Bridging the Gap: ASVS and Practical Application #2443
Unanswered
dn281090pdi
asked this question in
Q&A
Replies: 1 comment
-
|
We are not mapping each requirement to some other project - maybe it is or will be done by CRE project. In ASVS, we link related OWASP project for each chapter in a "References" section. As it requires fixing case-by-case please point out precise terms that are not understandable. |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
The ASVS checklist contains many technical details that are difficult for non-security specialists to interpret. This creates difficulties both at the design stage, when it is necessary to formulate security requirements, and at the testing stage, when it is necessary to verify their implementation. Linking each ASVS item to related OWASP projects, such as WSTG, CheetSheets, etc, where examples of secure design and verification options are provided, would greatly simplify the use of the standard and make it more accessible to a wider range of professionals.
Beta Was this translation helpful? Give feedback.
All reactions