Secure coding is the foundation of secure software. We have done threat modeling and secure architecture design. These require secure coding to make them happen. Secure coding can be a challenge for the development team since developers are occupied with working on new features, and there may be hundreds of secure coding rules to learn. Before we discuss secure coding practices in more detail, we will review existing secure coding standards we can refer to.
Depending on programming languages, secure coding standards are summarized in the following table:
Reference standards |
Description and reference |
CERT Secure Coding |
|
Find Security Bugs |
|
CWE |
|