This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Category:OWASP Application Security Verification Standard Project"

From OWASP
Jump to: navigation, search
m (Archive - Previous Version)
(Internationalization)
Line 245: Line 245:
  
 
[[Image:Asvs-writing.JPG]]
 
[[Image:Asvs-writing.JPG]]
 +
If you can help with translations, please download the latest draft here:
 +
https://github.com/OWASP/ASVS
  
The ASVS project is always on the lookout for volunteers who are interested in translating ASVS into another language.  
+
If there are any incomprehensible English idiom or phrases in there, please don't hesitate to ask for clarification, because if it's hard to translate, it's almost certainly wrong in English as well. We recommend logging translation issues in GitHub, too, so please make yourself known.  
  
[http://owasp-project-management.googlecode.com/svn/trunk/documentation/asvs-translating.pdf Translation Onboarding Instructions]
+
Translations are coordinated through OWASP's Crowd In account, so you don't have to do the entire thing yourself.
 +
https://crowdin.com/project/owasp-asvs/
 +
 
 +
You don't HAVE to use Crowd In, but it would be nice to indicate to other native speakers of your language that you are willing to work together. This is a 70 page document, and in all honesty, will take a dedicated person a week or more to translate, so please please please work together rather than apart. You have full access to the original document and the original images, so you have everything I have.
  
 
= Archive - Previous Version =
 
= Archive - Previous Version =

Revision as of 01:10, 18 December 2015

Flagship big.jpg

What is ASVS?

The OWASP Application Security Verification Standard (ASVS) Project provides a basis for testing web application technical security controls.

The primary aim of the OWASP Application Security Verification Standard (ASVS) Project is to normalize the range in the coverage and level of rigor available in the market when it comes to performing Web application security verification using a commercially-workable open standard. The standard provides a basis for testing application technical security controls, as well as any technical security controls in the environment, that are relied on to protect against vulnerabilities such as Cross-Site Scripting (XSS) and SQL injection. This standard can be used to establish a level of confidence in the security of Web applications. The requirements were developed with the following objectives in mind:

  • Use as a metric - Provide application developers and application owners with a yardstick with which to assess the degree of trust that can be placed in their Web applications,
  • Use as guidance - Provide guidance to security control developers as to what to build into security controls in order to satisfy application security requirements, and
  • Use during procurement - Provide a basis for specifying application security verification requirements in contracts.


<paypal>ASVS</paypal>

Email List

Asvs-bulb.jpg Project Email List

Project Leader

Daniel Cuthbert @
Andrew van der Stock @

Related Projects

Asvs-satellite.jpgOWASP Resources


Quick Download

ASVS 3.0 in English.
(download PDF - 1.2 MB)

News and Events

  • [9 Oct 2015] Version 3.0 released!
  • [20 May 2015] "First Cut" Version 3.0 released!
  • [11 Aug 2014] Version 2.0 released!
  • [28 Mar 2014] List of contributors added
  • [27 Mar 2014] New wiki template!

Classifications

Owasp-flagship-trans-85.png Owasp-builders-small.png
Owasp-defenders-small.png
Cc-button-y-sa-small.png
Project Type Files DOC.jpg