Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.


Threat Risk Modeling Process by OWASP"A brief guide to different types of threat modeling during the application development and deployment process. structured approach to application threat modeling that enables you to identify, quantify, and address the security risks associated with an application." Process
Threat Modeling book by Adam ShostackA book of material on how to properly perform threat modeling for a number of scenarios. The author also offers training courses.
Open Web Application Security Project (OWASP) Secure Coding Guide

A short guide for secure coding principles specifically tailored for web applications. 

CERT Secure Coding Standards

Secure coding standards should be followed to avoid vulnerabilities as much as possible. CERT provides coding standards for common web application programming languages like Java and Perl. Note that the standards were developed for general usage, and not all rules may apply to web applications. 

The Basics of Web Application Security

Summary of important web application secure development practices.
Basic Security Practices for Web ApplicationsMicrosoft web application security advice.