Secure App Development ChecklistSecure Software Development

Begin Learning Cyber Security for FREE Now!

FREE REGISTRATION
Already a Member Login Here

Home Forums Secure Software Development Secure App Development Checklist

This topic contains 2 replies, has 3 voices, and was last updated by  yashbordekar 2 years, 10 months ago.

Viewing 3 posts - 1 through 3 (of 3 total)
  • Author
    Posts
  • #61355

    Dragon
    Participant

    I would like to extend this question to the community.
    What would be a good checklist to follow for securing apps built by developers?
    What certifications or courses cover this topic in detail?
    I understand that security starts from the beginning of a project and cannot simply be tacked on at the end.
    For example how effective is the OWASP Testing Checklist?
    Can the principals here:
    https://www.owasp.org/index.php/Web_Application_Security_Testing_Cheat_Sheet
    Which was designed with Pen Testing in mind. Can this be used as a guide for Web Development?

    • This topic was modified 3 years, 5 months ago by  Dragon.
    #75011

    rafaelh
    Participant

    Pretty much everything OWASP produces is worthwhile, and the link you’ve referenced is a good start. Ideally, you’d bake security into the whole process, as you mentioned. The Microsoft Secure Development Lifecycle (https://www.microsoft.com/en-us/sdl/) is a good resource for this. Also remember that the checks are only as good as the people doing the checking, so if you don’t have someone trained in security testing, it may be worth while getting a product like Nexpose and scripting vulnerability scans into each build. Similarly, code reviews, and code analysis tools are a good way to catch errors before they get out.

    #82281

    yashbordekar
    Participant

    You Can also refer follwoing OWASP link.
    https://www.owasp.org/index.php/Category:OWASP_Code_Review_Project

    With Software checklist you can also check for Security Awareness tranings for developers , testers etc. Which will help them with the prior knowledge of developing secure apps.

Viewing 3 posts - 1 through 3 (of 3 total)

You must be logged in to reply to this topic.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Support Cybrary

Donate Here to Get This Month's Donor Badge

 

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel