How to mapping OWASP Mobile Top 10 to CWE

OWASP / owasp-mastg

The Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes the technical processes for verifying the controls listed in the OWASP Mobile Application Security Verification Standard (MASVS).

https://mas.owasp.org/

Creative Commons Attribution Share Alike 4.0 International

11.44k stars 2.26k forks source link

How to mapping OWASP Mobile Top 10 to CWE #2648

Closed bernie6401 closed 5 days ago

bernie6401 commented 5 days ago

Dear Crew Staff I'm a researcher of mobile secuity. OWASP Mobile top 10 is the critical issue to solve and discuss so according to my research, I wonder if there is a mapping table that can help me to map owasp mobile top 10 and CWE or owasp top 10. I survey lots of document and nothing can solve my problem. Could anyone help me if the mapping table exist? Or the inner document can release privately. Thanks a lot.

cpholguera commented 5 days ago

Hi @bernie6401 the OWASP Mobile Top 10 is a separate project and not part of the OWASP MAS project.

This is the repo you're looking for, please post your question there so the mobile top 10 team can answer: https://github.com/OWASP/www-project-mobile-top-10

You can find more info and contacts in their project page here: https://owasp.org/www-project-mobile-top-10/