Secure Coding
Secure Coding, the pillars for Ivory Tower of Security
Secure Coding: It is a practice of implementing the product designed without any bugs or vulnerabilities in code.
Secure coding could be put in action through various forms:
- Tweaking the compiler in the development to flag the warnings as errors.
- Peer-Code review.
- Automate testing of the code on boundary conditions.
- Use libraries which been tested for vulnerabilities.
- Enlightening the Developer on how critical is secure coding.
What should be the mind-set of the developer for secure coding?
The developer should be familiar with the best practices of secure coding and also the security functions available in a language-framework he/she is working with.
They should be aware while coding that the code should be simple and lucid. This opens the gate for better debugging and peer-review.
Everyone knows that debugging is twice as hard as writing a program in the first place. So if you’re as clever as you can be when you write it, how will you ever debug it?
— Brian Kernighan, The Elements of Programming Style
I would really appreciate your feedback and support on the content, please let me know it by sharing or commenting or clapping.
