[Owasp-egypt] Fwd: [Owasp-leaders] OWASP Application Security Verification Standard 3.0.1 released!

Mohamed Alfateh mohamed.alfateh at owasp.org
Thu Jun 30 21:58:59 UTC 2016


FYI, ASVS version 3 is available now

---------- Forwarded message ----------
From: *Andrew van der Stock* <vanderaj at owasp.org>
Date: Wednesday, June 29, 2016
Subject: [Owasp-leaders] OWASP Application Security Verification Standard
3.0.1 released!
To: "owasp-leaders at lists.owasp.org" <owasp-leaders at lists.owasp.org>, "
owasp-application-security-verification-standard at lists.owasp.org" <
owasp-application-security-verification-standard at lists.owasp.org>
Cc: Jim Manico <jim.manico at owasp.org>


Hi there,

I am pleased to announce that through the auspices of the most awesome
AppSec EU Project Summit, the OWASP Application Security Verification
Standard 3.0.1 has been released!

https://www.owasp.org/index.php/Category:OWASP_Application_Security_Verification_Standard_Project#tab=Downloads

List of changes:
https://github.com/OWASP/ASVS/issues?q=milestone%3A3.0.1+is%3Aclosed

Thank you to all those who logged issues, these have all been resolved,
making 3.0.1 a much cleaner standard! If you find an issue that needs
resolving, please log them directly in GitHub.

I think the next version will be v4.0 and let's set a date of AppSec USA
2017, with working parties at each of the Project Summits at AppSec USA
2016 and AppSec EU 2017.

Some ideas for future topics of conversation

* Add infrastructure / platform section
* Add SDLC section
* Revamp architecture section
* Add more requirements on single page application (SPA) applications
* Add more DOM protection issues
* Consider if we need to add an IoT section
* Closer integration with the killer OWASP SKF project (GET IT!)
* Closer integration with all the other killer OWASP Guides
* Consider breaking into Core, Mobile, App, SPA, IoT, Web Service so you
can mix and match
* Maintain all existing sections, weeding out old or ambiguous requirements

If you feel you have something to contribute, either log issues marked as
"4.0" milestone, or mail the ASVS mail list, or mail one of the project
leaders! Actively looking for more contributors!

thanks,
Andrew
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-egypt/attachments/20160630/0f6f8ffa/attachment.html>


More information about the Owasp-egypt mailing list