In the ocean of cybersecurity threats, dependencies and vulnerabilities there is, luckily, a lighthouse called OWASP. Check out which OWASP resources you should know to follow the best security standards.
What is OWASP?
OWASP (Open Web Application Security Project) is a non-profit organization dedicated to improving the security of software through education, research, and community collaboration.
The organization shares knowledge through countless open-source projects, documentation, and educational events. If you're looking to improve the security of your software, OWASP is an excellent place to start.
Top OWASP resources to know by developers, security newbies and tech startups
OWASP guidelines and standards in one place:
OWASP Top 10
This is a great place to start. This document outlines the ten most popular vulnerabilities to be discovered in web apps. By following the guidelines outlined in the OWASP Top 10, you can ensure that your app is secure from the most common attacks.
OWASP ASVS
OWASP ASVS stands for Application Security Verification Standards. This is a standard checklist developed by OWASP that touches on different aspects of web app software development. Check the list and find out if your app meets dozens of security standards.
OWASP MASVS
OWASP MASVS stands for Mobile Application Security Verification Standard. This is a standard checklist made exclusively for mobile application security. If you work with mobile apps, the OWASP MASVS is a document you should read.
OWASP Cheat Sheet
If you've read through the OWASP ASVS and OWASP MASVS and still need some guidance, the OWASP Cheat Sheet is a helpful resource. This document summarizes the top security standards and processes in a nutshell. It's developed by security experts, and everyone can contribute to it. All pull requests are verified by project leaders.
Dive much deeper into software security
Looking for a comprehensive knowledge base about app security? Download the free security ebook and get to know top tools, standards and best practices.
By Rafał Hofman, Fullstack Developer @ Bright Inventions.
Top comments (0)