OWASP · elarlang · Mar 27, 2025 · Mar 27, 2025
diff --git a/5.0/en/0x14-V6-Cryptography.md b/5.0/en/0x14-V6-Cryptography.md
@@ -31,11 +31,9 @@ It is also important to ensure that all cryptographic assets, such as algorithms
 | **1.6.4** | [MODIFIED] Verify that a cryptographic inventory is performed, maintained, regularly updated, and includes all cryptographic keys, algorithms, and certificates used by the application. It should also document where keys can and cannot be used in the system and also the types of data which can and cannot be protected using the keys. | 2 | v5.0.be-1.6.4 |
 | **1.6.5** | [ADDED] Verify that cryptographic discovery mechanisms are employed to identify all instances of cryptography in the system, including encryption, hashing, and signing operations. | 3 | v5.0.be-1.6.5 |
 
-## V6.2 Algorithms
+## V6.2 Secure Cryptography Implementation
 
-Recent advances in cryptography mean that previously safe algorithms and key lengths are no longer safe or sufficient to protect data. Therefore, it should be possible to change algorithms.
-
-Although this section is not easily penetration tested, developers should consider this entire section as mandatory even though L1 is missing from most of the items.
+This section defines the requirements for the selection, implementation, and ongoing management of core cryptographic algorithms for an application. The objective is to ensure that only robust, industry-accepted cryptographic primitives are deployed, in alignment with current standards (e.g., NIST, ISO/IEC) and best practices. Organizations must ensure that each cryptographic component is selected based on peer-reviewed evidence and practical security testing.
 
 | # | Description | Level | #v5.0.be |
 | :---: | :--- | :---: | :---: |