Josh Grossman

icon indicating a website link https://JoshCGrossman.com/

icon location InfoSec Consultant | Sometimes known as TGhostH | Based in Silicon Wadi | Cyber is an adjective | You wanna break it? You'd better know how to fix it!

Results 937 comments of Josh Grossman

Secure development environments

I think this is a good question which will really depend on the outcome of #1127

Secure development environments

In the meantime, @coderpatros what sort of requirements would you expect to see in relation to this?

Secure development environments

Note that I made another comment on https://github.com/OWASP/ASVS/issues/1127#issuecomment-1193352560

Discussion: Too much and/or sensitive information in (mostly API) responses

Which of the following problem options are we suggesting that this is: 1. An Authorization problem where the user is receiving data in the API that they should not have...

2.2.3

Hi @Sjord do you think you could prepare a PR for this?

2.2.3

Seems this was resolved by #1240

discussion/new requirement: inventory/documentation for "allow listed" sources and communications

@elarlang I like the concept of ensuring that these sorts of lists are explicitly documented and I agree that this sounds like a V1 control. Do you want to draft...

discussion/new requirement: inventory/documentation for "allow listed" sources and communications

@elarlang let me know if you are able to draft something :)

discussion/new requirement: inventory/documentation for "allow listed" sources and communications

@elarlang where are we with the original part of this issue, are you going to draft something?

Several Minor Typographical Errors in 4.0.3 and 5

Please see my question in the PR