OWASP Annotated Application Security Verification Standard
latest
Browse by chapter:
1 Architecture, Design and Threat Modeling
2 Authentication
3 Session Management
4 Access Control
5 Validation, Sanitization and Encoding
6 Stored Cryptography
7 Error Handling and Logging
8 Data Protection
9 Communications
10 Malicious Code
11 Business Logic
12 Files and Resources
13 API and Web Service
13.1 Generic Web Service Security Verification Requirements
13.1.1 All application components use the same encodings and parsers
13.1.2 Access to administration and management functions is limited to authorized administrators
13.1.3 API URLs do not expose sensitive information
13.1.4 TODO
13.1.5 TODO
13.2 RESTful Web Service Verification Requirements
13.3 SOAP Web Service Verification Requirements
13.4 GraphQL and other Web Service Data Layer Security Requirements
14 Configuration
OWASP Annotated Application Security Verification Standard
Docs
»
13 API and Web Service
»
13.1 Generic Web Service Security Verification Requirements
13.1 Generic Web Service Security Verification Requirements
ΒΆ
Browse by item:
13.1.1 All application components use the same encodings and parsers
13.1.2 Access to administration and management functions is limited to authorized administrators
13.1.3 API URLs do not expose sensitive information
13.1.4 TODO
13.1.5 TODO