A security analyst is assessing a new y developed web application by testing SQL injection, CSRF, and XML
injection. Which of the follow ng frameworks should the analyst consider?
A. ISO
B. MITRE ATT&CK
C. OWASP
D. NIST
injection. Which of the follow ng frameworks should the analyst consider?
A. ISO
B. MITRE ATT&CK
C. OWASP
D. NIST