Monday, July 14, 2014

OWASP Top Ten Proactive Controls 

Jim Bird ([email protected]) just completed a 10-post blog series on the various OWASP Top Ten Proactive Controls. These articles have been cross-posted up on DZone and Java Code Geeks. Two of the posts (on logging, surprisingly, and on including security in requirements) have made "Big Links" on DZone so far and have been syndicated. The posts have already reached a couple of thousand developers and growing, so that's a good thing!

Here are the complete set of links:

Parameterize Database Queries
http://swreflections.blogspot.ca/2014/06/10-things-you-can-do-to-make-your-app.html

Encoding Data
http://swreflections.blogspot.ca/2014/06/10-things-you-can-do-to-make-your-app_9.html

Validate Input
http://swreflections.blogspot.ca/2014/06/10-things-you-can-do-to-make-your-app_11.html



Access Control
http://swreflections.blogspot.ca/2014/06/10-things-you-can-do-to-make-your-app_16.html

Authentication Controls
http://swreflections.blogspot.ca/2014/06/10-things-you-can-do-as-developer-to.html





Protect Data and Privacy
http://swreflections.blogspot.ca/2014/06/10-things-you-can-do-as-developer-to_23.html

Logging and Intrusion Detection
http://swreflections.blogspot.ca/2014/06/10-things-you-can-do-as-developer-to_30.html

Secure Frameworks: Leverage other people's code (Carefully)
http://swreflections.blogspot.ca/2014/07/10-things-you-can-do-as-developer-to.html

Start with Requirements:
http://swreflections.blogspot.ca/2014/07/10-things-you-can-do-as-developer-to_7.html

Design Security In:
http://swreflections.blogspot.ca/2014/07/10-things-you-can-do-to-as-developer-to.html






Great work, Jim Bird!


Aloha,


Jim Manico












Posted by



at





No comments:
  






































        

      









Subscribe to:
Posts (Atom)