This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Application Security Guide For CISOs"
Marco-cincy (talk | contribs) |
Marco-cincy (talk | contribs) |
||
(29 intermediate revisions by 6 users not shown) | |||
Line 3: | Line 3: | ||
{| width="100%" cellspacing="0" cellpadding="10" | {| width="100%" cellspacing="0" cellpadding="10" | ||
|- valign="top" | |- valign="top" | ||
− | | width=" | + | | width="70%" style="background:#d9e9f9" | |
− | = The Guide = | + | = The CISO Guide = |
+ | |||
+ | '''Application Security Guide For CISOs''' Version 1.0 was published in November 2013. | ||
+ | [https://www.owasp.org/index.php/OWASP_Application_Security_Guide_For_CISOs_Project_v2#Quick_Access Version 2 of the Guide] is currently in the works and planned for publication in Q2 2018. | ||
+ | |||
+ | La [[Guía de Seguridad en Aplicaciones para CISOs]] versión 1.0 (Español) fue publicada en marzo de 2015. | ||
== Contents == | == Contents == | ||
Line 12: | Line 17: | ||
* Preamble | * Preamble | ||
** [[CISO AppSec Guide: Introduction|Introduction]] | ** [[CISO AppSec Guide: Introduction|Introduction]] | ||
+ | ** [[CISO AppSec Guide: Executive Summary|Executive Summary]] | ||
** [[CISO AppSec Guide: Foreword|Foreword]] | ** [[CISO AppSec Guide: Foreword|Foreword]] | ||
* The CISO Guide | * The CISO Guide | ||
** [[CISO AppSec Guide: Reasons for Investing in Application Security|Part I: Reasons for Investing in Application Security]] | ** [[CISO AppSec Guide: Reasons for Investing in Application Security|Part I: Reasons for Investing in Application Security]] | ||
** [[CISO AppSec Guide: Criteria for Managing Application Security Risks|Part II: Criteria for Managing Application Security Risks]] | ** [[CISO AppSec Guide: Criteria for Managing Application Security Risks|Part II: Criteria for Managing Application Security Risks]] | ||
− | ** [[CISO AppSec Guide: | + | ** [[CISO AppSec Guide: Application Security Program|Part III: Application Security Program]] |
** [[CISO AppSec Guide: Metrics For Managing Risks & Application Security Investments|Part IV: Metrics For Managing Risks & Application Security Investments]] | ** [[CISO AppSec Guide: Metrics For Managing Risks & Application Security Investments|Part IV: Metrics For Managing Risks & Application Security Investments]] | ||
* Supporting Information | * Supporting Information | ||
** [[CISO AppSec Guide: References|References]] | ** [[CISO AppSec Guide: References|References]] | ||
** [[CISO AppSec Guide: About OWASP|About OWASP]] | ** [[CISO AppSec Guide: About OWASP|About OWASP]] | ||
− | * | + | * Appendix |
− | ** [[CISO AppSec Guide: Value of Data & Cost of an Incident|Appendix | + | ** [[CISO AppSec Guide: Value of Data & Cost of an Incident|Appendix A: Value of Data & Cost of an Incident]] |
− | + | ** [[CISO AppSec Guide: Quick Reference to OWASP Guides & Projects|Appendix B: Quick Reference to OWASP Guides & Projects]] | |
− | + | ||
− | ** [[CISO AppSec Guide: Quick Reference to OWASP Guides & Projects|Appendix | + | == Licensing == |
+ | The OWASP Application Security Guide For CISOs is free to use. It is licensed under the [http://creativecommons.org/licenses/by-sa/3.0/ Creative Commons Attribution-ShareAlike 3.0 license], so you can copy, distribute and transmit the work, and you can adapt it, and use it commercially, but all provided that you attribute the work and if you alter, transform, or build upon this work, you may distribute the resulting work only under the same or similar license to this one. | ||
− | == | + | == Feedback & Contributions == |
+ | |||
+ | We hope you find the information in the OWASP CISO guide project useful. Please contribute back to the project by sending your comments, questions, and suggestions to the OWASP CISO guide mailing list. | ||
+ | You can subscribe to the list by selecting the link [https://lists.owasp.org/mailman/listinfo/owasp_application_security_guide_for_cisos herein] | ||
