Software Security Requirements with the ASVS

Understanding how to better use this OWASP Flagship project

Security incidents due to software bugs are featuring more prominently in mainstream news with each passing year. However, if you are in a software engineering, architecture, or product management role, this may be a specialist area where you have less familiarity.

This training course is designed to provide you with a deep dive into how to design secure software including the mindset and approach for balancing the needs of security with practicality.

You will go beyond the standard OWASP Top 10 to discuss a wider range of issues, using the comprehensive OWASP Application Security Verification Standard (ASVS) as a baseline to understand the requirements for secure software over a variety of key areas.

For each area, there will be an in-depth table-top exercise where you take turns in using what you have learnt to either secure a sample application architecture or attempt to attack it in a red team vs blue team style.

You will also learn how the ASVS can be customized and best suited to your use-case and not only the theoretical solutions but also practical options which are common in the industry for providing software security mechanisms.

Let's speak about this!

Back to Our Training