OWASP · mamicidal · Apr 9, 2025 · Oct 13, 2024 · Oct 13, 2024 · Apr 9, 2025
diff --git a/_posts/2025-04-09-asvs-rc1-review.md b/_posts/2025-04-09-asvs-rc1-review.md
@@ -0,0 +1,55 @@
+---
+
+date: 2025-04-09 00:00:00-0100
+categories: blog
+author: Josh Grossman
+author_image: /assets/images/people/josh_grossman_headshot.jpg
+layout: blogpost
+title: ASVS 5.0 RC1 is ready for your review!
+excerpt_separator: <!--more-->
+
+---
+
+![Our new banner](/assets/images/posts/asvsmeetup/OWASP_ASVS_Linkedin_Banner-01.jpg){:style="max-width:800px;float:left;"}
+<BR CLEAR="left">
+
+## Introduction
+
+We are on the final countdown to the release of the [OWASP Application Security Verification Standard (ASVS)](https://asvs.owasp.org) version 5.0!
+
+This will be a major release with a lot of changes to bring the ASVS up to date and make it more usable. See [here for more information on the guiding principles of the new release](https://github.com/OWASP/ASVS/wiki/Roadmap-to-version-5.0#key-objectives).
+
+We have now released a release candidate version of 5.0 and we are waiting for your feedback!
+
+<!--more-->
+
+## How can I help?
+
+Reading through the release candidate version of ASVS is a great place to start. We would strongly recommend that you use [the markdown version](https://github.com/OWASP/ASVS/tree/master/5.0/en) as we are constantly incorporating updates. There is also a [semi-official web based version](https://asvs.dev/v5.0.draft/0x00-Header/) (maintained by Elar, one of the project leaders) which is kept frequently updated.
+
+A few questions to ask yourself as you review the document:
+
+* If I was a developer or a security tester, would this requirement understandable to me?
+* Can I think of a way of improving front / chapter / section text to add clarity without adding unnecessary content.
+
+Please first log ideas, issues or questions here: <https://github.com/OWASP/ASVS/issues>. It’s helpful to share if you have any ideas or if you find any bugs or typos (but see the extra guidance below).
+
+We may subsequently ask you to open a pull request, <https://github.com/OWASP/ASVS/pulls>, based on the discussion in the issue, if you are willing to do so, or we do that ourselves if you prefer. 
+
+After familiarizing yourself with the current version and if you don't have additional questions or feedback, the next area to focus on is the "Issues" section. 
+
+The issues to focus on for RC1 are listed here:
+
+<https://github.com/OWASP/ASVS/issues?q=is%3Aissue%20state%3Aopen%20label%3A%22_5.0%20-%20rc1%22>
+
+## What's next
+
+Our very own Elar Lang, the key driving force behind version 5.0, will be presenting at [OWASP Global AppSec EU Barcelona](https://owasp.glueup.com/event/owasp-global-appsec-eu-2025-123983/) about the final 5.0 version so make sure you [check out his session there](https://owasp2025globalappseceu.sched.com/event/1whCc/introducing-the-50-release-of-the-asvs) in the builder track on Friday, 11:30am - 12:15pm. 
+
+## Stay in contact
+
+Make sure you hear about chapter draft releases and stay in touch via our social media channels and website:
+
+* Website: <https://asvs.owasp.org>
+* Twitter: <https://twitter.com/OWASP_ASVS>
+* LinkedIn: <https://www.linkedin.com/company/owasp-asvs/>