OWASP Application Security Program for Managers

From OWASP
Revision as of 12:04, 16 June 2010 by Paulo Coimbra (Talk | contribs)

Jump to: navigation, search

Main

  • (Matteo: Please add content as you find best. Thanks, Paulo Coimbra)

Project About

PROJECT INFO
What does this OWASP project offer you?
RELEASE(S) INFO
What releases are available for this project?
what is this project?
Name: OWASP Application Security Program for Manager (home page)
Purpose:
  • Create an OWASP Roadmap for the world wide Companies Type
  • In 9 years of activities OWASP has become the standard for Web Application Security. We are full of projects that are fantastic resources for developers and testers.
  • OWASP SAMM and ASVS address many security management issues.
  • What I see is missing now is a kind of guideline the managers should follow to adhere to the OWASP standards. I see that every security manager has different idea about the secure dev and testing (when and how to perform it).
  • This project wants to address the Security Manager point of view and tell him what he should do to implement an efficient Application Security Program.
  • In this project we will show all the OWASP Guides and tools and will tell why,how and when to use that. We can do that in function of the size of the organization, management roles and objectives. The idea is for example for a Bank Company,OWASP says to perform a OWASP SAMM assessment every year, to per perform Code Review and WAPT to all critical new software, testing every 3 months, etc.. Every activities is linked to an OWASP resource to use.
License: Creative Commons Attribution Share Alike 3.0
who is working on this project?
Project Leader(s):
Project Contributor(s):
  • Marco Morana @
  • Giorgio Fedon @
  • Stefano di Paola @
how can you learn more?
Project Pamphlet: Not Yet Created
Project Presentation:
Mailing list: Mailing List Archives
Project Roadmap: View
Key Contacts
  • Contact the GPC to report a problem or concern about this project or to update information.
current release
Not Yet Published
last reviewed release
Not Yet Reviewed


other releases