Users.md

Users applying the MASVS and MSTG

Companies

Currently the MASVS and MSTG are used by at least the following companies:

• 7asecurity
• Brewsec
• Briskinfosec Technology and Consulting Pvt Ltd
• Citadelo
• Comsec
• continuumsecurity
• Cyber Ninjas
• ESCRYPT GmbH
• FH Münster - University of applied sciences
• Genexus & Genexus Consulting
• Hackenproof
• Infosec
• Lucideus Inc.
• Netguru
• NowSecure
• NVISO CVBA
• Randorisec
• Secarma
• SecuRing
• Stingray Technologies
• STM Solutions
• Toreon
• VantagePoint
• Vertical Structure
• Xebia

Note: the quality of the application of the MASVS/MSTG by these companies has not been vetted by the MSTG team. It is just an indicator of adoption reported publicly.

Standards, frameworks and guidelines recommending the MASVS and MSTG

Currently, the MASVS and MSTG are recommended by:

• Egov standards for India
• Finish Transport and Communication Agency (TRAFICOM) - Assessment guideline for electronic identification services (Draft)
• Mobile Initiated SEPA Credit Transfer Interoperability Implementation Guidelines, including SCT Instant (MSCT IIGs)
• Vetting the Security of Mobile Applications: NIST Publishes SP 800-163 Revision 1

Application in scientific research

• STAMBA: Security Testing for Android Mobile Banking Apps

Books

• Hands-On Security in DevOps

Call for Users

Are you actively using the MASVS or MSTG and want to be listed here? File an issue on GitHub, contact Sven Schleier (Slack: Sven) or Carlos Holguera (Slack: Carlos), or send an email to Sven or Carlos.