Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Introducing the ASVS 4.0

nullcon via YouTube

Overview

Explore the latest updates and changes in the OWASP Application Security Verification Standard 4.0 through this conference talk from nullcon Goa 2019. Learn about new controls, complete renumbering, and how to adapt the ASVS for specific industries or companies. Discover a novel attack technique and gain insights into modern web application security. Delve into topics such as architecture, authentication, session management, access control, cryptography, error handling, data protection, communications security, malicious code, business logic verification, API security, and configuration. Understand the importance of generally accepted security practices and find out how to contribute to this essential security standard.

Syllabus

Intro
Andrew van der Stock
What is the ASVS?
Who is involved?
What's new
Modern web applications
What's changed
is the new minimum
PCI DSS 6.5.x
What's gone
V1 Architecture
Authentication
Session Management
Access Control
Stored Cryptography
Error handling
Data Protection
Communications Security
Malicious Code
Business Logic Verification
Files and Resources
API Security
Configuration
Generally Accepted Security Practices
How to get involved

Taught by

nullcon

Reviews

Start your review of Introducing the ASVS 4.0

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.