office politics
It's all just 1s and 0s
- Messages
- 6,555
- Location
- in the lab
Ten dos and don'ts for secure coding
Michael Jordan
03.09.2006
Rating: -4.60- (out of 5)
I've performed many code reviews, and I've often seen developers make the same mistakes. In most cases these defects in the code simply result in a poor user experience, but in some cases they open holes for hackers. There are always the really gnarly situations that take hours to debug, but quiet often the simple mistakes are what come back to create crisis situations.
Security practitioners should understand how developers introduce security vulnerabilities into applications and work to support the developers in improving code quality and security. Encouragement and support for improvement must be a fundamental part of the charter of the security organization. The first step is to understand the kinds of mistakes that contribute to vulnerabilities. Let's review some common, fundamental dos and don'ts for secure coding.
Michael Jordan
03.09.2006
Rating: -4.60- (out of 5)
I've performed many code reviews, and I've often seen developers make the same mistakes. In most cases these defects in the code simply result in a poor user experience, but in some cases they open holes for hackers. There are always the really gnarly situations that take hours to debug, but quiet often the simple mistakes are what come back to create crisis situations.
Security practitioners should understand how developers introduce security vulnerabilities into applications and work to support the developers in improving code quality and security. Encouragement and support for improvement must be a fundamental part of the charter of the security organization. The first step is to understand the kinds of mistakes that contribute to vulnerabilities. Let's review some common, fundamental dos and don'ts for secure coding.
