Application Security in the ISO 27001:2013 Environment

CHAPTER 9: SECURE CODING GUIDELINES

In Chapter 7 we discussed the role of secure coding guidelines in ensuring that applications are secure. In this chapter we look at some of the most important guidelines developers should follow; for a comprehensive look at the topic, the OWASP Secure Coding Practices Guide is recommended.⁵⁰ Since many of these are low-level code writing requirements, we illustrate the guidelines with code snippets. As the coding guidelines are platform-agnostic and apply to all popular platforms, we show code snippets only for one platform, .NET. The examples we show with .NET can be ported to J2EE, PHP, Perl and other platforms, too.

We classify the coding guidelines into seven categories:

Input validation guidelines ...

Get Application Security in the ISO 27001:2013 Environment now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Application Security in the ISO 27001:2013 Environment by Vinod Vasudevan

CHAPTER 9: SECURE CODING GUIDELINES

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly