[OWASP-Delhi] OWASP Application Security Verification Standard 3.0.1 released!

Sandeep Singh sandeep.singh at owasp.org
Wed Jun 29 18:31:10 UTC 2016

Hello all,

The OWASP Application Security Verification Standard 3.0.1 has been


List of changes:

If you find an issue that needs resolving, please log them directly in

Some ideas for future topics of conversation for next release

* Add infrastructure / platform section
* Add SDLC section
* Revamp architecture section
* Add more requirements on single page application (SPA) applications
* Add more DOM protection issues
* Consider if we need to add an IoT section
* Closer integration with the killer OWASP SKF project (GET IT!)
* Closer integration with all the other killer OWASP Guides
* Consider breaking into Core, Mobile, App, SPA, IoT, Web Service so you
can mix and match
* Maintain all existing sections, weeding out old or ambiguous requirements

If you feel you have something to contribute, either log issues marked as
"4.0" milestone, or mail the ASVS mail list, or mail one of the project
leaders directly!

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-delhi/attachments/20160630/e060a5c5/attachment.html>

More information about the OWASP-Delhi mailing list