On February 10, 2021, the People's Bank of China officially released the financial industry standard "JR/T 0213-2021 Financial cyber security General specification for security testing of Web application services". The standard provides the general specification of financial network security Web application service security testing, including principles, methods and procedures, which can be used as a reference standard for various financial institutions to conduct Web application service security testing, and can also be used as a reference for inspection and testing by industry authorities and professional testing institutions for guidance.
The publication and implementation of this standard contributes to standardize and strengthen the content and method of the security test of the existing financial information system Web application service security testing. It provides guidance for testers to conduct security testing of financial information system Web application services, which is conducive to timely identification and disposal of potential risks and hidden dangers, strengthens the management of risk and hidden dangers, and can further improve the overall level of network security protection in the financial industry.
This standard was prepared by China Financial Standardization Technical Committee, proposed and drafted by the Technology Department of the People's Bank of China with the participation of First Research Institute of the Ministry of Public Security of the PRC, China Financial Computerization Corporation and other institutions. After extensively consultation and demonstration, this standard has passed the review of China Financial Standardization Technical Committee.
For detailed standards, please visit Financial Industry Standard Full Text System (see: http://www.cfstc.org/bzgk).