This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision | ||
security:securecode [2015/04/10 16:25] Luke Hinds [CWE/SANS Top 25] |
security:securecode [2015/04/29 12:21] (current) Marcel Winandy Added link to IEEE CSD Avoiding Top 10 Security Flaws |
||
---|---|---|---|
Line 186: | Line 186: | ||
You may find the following resources also very helpful. | You may find the following resources also very helpful. | ||
- | ===== OSSG Developer Guidelines ===== | + | ==== OSSG Developer Guidelines ==== |
- | The OSSG (OpenStack Security Group) have authored a very good set of guidelines (mostly speficic to python). These can be found on Robert Clarks [[https://github.com/openstack-security/Developer-Guidance|on the following github repository]] | + | The OSSG (OpenStack Security Group) have authored a very good set of guidelines (mostly specific to python). These can be found on Robert Clarks [[https://github.com/openstack-security/Developer-Guidance|Github repository]] |
==== OWASP ==== | ==== OWASP ==== | ||
Line 203: | Line 203: | ||
- | ===== CERT ===== | + | ==== CERT ==== |
The CERT standards are a very good free resource. Languages covered are C, C++, Java, Perl. It is currently hosted on a confluence space at cert [[https://www.securecoding.cert.org/confluence/display/seccode/CERT+Coding+Standards |over here]] | The CERT standards are a very good free resource. Languages covered are C, C++, Java, Perl. It is currently hosted on a confluence space at cert [[https://www.securecoding.cert.org/confluence/display/seccode/CERT+Coding+Standards |over here]] | ||
- | ===== safecode ===== | + | ==== safecode ==== |
The [[http://www.safecode.org/publication/SAFECode_Dev_Practices0211.pdf|Safe Code Development Practices guide]] | The [[http://www.safecode.org/publication/SAFECode_Dev_Practices0211.pdf|Safe Code Development Practices guide]] | ||
+ | |||
+ | ==== IEEE Computer Society's Center for Secure Design (CSD) ==== | ||
+ | |||
+ | [[http://cybersecurity.ieee.org/center-for-secure-design/avoiding-the-top-10-security-flaws.html|Avoiding the Top 10 Security Flaws]] |