ASVS Requirement 7.2.2

• Level: 1
• Chapter: V7 Session Management
• Section: V7.2 Fundamental Session Management Security
• Source: 0x16-V7-Session-Management.md

Description

Verify that the application uses either self-contained or reference tokens that are dynamically generated for session management, i.e. not using static API secrets and keys.