OWASP MASVS
OWASP MASVS sécurité mobile apps L1 / L2.
Définition
MASVS 2.0 7 categories : MASVS-STORAGE (data storage and privacy), MASVS-CRYPTO (cryptography), MASVS-AUTH (authentication and session management), MASVS-NETWORK (network communication), MASVS-PLATFORM (platform interaction), MASVS-CODE (code quality and build setting), MASVS-RESILIENCE (anti-reverse-engineering, anti-tampering). Complémentaire OWASP MASTG (Mobile Security Testing Guide).
Origine
OWASP Mobile Project, v1.0 2016, v2.0 mars 2023 (Sven Schleier, Carlos Holguera coordinators).
Usage
Standard banking apps mobile (fintech, neobanks), healthcare apps mobile, government mobile apps.
Termes liés
- OWASP ASVS — pendant web.
- OWASP Mobile Top 10 — risques principaux.
- MASTG — guide testing.