[Owasp-leaders] OWASP Application Security Verification Standard 3.0.1 released!
daniel at owasp.org
Thu Jun 30 06:36:58 UTC 2016
A huge thanks to all who submitted bugs and helped us get to another great
release. If you've used it at your company, or on a project, would you mind
dropping us a mail?
Andrew, Jim and I would love to hear where/how you are using the ASVS.
thanks again to everyone who contributed.
On 29 June 2016 at 14:19, Andrew van der Stock <vanderaj at owasp.org> wrote:
> Hi there,
> I am pleased to announce that through the auspices of the most awesome
> AppSec EU Project Summit, the OWASP Application Security Verification
> Standard 3.0.1 has been released!
> List of changes:
> Thank you to all those who logged issues, these have all been resolved,
> making 3.0.1 a much cleaner standard! If you find an issue that needs
> resolving, please log them directly in GitHub.
> I think the next version will be v4.0 and let's set a date of AppSec USA
> 2017, with working parties at each of the Project Summits at AppSec USA
> 2016 and AppSec EU 2017.
> Some ideas for future topics of conversation
> * Add infrastructure / platform section
> * Add SDLC section
> * Revamp architecture section
> * Add more requirements on single page application (SPA) applications
> * Add more DOM protection issues
> * Consider if we need to add an IoT section
> * Closer integration with the killer OWASP SKF project (GET IT!)
> * Closer integration with all the other killer OWASP Guides
> * Consider breaking into Core, Mobile, App, SPA, IoT, Web Service so you
> can mix and match
> * Maintain all existing sections, weeding out old or ambiguous requirements
> If you feel you have something to contribute, either log issues marked as
> "4.0" milestone, or mail the ASVS mail list, or mail one of the project
> leaders! Actively looking for more contributors!
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the OWASP-Leaders