OWASP ASVS Panjabi Translation — Review Hub
Your feedback matters. You do not need a GitHub account to review this translation. Read the content below, then email your feedback to gurvinder@securityleader.ai with the subject line "ASVS Panjabi Review". Even a single correction or suggestion is valuable.
What Is This?
The OWASP Application Security Verification Standard (ASVS) is the global benchmark for application security requirements — 350 requirements across 17 chapters that architects, developers, and security teams use to build and verify secure software.
This is the first-ever translation of ASVS into Panjabi (ਪੰਜਾਬੀ), reaching 130+ million speakers worldwide. The translation uses a bilingual format — English first, Panjabi (Gurmukhi script) immediately below — so readers can cross-reference for technical precision.
The translation is being submitted to the official OWASP ASVS repository as a proposed contribution (PR #3254 on GitHub).
What to Review
Eight bilingual chapters are ready for review, plus the glossary. Read them in any order:
| Document | What It Contains | Link |
|---|---|---|
| Title Page (ਮੁੱਖ ਪੰਨਾ) | Project credits, copyright, license, contributors | Read |
| Introduction (ਮੁਖਬੰਧ) | ASVS 5.0 introduction, principles, levels, scope | Read |
| Assessment & Certification (ਮੁਲਾਂਕਣ ਅਤੇ ਪ੍ਰਮਾਣੀਕਰਨ) | How ASVS is assessed and certified | Read |
| Changes from v4.x (v4.x ਤੋਂ ਤਬਦੀਲੀਆਂ) | What changed for users of ASVS 4.0 | Read |
| V5 File Handling (V5 ਫ਼ਾਈਲ ਪ੍ਰਬੰਧਨ) | File upload, storage, and download requirements | Read |
| V8 Authorization (V8 ਅਧਿਕਾਰੀਕਰਨ) | Access control and authorization requirements | Read |
| V9 Self-contained Tokens (V9 ਸਵੈ-ਨਿਰਭਰ ਟੋਕਨ) | JWT / self-contained token validation requirements | Read |
| V12 Secure Communication (V12 ਸੁਰੱਖਿਅਤ ਸੰਚਾਰ) | TLS and secure communication requirements | Read |
| Glossary (ਸ਼ਬਦਾਵਲੀ) | 70 security terms with Gurmukhi translations | Read |
Who Should Review
You do not need to be both a Panjabi speaker AND a security expert — either qualification helps:
- Panjabi speakers: Does the translation read naturally, or does it feel like a forced word-for-word conversion? Are there better Gurmukhi equivalents for any term?
- Security researchers: Is the English source meaning preserved? Do any translations introduce ambiguity that could affect a developer's implementation?
- Gurmukhi linguists: Any Devanagari script contamination? Proper vowel signs (ਮਾਤਰਾ)? Clean Unicode?
Understanding the Glossary — Translation Approaches
Every translated term in the glossary is classified by its translation approach (T/L/R/H):
| Category | When Used | Example |
|---|---|---|
| T — Translated | Concept has a natural Panjabi equivalent | Authentication → ਪ੍ਰਮਾਣੀਕਰਨ |
| L — Loan Word | Term is universally used in English | API → ਏ.ਪੀ.ਆਈ. |
| R — Retained | Acronym or proper noun, kept as-is | OWASP, SQL, XSS |
| H — Hybrid | Part translates, part stays in English | SQL Injection → SQL ਇੰਜੈਕਸ਼ਨ |
Timeline
| Phase | Content | Target |
|---|---|---|
| A (Complete) | Title Page, Introduction, Glossary, Translation Notes, Review Plan | February 2026 |
| B (Complete) | Assessment & Certification, Changes from v4.x, V5 File Handling, V8 Authorization, V9 Self-contained Tokens, V12 Secure Communication — now bilingual | June 2026 |
| C (In Progress) | What-is-the-ASVS and V6 Authentication actively translating; remaining security-requirement chapters: Encoding, Validation, Web Frontend, API & Web Service, Session Management, OAuth/OIDC, Cryptography, Configuration, Data Protection, Secure Coding, Logging, WebRTC | 2026 |
| D | Appendices, final quality checks, PDF generation, community review window | 2026 |
How to Send Feedback
Email (easiest): Send to gurvinder@securityleader.ai with subject "ASVS Panjabi Review"
Include any of the following:
- A term you think should be translated differently (e.g., "I think ਕਮਜ਼ੋਰੀ works better as ਖ਼ਾਮੀ for Vulnerability")
- A Gurmukhi spelling or vowel sign correction
- A sentence that reads unnaturally and a suggested alternative
- General impressions of the bilingual format
GitHub (for Git-comfortable reviewers): Open PR #3254 and leave inline comments on any file in 5.0/pa-IN/.
Source Material
- Translation submission — PR #3254 on GitHub
- GeeksikhSecurity working copy
- Full blog post: Why I'm Translating OWASP's Security Standard Into Panjabi
ਸੁਰੱਖਿਆ ਗਿਆਨ ਸਭ ਲਈ ਹੋਣਾ ਚਾਹੀਦਾ ਹੈ. — Security knowledge should be accessible to all.