BSides Oslo 2019

May 23rd, 2019 at MESH

Appsec requirements with OWASP ASVS

Time: 11:00
Length: 20 minutes

OWASP Application Security Verification Standard (ASVS) is a framework for security requirements and verification of these. Compared to OWASP Top 10, ASVS offers a more proactive approach to application security, with differentiated requirements based on the chosen risk profile.

The talk shows how ASVS can be useful as both a template for security requirements in internal software development, as well as for testing applications which are developed by others.


Erlend Andreas Gjære

Erlend Andreas Gjære is a specialist in security and people, and co-founder of the award-winning security software company Secure Practice. In addition to software and business development, his interests are focussed on human factors for information security, including security awareness, training, and culture, risk, behavior and user experiences.