cesemj
asked on
Recommended Secure Coding Standard
I have reviewed a couple of documents listed below and noticed that the documents do not address all programming languages. Most of the documents are separate and I will have to combine into 1 standard document --might be overkill.
Can you please share and/or suggest a good Secure coding Standard.
1) https://www.securecoding.cert.org/confluence/display/seccode/SEI+CERT+Coding+Standards
2) MISRA publications[/list]
As an additional resopurce: I was going to use: the following document as an Secure Coding Practice Guideline because it seeks to encourage secure coding bets practices from the very beginning of development projects - what do you think?
1) http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-160.pdf
Thanks in advance!
Can you please share and/or suggest a good Secure coding Standard.
1) https://www.securecoding.cert.org/confluence/display/seccode/SEI+CERT+Coding+Standards
2) MISRA publications[/list]
As an additional resopurce: I was going to use: the following document as an Secure Coding Practice Guideline because it seeks to encourage secure coding bets practices from the very beginning of development projects - what do you think?
1) http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-160.pdf
Thanks in advance!
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Security, in a code context, relates far more to your runtime environment, than actual code written.
Wrap everything in SSL. Keep all your code updated (os packages + any CMS code you use).
If you use database code, http://sqlmap.org/ provides good SQL injection testing.
Wrap everything in SSL. Keep all your code updated (os packages + any CMS code you use).
If you use database code, http://sqlmap.org/ provides good SQL injection testing.
ASKER
Thanks.