Skip to content

thoughts to application

Home
Contact

Categories

AI (2)
- AI Tools (1)
- AI-LLM TechStack (1)
Architechture & Design (11)
- Communicaton Patterns (2)
- Design Data-Intensive Application (1)
- Microservices (5)
  - Best Practices for Java (1)
  - Interview (1)
  - Micro-services – DP (1)
  - Micro-services Introduction (1)
  - Terminologies and Practices (1)
- System Design (3)
  - HLD (1)
  - LLD (1)
  - Overview (1)
Cloud (10)
- AWS (6)
  - AWS interview Questions (1)
  - CLF-C01 Certification (1)
  - DVA-C01 Certification (1)
  - Implementation (1)
  - MLA-C01 (1)
  - SAA-C03 (1)
- Cloud Certification (1)
- OCI (3)
  - OCI Gen AI 1Z0-1127-25 Certification (1)
  - OCI MultiCloud 1Z0-1151-25 Certification (1)
Cognitive Tests (2)
- Aptitude (1)
- Epithet (1)
core java (26)
- Concurrency (4)
  - ExecutorService (1)
  - Fundamentals of concurrency (1)
  - Introduction (1)
  - Structuring Concurrent Applications (1)
- Effective Java (12)
  - 0.Introduction to Effective Java (1)
  - 1. Creating & Destroying Objects (1)
  - 2. Methods Common to All Objects (1)
  - 3. Classes & Interfaces (1)
  - 4.Geneics (1)
  - 5.Enums & Annotations (1)
  - 6.Lambdas and Streams (1)
  - 7.Methods (1)
  - 8. General Programming (1)
  - 9. Exceptions (1)
  - 91. Concurrency (1)
  - 92. Serialization (1)
- Interview (7)
  - Core-Java FAQs (1)
  - Java Version Features (6)
    - Introduction (1)
    - Java-11 features (1)
    - Java-17 features (1)
    - Java-21 features (1)
    - Java-5 Features (1)
    - Java-8 Features (1)
- Java Tutorial (3)
  - Core-Java Topics (3)
    - Core Java – J2SE (1)
    - Exception Handling(J2SE) (1)
    - JVM (JIT-GC-JMM) (1)
Dev-Ops (3)
- Docker (1)
  - Tutorial (1)
- Kubernetes (2)
  - K8s Certifications (1)
  - Tutorial (1)
Domains (3)
- BFSI (2)
  - Payments Intro (1)
  - UPI (1)
- Media & Ent (1)
Interview (20)
- Algorithm (6)
  - Arrays Algos (1)
  - Asymptotic Analysis (1)
  - Graph (1)
  - Introduction (1)
  - Searching (1)
  - Sorting (1)
- Data Structure (14)
  - Array (1)
  - Graph (2)
    - Introduction – Graph (1)
    - Tree (1)
  - Introduction (1)
  - LinkedList (1)
  - Map (1)
  - Queue (1)
  - Stack (1)
  - String (1)
  - Trie (1)
  - Utility (4)
    - Backtracking (1)
    - DP (1)
    - Recursion (1)
    - Utils (1)
J2EE (18)
- Dev-Aid Tech (1)
  - Job Scheduling (1)
- Integration Tools (6)
  - HashiCorp – Vault & Consul (1)
  - Kafka (4)
    - Kafka certification (1)
    - Kafka Interview Questions (1)
    - Kafka Optimal usage (1)
    - Spring Kafka (1)
  - Messaging (1)
- J2EE Design Pattern (1)
- J2EE Introduction (1)
- Quarkus (1)
- Restful Services (2)
  - Resources Ref (1)
  - Web-Dev IQs (1)
- Spring Framework (5)
  - Interview Questions (1)
  - Spring (1)
  - Springboot (1)
  - Testing (1)
  - Thymeleaf (1)
- Web Exception Handling (1)
Linux (1)
ME[A/R/V]N stack (7)
- Introduction (1)
- JavaScript (1)
- Node (1)
- React (3)
  - React IQs (1)
  - React-Testing (1)
- TypeScript (1)
Persistence (9)
- Cassandra (1)
- ElasticSearch (1)
- ELK (1)
  - Introduction (1)
- Hibernate (1)
- Interview (2)
  - Hibernate (1)
  - SQL (1)
- JPA (1)
- Solr (1)
- SQL (1)
Programming Languages (4)
- Python (3)
  - Best practices (1)
  - core python (1)
  - python-code-testing (1)
- Scala (1)
Software Security (6)
- JWT (1)
- OAuth (1)
- Secure-Coding-Standards (1)
- Security Intro (1)
- Session Management (1)

Secure coding standards

Secure coding standards

OWASP – Open Web Application Security Project
- OWASP provides a secure coding practices checklist that includes 14 areas to consider in your software development life cycle. Of those secure coding practices,
- https://owasp.org/www-project-top-ten/
- https://www.securecoding.com/blog/owasp-secure-coding-checklist/
- https://www.imperva.com/learn/application-security/owasp-top-10/#:~:text=The%20Open%20Web%20Application%20Security,perform%20security%20assessments%20and%20research.
CWE – Common Weakness Enumeration
SEI CERT –

Tool Used – Fortify (HP- security vulnerability code analyser )

Share this:

X
Facebook

Like Loading...

Related

Published by

sevanand yadav

software engineer working as web developer having specialization in spring MVC with mysql,hibernate View all posts by sevanand yadav

Posted on 23 Apr 2023Author sevanand yadavCategories Secure-Coding-Standards

Leave a comment Cancel reply

Δ

Post navigation

Previous Previous post: OAuth

Next Next post: Introduction

Blog at WordPress.com.

Privacy & Cookies: This site uses cookies. By continuing to use this website, you agree to their use.
To find out more, including how to control cookies, see here: Cookie Policy

Comment
Reblog
Subscribe Subscribed
- Techglot
- Already have a WordPress.com account? Log in now.

%d

Design a site like this with WordPress.com