Friday, November 17, 2006

Top Ten Security Tips Every Developer Must Know

An article written by Michael Howard and Keith Brown gives top ten security tips that a developer should know.

Security Tips:
1. Trust User Input at Your Own Peril
2. Protect Against Buffer Overruns
3. Prevent Cross-site Scripting
4. Don't Require sa Permissions
5. Watch that Crypto Code!
6. Reduce Your Attack Profile
7. Employ the Principle of Least Privilege
8. Pay Attention to Failure Modes
9. Impersonation is Fragile
10. Write Apps that Non-admins Can Actually Use

Read more

No comments: