search

OWASP / owasp-masvs

The OWASP MASVS (Mobile Application Security Verification Standard) is the industry standard for mobile app security.
https://mas.owasp.org/
Creative Commons Attribution Share Alike 4.0 International
2.01k stars 431 forks source link

Assessment and Certification feedback #73

Closed cybercybercyber closed 7 years ago

cybercybercyber commented 7 years ago

line 13: "The Mobile Application Security Verification Standard can be used as an open book verification of a mobile app". Not sure I'm parsing the sentence correctly, but maybe it would be clearer to say something like: "It is suggested that to verify compliance of a mobile app with this standard, an open book review is performed, which provides the testers with open and [...]"

line 15: MASVS V1 is mentioned for the first time here, which confused me a bit (I was wondering if you meant MASVS L1). Only when I looked back at the directory index I realized that the standard is split into different chapters that are numbered Vx. It might be worth to include in the "how to use MASVS" section a paragraph that describes how MASVS is structured.

line 28: Huge +1 to requiring manual tests :)

muellerberndt commented 7 years ago

Corrected line 13 and added a "document structure" paragraph.