Mobile AppSec Verification Standard (MASVS)

Track: Mobile Security
Organizers Jeroen Willemsen Jeroen Willemsen , Sven Schleier
Participants Sven Schleier , Paulino Calderon Paulino Calderon

Welcome to the OWASP MASVS session!


As part of the MSTG project we created the MASVS as a standard to establish baseline security requirements for mobile apps. In this working session we will go through the open issues in Github for milestone 1.1.4 and try to resolve and close as many as possible to come to a clean state. The reason we do not want to come up with new requirements yet in a focused session, is because we rather first try to get the MSTG in sync, before we create a lot of new requirements.


In this working session, we want to focus on issues identified in the 1.1.4 milestone of the MASVS. Which you can find at Github. Think of a variety of issues, such as:

If you are keen in doing some coding, you can help out with the following:

The tickets for this working session will cover these topics and contribute to increasing the value, readability and extensability of the MASVS. Which in turn will make it easier to extend it across all languages.


The target audience for this Working Session is:

  • anyone who wants to help out improving the quality of an OWASP project and
  • anybody interest in mobile security.

From experts to beginners. Anybody who is passionate about app mobile security and loves to continuously learn and enjoys sharing knowledge.

What do you need to bring with you?

Minimum required: a laptop :)

The MASVS is hosted in GitHub and can easily be edited by anyone, just a Github account is needed and knowledge on how to create a pull request.


Hopefully a better (en)coded MASVS! And milestone 1.1.4!


Register as participant

To register as participant add Mobile AppSec Verification Standard (MASVS) to either:

  1. the sessions metadata field from your participant's page (find your participant page and look for the edit link).
  2. or the participants metadata field from this git session page

Back to list of all Working Sessions