Overview
Explore the benefits of implementing OWASP Application Security Verification Standard (ASVS) in the early stages of application development in this 35-minute conference talk. Learn how to leverage 189 controls across 16 categories to achieve one of three security levels based on application criticality. Understand the advantages of ASVS over OWASP Top 10, including its specific, measurable, and achievable requirements that enable detailed security testing and evaluation by all stakeholders. Discover how ASVS provides a universal approach to defining security levels for web applications across industries. Delve into topics such as security basics, smart criteria, infrastructure security, and software assurance maturity models. Gain insights on mapping controls and standards, defining levels, and applying ASVS to various aspects of application development, including login services and cardholder clients.
Syllabus
Introduction
Basics
Security
Smart criteria
Aspect of 10
Aspect of 20
Above Top 10
Smart Prism
Top 10
Standard mappings
Defining levels
Mapping controls
Mapping standards
Infrastructure security
ASVS Top 10
Login Service
Cardholder Client
Architecture Perspective
Software Assurance maturity models
Conclusion
Taught by
NDC Conferences