
Cradle to Grave: Working with a Security Plan • Chapter 12 529
Being Aware of Code Vulnerabilities
; QA tests development work to weed out existing weaknesses or
exploitable code that developers miss during code reviews.
; It is an impossibility that an application will be defect-free
when it is released, but the application should at least have all
critical, very high, and high defects fixed prior to being moved
to production.
Using Common Sense When Coding
; Using tools such as rule-based analyzers, debuggers, and version
control software not only assist in the development effort, but
also aid in the security of your application.
; Having coding standards ...