Which OWASP ASVS level is right for your application?
ASVS Level 2 is considered the ‘standard’ security level an application should achieve and ensures that the application under consideration defends against most of the risks associated with software today.
This level should be the baseline for any application that processes sensitive data, such as healthcare data, handles significant business to business transactions or interacts with any critical assets or processes.
This is the highest level within the ASVS and should be considered for critical applications that require a significant levels of security verification, for example those used within national infrastructure, related to physical health and safety or within military operations.
You may also wish to consider Level 3 if applications perform critical functions, or where the failure of an application could result in a significant impact to your organisation’s operations, or even its ability to survive.
Our OWASP ASVS testing services
OWASP ASVS Level 1 requirements are checked as part of our penetration testing methodology (where appropriate). However, a standard penetration test report lacks the comprehensive information needed to truly satisfy ASVS Level 1.
Where clients require documented evidence for ASVS Level 1 verification, we can perform a web application ASVS penetration test. This follows the same testing methodology as before but in addition to a standard report it also includes documentation on the full scope of the test, a completed verification checklist, test results outlined by ASVS (both passed and failed) and gives clear indications to how failed tests are to be resolved.
Level 2 & 3
Why choose us
Our ASVS testing services are designed to support your overall information security efforts. It’s this support that truly sets us apart and whether it’s your first test, or you’ve conducted hundreds, our team are dedicated to making the process as seamless as possible, to pass on their wealth of expertise and to deliver long-term value to you and your organisation.
Want to find out more about our OWASP ASVS reporting? Our team are on hand to provide you with the information and support you need. Just fill out the form below and one of our team will be in touch shortly.
Our latest research
Our Labs page is the place to discover our latest research, advisories, tool releases and challenges.
Looking to improve your security? Our insights are a great place to start.