Using The MASVS - Githubissues

OWASP / owasp-masvs

The OWASP MASVS (Mobile Application Security Verification Standard) is the industry standard for mobile app security.

https://mas.owasp.org/

Creative Commons Attribution Share Alike 4.0 International

2.01k stars 431 forks source link

Using The MASVS #30

Closed ghost closed 7 years ago

ghost commented 7 years ago

https://github.com/OWASP/owasp-masvs/edit/master/Document/0x03-Using_the_MASVS.md#L46

"Most attackers are looking for sensitive data that can be used to directly or indirectly profit from to include personally identifiable information and payment data"

This sentence doesn't make sense to me.

sushi2k commented 7 years ago

I think the structure of the sentence is just a bit confusing, but has a valid and good point. What do you think about this:

"Most attackers are looking for sensitive data like personally identifiable information (PII) and payment data, that can be used to directly or indirectly profit them."

ghost commented 7 years ago

agreed, better phrase.

muellerberndt commented 7 years ago

Updated to:

"Most attackers are looking for sensitive data like personally identifiable information (PII) and payment data that can be used for financial gain."