Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

NDC Conferences

From the OWASP Top Ten to the OWASP ASVS

NDC Conferences via YouTube

Overview

Explore a comprehensive conference talk that delves into the limitations of relying solely on the OWASP Top Ten for web application security. Learn why the OWASP Application Security Verification Standard (ASVS) v4.0 provides a more robust framework for defining and implementing secure software. Discover how the ASVS's 180+ requirements offer a nuanced approach to technical security controls for web and API applications, surpassing the basic awareness provided by top ten lists. Gain insights into using the ASVS as a foundation for a thorough Application Security program, covering topics such as architecture, authentication, password storage, session management, input validation, cryptography, data protection, communication security, business logic verification, and REST security.

Syllabus

Introduction
ASVS
The Team
NIST 863
Changes in web development
Common Weakness Enumeration
Standards Worth
Levels of Severity
DevOps
What we removed
Architecture
Authentication
Password Storage
Session Management
Input Validation
Store Cryptography
Data Protection
Communication Security
Business Logic Verification
REST Security

Taught by

NDC Conferences

Reviews

Start your review of From the OWASP Top Ten to the OWASP ASVS

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.