ASVS Requirement 15.3.1

• Level: 1
• Chapter: V15 Secure Coding and Architecture
• Section: V15.3 Defensive Coding
• Source: 0x24-V15-Secure-Coding-and-Architecture.md

Description

Verify that the application only returns the required subset of fields from a data object. For example, it should not return an entire data object, as some individual fields should not be accessible to users.