− | + | | width="100" style="max-height:200px;overflow:hidden;background:#fff;margin:0;padding:0;" cellpadding="0" | | |
− | + | <div style="width:100px;max-height:300px;border:0;margin:0;padding-left:6px;padding-right:6px;overflow:visible;">[[File:CISO-Guide-bar.jpg|link=]]</div> | |
− | | width=" | + | | width="30%" style="background:#eeeeee" | |
=Credits = | =Credits = | ||
− | == | + | == Project lead and main author == |
* [[User:Marco-cincy|Marco Morana]] | * [[User:Marco-cincy|Marco Morana]] | ||
+ | == Other contributors == | ||
− | + | Co-authors, contributors and reviewers: | |
* [[User:Tobias|Tobias Gondrom]] | * [[User:Tobias|Tobias Gondrom]] | ||
Line 51: | Line 62: | ||
* [[User:Clerkendweller|Colin Watson]] | * [[User:Clerkendweller|Colin Watson]] | ||
− | == | + | == Versión en español == |
+ | |||
+ | La [[Guía de Seguridad en Aplicaciones para CISOs]] (Español) fue editada y corregida por Mauro Gioino, Mauro Graziosi y [[User:Cristian_Borghello|Cristian Borghello]]. | ||
+ | |||
+ | === Traductores al español === | ||
+ | |||
+ | * Daniel J. Fernández | ||
+ | * Franco Cian | ||
+ | * German Chiovetta | ||
+ | * Javier Albano | ||
+ | * Lucas Barbero | ||
+ | * [[User:Walter_Heffel|Walter Heffel]] | ||
+ | |||
− | + | = Further Information = | |
− | == | + | == CISO guide == |
+ | |||
+ | The OWASP CISO Guide is also available as | ||
+ | * [https://www.owasp.org/index.php/File:Owasp-ciso-guide.pdf [EN] Download PDF] | ||
+ | * [https://www.owasp.org/index.php/File:Owasp-ciso-guide_es.pdf [ES] Descarga PDF] | ||
+ | * [http://www.lulu.com/shop/owasp-foundation/application-security-guide-for-cisos-v10-nov-2013/paperback/product-21288580.html At cost print on demand monochrome book]. | ||
− | |||
+ | For full information about the Application Security Guide For CISOs Project, including mailing list details, the forward plan, how to contribute, the project status, and alternative media, see the project page: | ||
+ | * [https://www.owasp.org/index.php/OWASP_Application_Security_Guide_For_CISOs_Project CISO Guide Project Page] | ||
− | |||
− | + | == CISO survey == | |
+ | The contributors to the [[OWASP CISO Survey]] also provided invaluable data for this guide. | ||
|} | |} | ||
− | |||
[[Category:OWASP_Application_Security_Guide_For_CISO_Project]] | [[Category:OWASP_Application_Security_Guide_For_CISO_Project]] |
Latest revision as of 08:52, 4 November 2017
The CISO GuideApplication Security Guide For CISOs Version 1.0 was published in November 2013. Version 2 of the Guide is currently in the works and planned for publication in Q2 2018. La Guía de Seguridad en Aplicaciones para CISOs versión 1.0 (Español) fue publicada en marzo de 2015. Contents
LicensingThe OWASP Application Security Guide For CISOs is free to use. It is licensed under the Creative Commons Attribution-ShareAlike 3.0 license, so you can copy, distribute and transmit the work, and you can adapt it, and use it commercially, but all provided that you attribute the work and if you alter, transform, or build upon this work, you may distribute the resulting work only under the same or similar license to this one. Feedback & ContributionsWe hope you find the information in the OWASP CISO guide project useful. Please contribute back to the project by sending your comments, questions, and suggestions to the OWASP CISO guide mailing list. You can subscribe to the list by selecting the link herein |
CreditsProject lead and main authorOther contributorsCo-authors, contributors and reviewers: Versión en españolLa Guía de Seguridad en Aplicaciones para CISOs (Español) fue editada y corregida por Mauro Gioino, Mauro Graziosi y Cristian Borghello. Traductores al español
Further InformationCISO guideThe OWASP CISO Guide is also available as
CISO surveyThe contributors to the OWASP CISO Survey also provided invaluable data for this guide. |