OWASP/Training/OWASP Application Security Verification Standard (ASVS)
Revision as of 13:53, 13 April 2011 by Paulo Coimbra
|OWASP Application Security Verification Standard Project (ASVS)|
|Overview & Goal|
|The primary aim of the OWASP Application Security Verification Standard (ASVS) Project is to normalize the range in the coverage and level of rigor available in the market when it comes to performing Web application security verification using a commercially-workable open standard. The standard provides a basis for testing application technical security controls, as well as any technical security controls in the environment, that are relied on to protect against vulnerabilities such as Cross-Site Scripting (XSS) and SQL injection.|
This standard can be used to establish a level of confidence in the security of Web applications. The requirements were developed with the following objectives in mind:
You can browse ASVS online from here.