This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Projects/OWASP Application Security Verification Standard Project"

From OWASP
Jump to: navigation, search
 
(6 intermediate revisions by 2 users not shown)
Line 3: Line 3:
 
| project_name = OWASP Application Security Verification Standard Project  
 
| project_name = OWASP Application Security Verification Standard Project  
  
| project_home_page = :Category:OWASP Application Security Verification Standard Project
+
| project_home_page = :Category:OWASP_Application_Security_Verification_Standard_Project
  
 
| project_description =  
 
| project_description =  
The primary aim of the OWASP Application Security Verification Standard (ASVS) Project is to normalize the range in the coverage and level of rigor available in the market when it comes to performing Web application security verification using a commercially-workable open standard. The standard provides a basis for testing application technical security controls, as well as any technical security controls in the environment, that are relied on to protect against vulnerabilities such as Cross-Site Scripting (XSS) and SQL injection. This standard can be used to establish a level of confidence in the security of Web applications. The requirements were developed with the following objectives in mind:
+
The primary aim of the OWASP Application Security Verification Standard (ASVS) Project is to normalize the range in the coverage and level of rigour available in the market when it comes to performing Web application security verification using a commercially-workable open standard. The standard provides a basis for testing application technical security controls, as well as any technical security controls in the environment, that are relied on to protect against vulnerabilities such as Cross-Site Scripting (XSS) and SQL injection. This standard can be used to establish a level of confidence in the security of Web applications. The requirements were developed with the following objectives in mind:
  
 
* Use as a metric - Provide application developers and application owners with a yardstick with which to assess the degree of trust that can be placed in their Web applications,
 
* Use as a metric - Provide application developers and application owners with a yardstick with which to assess the degree of trust that can be placed in their Web applications,
Line 13: Line 13:
  
 
| project_license = [http://creativecommons.org/licenses/by-sa/3.0/ Creative Commons Attribution ShareAlike 3.0]
 
| project_license = [http://creativecommons.org/licenses/by-sa/3.0/ Creative Commons Attribution ShareAlike 3.0]
| leader_name1 = To be definied
+
| leader_name1 = Sahba Kazerooni
| leader_email1 =
+
| leader_email1 = [email protected]
| leader_username1 =  
+
| leader_username1 = skazerooni
 +
| leader_name2 = Daniel Cuthbert
 +
| leader_email2 = [email protected]
 +
| leader_username2 =  
  
 
| contributor_name1 = Dave Wichers
 
| contributor_name1 = Dave Wichers
Line 53: Line 56:
  
 
| release_4 =
 
| release_4 =
 +
 +
| project_about_page = Projects/OWASP_Application_Security_Verification_Standard_Project
 +
 
}}
 
}}

Latest revision as of 18:25, 14 April 2011

PROJECT INFO
What does this OWASP project offer you?
RELEASE(S) INFO
What releases are available for this project?
what is this project?
Name: OWASP Application Security Verification Standard Project (home page)
Purpose: The primary aim of the OWASP Application Security Verification Standard (ASVS) Project is to normalize the range in the coverage and level of rigour available in the market when it comes to performing Web application security verification using a commercially-workable open standard. The standard provides a basis for testing application technical security controls, as well as any technical security controls in the environment, that are relied on to protect against vulnerabilities such as Cross-Site Scripting (XSS) and SQL injection. This standard can be used to establish a level of confidence in the security of Web applications. The requirements were developed with the following objectives in mind:
  • Use as a metric - Provide application developers and application owners with a yardstick with which to assess the degree of trust that can be placed in their Web applications,
  • Use as guidance - Provide guidance to security control developers as to what to build into security controls in order to satisfy application security requirements, and
  • Use during procurement - Provide a basis for specifying application security verification requirements in contracts.
License: Creative Commons Attribution ShareAlike 3.0
who is working on this project?
Project Leader(s):
Project Contributor(s):
how can you learn more?
Project Pamphlet: View
Project Presentation: View
Mailing list: Mailing List Archives
Project Roadmap: Not Yet Created
Main links:
Key Contacts
current release
ASVS - 2009 Edition - 2009 - (download)
Release description: N/A
Rating: Greenlight.pngGreenlight.pngGreenlight.png Stable Release - Assessment Details
last reviewed release
ASVS - SoC 2008 Edition - 2008 - (download)
Release description: Beta Release
Rating: Greenlight.pngGreenlight.png Beta Release - Assessment Details


other releases