ISO/IEC 17799:2005 and the ISO/IEC 27000:2014 Series
The material in this appendix is taken from the ISO (International Organization for Standardization) web site sections pertaining to information security. I have included it as a convenient compliance resource because it is referred to in Chapter 8 and other places throughout the book and is highly regarded. Having said that, its inclusion is more for completeness than for any significant contribution to web application security vulnerability knowledge. Even the most closely related ISO standards do not go into detail about web application security.