ASVS Requirement 11.1.2

• Level: 2
• Chapter: V11 Cryptography
• Section: V11.1 Cryptographic Inventory and Documentation
• Source: 0x20-V11-Cryptography.md

Description

Verify that a cryptographic inventory is performed, maintained, regularly updated, and includes all cryptographic keys, algorithms, and certificates used by the application. It must also document where keys can and cannot be used in the system, and the types of data that can and cannot be protected using the keys.