This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Project Information:template OWASP Application Security Verification Standard Project"

From OWASP
Jump to: navigation, search
 
(6 intermediate revisions by the same user not shown)
Line 7: Line 7:
 
  | style="width:15%; background:#7B8ABD" align="center"| '''Short Project Description'''  
 
  | style="width:15%; background:#7B8ABD" align="center"| '''Short Project Description'''  
 
  | colspan="7" style="width:85%; background:#cccccc" align="left"|
 
  | colspan="7" style="width:85%; background:#cccccc" align="left"|
The primary aim of the OWASP ASVS Project is to normalize the range of coverage and level of rigor available in the market when it comes to performing application-level security verification. The goal is to create a set of commercially-workable open standards that are tailored to specific web-based technologies.
+
[[Image:Asvs-bannerbug.JPG|200px|right]]Whereas the OWASP Top Ten Project is a tool that provides web application security awareness, the OWASP "Application Security Verification Standard" (also known as "ASVS") is a commercially-workable open standard that defines ranges in coverage and levels of rigor that can be used to perform application security verifications. It is the very first standard that OWASP has published!
 
*The '''OWASP ASVS Web Application Edition''' can be used to establish a level of confidence in the security of web applications. It is currently available in English.
 
*The '''OWASP ASVS Web Application Edition''' can be used to establish a level of confidence in the security of web applications. It is currently available in English.
 
*The '''OWASP ASVS Web Service Edition''' can be used to establish a level of confidence in the security of web services. It is currently under development and is not yet available for release.
 
*The '''OWASP ASVS Web Service Edition''' can be used to establish a level of confidence in the security of web services. It is currently under development and is not yet available for release.
Line 24: Line 24:
 
  ! align="center" style="background:#7B8ABD; color:white"|<font color="black">'''Related Projects'''  
 
  ! align="center" style="background:#7B8ABD; color:white"|<font color="black">'''Related Projects'''  
 
  |-
 
  |-
  | style="width:29%; background:#cccccc" align="center"|Official release version: [[:Category:OWASP_Project_Assessment#Beta_Quality_Documentation_Criteria|'''Beta''']]<br>[[:Project Information:template Application Security Verification Standard - Proposal - Assessment Frame|Please see here for complete information.]]
+
  | style="width:29%; background:#cccccc" align="center"|'''Web Application Edition''' release version: [[:Category:OWASP_Project_Assessment#Beta_Quality_Documentation_Criteria|'''Beta''']]<br>[[:Project Information:template Application Security Verification Standard - Proposal - Assessment Frame|Please see here for complete information.]]
 
  | style="width:42%; background:#cccccc" align="center"|
 
  | style="width:42%; background:#cccccc" align="center"|
 
'''About OWASP ASVS''': [http://www.owasp.org/index.php/Category:OWASP_Application_Security_Verification_Standard_Project#OWASP_ASVS_Presentation_Downloads '''Powerpoint'''].<br>
 
'''About OWASP ASVS''': [http://www.owasp.org/index.php/Category:OWASP_Application_Security_Verification_Standard_Project#OWASP_ASVS_Presentation_Downloads '''Powerpoint'''].<br>
'''Download free''': [[:Image:OWASP ASVS Web Edition 2008 Beta.doc|'''Word''']] and [[:Image:OWASP ASVS Web Edition 2008 Beta.pdf|'''PDF''']].
+
'''Download free''': [http://www.owasp.org/index.php/Category:OWASP_Application_Security_Verification_Standard_Project#OWASP_ASVS_Beta_Downloads Word] and [http://www.owasp.org/index.php/Category:OWASP_Application_Security_Verification_Standard_Project#OWASP_ASVS_Beta_Downloads PDF].
  | style="width:29%; background:#cccccc" align="center"|Please see Categories below
+
| style="width:29%; background:#cccccc" align="center"|[http://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project OWASP Top Ten]<br>[http://www.owasp.org/index.php/Category:OWASP_Legal_Project OWASP Legal Project]<br>[http://www.owasp.org/index.php/Category:OWASP_Enterprise_Security_API OWASP Enterprise Security API (ESAPI)]
 +
|-
 +
| style="width:15%; background:#7B8ABD" align="center"| '''Latest Project News'''  
 +
  | colspan="7" style="width:85%; background:#FFDF80" align="left"|
 +
*'''Updated Article:''' [http://www.owasp.org/index.php/How_to_bootstrap_your_SDLC_with_verification_activities How to bootstrap your SDLC with verification activities]
 +
*'''New Announcement:''' OWASP ASVS has been integrated into the [[OWASP Secure Software Contract Annex]] in the [[OWASP Legal Project]]
 
  |}
 
  |}

Latest revision as of 18:53, 26 February 2009

PROJECT INFORMATION
Project Name OWASP Application Security Verification Standard (ASVS) Project
Short Project Description
Asvs-bannerbug.JPG
Whereas the OWASP Top Ten Project is a tool that provides web application security awareness, the OWASP "Application Security Verification Standard" (also known as "ASVS") is a commercially-workable open standard that defines ranges in coverage and levels of rigor that can be used to perform application security verifications. It is the very first standard that OWASP has published!
  • The OWASP ASVS Web Application Edition can be used to establish a level of confidence in the security of web applications. It is currently available in English.
  • The OWASP ASVS Web Service Edition can be used to establish a level of confidence in the security of web services. It is currently under development and is not yet available for release.
Key Project Information Project Leader
Mike Boberski
Project Contributors
Jeff Williams
Dave Wichers
Mailing List
Subscribe here
Use here
Licensed under
Creative Commons Attribution ShareAlike 3.0
Project Type
Documentation
Sponsors
Aspect Security
Booz Allen Hamilton
OWASP SoC 08
Release Status Main Links Related Projects
Web Application Edition release version: Beta
Please see here for complete information.

About OWASP ASVS: Powerpoint.
Download free: Word and PDF.

OWASP Top Ten
OWASP Legal Project
OWASP Enterprise Security API (ESAPI)
Latest Project News