OWASP (Open Web Application Security Project) is the international organization that defines security standards for web applications. OWASP Testing Guide and OWASP Top 10 are used by MICAN.ro for testing applications in Romania.
OWASP is a non-profit foundation dedicated to improving software security. OWASP Testing Guide is the most comprehensive web application security testing guide, covering all aspects: information gathering, configuration testing, authentication, session management, authorization, business logic, input validation, error handling, cryptography, API security. OWASP Top 10 lists the most critical web security risks updated periodically.
The MICAN.ro team follows OWASP Testing Guide v4.2 for all web security audits in Romania. We test each category in the guide: Information Gathering (11 tests), Configuration Testing (10 tests), Identity Management (10 tests), Authentication (10 tests), Authorization (4 tests), Session Management (9 tests), Input Validation (20 tests), Error Handling (2 tests), Cryptography (4 tests), Business Logic (9 tests), Client-Side (13 tests). Total: 102 test categories for complete coverage.
OWASP is the de facto standard in the web application security industry. OWASP Top 10 compliance is required by: PCI DSS (card payment standard), ISO 27001, GDPR, B2B contracts, cyber insurance. Companies in Romania that develop or operate web applications must demonstrate testing against OWASP Top 10. A MICAN.ro report based on OWASP is internationally recognized.