This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit

CISO AppSec Guide: Foreword

Jump to: navigation, search

< Back to the Application Security Guide For CISOs


This guide has been supported by the OWASP project reboot program and developed in alignment with OWASP core values reflected in the openness of the content, innovative ideas and concepts, global reach to the application security community and integrity of the contents that are published as strictly vendor neutral and un-biased by specific commercial interests. This guide has also been developed in respect of the OWASP core values such as to “Promote the implementation of and promote compliance with standards, procedures, controls for application security” and the OWASP principles of delivering free and open content, not for profit interests and a risk based approach for improving application security. The leader of the OWASP Application Security Guide for CISOS project is Marco Morana that developed the original contents of this guide with contributions from Colin Watson, Eoin Keary, Tobias Gondrom and Stephanie Tan. This project is being developed by the OWASP in parallel with the CISO Survey project lead by Tobias Gondrom

The objective is to run these two projects in sync and use the results of the 2013 CISO Survey to tailor the guide to the specific CISOs needs by highlighting which OWASP projects/resources address these needs. The November 2013 version of the OWASP Application Security Guide for CISOs was presented at the 2013 AppSec USA Conference, held in New York City on November 18-23, 2013.