OWASP Scanning
What is OWASP Scanning?
The purpose of OWASP (Open Web Application Security Project) Scanning is to test your website against the most common vulnerabilities.
It is important to make sure your website is protected against these vulnerabilities. OWASP Tests are automated scans that scan your website against the vulnerabilities, and lets you know where your website stands.
The Top 10 vulnerabilities are chosen from security experts all over the world.
“OWASP refers to the Top 10 as an ‘awareness document’ and recommends that all organisations incorporate the report into their processes in order to mitigate security risks. One thing to remember, it is not a standard. Organisations can define the matrix based on their own environment. This also means that it’s not just OWASP who defines Top10 but takes data from so many people, organisations and then opens it up for us to post the feedback. Analysis is very interesting and actually got Top 10 a total of forty-three CWE.” – owasp.org
Click here to watch the video on the OWASP Spotlight series
CyberSecure Canada Certification
Did you know that OWASP Scanning is part of the CyberSecure Canada Certification requirements?
To pass the “Secure Websites” security control, your organization must test your website against the OWASP Top 10 vulnerabilities, and provide documentation demonstrating that your organization understands the ASVS levels and which level would apply to your organization’s websites.