Difference between revisions of "CISO AppSec Guide: References"

From OWASP
Jump to: navigation, search
Line 9: Line 9:
 
*  Verizon 2013 Data Breach Investigation Report: http://www.verizonenterprise.com/DBIR/2013/
 
*  Verizon 2013 Data Breach Investigation Report: http://www.verizonenterprise.com/DBIR/2013/
  
* Security Innovation's The Current State of Application Security: https://www.securityinnovation.com/security-lab/our-research/current-state-of-application-security.html
+
* Security Innovation and the Ponemon Institute: The Current(2013) State of Application Security report:https://www.securityinnovation.com/security-lab/our-research/current-state-of-application-security.html
  
 
=== 2012 ===
 
=== 2012 ===
* Security Innovation and Poneman Institute's 2012 Application Security Gap Study: A Survey of IT Security & Developers: https://www.securityinnovation.com/uploads/Application%20Security%20Gap%20Report.pdf
+
* Security Innovation and Ponemon Institute's 2012 Application Security Gap Study: A Survey of IT Security & Developers: https://www.securityinnovation.com/uploads/Application%20Security%20Gap%20Report.pdf
  
 
=== 2011 ===
 
=== 2011 ===

Revision as of 16:54, 23 October 2013

< Back to the Application Security Guide For CISOs

Contents

References

Metrics and Benchmarking

In order of report release date.

2013

2012

2011

2010

2009 and prior

Standards

Guidelines and Best Practices

Security Incidents and Data Breaches

Security Investments and Budgets

  • Gordon, L.A. and Loeb, M.P. “The economics of information security investment”, ACM Transactions on Information and Systems Security, Vol.5, No.4, pp.438-457, 2002.