O'Reilly logo

Application Security in the ISO27001 Environment by Anbalahan Siddharth, Pakala Sangit, Shetty Sachin, Ummer Firosh, Mangla Anoop, Vasudevan Vinod

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 9. Secure Coding Guidelines

In Chapter 7 we discussed the role of secure coding guidelines in ensuring that applications are secure. In this chapter, we look at some of the most important guidelines developers should follow. Since many of these are low level code writing requirements, we illustrate the guidelines with code snippets. As the coding guidelines are platform-agnostic and apply to all popular platforms, we show code snippets only for one platform, .Net. The examples we show with .Net can be ported to J2EE, PHP, Perl and other platforms too.

We classify the coding guidelines into six categories:

  1. Input validation guidelines.

  2. Authentication guidelines.

  3. Guidelines for handling sensitive data.

  4. Session management guidelines.

  5. Error handling ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required