Keycloak + OWasp ASVS

Lars.Kuehl · August 23, 2022, 11:39am

Hi,
I 'm currently evaluating our application against OWasp ASVS Level 1 (GitHub - OWASP/ASVS: Application Security Verification Standard).
So I have to verify requirements for keycloak.
My Question is: Was it already done and you can give me a hint where I can find it
or should I try it to do it and post it here for a review ?
Or is there something like that already.

At the end there would be a document which would help anybody to see what keycloak does for ASVS and what is in control of applications which use keycloak as IAM.

Best regards
Lars

oscarGomes86 · March 10, 2023, 6:14am

@Lars.Kuehl , were you able to get this done?

andreagalle · April 19, 2023, 9:38am

Is there the possibility to have this document for Keycloak?

ThorHenn · June 6, 2024, 10:51am

I would also be interested to see the document mentioned if it has been created.
brg,
Thor

Topic		Replies	Views
Port keycloak on Wesphere application Tips and tricks	0	336	September 16, 2022
Questions for my bachelor thesis Getting advice	10	857	May 14, 2021
About the Securing applications category Securing applications	0	273	August 23, 2019
SSO for IBM WebSphere Application Server based Application	1	1149	January 2, 2021
Intégrer Keycloak dans une application asp.net Webform en C#	3	1533	March 8, 2021

Keycloak + OWasp ASVS

Related topics