ASVS Requirement 12.3.1

• Level: 2
• Chapter: V12 Secure Communication
• Section: V12.3 General Service to Service Communication Security
• Source: 0x21-V12-Secure-Communication.md

Description

Verify that an encrypted protocol such as TLS is used for all inbound and outbound connections to and from the application, including monitoring systems, management tools, remote access and SSH, middleware, databases, mainframes, partner systems, or external APIs. The server must not fall back to insecure or unencrypted protocols.