9. Requirements
• Architecture, Design and Threat
Modeling
• Authentication
• Session Management
• Access Control
• Validation, Sanitization and
Encoding
• Stored Cryptography
• Error Handling and Logging
• Data Protection
• Communications
• Malicious Code
• Deployed Application Integrity
• Business Logic
• File and Resources
• API and Web Service
10. We are here because
• Security is important
• We want to learn about OWASP ASVS
• We want our lives to be easier as…
• We …
11. More Benefits
Founder Developer
Business Enablement Career Boost
Investing in your technological savings Reduce chatter around security
Proactively secure your start up Proactively secure your application
Minimizing security costs in development
and incidents
An intelligent security discussion
An intelligent security discussion
12. ASVS Project Goal
• Standardise security verification in a practical
way
OWASP Top 10 does not achieve this goal