IoT-Security-Verification-Standard-ISVS Add info on how to deal with non conformities in "using the ISVS" chapter

Add info on how to deal with non conformities in "using the ISVS" chapter

Open cbassem opened this issue 4 years ago • 1 comments

The ISVS currently does not address that not implementing a security control and/or accepting a failed security control/vulnerability is a effort vs risk based decision. We could add something to the using the ISVS chapter.

Feb 15 '21 21:02 cbassem

Similar topic mentioned in in https://github.com/OWASP/IoT-Security-Verification-Standard-ISVS/issues/66#issuecomment-785877641

Mar 12 '21 01:03 scriptingxss

IoT-Security-Verification-Standard-ISVS IoT-Security-Verification-Standard-ISVS copied to clipboard

Add info on how to deal with non conformities in "using the ISVS" chapter

IoT-Security-Verification-Standard-ISVS
IoT-Security-Verification-Standard-ISVS copied to clipboard