Chief Information Security Officers (CISOs) are responsible for application security from governance, compliance and risk perspectives. The Application Security Guide For CISOs seeks to help CISOs... More > manage application security programs according to their own roles, responsibilities, perspectives and needs. Application security best practices and OWASP resources are referenced throughout the guide.< Less
The OWASP Application Security Codes of Conduct set out to define a set of minimal requirements for other organizations specifying the most effective ways they could support OWASP's mission. There... More > are six codes - for Government Bodies, for Educational Institutions, for Standards Groups, for Trade Organizations, for Certifying Bodies and for Development Organizations.< Less
The OWASP Testing Guide (2009 Version 3.0) includes a "best practice" penetration testing framework which users can implement in their own organizations and a "low level"... More > penetration testing guide that describes techniques for testing most common web application and web service security issues.
OWASP Testing Guide v3 is a 349 page book; we have split the set of active tests in 9 sub-categories for a total of 66 controls to test during the Web Application Testing activity.
For more information, please check out the project home page at OWASP Testing Guide V3.0 Project.< Less
This project aims to improve and to collect the existent information about the backend security. The project is composed by three sections (security development, security hardening and security... More > testing). The aim is to define the guidelines for the companies and IT professionals working in the security field into processes development and back-end components management/testing in the enterprise architecture.
For more information, please check out the project home page at OWASP Backend Security Project.< Less