DID YOU KNOW? The @owasp ASVS GitHub repo has specific issues looking for wider community input.

Filter the issues list by the "Community Wanted"/"Community Needed" labels to see these and provide your feedback and input. We need your help!

Link here 🙂:
https://github.com/OWASP/ASVS/issues?page=2&q=is%3Aopen+label%3A%22Community+wanted%22%2C%22Community+needed%22+label%3A%225.0+-+prep%22

@manicode @Dcuthbert @vanderaj @elarlang

Interesting program related to OWASP (M)ASVS projects from Google.

Those involved in #AppSec (especially with mobile apps in the @GooglePlay store or working with Google APIs) should read these links carefully:

https://security.googleblog.com/2022/12/app-defense-alliance-expansion.html
https://appdefensealliance.dev/

@Dcuthbert @manicode @elarlang@twitter.com @vanderaj

@adamshostack no.

From my experience all software developers are now security engineers wether they know it, admit to it or do it. Your code is now the security of the org you work for. #GoldenAgeOfDefense

@axleyjc yup, sender constrained tokens where the client id and client secret is also required in addition to the access token for resource access!

@katyanton woot!

@schmidt hello and happy to be here!

From my experience all software developers are now security engineers wether they know it, admit to it or do it. Your code is now the security of the org you work for. #GoldenAgeOfDefense