This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit

OWASP Software Component Verification Standard

Jump to: navigation, search
OWASP Project Header.jpg

OWASP Software Component Verification Standard

This project is currently incubating... Stay tuned.


The guide is licensed under the Creative Commons Attribution-ShareAlike 4.0 license, so you can copy, distribute and transmit the work, and you can adapt it, and use it commercially, but all provided that you attribute the work and if you alter, transform, or build upon this work, you may distribute the resulting work only under the same or similar license to this one.

Project Resources

Project Leader

Steve Springett

Related Projects


Project Type Files DOC.jpg
Incubator Project Owasp-builders-small.png
Creative Commons Attribution ShareAlike 3.0 License

As of August, 2019, the highest priority is to get a usable rough draft which can be iterated on by December 31, 2019.

Involvement in the development and promotion of OWASP SCVS is actively encouraged! You do not have to be a security expert or a programmer to contribute. Some of the ways you can help are as follows:

  • Supply chain risk identification
  • Documentation
  • Strategy
  • Messaging

What does this OWASP project offer you?
What releases are available for this project?
what is this project?
Name: Software Component Verification Standard
Purpose: N/A
License: Creative Commons Attribution ShareAlike 3.0 License
who is working on this project?
Project Leader(s):
how can you learn more?
Project Pamphlet: Not Yet Created
Project Presentation:
Mailing list: N/A
Project Roadmap: Not Yet Created
Main links:
Key Contacts
current release
Not Yet Published
last reviewed release
Not Yet Reviewed

other releases