OWASP Application Security Verification Standard (ASVS)

By : 6clicks
The primary aim of the OWASP Application Security Verification Standard (ASVS) Project is to normalize the range in the coverage and level of rigor available in the market when it comes to performing Web application security verification using a commercially-workable open standard. 
In stock


The standard provides a basis for testing application technical security controls, as well as any technical security controls in the environment, that are relied on to protect against vulnerabilities such as Cross-Site Scripting (XSS) and SQL injection. This standard can be used to establish a level of confidence in the security of Web applications.

The ASVS is a community-driven effort to establish a framework of security requirements and controls that focus on defining the functional and non-functional security controls required when designing, developing and testing modern web applications and web services. The ASVS includes 286 controls across 14 domains, which are:

  • Architecture
  • Authentication
  • Session
  • Access
  • Validation
  • Cryptography
  • Error
  • Data
  • Communications
  • Malicious
  • BusLogic
  • Files
  • API
  • Config

Getting Started

Click "Book a demo" and our team will provide you with an overview of our content library within the 6clicks GRC platform.

More Information

More Information
Jurisdiction All
Type Laws or related obligations