OWASP CISO Survey Project

Revision as of 18:01, 6 January 2014 by Tgondrom (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search


OWASP CISO Survey and Report

Among application security stakeholders, Chief Information Security Officers (CISOs),are responsible for application security from governance, compliance and risk perspectives. The OWASP CISO Survey provides tactical intelligence about security risks and best practices to help CISOs manage application security programs according to their own roles, responsibilities, perspectives and needs.




The OWASP Application Security Guide For CISOs is free to use. It is licensed under the http://creativecommons.org/licenses/by-sa/3.0/ Creative Commons Attribution-ShareAlike 3.0 license], so you can copy, distribute and transmit the work, and you can adapt it, and use it commercially, but all provided that you attribute the work and if you alter, transform, or build upon this work, you may distribute the resulting work only under the same or similar license to this one.

© OWASP Foundation

Core Content

The CISO Survey Report 2013 includes:

  • Threats and risks
  • Investments and challenges
  • Tools and technology
  • Governance and control


Link to presentation at the AppSecUS 2013 in NYC

Project Leader

Tobias Gondrom

Related Projects

Quick Access

News and Events

In Print


Owasp-incubator-trans-85.png Owasp-builders-small.png
Project Type Files DOC.jpg


The Application Security Guide For CISOs Project was authored, edited and reviewed by a worldwide team of volunteers. The primary contributors to date have been:

  • Tobias Gondrom
  • Marco Morana
  • Stephanie Tan
  • Colin Watson

As of January 2014, the priorities are:

  • Announce and promote v1.0 at AppSec APAC, EU and US and CISO events
  • Gain support and additional contributors
  • Initiate the next version 2014 and secure to reach out to a larger audience

Involvement in the development and promotion of the CISO Survey Report is actively encouraged. You do not have to be a security expert in order to contribute. Some of the ways you can help:

  • Review the text
  • Graphical design for the report and diagrams

Please participate through the project's mailing list.

Current version

v1.0 (Stable) to be released

  • EN

Previous versions

Pre 1.0 versions (alpha and betas) are in the wiki page history at https://www.owasp.org/index.php/OWASP_CISO_Survey.