OWASP ASVS Level 3
ASVS Level 3 Advanced critical apps.
Definition
ASVS Level 3 covers L1 + L2 + Advanced controls: V8 Data Protection cryptography requirements, V9 Communication Security strong TLS, V10 Malicious Code anti-tampering, V14 Configuration hardening, V16 secure logging. Audit requires 280+ verified controls vs 165 for L2.
Origin
OWASP Foundation, ASVS v1 2008, v4.0.3 2021, v5.0 draft 2024.
Usage
Banking healthcare, gov, military, critical fintech. Assists PCI DSS and SOC 2 Confidentiality compliance.
Related terms
- OWASP ASVS — fiche socle.
- OWASP — organisation parent.
- Secure coding practices — pratique implémentation.