MASVS-CODE
Checklists Updated (June 2025)
The checklists now include all MASTG tests, as well as updated mappings to the new MAS profiles.
| MASVS-ID | MASTG-TEST-ID | Control / MASTG Test | Platform | L1 | L2 | R | P | Status |
|---|---|---|---|---|---|---|---|---|
| MASVS-CODE-1 | The app requires an up-to-date platform version. | |||||||
| MASVS-CODE-2 | The app has a mechanism for enforcing app updates. | |||||||
| MASTG-TEST-0036 | Testing Enforced Updating | |||||||
| MASTG-TEST-0080 | Testing Enforced Updating | |||||||
| MASVS-CODE-3 | The app only uses software components without known vulnerabilities. | |||||||
| MASTG-TEST-0042 | Checking for Weaknesses in Third Party Libraries | |||||||
| MASTG-TEST-0085 | Checking for Weaknesses in Third Party Libraries | |||||||
| MASVS-CODE-4 | The app validates and sanitizes all untrusted inputs. | |||||||
| MASTG-TEST-0034 | Testing Object Persistence | |||||||
| MASTG-TEST-0026 | Testing Implicit Intents | |||||||
| MASTG-TEST-0002 | Testing Local Storage for Input Validation | |||||||
| MASTG-TEST-0027 | Testing for URL Loading in WebViews | |||||||
| MASTG-TEST-0044 | Make Sure That Free Security Features Are Activated | |||||||
| MASTG-TEST-0025 | Testing for Injection Flaws | |||||||
| MASTG-TEST-0043 | Memory Corruption Bugs | |||||||
| MASTG-TEST-0086 | Memory Corruption Bugs | |||||||
| MASTG-TEST-0087 | Make Sure That Free Security Features Are Activated | |||||||
| MASTG-TEST-0079 | Testing Object Persistence |