Hi All
Thank you for your replies, they have been very useful and will
certainly help identifying things that need to appear in the standard.
We're trying to make the standard something that is easily auditable,
and have decided to further split items into two categories, those that
should
I'd like to mention that OWASP is about to release a Beta version of its
Application Security Verification Standard (ASVS) - Web Application
Edition.
This standard (which is language agnostic) provides a checklist of
security requirements that web applications should meet and it is
organized into
