This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit

Projects/OWASP Application Security Guide For CISOs Project

Revision as of 19:20, 19 December 2012 by Samantha Groves (talk | contribs)

Jump to: navigation, search

{{Template:Project About | project_name =OWASP_Application_Security_Guide_For_CISOs_Project | project_home_page =OWASP_Application_Security_Guide_For_CISOs_Project | project_description =The purpose of this document is to guide the CISO in managing application security from initial problem statement to delivery of the solution. We start this journey with the creation of the business cases for investing in application security following with the awareness of threats targeting applications, the identification of the economical impacts, the determination of a risk mitigation strategy, the prioritization of the mitigation of the risk of vulnerabilities, the selection of security control measures to mitigate risks, the adoption of secure software development processes and maturity models and we conclude this journey with the selection of metrics for reporting and managing application security risk. More info about this project can be found in the introductory page of the guide | project_license =Creative Commons Attribution ShareAlike 3.0 License (best for documentation projects) | leader_name1 =Marco Morana | leader_email1 [email protected] | mailing_list_name = | project_road_map =