Shop Books > More From OWASP Foundation

Application Security Guide For CISOs v1.0 (Nov 2013) By OWASP Foundation
Paperback: $9.30
Ships in 3-5 business days
(2 Ratings)
Chief Information Security Officers (CISOs) are responsible for application security from governance, compliance and risk perspectives. The Application Security Guide For CISOs seeks to help CISOs... More > manage application security programs according to their own roles, responsibilities, perspectives and needs. Application security best practices and OWASP resources are referenced throughout the guide.< Less
OWASP Top 10 2013 By OWASP Foundation
Paperback: $9.70
Ships in 3-5 business days
(1 Ratings)
2013 revision of the OWASP Top 10 book. Please visit our website, www.owasp.org for details on this and other OWASP projects
OWASP Testing Guide By OWASP Foundation
Paperback: $14.85
Ships in 3-5 business days
(2 Ratings)
The OWASP Testing Guide (2009 Version 3.0) includes a "best practice" penetration testing framework which users can implement in their own organizations and a "low level"... More > penetration testing guide that describes techniques for testing most common web application and web service security issues. OWASP Testing Guide v3 is a 349 page book; we have split the set of active tests in 9 sub-categories for a total of 66 controls to test during the Web Application Testing activity. For more information, please check out the project home page at OWASP Testing Guide V3.0 Project.< Less
Securing WebGoat using ModSecurity By OWASP Foundation
Paperback: $8.75
Ships in 3-5 business days
(1 Ratings)
The purpose of this project is to create custom Modsecurity rulesets that, in addition to the Core Set, will protect WebGoat 5.1 from as many of its vulnerabilities as possible (the goal is 90%)... More > without changing one line of source code. To ensure that it will be a complete 'no touch' on WebGoat and its environment, ModSecurity will be configured on Apache server as a remote proxy server. For those vulnerabilities that cannot be prevented (partially or not at all), I will document my efforts in attempting to protect them. Business logic vulnerabilities will be particularly challenging to solve. For more information, please check out the project home page at OWASP Securing WebGoat using ModSecurity Project.< Less