Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add ASVS final countdown blog #324

Draft
wants to merge 2 commits into
base: main
Choose a base branch
from
Draft

Add ASVS final countdown blog #324

Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
9b1a43e
Add ASVS final countdown blog
tghosth Oct 13, 2024
39d42c5
Add link to guiding principles
tghosth Oct 13, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
61 changes: 61 additions & 0 deletions _posts/2024-10-14-asvs-final-countdown.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,61 @@
---

date: 2024-10-13 00:00:00-0100
categories: blog
author: Josh Grossman
author_image: /assets/images/people/josh_grossman_headshot.jpg
layout: blogpost
title: ASVS 5.0 - The Final Countdown
excerpt_separator: <!--more-->

---

![Our new banner](/assets/images/posts/asvsmeetup/OWASP_ASVS_Linkedin_Banner-01.jpg){:style="max-width:800px;float:left;"}
<BR CLEAR="left">

## Introduction

We are on the final countdown to the release of the [OWASP Application Security Verification Standard (ASVS)](https://asvs.owasp.org) version 5.0!

The ASVS leaders and several other contributors will be meeting at the [OWASP Project Summit](https://owaspprojectsummit.org/) in November to pull together a release candidate of the updated requirements for ASVS 5.0.

This will be a major release with a lot of changes to bring the ASVS up to date and make it more usable. See [here for more information on the guiding principles of the new release](https://github.com/OWASP/ASVS/wiki/Roadmap-to-version-5.0#key-objectives).

Over the next couple of weeks, we will be announcing that certain chapters are ready for public review and we would welcome your input.

<!--more-->
## We need your help

Please look out for Social Media and Slack announcements over the next couple of weeks about chapters that are ready for review.

At this stage, we are looking for comments on aspects that will be finalised during the project summmit, see below.

Following the project summit, we will be seeking feedback on a more final draft of the standard with the aim of releasing the final version by the end of the year.

### What will be finalised during the Project Summit

We will be actively seeking review comments on these items in advance of and during the summit.

* Requirement wording
* Requirement location (chapter and section)
* Chapter text
* Level definitions. See the discussions [here](https://github.com/OWASP/ASVS/discussions/1839).

### What will remain afterwards

We will be actively seeking review comments on these items after the summit.

* Renumbering (including chapter numbering)
* Setting levels.
* Changing the [current change tagging](https://github.com/OWASP/ASVS/blob/master/CONTRIBUTING.md#standard-for-changes) into a separate change log.
* Mapping to OWASP CRE.
* Introductory text separate to the chapters
* The appendix sections.

### Stay in contact

Make sure you hear about chapter draft releases and stay in touch via our social media channels and website:

* Website: <https://asvs.owasp.org>
* Twitter: <https://twitter.com/OWASP_ASVS>
* LinkedIn: <https://www.linkedin.com/company/owasp-asvs/>