| Track: | OWASP MSTG |
|---|---|
| When: | Mon Eve-1,Eve-2 |
| Where: | Sessions 1 |
| Organizers | Jeroen Beckers Jeroen Beckers |
| Participants | Sven Schleier Sven Schleier , Jeroen Willemsen Jeroen Willemsen , Carlos Holguera Carlos Holguera |
Welcome to the OWASP MASVS session!
Why
The MASVS has served as a great basis for the MSTG in terms of providing the right requirements. It has been translated to multiple languages and has been embraced by many parties as a source for security requirements for mobile applications. In order to support the MASVS and allow for easier integration in the SDLC, we have a set of tasks left, which are summarized in milestone 1.1.4 of the project. Note: we do not want to come up with new requirements yet as we rather first try to get the MSTG in sync.
What
In this working session, we want to focus on issues identified in the 1.1.4 milestone of the MASVS. Which you can find at Github. Think of a variety of issues, such as:
- Fix the Markdown issues
- Make sure we have the same code of conduct and contribution guide as the MSTG
If you are keen in doing some coding, you can help out with the following:
The tickets for this working session will cover these topics and contribute to increasing the value, readability and extensability of the MASVS. Which in turn will make it easier to extend it across all languages.
Who
The target audience for this Working Session is:
- anyone who wants to help out improving the quality of an OWASP project and
- anybody interest in mobile security.
From experts to beginners. Anybody who is passionate about app mobile security and loves to continuously learn and enjoys sharing knowledge.
What do you need to bring with you?
Minimum required: a laptop :)
The MASVS is hosted in GitHub and can easily be edited by anyone, just a Github account is needed and knowledge on how to create a pull request.
Outcomes
Hopefully a better (en)coded MASVS! And milestone 1.1.4!
References
Register as participant
To register as participant add Mobile AppSec Verification Standard (MASVS) (Evening) to either:
- the
sessionsmetadata field from your participant's page (find your participant page and look for the edit link). - or the
participantsmetadata field from this git session page
Back to list of all Working Sessions