And the new sections that make me giddy (and i mean that):
V1 Encoding & Sanitization - Because AI is eating the world and data validation just got CRITICAL, because hell lets just use MCP to do shit without any validating yeah?
V10 OAuth & OIDC - Modern auth done right (thanks to all who pushed for this!)
V11 Cryptography - A complete rewrite that @largecardinal.bsky.social , Gabriel Corona (randomstuff) and the crypto crew absolutely nailed
Replies
-
There's so many changes, so if you are keen, have a look at the repo github.com/OWASP/ASVS/t...
ASVS/5.0/en at master ยท OWASP/ASVS
Application Security Verification Standard. Contribute to OWASP/ASVS development by creating an account on GitHub.
