Affordable Cybersecurity Assessment using OWASP

Posted July 3, 2019 by Sayers 

Sometimes we just need a sanity check and assessments offer that opportunity.  An assessment can offer a glimpse into those things that may require our attention, and ideally, some validation of our good work.  But, they can be potentially expensive.  For a quick self-assessment, there is a less-expensive option to consider.

The OWASP Cyber Defense Matrix

Sounil Yu created the matrix and announced it to the cybersecurity world at RSA 2016.  What makes the matrix so attractive is its simplicity and adaptability.  At the default value, the matrix classifies security controls across two dimensions

Sayers OWASP Assessment

#1.  5 Operational Functions of the NIST Cybersecurity Framework: 

OWASP Matrix Operational Functions-1

#2.  5 Asset Classes:

OWASP Matrix Assets

Mapping controls across these two dimensions can help organizations identify potential gaps and overlaps in their security technology stack.  Additionally, an organization could choose to include administrative and physical controls as well, for a more complete self-assessment, as there are some considering for the balance of people, process, and technology across the matrix.  Going one step further, an organization could define this matrix to include regulatory compulsions, or any other relevant external pressures. 

OWASP Cyber Defense Matrix

OWASP Cyber Defense Matrix

“Our common language can be bounded by five asset classes and the NIST Cybersecurity Framework”

– Sounil Yu

The OWASP Cyber Defense Matrix is far from offering a deterministic analysis of a holistic security program.  But, what the matrix can do is provide a glimpse into the nature of our choices, our current security posture, and provide some actionable intelligence as to where we might target our attention and our investments.

How to get started?

Engage the Subject Matter Experts at Sayers.  We are offering guidance, assistance, a first analysis, and a first set of deliverables at low-to-no cost to our clients. 

Click to View Sayers OWASP Assessment Data Sheet

    Addresses

  • Atlanta
    675 Mansell Road, Suite 115
    Roswell, GA 30076
  • Boston
    25 Walpole Park South, Suite 12, Walpole, MA 02081
  • Rosemont
    10275 W. Higgins Road, Suite 470 Rosemont, IL 60018

 

  • Bloomington
    1701 E Empire St Ste 360-280 Bloomington, IL 61704
  • Chicago
    233 S Wacker Dr. Suite 9550 Chicago, IL 60606
  • Tampa
    380 Park Place, Suite 130, Clearwater, FL 33759

Have a Question?

Subscribe Contact us