The Book
Explore Membership
S3M2Journey to AppSec Maturity
Resources
Resource LibraryAppSecConPodcastBlogState of AppSec 2023
Events
Upcoming Events
PBC Connect - OWASP Global AppSec
PBC Virtual August 22
RSAC 2024
JTAM AWS ReInvent conference
Past Events
Mumbai ChapterAtlanta ChapterBengaluru ChapterNew Delhi ChapterNYC Chapter LaunchCyber SoireeWomen In SecurityDavos DialogueFirst LookSBOM
Black Hat 2024
RSAC 2024
Cyber Future Dialogue 2024
Contact Us
The Book
Membership
S3M2
Journey to AppSec Maturity
Resources
Events
Join Us

Welcome to
The Purple Book

Become a Contributor

About The Book

Top security leaders share their perspectives, best practices, and case studies in a growing compendium of insights that professionals can put to daily use. Furthering knowledge of the biggest roadblocks to software, application, and product security, The Purple Book of Software Security is an ever-evolving resource shared freely with the security industry at large.

The goal: help organizations simplify software security while staying protected and compliant. As a cornerstone of our mission to democratize software security, The Purple Book exists to help you solve persistent challenges and inspire secure business and software development practices across your organization.

Table of Contents

Chapter  
0
Foreword  
Foreword
By Phil Venables
Chapter  
1
Foreword  
Why Software Security?
Chapter  
2
Foreword  
Software Supply Chain Security
Chapter  
3
Foreword  
Culture and Organization
Chapter  
4
Foreword  
Process
Chapter  
5
Foreword  
Technology
Chapter  
6
Foreword  
Governance, Risk, and Compliance Framework
Chapter  
7
Foreword  
Making the Business Case
Chapter  
8
Foreword  
Capability Maturity Model and Security Metrics
Chapter  
9
Foreword  
Mergers and Acquisitions
Chapter  
10
Foreword  
The Role of AI in AppSec
Chapter  
11
Foreword  
Key Takeaways and Conclusions

Coauthors of the Purple Book

Shaun Khalfan
SVP, CISO,
Discover Financial Services
LinkedIn Logo
Les Correia
Global Head of Application Security, Estee Lauder
LinkedIn Logo
Cassie Crossley
VP, Supply Chain Security, Cybersecurity & Product Security Office
Schneider Electric
LinkedIn Logo
Vijay Jajoo
KPMG, Partner, Tech Industry
LinkedIn Logo
Jyothi Charyulu
Director
Fidelity Investments
LinkedIn Logo
Karthik Swarnam
Chief Security and Trust Officer
ArmorCode
LinkedIn Logo
Jimmie Lee
CTO
XFactor.io
LinkedIn Logo
Dr. Koushik Sen
Professor at UC Berkeley,
Software Engineering
LinkedIn Logo
Teza Mukkavilli
Chief Security Officer and Head, IT,
Chargepoint
LinkedIn Logo
Gary Hayslip
CISO, Softbank Investment Advisers, “The Vision Fund”
LinkedIn Logo
Vandana Verma
Security Relations Leader
Snyk
LinkedIn Logo
Upendra  Mardikar
EVP, CISO, TIAA
LinkedIn Logo
Deep Kapadia
VP of Engineering, Ro
LinkedIn Logo
Mithun Rajoor
Head of Application & Infrastructure Security (AIS)
S&P Global
LinkedIn Logo
Nikhil Gupta
Founder & CEO, ArmorCode Inc
LinkedIn Logo
Sean Davis
Chief Security Architect, NielsenIQ
LinkedIn Logo
Poornaprajna Udupi
Executive in Residence
Scale Venture Partners
LinkedIn Logo
Mark Lambert
Chief Product Officer
ArmorCode
LinkedIn Logo
Piyoush Sharma
Head of Enterprise Security, Platform & Web
Zuora
LinkedIn Logo
Valmiki Mukherjee
CEO & Founder
Cybrize
LinkedIn Logo
Julie Tsai
Board Member
Bay Area CSO Council
LinkedIn Logo
Pavi Ramamurthy
Board Member & Treasurer
Information Systems Security Association (ISSA)
LinkedIn Logo
Dhawal Thakker
Principal - Cyber Risk - National Leader - Governance Risk & Compliance
RSM US LLP
LinkedIn Logo
David M'Raihi
Chief Product Security Officer, Rivian
LinkedIn Logo
Robert Rodriguez
Chairman and Founder, SINET
LinkedIn Logo
Arvin Bansal
CISO, Americas, Nissan Motor Corporation
LinkedIn Logo
Jonathan Dambrot
CEO, Cranium AI, Inc.
LinkedIn Logo
David Truong
Senior Principal Research Engineer
iTron
LinkedIn Logo
Munish Gupta
President & Cyber Advisory Head
Inspira Enterprise
LinkedIn Logo
Anshu Gupta
Investor
Silicon Valley CISO Investments
LinkedIn Logo
Adrian Peters
Managing Director, CISO, Vista Equity Partners
LinkedIn Logo
Sangy Vatsa
EVP, CTO, Chief Digital Officer, FIS Global
LinkedIn Logo
Uniting security professionals on a mission to democratize software security and solve its ever-evolving challenges with the power of Community.
The Book
S3M2
Podcast
Blogs
Membership
Explore Membership
Resources
Contact Us
Powered By ArmorCode Inc.
Copyright © 2024. All rights reserved.
|
Privacy Policy
|
Terms & Conditions
The information contained in the Purple Book of Software Security and associated marketing material contains content expressed by Purple Book Community members. These opinions are their own, are not affiliated with the organizations that they belong to and have no commercial affiliation or any endorsement of any commercial products or services, including the community sponsors.

Cookies consent

This website uses cookies to offer you a better experience. Some cookies are necessary and enable core functionalities such as security, network management and accessibility. We also set analytics cookies to help us improve our website by collecting and reporting information on how you use it. By continuing to use this website, you consent to the use of cookies.
Accept & Continue