Contact US Form <http://owasp4.owasp.org/contactus.html>
>> New Project Application Form
>> <https://docs.google.com/a/owasp.org/spreadsheet/viewform?formkey=dHZfWGhHZ0Z4UFFwZU42djBXcVVLSlE6MQ#gid=0>
>> _______________________________________________
>> Owasp_project_leader_list mailing list
>> Owasp_project_leader_list at lists.owasp.org
>> <mailto:Owasp_project_leader_list at lists.owasp.org>
>> https://lists.owasp.org/mailman/listinfo/owasp_project_leader_list
> _______________________________________________
> Owasp_project_leader_list mailing list
> Owasp_project_leader_list at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp_project_leader_list

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20131117/637f0bb4/attachment.html>

More information about the OWASP-Leaders mailing list