CREST and OWASP Partner on Verification Standard Program

Cybersecurity-focussed non-profit CREST has partnered up with the Open Web Application Security Project (OWASP) to release the OWASP Verification Standard (OVS).

The move aims to provide mobile and web app developers with enhanced security assurance and accredited organizations with improved access to the app development industry.

"Both CREST and OWASP are non-profit organizations and we share a vision of increasing collaboration and open standards across the industry to build and maintain global cyber security standards," commented CREST president Rowland Johnson.

From a technical standpoint, CREST OVS exists to assess an organization's ability to execute and deliver assessments related to both Level 1 and Level 2 of the OWASP Application Security Verification Standard (ASVS) and OWASP Mobile Application Security Verification Standard (MASVS).

"This is a positive move for worldwide corporate and government adoption of the ASVS and MASVS projects,” said Andrew van der Stock, executive director of the OWASP Foundation.

“While the OWASP Top 10 risks project has built vital awareness of the importance of application security, I am excited to see the move towards using standards such as ASVS and MASVS to help organizations improve their application security in a structured and comprehensive way."

For context, both initiatives have been developed by the technical AppSec community to create an open-source framework of security requirements for mobile and web applications.

Now, with CREST OVS, the organizations are establishing new standards in application security to provide the buyers of application security assessment services with the highest level of assurance.

"The program has a series of explicit requirements that are designed to assess and harness the capabilities of an organization, along with the skills and competencies of its individual security testers," Johnson concluded.

A full list of requisites for the program and details on how to apply are available on CREST’s website.

The publication of the new standard comes roughly a year after CREST appointed Johnson as its new President.

CREST and OWASP Partner on Verification Standard Program

Alessandro Mascellino

You may also like

OWASP Sting: How Education Can Take the Bite out of Common Vulnerabilities

Study Reveals Top Vulnerabilities in Corporate Web Applications

Interview: Gemma Moore, Cyberis

New Testing Framework Set to Boost Banks' Cyber Defences

What the OWASP Top 10 for LLMs Means for the Future of AI Security

What’s hot on Infosecurity Magazine?

Alarming Decline in Cybersecurity Job Postings in the US

CrushFTP File Transfer Vulnerability Lets Attackers Download System Files

MITRE Reveals Ivanti Breach By Nation State Actor

How to Backup and Restore Database in SQL Server

Russia's Sandworm Upgraded to APT44 by Google's Mandiant

Massive Brute-Force Attack on Alibaba Affects Millions

Cybersecurity Pros Urge US Congress to Help NIST Restore NVD Operation

North Korean Group Kimsuky Exploits DMARC and Web Beacons

Report Suggests 93% of Breaches Lead to Downtime and Data Loss

US Government and OpenSSF Partner on New SBOM Management Tool

NIST Unveils New Consortium to Operate National Vulnerability Database

EU Elections: Pro-Russian Propaganda Exploits Meta's Failure to Moderate Political Ads

Incident Response: Four Key Cybersecurity Measures to Protect Your Business

Is MFA Enough? Strategies for Next-Level Identity Security in 2024

Disinformation Defense: Protecting Businesses from the New Wave of AI-Powered Cyber Threats

Navigating the Evolving Cybersecurity Compliance Landscape in 2024

Adapting to Tomorrow's Threat Landscape: AI's Role in Cybersecurity and Security Operations in 2024

Untangling the Web: Navigating Third-Party Risk in a Hyperconnected World

Infosecurity Magazine Spring Online Summit 2024: Day One

Infosecurity Magazine Spring Online Summit 2024: Day Two

Russia’s Midnight Blizzard Accesses Microsoft Source Code

I-Soon GitHub Leak: What Cyber Experts Learned About Chinese Cyber Espionage

LockBit Takedown: What You Need to Know about Operation Cronos

Women in Cybersecurity at Infosecurity Europe 2024

CREST and OWASP Partner on Verification Standard Program

Written by

You may also like

What’s hot on Infosecurity Magazine?