...
We recommend that the software supplier studies the OWASP Application Security Verification Standard (https://owasp.org/www-project-application-security-verification-standard/) and the OWASP Container Security Verification Standard (https://owasp.org/www-project-container-security-verification-standard/) if the application is based on container technologies.
All HelseID client suppliers must verify that the software is not at risk for the weaknesses in the OWASP Top 10 Web Application Security Risks (https://owasp.org/www-project-top-ten/).
...