
OWASP Application Security Verification Standard (ASVS)
Over the years, we’ve had multiple clients come to us and mention that they had a previous “penetration test” or “vulnerability assessment” performed only to receive a report containing only vulnerability scanner results, like OpenVas or Nessus.
While those reports are undoubtedly useful, they don’t replace the depth and coverage that a high-quality penetration test or vulnerability assessment provides.
To help standardize application security testing, OWASP has created a standard called ASVS (Application Security Verification Standard).