Difference between revisions of "Secure coding"

From Safeval Wiki
Jump to: navigation, search
Line 4: Line 4:
 
* [[Input data validation]]
 
* [[Input data validation]]
 
* [[Testing and verification]]
 
* [[Testing and verification]]
 
 
== See also ==
 
 
* [[Defensive programming]]
 
* [[Defensive programming]]
 
* [[Secure input and output handling]]
 
* [[Secure input and output handling]]
* [[Security bug]]
+
 
 +
 
 +
[[pt:Codificação segura]]
 +
[[es:Codificación segura]]

Revision as of 19:02, 19 September 2014

Securing coding is the practice of developing computer software in a way that guards against the accidental introduction of security vulnerabilities. Defects, bugs and logic flaws are consistently the primary cause of commonly exploited software vulnerabilities. Through the analysis of thousands of reported vulnerabilities, security professionals have discovered that most vulnerabilities stem from a relatively small number of common software programming errors. By identifying the insecure coding practices that lead to these errors and educating developers on secure alternatives, organizations can take proactive steps to help significantly reduce or eliminate vulnerabilities in software before deployment.

The main items usually pointed out by these techniques are: