Young hacker smiling

We hack your software

zero false positives

Expert intelligence + Specialized technology
DXST - SAST - IAST - SCA - DevSecOps
White Box - Gray Box - Black Box
Attacking Web Applications, APIs, Mobile Apps
Client-Server, Servers, Networks, IoT Devices
ICS: Industrial Control System

REQ.234 Protect authentication credentials

This document contains the details of the security requirements related to the definition and management of authentication process in the organization. This requirement establishes the importance of protecting credentials with critical business information under custody of two users.

Requirement

Credentials for system authentication with critical business information must be guarded by two authorized users.

References

  1. OWASP-ASVS v3.1-4.4 Verify that access to sensitive records is protected, such that only authorized objects or data is accessible to each user (for example, protect against users tampering with a parameter to see or alter another user’s account).


Service status - Terms of Use