Are you working on security requirements in software development, test or procurement? There is no need to re-invent the wheel. See the talk on how OWASP Application Security Verification Standard (ASVS) can help.
At the BSides Oslo conference, 23 May 2019, Erlend Andreas Gjære held a talk on OWASP ASVS. See his presentation in the video below, and download our ASVS spreadsheet to get started yourself.
You may already be familiar with OWASP Top 10, which is well suited for creating awareness about the most common security vulnerabilities in web applications. However, OWASP ASVS provides a more proactive approach to application security, offering detailed requirements based on a chosen risk profile.
The talk shows both how OWASP ASVS is appropriate as a template for security requirements in both code you develop yourself, and for applications that are procured from others.
We have in addition expanded the ASVS spreadsheet with a few columns which allow us to measure status over time, relative to a maturity scale which is similar to what we do for ISO27001 controls in our company.
If you are interested in learning more about the security in our own cloud services, feel free to ask. And please use our dedicated channel if you happen to have found a potential security vulnerability with us.
‒ Saves time on security help
See how MailRisk ensures efficient awareness and help with suspicious emails among employees in the entire company.
Read about MailRisk at Tussa →
MailRisk in 90 seconds
Learn how all employees can contribute to better security in your company!
«MailRisk offers a unique way for both employees and companies to detect and respond to targeted email threats.»
Outstandig Security Performance Awards
Check out MailRisk →