Monday, July 14, 2014

OWASP Top Ten Proactive Controls

Jim Bird ( just completed a 10-post blog series on the various OWASP Top Ten Proactive Controls. These articles have been cross-posted up on DZone and Java Code Geeks. Two of the posts (on logging, surprisingly, and on including security in requirements) have made "Big Links" on DZone so far and have been syndicated. The posts have already reached a couple of thousand developers and growing, so that's a good thing!

Here are the complete set of links:

Parameterize Database Queries

Encoding Data

Validate Input

Access Control

Authentication Controls

Protect Data and Privacy

Logging and Intrusion Detection

Secure Frameworks: Leverage other people's code (Carefully)

Start with Requirements:

Design Security In:

Great work, Jim Bird!
Jim Manico