[Owasp-testing] OWASP Testing Guide v2 vs. v1
matteo.meucci at gmail.com
Tue Mar 4 14:31:11 EST 2008
yes the OWASP Testing Guide v2 completely replace the v1. Here is the
Here you can find the new set of controls:
We are planning to begin the new project regarding v3. Keep tuned.
On Tue, Mar 4, 2008 at 3:44 PM, Thorin Oakenshield <kingthorin at gmail.com> wrote:
> Hi , I was recently reviewing the version 2 testing guide
> http://www.owasp.org/index.php/Image:OWASP_Testing_Guide_v2_doc.zip, I was
> wondering if this is meant to compliment the older version 1 checklists/docs
> or replace them?
> Looking at the table in v2 (pgs 34 & 35) for example, does "OWASP-AT-001 :
> Default or guessable account" replace the older "OWASP-AUTHN-004 : Default
> I'm guessing that v2 replaces the older stuff since there seems to be a lot
> of overlap, but I wanted to confirm since v2 does not seem to cover
> absolutely everything that v1 did (OWASP-DP-001 for example). The
> http://www.owasp.org/index.php/OWASP_Testing_Project page does not make this
> clear at all.
> I'm also curious about the status of v3.
> Owasp-testing mailing list
> Owasp-testing at lists.owasp.org
OWASP-Italy Chair, CISSP, CISA
OWASP Testing Guide lead
More information about the Owasp-testing