Secure by Design - Digital Service Standards¶
Application Security Standards¶
The DfE Application Security Standards are a set of standards that closely align to the OWASP ASVS standards and can be used to help digital services to build their applications securely while complying with DfE and CDDO Secure by Design policy.
The implementation of application security controls should be via common open source libraries, patterns and standards.
Ensuring that protections are reusable, easy to implement, and open for discussion is important and aligns with UKG service standards.
These standards are closely based on the Open Worldwide Application Security Project (OWASP) - Application Security Verification Standard (ASVS).