OWASP MASVS
OWASP MASVS mobile app security L1 / L2.
Definition
MASVS 2.0 7 categories: MASVS-STORAGE (data storage and privacy), MASVS-CRYPTO (cryptography), MASVS-AUTH (authentication and session management), MASVS-NETWORK (network communication), MASVS-PLATFORM (platform interaction), MASVS-CODE (code quality and build setting), MASVS-RESILIENCE (anti-reverse-engineering, anti-tampering). Complementary to OWASP MASTG (Mobile Security Testing Guide).
Origin
OWASP Mobile Project, v1.0 2016, v2.0 March 2023 (Sven Schleier, Carlos Holguera coordinators).
Usage
Mobile banking apps standard (fintech, neobanks), mobile healthcare apps, government mobile apps.
Related terms
- OWASP ASVS — pendant web.
- OWASP Mobile Top 10 — risques principaux.
- MASTG — guide testing.