Главная
Study mode:
on
1
Intro
2
Andrew van der Stock
3
What is the ASVS?
4
Who is involved?
5
What's new
6
Modern web applications
7
What's changed
8
is the new minimum
9
PCI DSS 6.5.x
10
What's gone
11
V1 Architecture
12
Authentication
13
Session Management
14
Access Control
15
Stored Cryptography
16
Error handling
17
Data Protection
18
Communications Security
19
Malicious Code
20
Business Logic Verification
21
Files and Resources
22
API Security
23
Configuration
24
Generally Accepted Security Practices
25
How to get involved
Description:
Explore the latest updates and changes in the OWASP Application Security Verification Standard 4.0 through this conference talk from nullcon Goa 2019. Learn about new controls, complete renumbering, and how to adapt the ASVS for specific industries or companies. Discover a novel attack technique and gain insights into modern web application security. Delve into topics such as architecture, authentication, session management, access control, cryptography, error handling, data protection, communications security, malicious code, business logic verification, API security, and configuration. Understand the importance of generally accepted security practices and find out how to contribute to this essential security standard.

Introducing the ASVS 4.0

nullcon
Add to list
#Conference Talks #nullcon #Programming #Web Development #Software Development #Information Security (InfoSec) #Cybersecurity #Access Control #Application Security #Session Management #PCI DSS Compliance
1 of 25

Intro