The DASVS project has independently identified the same ASVS gap we did. They also took a practical approach by creating controls that are testable in real world scenarios.
Assuming their license is compatible, I propose we consider incorporating any missing items from their work into our project. We should ensure full attribution to their team and, ideally, collaborate with them by inviting a PR from their side into our repository.
This approach would allow us to integrate their contributions alongside our planned updates. We can then use this as a foundation for a broader overhaul next year to align with ASVS v5: #17
The DASVS project has independently identified the same ASVS gap we did. They also took a practical approach by creating controls that are testable in real world scenarios.
Assuming their license is compatible, I propose we consider incorporating any missing items from their work into our project. We should ensure full attribution to their team and, ideally, collaborate with them by inviting a PR from their side into our repository.
This approach would allow us to integrate their contributions alongside our planned updates. We can then use this as a foundation for a broader overhaul next year to align with ASVS v5: #17