|Threat Risk Modeling by OWASP
|A brief guide to different types of threat modeling during the application development and deployment process.
|“Threat Modeling” book by Adam ShostakShostack
|A book of material on how to properly perform threat modeling for a number of scenarios. The author also offers training courses.
|Open Web Application Security Project (OWASP) Secure Coding Guide
A short guide for secure coding principles specifically tailored for web applications.
CERT Secure Coding Standards
Secure coding standards should be followed to avoid vulnerabilities as much as possible. CERT provides coding standards for common web application programming languages like Java and Perl. Note that the standards were developed for general usage, and not all rules may apply to web applications.
The Basics of Web Application Security
Summary of important web application secure development practices.
|Basic Security Practices for Web Applications
|Microsoft web application security advice.