Name: Introducing the 5.0 release of the ASVS
Start: 2025-05-30T11:30:00+0200
End: 2025-05-30T12:15:00+0200

Friday May 30, 2025 11:30am - 12:15pm CEST

Formally announcing v5.0 of the Application Security Verification Standard (ASVS), the first major release in five years of one of OWASP’s flagship projects. But the project has not been sitting idle for years, it has been under development the entire time.

This talk will cover the big changes and improvements in this recently released version.

This includes:
- Defining and clarifying the scope of the ASVS, and expectations for requirements.
- Mandating documented security decisions to provide some flexibility on implementing and verifying security requirements, to match the differences between organizations and applications.
- Adding several new chapters and making important changes to existing chapters.
- Providing a two-way mapping to make it easier to migrate from v4.x to v5.
- Balancing the levels and reducing the barrier to entry into Level 1.

We will also talk about how you can use the standard more effectively in your organizations, the future plans for ASVS now that version 5.0 is out, and how you can be involved.

It’s time to move forward - start using ASVS v5.0 and come on board to develop it further.

Speakers

Elar Lang

OWASP ASVS co-lead, Pentester/researcher/lecturer at Clarified Security, Clarified Security

Elar Lang is a web application security specialist and enthusiast who has been working for more than 13 years in different aspects of web application security. A full-time security tester, training architect, and web application security developer educator (close to 3000 hours of... Read More →

Friday May 30, 2025 11:30am - 12:15pm CEST
Room 116+117 CCIB

Breakout: Builder Track

Audience Beginner

OWASP 2025 Global AppSec EU

Elar Lang

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!