[Owasp-newcastle] OWASP ASVS 3.0.1 released

Mike Goodwin mike.goodwin at owasp.org
Thu Jun 30 08:52:37 UTC 2016

Hello all - This came through on the OWASP chapter leaders mailing list

*Mike Goodwin*
OWASP Newcastle UK Chapter Leader
OWASP Threat Dragon Project Leader


Hi there,

I am pleased to announce that through the auspices of the most awesome
AppSec EU Project Summit, the OWASP Application Security Verification
Standard 3.0.1 has been released!


List of changes:

Thank you to all those who logged issues, these have all been resolved,
making 3.0.1 a much cleaner standard! If you find an issue that needs
resolving, please log them directly in GitHub.

I think the next version will be v4.0 and let's set a date of AppSec USA
2017, with working parties at each of the Project Summits at AppSec USA
2016 and AppSec EU 2017.

Some ideas for future topics of conversation

* Add infrastructure / platform section
* Add SDLC section
* Revamp architecture section
* Add more requirements on single page application (SPA) applications
* Add more DOM protection issues
* Consider if we need to add an IoT section
* Closer integration with the killer OWASP SKF project (GET IT!)
* Closer integration with all the other killer OWASP Guides
* Consider breaking into Core, Mobile, App, SPA, IoT, Web Service so you
can mix and match
* Maintain all existing sections, weeding out old or ambiguous requirements

If you feel you have something to contribute, either log issues marked as
"4.0" milestone, or mail the ASVS mail list, or mail one of the project
leaders! Actively looking for more contributors!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-newcastle/attachments/20160630/308ea13f/attachment.html>

More information about the Owasp-newcastle mailing list