Skip to content

Commit

Permalink
Change to singular to resolve: https://github.com/OWASP/ASVS/pull/181…
Browse files Browse the repository at this point in the history 
…9/files#r1458467542
  • Loading branch information
@tghosth
tghosth committed Jan 24, 2024
1 parent e7697df commit 70c2a79
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion 5.0/en/0x12-V3-Session-management.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,7 @@ As previously noted, these requirements have been adapted to be a compliant subs

TLS or another secure transport channel is mandatory for session management. This is covered in the Communications Security chapter.

## V3.3 Session Timeouts
## V3.3 Session Timeout

Session timeouts have been aligned with NIST SP 800-63, which permits much longer session timeouts than traditionally permitted by security standards. Organizations should review the table below, and if a longer time out is desirable based on the application's risk, the NIST value should be the upper bounds of session idle timeouts.

Expand Down

0 comments on commit 70c2a79

Please sign in to comment.