The CISO Guide

Application Security Guide For CISOs Version 2.0 is current a DRAFT

The OWASP 2018 OWASP Guide for CISOs is currently a work in progress and planned for publication in Q2 2018.

Contents

• Preamble Of Version 2
  • Introduction
  • Executive Summary
  • Foreword
• The CISO Guide Version 2
  • Part I: How To Start
  • Part II: How to Create
  • Part III: How To Manage
  • Part IV: How To Improve
• Supporting Information
  • References
  • About OWASP
• Appendix
  • Appendix A: Value of Data & Cost of an Incident
  • Appendix B: Quick Reference to OWASP Guides & Projects
  • Appendix C: Application Security Playbooks

Licensing

The OWASP Application Security Guide For CISOs is free to use. It is licensed under the Creative Commons Attribution-ShareAlike 3.0 license, so you can copy, distribute and transmit the work, and you can adapt it, and use it commercially, but all provided that you attribute the work and if you alter, transform, or build upon this work, you may distribute the resulting work only under the same or similar license to this one.

Feedback & Contributions

We hope you find the information in the OWASP CISO guide project useful. Please contribute back to the project by sending your comments, questions, and suggestions to the OWASP CISO guide mailing list. You can subscribe to the list by selecting the link herein

Credits

Project lead and main author

• Marco Morana

Other contributors

Co-authors, contributors and reviewers:

• Tom Brennan
• Ingo Hanke
• Davide Ariu
• Naiden Nedelchev
• Yan Kravchenko
• Marc Rimbau
• Ante Gulam

Versión en español

TBD

Further Information

For full information about the Application Security Guide For CISOs Project, including mailing list details, the forward plan, how to contribute, the project status, and alternative media, see the project page:

• CISO Guide 2018 Edition Project Page