CHAPTER 38
WRITING SECURE CODE
Lester E. Nichols, M. E. Kabay, and Timothy Braithwaite
38.2 POLICY AND MANAGEMENT ISSUES
38.2.1 Software Total Quality Management
38.2.3 Regulatory and Compliance Considerations
38.3 TECHNICAL AND PROCEDURAL ISSUES
38.3.4 Best Practices and Guidelines
38.4.1 Internal Design or Implementation Errors
38.5 ASSURANCE TOOLS AND TECHNIQUES
38.5.2 Code Examination and Application Penetration Testing
38.5.3 Standards and Best Practices
38.1 INTRODUCTION.
The topic of secure coding cannot be adequately addressed in a single chapter. Unfortunately, programs are inherently difficult to secure because of the large number of ways that execution can traverse the code as a result of different input sequences and data values.
This chapter provides a starting point and additional resources for security professionals, system architects, and developers to build a successful and secure development methodology. Writing secure code takes coordination and cooperation of various functional areas within an organization, and may require fundamental changes in the way software development currently is designed, written, tested, and implemented.
38.2 POLICY AND MANAGEMENT ISSUES.
There are countless security hurdles facing those writing code and developing ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access