11. OWASP ASVS: The Go-To Standard for Application Security w/ Daniel Cuthbert

Your application is probably vulnerable. 

“But how?! We hired a company to pen test our application.

They did a thorough test against the OWASP top 10!” 

On this episode of the Virtual CISO podcast, we talk with Daniel Cuthbert. He's one of the premier authors of the OWASP ASVS, and he says OWASP Top 10 is not enough.

We chat about:

• Why the ASVS is so important
• Why we shouldn’t be putting all our faith in the OWASP top 10 (only)
• How to incorporate threat modelling into your assessments and your ASVS test

To hear this episode, and many more like it, you can subscribe to The Virtual CISO Podcast here.

If you don’t use Apple Podcasts, you can find all our episodes here.