##要件定義
- Webシステム/Webアプリケーションセキュリティ案件書
##設計・開発
- owasp proactive controls: https://www.owasp.org/index.php/OWASP_Proactive_Controls
- owasp asvs: https://www.owasp.org/index.php/Category:OWASP_Application_Security_Verification_Standard_Project
- owasp cheat sheet series: https://www.owasp.org/index.php/OWASP_Cheat_Sheet_Series
##テスト
- owasp zed attack proxy: https://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Project
- owasp testing guide: https://www.owasp.org/index.php/OWASP_Testing_Project
- owasp owtf: https://www.owasp.org/index.php/OWASP_OWTF
##運用・保守
- owasp modsecurity core rule set project: https://www.owasp.org/index.php/Category:OWASP_ModSecurity_Core_Rule_Set_Project
- owasp appsensor: https://www.owasp.org/index.php/OWASP_AppSensor_Project
- owasp dependency check: https://www.owasp.org/index.php/OWASP_Dependency_Check
##その他
- owasp top10 / mobile top10 / IoT top 10: https://www.owasp.org/index.php/OWASP_Internet_of_Things_Top_Ten_Project
- owasp snakes and ladders (game)
- opensamm (software assurance maturity model): http://www.opensamm.org
##Books or webpages:
- OWASP v.2013 (Locallized in Japanese)
- OWASP IoT Top10