CPWE

Under construction.

= Introduction = This cheat sheet for CISO is intended for an executive audience. The goal is for this cheat sheet to be concise, customizable, and to the point. Towards this end, this cheat sheet that contains a list / taxonomy of application security program weaknesses that intended to be built out over time, similar to the presentation and content of MITRE's CWE for software weaknesses. The list of weaknesses is called the Common Program Weakness Enumeration (CPWE) and spans both topics having to do with (1)institutionalization of a software assurance program and also (2)systems development touch points. Long-term goals may include creating an OWASP CISO Top Ten project using the CPWE as inputs (i.e. that draws from the list), as a sort of brass ring for an OWASP CISO "guide".

= Common Program Weakness Enumeration =

CPWE-xx: ...
= Authors and Primary Editors =

Mike Boberski - boberski_michael [at] bah.com

= Other Cheatsheets =