OWASP Annotated Application Security Verification Standard
latest

Browse by chapter:

  • 1 Architecture, Design and Threat Modeling
  • 2 Authentication
  • 3 Session Management
  • 4 Access Control
  • 5 Validation, Sanitization and Encoding
  • 6 Stored Cryptography
  • 7 Error Handling and Logging
  • 8 Data Protection
  • 9 Communications
  • 10 Malicious Code
  • 11 Business Logic
  • 12 Files and Resources
  • 13 API and Web Service
    • 13.1 Generic Web Service Security Verification Requirements
      • 13.1.1 All application components use the same encodings and parsers
      • 13.1.2 Access to administration and management functions is limited to authorized administrators
      • 13.1.3 API URLs do not expose sensitive information
      • 13.1.4 TODO
      • 13.1.5 TODO
    • 13.2 RESTful Web Service Verification Requirements
    • 13.3 SOAP Web Service Verification Requirements
    • 13.4 GraphQL and other Web Service Data Layer Security Requirements
  • 14 Configuration
OWASP Annotated Application Security Verification Standard
  • Docs »
  • 13 API and Web Service »
  • 13.1 Generic Web Service Security Verification Requirements

13.1 Generic Web Service Security Verification RequirementsΒΆ

Browse by item:

  • 13.1.1 All application components use the same encodings and parsers
  • 13.1.2 Access to administration and management functions is limited to authorized administrators
  • 13.1.3 API URLs do not expose sensitive information
  • 13.1.4 TODO
  • 13.1.5 TODO
Next Previous

© Copyright 2019 Wessel van der Linden Revision 63d1bede.

Built with Sphinx using a theme provided by Read the Docs.