Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

ResourceNotesLink(s)
Threat Risk Modeling Process by OWASP"A brief guide to different types of threat modeling during the application development and deployment process. structured approach to application threat modeling that enables you to identify, quantify, and address the security risks associated with an application."https://www.owasp.org/index.phpwww-community/Threat_RiskModeling_Modeling Process
Threat Modeling “Threat Modeling” book by Adam ShostakShostackA book of material on how to properly perform threat modeling for a number of scenarios. The author also offers training courses.https://threatmodelingbook.com
Open Web Application Security Project (OWASP) Secure Coding Guide

A short guide for secure coding principles specifically tailored for web applications.

https://www.owasp.org/index.php/OWASP_Secure_Coding_Practices_-_Quick_Reference_Guide 

CERT Secure Coding Standards

Secure coding standards should be followed to avoid vulnerabilities as much as possible. CERT provides coding standards for common web application programming languages like Java and Perl. Note that the standards were developed for general usage, and not all rules may apply to web applications.

https://www.securecoding.cert.org/ 

The Basics of Web Application Security

Summary of important web application secure development practices.

https://martinfowler.com/articles/web-security-basics.html
Basic Security Practices for Web ApplicationsMicrosoft web application security advice.https://msdn.microsoft.com/en-us/library/zdh19h94.aspx

...