loading...
Microsoft Azure

Pushing Left, Like a Boss, Part 5.14 Secure Coding Summary

shehackspurple profile image Tanya Janca ・4 min read

**Previously published on my Medium blog, SheHacksPurple.

This article will summarize the previous articles in Part 5 of this series, and is hopefully something that you can use for your organization as a start for a secure coding guideline for your developers.

Secure Coding Guideline

In order to ensure that your developers are following these guidelines, code review is recommended. As I am not extremely experienced in this area, I would like to recommend a series of articles written by my friend Paul Ioniescu on this topic.

How I view OWASP, Care Bears of the Security Industry

How I view OWASP, Care Bears of the Security Industry

I'd like to thank all of my professional mentors and the OWASP volunteers that have taught me about Application Security, that is where and how I have learned the majority of what I know on this topic. Without the OWASP community, and it's free and vendor-neutral teachings, many of us would not be where we are today, including myself. The OWASP community has my unwavering and unending gratitude and support. Thank you.

Special thanks to the following people who have helped me directly in learning these concepts: Dominique Righetto, Jim Manico, Sherif Koussa, Adrien de Beaupre, Sonny Wear, Nicole Becher. I'd never have gotten this far without them.

If you like this blog series, you will love the OWASP Cheat Sheet project! My favourite OWASP project of all time. Check it out!

Up next in part 6 we will discuss the testing phase of the SDLC, what types of security testing we can do, the approaches we can take, as well as other strategies and phases within the SDLC that we can test our apps.

Do you have any more secure coding principles that you would like to add? Guidance you'd like to share? Please add it to the comments below!

Discussion

pic
Editor guide