Josh Grossman

icon indicating a website link https://JoshCGrossman.com/

icon location InfoSec Consultant | Sometimes known as TGhostH | Based in Silicon Wadi | Cyber is an adjective | You wanna break it? You'd better know how to fix it!

Results 770 comments of Josh Grossman

2.10.3 looks like a repeat of V2.4 Credential Storage

We need to make all this clearer during the rework

2.10.3 looks like a repeat of V2.4 Credential Storage

Current situation: | # | Description | L1 | L2 | L3 | CWE | [NIST §](https://pages.nist.gov/800-63-3/sp800-63b.html) | | :---: | :--- | :---: | :---: | :---: | :---:...

2.10.3 looks like a repeat of V2.4 Credential Storage

> . o O ( can not see any proposal to review ) LOL you really do get every notification

Most recent artifacts

let's leave it for now. I think we need to think about this more.

Most recent artifacts

Could you try and prepare something like this @ike? Thanks!

Most recent artifacts

Hi @ike, any update on this?

Most recent artifacts

Hey @ike! Good to see you back! Let me know how it goes :)

3.5.2 doesn't seem like it is in context

Some more details: History: | # | Description | L1 | L2 | L3 | CWE | [NIST §](https://pages.nist.gov/800-63-3/sp800-63b.html) | | :---: | :--- | :---: | :---: | :---:...

3.5.2 doesn't seem like it is in context

There has been discussion of 2.10.1 at #1032

3.5.2 doesn't seem like it is in context

> 3.5.2 sounds more like it should either: > > 1. Be in section [2.10](https://github.com/OWASP/ASVS/blob/master/5.0/en/0x11-V2-Authentication.md#v210-service-authentication) where we discuss intra-service authentication > 2. It should be made more generic to be...