Today I’d like to share a couple great resources with you. These are websites with information on categorizing and avoiding vulnerabilities. There is a lot of reading here, and to be honest, much of it is reference material, but it’s good to peruse so you are familiar with it.
This is a DHS (US Department of Homeland Security) website about, well, building security into designs. The description on the site says:
Build Security In is a collaborative effort that provides practices, tools, guidelines, rules, principles, and other resources that software developers, architects, and security practitioners can use to build security into software in every phase of its development.
I’ve mentioned before how important it is to design securely from the start. One of the site’s FAQs makes it clear that it is designed for software developers. That’s OK, but lots more folks can benefit from the ideas…
View original post 369 more words