Difference between revisions of "CISO AppSec Guide: References"

From OWASP
Jump to: navigation, search
m (Added years)
m
Line 34: Line 34:
 
== Guidelines and Best Practices ==  
 
== Guidelines and Best Practices ==  
  
* Gartner teleconference on application security, Joseph Feiman, VP and Gartner Fellow [http://www.gartner.com/it/content/760400/760421/ks_sd_oct.pdf http://www.gartner.com/it/content/760400/760421/ks_sd_oct.pdf]
+
* Supplement to Authentication in an Internet Banking Environment: http://www.fdic.gov/news/news/press/2011/pr11111a.pdf  
 +
 
 +
* Feiman, Joseph. Teleconference on Application Security. 9 Oct. 2008. Gartner. 30 Sept. 2013 <http://www.gartner.com/it/content/760400/760421/ks_sd_oct.pdf>.
  
 
== Security Incidents and Data Breaches ==  
 
== Security Incidents and Data Breaches ==  
Line 75: Line 77:
 
== NEEDS CATEGORIES ==  
 
== NEEDS CATEGORIES ==  
  
* Supplement to Authentication in an Internet Banking Environment: http://www.fdic.gov/news/news/press/2011/pr11111a.pdf
+
 
  
 
== DEAD LINKS ==  
 
== DEAD LINKS ==  

Revision as of 22:22, 30 September 2013

< Back to the Application Security Guide For CISOs

References

Metrics and Benchmarking

In order of report release date.

2012

2011

2010

2009 and prior

Standards

Guidelines and Best Practices

Security Incidents and Data Breaches

Security Investments and Budgets

  • Gordon, L.A. and Loeb, M.P. “The economics of information security investment”, ACM Transactions on Information and Systems Security, Vol.5, No.4, pp.438-457, 2002.

NEEDS CATEGORIES

DEAD LINKS

(Use link to Amazon book page?)