Implement Requirement for Anomalous Behavior Detection #1979
Labels
2) Awaiting response
Awaiting a response from the original poster
_5.0 - prep
This needs to be addressed to prepare 5.0
Comments
|
We have something like this in business logic I think, can you take a look? |
tghosth
added
2) Awaiting response
|
Yea see https://github.com/OWASP/ASVS/blob/master/5.0/en/0x19-V11-BusLogic.md We already have 11.6.1. Is this good enough for you, @ImanSharaf ? 11.6.1 Verify the application has a capability to detect and respond to anomalous activity within its business logic, including the ability to alert administrators when such activity occurs. |
|
Are we ok to close this issue? |
|
Awesome! |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
During the course of application operations, it is crucial to identify and respond to anomalous behavior that could indicate security threats or system malfunctions. Currently, the ASVS does not explicitly cover the need for implementing codes designed to detect such behaviors.
Requirement:
The application must incorporate a system to detect and alert on anomalous behaviors. This system should monitor user activities and system operations, utilizing models or rules to differentiate between normal and abnormal behaviors, and promptly notify designated persons through real-time alerts.The text was updated successfully, but these errors were encountered: