Difference between revisions of "Application Security Guide For CISOs"

From OWASP
Jump to: navigation, search
(Remove and consoludate appendices)
(Bullets)
 
(11 intermediate revisions by 2 users not shown)
Line 3: Line 3:
 
{| width="100%" cellspacing="0" cellpadding="10"
 
{| width="100%" cellspacing="0" cellpadding="10"
 
|- valign="top"
 
|- valign="top"
| width="66%" style="background:#d9e9f9" |
+
| width="70%" style="background:#d9e9f9" |
  
= The Guide =
+
= The CISO Guide =
 +
 
 +
Version 1.0 was published in November 2013.
  
 
== Contents ==
 
== Contents ==
Line 12: Line 14:
 
* Preamble
 
* Preamble
 
** [[CISO AppSec Guide: Introduction|Introduction]]
 
** [[CISO AppSec Guide: Introduction|Introduction]]
 +
** [[CISO AppSec Guide: Executive Summary|Executive Summary]]
 
** [[CISO AppSec Guide: Foreword|Foreword]]
 
** [[CISO AppSec Guide: Foreword|Foreword]]
 
* The CISO Guide
 
* The CISO Guide
Line 22: Line 25:
 
** [[CISO AppSec Guide: About OWASP|About OWASP]]
 
** [[CISO AppSec Guide: About OWASP|About OWASP]]
 
* Appendix
 
* Appendix
** [[CISO AppSec Guide: Quick Reference to OWASP Guides & Projects|Appendix I-A: Quick Reference to OWASP Guides & Projects]]
+
** [[CISO AppSec Guide: Value of Data & Cost of an Incident|Appendix A: Value of Data & Cost of an Incident]]
** [[CISO AppSec Guide: Value of Data & Cost of an Incident|Appendix I-B: Value of Data & Cost of an Incident]]
+
** [[CISO AppSec Guide: Quick Reference to OWASP Guides & Projects|Appendix B: Quick Reference to OWASP Guides & Projects]]
** [[CISO AppSec Guide: Online Data Breach Cost Calculator|Appendix I-C: Online Data Breach Cost Calculator]]
+
 
+
  
  
Line 32: Line 33:
 
The OWASP Application Security Guide For CISOs is free to use. It is licensed under the [http://creativecommons.org/licenses/by-sa/3.0/ Creative Commons Attribution-ShareAlike 3.0 license], so you can copy, distribute and transmit the work, and you can adapt it, and use it commercially, but all provided that you attribute the work and if you alter, transform, or build upon this work, you may distribute the resulting work only under the same or similar license to this one.
 
The OWASP Application Security Guide For CISOs is free to use. It is licensed under the [http://creativecommons.org/licenses/by-sa/3.0/ Creative Commons Attribution-ShareAlike 3.0 license], so you can copy, distribute and transmit the work, and you can adapt it, and use it commercially, but all provided that you attribute the work and if you alter, transform, or build upon this work, you may distribute the resulting work only under the same or similar license to this one.
  
| width="1%" style="background:#ffffff" |
+
| width="100" style="max-height:200px;overflow:hidden;background:#fff;margin:0;padding:0;" cellpadding="0" |
  
| width="33%" style="background:#eeeeee" |
+
<div style="width:100px;max-height:300px;border:0;margin:0;padding-left:6px;padding-right:6px;overflow:visible;">[[File:CISO-Guide-bar.jpg|link=]]</div>
 +
 
 +
| width="30%" style="background:#eeeeee" |
  
 
=Credits =
 
=Credits =
  
== Primary author and editor ==
+
== Project lead and main author ==
  
 
* [[User:Marco-cincy|Marco Morana]]
 
* [[User:Marco-cincy|Marco Morana]]
  
  
== Other authors and contributors ==
+
== Other contributors ==
 +
 
 +
Co-authors, contributors and reviewers:
  
 
* [[User:Tobias|Tobias Gondrom]]
 
* [[User:Tobias|Tobias Gondrom]]
Line 51: Line 56:
 
* [[User:Clerkendweller|Colin Watson]]
 
* [[User:Clerkendweller|Colin Watson]]
  
== Further details ==
 
  
If you wish to either know more about this guide or to contribute, please visit the project page and subscribe to the mailing list.
+
= Further Information =
  
== Related projects ==
+
== CISO guide ==
  
The contributors to the [[OWASP CISO Survey]] also provided invaluable data for this guide.
+
The OWASP CISO Guide is also available as
 +
* [https://www.owasp.org/index.php/File:Owasp-ciso-guide.pdf Free downloadable PDF]
 +
* [http://www.lulu.com/shop/owasp-foundation/application-security-guide-for-cisos-v10-nov-2013/paperback/product-21288580.html At cost print on demand monochrome book].
  
  
== Project details ==
+
For full information about the Application Security Guide For CISOs Project, including mailing list details, the forward plan, how to contribute, the project status, and alternative media, see the project page:
 +
* [https://www.owasp.org/index.php/OWASP_Application_Security_Guide_For_CISOs_Project CISO Guide Project Page]
  
For further information about the Application Security Guide For CISOs see the [https://www.owasp.org/index.php/OWASP_Application_Security_Guide_For_CISOs_Project project page].
+
 
 +
== CISO survey ==
 +
 
 +
The contributors to the [[OWASP CISO Survey]] also provided invaluable data for this guide.
  
  

Latest revision as of 13:36, 7 November 2013


The CISO Guide

Version 1.0 was published in November 2013.

Contents


Licensing

The OWASP Application Security Guide For CISOs is free to use. It is licensed under the Creative Commons Attribution-ShareAlike 3.0 license, so you can copy, distribute and transmit the work, and you can adapt it, and use it commercially, but all provided that you attribute the work and if you alter, transform, or build upon this work, you may distribute the resulting work only under the same or similar license to this one.

CISO-Guide-bar.jpg

Credits

Project lead and main author


Other contributors

Co-authors, contributors and reviewers:


Further Information

CISO guide

The OWASP CISO Guide is also available as


For full information about the Application Security Guide For CISOs Project, including mailing list details, the forward plan, how to contribute, the project status, and alternative media, see the project page:


CISO survey

The contributors to the OWASP CISO Survey also provided invaluable data for this guide.