-
It should be merged in one item.
IMO it should be inside Impede Comprehension
-
The item 4.6 has the following recommendation:
"The remote endpoint implements an exponential back-off, or temporarily locks the user account, when incorrect authentication credentials are submitte…
-
In some places the references to MASVS requirements became incorrect, probably because the MASVS documents were changed. I have identified the following places (using [this script](https://github.com/…
Sjord updated
7 years ago
-
One important topic that has not been covered is the use of security providers and the patching of some of them.
For instance:
- there are various versions of "altered" bouncey-castles delivered wit…
-
Section lacks content. Add description of the OWASP Top 10, and how it maps to the MASVS / MSTG.
https://github.com/OWASP/owasp-mstg/blob/master/Document/0x03-Overview.md#mobile-application-threats
-
Both 0x5j and 0x5h contain a "Testing Root Detection" section. Should we remove one of them? Or rename one of them? Change the purpose of one?
-
There are two requirements regarding jailbroken devices:
* [6.9](https://github.com/OWASP/owasp-masvs/blob/master/Document/0x11-V6-Interaction_with_the_environment.md): The app detects whether it i…
Sjord updated
6 years ago
-
-
There seems to be a typo in [8.2](https://github.com/OWASP/owasp-masvs/blob/master/Document/0x15-V8-Resiliency_Against_Reverse_Engineering_Requirements.md):
> 8.2: The app implements prevents debu…
Sjord updated
7 years ago
-
Some documents have a "References" section with an "Info" subsection. I think "Info" is not really a good section header. First of all, info is short for information, and we should at least write the …
Sjord updated
6 years ago