OWASP ASVS Standard

@OWASP_ASVS

Official OWASP Application Security Verification Standard (ASVS) account.

Worldwide
owasp.org/index.php/Cate…
Vrijeme pridruživanja: siječanj 2019.
0 fotografija ili videozapisa Fotografije i videozapisi

Tweetovi

Blokirali ste korisnika/cu @OWASP_ASVS

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @OWASP_ASVS

  1. proslijedio/la je Tweet
    30. sij

    Great to see the standard has been picked for the winter projects summit, congrats to all involved... I wouldn't mind a few days in Cancun, just saying cc:

    1 reply 1 proslijeđeni tweet 1 korisnik označava da mu se sviđa
    Poništi
  2. proslijedio/la je Tweet
    30. sij

    Yes indeed :) Tune in tonight to discover all this and more about the ! 5pm GMT, 12pm EDT, 9am PDT

    Good to know.. Application Security Verification Standard v4 data protection section embeds GDPR privacy
    1 reply 1 proslijeđeni tweet 1 korisnik označava da mu se sviđa
    Poništi
  3. proslijedio/la je Tweet
    18. pro 2019.

    What a time to be alive. After VAGgate, where VW was a bit naughty, there exists a ecosystem to reflash your maps back to pre vag emissions fix With Mercedes now caught too, they are silently flashing the firmware during services

    11 proslijeđenih tweetova 14 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  4. proslijedio/la je Tweet
    13. pro 2019.

    Dear , your advice to Ring consumers is not great and not NIST 800-63 compliant. Please add breached password detection (i.e. clients who use breached passwords are asked to change), and remove password rotation (it doesn't work!) Source: I co-lead &

    Ring’s Services Have Not Been Compromised - Here’s What You Need to Know:
    5 proslijeđenih tweetova 30 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  5. proslijedio/la je Tweet
    7. pro 2019.

    As custodians of sensitive vulnerability reports, I’d have expected far better appsec practices. This is stuff I’d have expected at the turn of the century, not 2019. Ideally your web apps should be, at a minimum, Level 2 compliant.

    1 proslijeđeni tweet 8 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  6. proslijedio/la je Tweet
    23. svi 2019.

    The 2020 will be starting later this year. We need data, as does , and everything that MUST use evidence to justify choice or efficacy of controls. I am creating “ Data Science Project” to collect and analyze data. Who wants in? RT pls

    15 replies 99 proslijeđenih tweetova 102 korisnika označavaju da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  7. proslijedio/la je Tweet
    29. lis 2019.
    Odgovor korisnicima i sljedećem broju korisnika:

    I started to read your comment and was saying to myself "so his presentations are after he removed 7-26 wooooo I need to talk to him" 😳 Your last paragraph fixed that impression 😂 Yet, your presentation are always super awesome!

    1 reply 1 proslijeđeni tweet 3 korisnika označavaju da im se sviđa
    Poništi
  8. proslijedio/la je Tweet
    30. lis 2019.

    I found a similar vulnerability at a client a couple years back when i helped a dev do a review against ! Found and fixed well before release.

    API vulnerabilities are often simple things that are overlooked. The Vatican's ClickToPray application returned a secret PIN in the API response. The key to catching such vulnerabilities is thorough code reviews!
    3 proslijeđena tweeta 5 korisnika označava da im se sviđa
    Poništi
  9. proslijedio/la je Tweet
    29. lis 2019.

    I'm presenting about the at the meeting next week. Similar talk to except I have half the time and I have also completely reworked the slides and changed the focus of the talk :)

    2 proslijeđena tweeta 15 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  10. proslijedio/la je Tweet
    19. ruj 2019.
    Odgovor korisnicima

    Learning GraphQL: Declarative Data Fetching for Modern Web Apps by and Programming TypeScript: Making Your JavaScript Applications Scale by I skipped GraphQL and TypeScript days at the brain gym, and we're starting to see a ton more of this stuff

    1 proslijeđeni tweet 3 korisnika označavaju da im se sviđa
    Poništi
  11. proslijedio/la je Tweet
    7. ruj 2019.

    My son is already so excited for next year. He told me he wants to meet “That crazy Japanese guy and the cactus dude you told me about but also the hugs guy and the rapper who does the hack all the things song.” 😂

    13 replies 19 proslijeđenih tweetova 235 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  12. proslijedio/la je Tweet
    11. srp 2019.

    Any members of the , , or teams interested in leading a session at the training day sept 25th? DM me.

    3 proslijeđena tweeta 5 korisnika označava da im se sviđa
    Poništi
  13. proslijedio/la je Tweet
    27. lip 2019.
    Odgovor korisnicima

    Ah the glorious is the ASVS lead and an amazing one, too! 😊

    1 reply 1 proslijeđeni tweet 2 korisnika označavaju da im se sviđa
    Poništi
  14. proslijedio/la je Tweet
    25. lip 2019.

    Interested in presenting at ? The Call for Paper is officially open! Submit your papers by Monday, August 19 to be considered. Learn more about the submittal process here:

    1 reply 18 proslijeđenih tweetova 37 korisnika označava da im se sviđa
    Poništi
  15. proslijedio/la je Tweet
    17. lip 2019.
    Odgovor korisniku/ci

    And if you are looking for an application security standard, consider the :)

    5 proslijeđenih tweetova 12 korisnika označava da im se sviđa
    Poništi
  16. proslijedio/la je Tweet
    27. svi 2019.

    First selfie of the week with and 🤗🤗🤗

    1 proslijeđeni tweet 18 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  17. proslijedio/la je Tweet
    28. svi 2019.

    Found some cool bugs in Firefox using behavioural fuzzing <!-[0x00]- ><div title="--><img src=1 onerror=alert(1)>"></div> <svg><script>&#x10fffe;alert&#x10fffe(1)&#x10fffe</script></svg>

    Blog post: Provoking browser quirks with behavioural fuzzing by
    167 proslijeđenih tweetova 356 korisnika označava da im se sviđa
    Poništi
  18. proslijedio/la je Tweet
    5. svi 2019.

    Senior Principal Consultant , will show us in Melbourne this Nov, how to get practical with the and . Automate security testing or be… made redundant!

    14 proslijeđenih tweetova 22 korisnika označavaju da im se sviđa
    Poništi
  19. proslijedio/la je Tweet
    7. svi 2019.

    Folks - please stop sending clear text passwords to users. It's really, really not okay. 4.0 V2.5.1 "Verify that a system generated initial activation or recovery secret is not sent in clear text to the user."

    Hmm, can't say I was expecting that. Strange for a partially hidden password - what's the point there?
    2 proslijeđena tweeta 12 korisnika označava da im se sviđa
    Poništi
  20. proslijedio/la je Tweet
    29. tra 2019.

    Creating a Secure SDLC is a process, not a project Creating a Secure SDLC is a process, not a project Creating a Secure SDLC is a process, not a project Creating a Secure SDLC is a process, not a project Creating a Secure SDLC is a process, not a project ...

    1 reply 1 proslijeđeni tweet 9 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi

@OWASP_ASVS još nije objavio nijedan Tweet.

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·