This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit

Projects/OWASP Application Security Program for Managers

Jump to: navigation, search
What does this OWASP project offer you?
What releases are available for this project?
what is this project?
Name: OWASP Application Security Program for Manager (home page)
  • Create an OWASP Roadmap for the world wide Companies Type
  • In 9 years of activities OWASP has become the standard for Web Application Security. We are full of projects that are fantastic resources for developers and testers.
  • OWASP SAMM and ASVS address many security management issues.
  • What I see is missing now is a kind of guideline the managers should follow to adhere to the OWASP standards. I see that every security manager has different idea about the secure dev and testing (when and how to perform it).
  • This project wants to address the Security Manager point of view and tell him what he should do to implement an efficient Application Security Program.
  • In this project we will show all the OWASP Guides and tools and will tell why,how and when to use that. We can do that in function of the size of the organization, management roles and objectives. The idea is for example for a Bank Company,OWASP says to perform a OWASP SAMM assessment every year, to per perform Code Review and WAPT to all critical new software, testing every 3 months, etc.. Every activities is linked to an OWASP resource to use.
License: Creative Commons Attribution Share Alike 3.0
who is working on this project?
Project Leader(s):
Project Contributor(s):
  • Marco Morana @
  • Giorgio Fedon @
  • Stefano di Paola @
how can you learn more?
Project Pamphlet: Not Yet Created
Project Presentation:
Mailing list: Mailing List Archives
Project Roadmap: View
Key Contacts
current release
Not Yet Published
last reviewed release
Not Yet Reviewed

other releases