[Owasp-testing] RFC: Common numbering proposal # 1

Boberski, Michael [USA] boberski_michael at bah.com
Wed Jan 6 14:44:42 EST 2010


Let us work on this using a specific example, SQL Injection: 

Here is a proposal for your consideration:

ASVS Ref. Number
OWASP-V0604

TG Ref. Number
OWASP-T0604-DV-005
(compared to currently: OWASP-DV-005)

CRG Ref. Number
OWASP-C0604-DV-005

Guide Ref. Number
OWASP-D0604 
(goes into guidance at this level, in the next release)

Where,

OWASP-V0604 == V6.4  Verify that all untrusted data that is output to SQL interpreters use parameterized interfaces, prepared statements, or are escaped properly. 
 
Mike B.


More information about the Owasp-testing mailing list