Needed suggestions on secure coding standards
24 views
Skip to first unread message
sahan m
May 27, 2019, 5:02:17 AM5/27/19
to null
Dear Team,
I was going through few articles to understand about securing coding guidelines standards for different programming languages like C#, Java, HTML and JavaScript.
I am able to read through few articles but could not find exact coding standards based on the the coding language.
Here are the Links I have visited,
Secure coding guidelines Microsoft .Net
https://docs.microsoft.com/en-us/dotnet/standard/security/secure-coding-guidelines
CERT secure coding
https://wiki.sei.cmu.edu/confluence/display/seccode/SEI+CERT+Coding+Standards
Could you please suggest me or guide me to identify the secure coding guideline standards which is reliable and can be adopted.
Thanks and looking forward to hear from you.
Regards,
Sahan M
I was going through few articles to understand about securing coding guidelines standards for different programming languages like C#, Java, HTML and JavaScript.
I am able to read through few articles but could not find exact coding standards based on the the coding language.
Here are the Links I have visited,
Secure coding guidelines Microsoft .Net
https://docs.microsoft.com/en-us/dotnet/standard/security/secure-coding-guidelines
CERT secure coding
https://wiki.sei.cmu.edu/confluence/display/seccode/SEI+CERT+Coding+Standards
Could you please suggest me or guide me to identify the secure coding guideline standards which is reliable and can be adopted.
Thanks and looking forward to hear from you.
Regards,
Sahan M
Aamer Shah
May 27, 2019, 5:18:39 AM5/27/19
to null-...@googlegroups.com
Hi there, wrt the guideline, OWASP has a secure coding review document; that should be helpful.
This alone should be sufficient.
--
______________________________________________________________________________
null - Spreading the right Information
null Mailing list charter: http://null.co.in/section/about/null_list_charter/
---
You received this message because you are subscribed to the Google Groups "null" group.
To unsubscribe from this group and stop receiving emails from it, send an email to null-co-in+...@googlegroups.com.
Visit this group at https://groups.google.com/group/null-co-in.
To view this discussion on the web visit https://groups.google.com/d/msgid/null-co-in/1f9dc80c-44f2-4508-b059-9be89748e90e%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
game_changer007
May 27, 2019, 6:50:14 AM5/27/19
to null
Nothing is sufficient alone in case of coding guidelines. You have to go through cert coding guide is comprehensive can be taken as base for all languages.. over and above you can add owasp guidelines.
sahan m
May 27, 2019, 7:26:50 AM5/27/19
to null-...@googlegroups.com
Thanks Badrish for suggestion. So there is no standards we can claim as we are following? If I am not wrong I think we should have something as reliable source right?.
On Mon, May 27, 2019 at 4:20 PM game_changer007 <badri...@gmail.com> wrote:
Nothing is sufficient alone in case of coding guidelines. You have to go through cert coding guide is comprehensive can be taken as base for all languages.. over and above you can add owasp guidelines.
--
______________________________________________________________________________
null - Spreading the right Information
null Mailing list charter: http://null.co.in/section/about/null_list_charter/
---
You received this message because you are subscribed to a topic in the Google Groups "null" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/null-co-in/RPjyHNrzmJc/unsubscribe.
To unsubscribe from this group and all its topics, send an email to null-co-in+...@googlegroups.com.
Visit this group at https://groups.google.com/group/null-co-in.
To view this discussion on the web visit https://groups.google.com/d/msgid/null-co-in/32e38a7a-4b9b-4390-88dc-284796355004%40googlegroups.com.
Aamer Shah
May 27, 2019, 7:48:59 AM5/27/19
to null-...@googlegroups.com
@Gamechanger: Please read the subject line of the mail again (FYI)
A line should be drawn in one's thought process about 'coding standards'.
Standards are something known to everyone and standards are finite set of pointers.
What you said: nothing is sufficient is, if you wan't to create a perfect piece of code; of course nothing is sufficient then. So my statement is giving a link to standard which I reiterate: is sufficient.
Moral: Listen / read what is asked!
Happy hacking 😊
Aamer Shah
On Mon, 27 May 2019, 14:50 game_changer007, <badri...@gmail.com> wrote:
Nothing is sufficient alone in case of coding guidelines. You have to go through cert coding guide is comprehensive can be taken as base for all languages.. over and above you can add owasp guidelines.
--
______________________________________________________________________________
null - Spreading the right Information
null Mailing list charter: http://null.co.in/section/about/null_list_charter/
---
You received this message because you are subscribed to the Google Groups "null" group.
To unsubscribe from this group and stop receiving emails from it, send an email to null-co-in+...@googlegroups.com.
game_changer007
May 27, 2019, 9:58:07 AM5/27/19
to null
@amer shah : i have read subject line before giving my reply (fyi)
Creating a secure guidelines does not revolved around owasp. If on have seen cert guidelines it is comprehensive.
If you only want restricted around owasp you can pick the owasp guidelines which is yet to be updated for 2017.
Agree with your moral statement i need you also follow it.
Creating a secure guidelines does not revolved around owasp. If on have seen cert guidelines it is comprehensive.
If you only want restricted around owasp you can pick the owasp guidelines which is yet to be updated for 2017.
Agree with your moral statement i need you also follow it.
game_changer007
May 27, 2019, 9:58:11 AM5/27/19
to null
@sahan
For secure coding you will get guidelines. Cert is one of the most followed one. For java they have seperate book on it secure coding. Owasp guidelines are good to start with it if your trying to work as a development team.
If you want to create guide line for your org the they cert as a base.
For secure coding you will get guidelines. Cert is one of the most followed one. For java they have seperate book on it secure coding. Owasp guidelines are good to start with it if your trying to work as a development team.
If you want to create guide line for your org the they cert as a base.
Aamer Shah
May 27, 2019, 10:57:31 AM5/27/19
to null-...@googlegroups.com
@game: You may take it personally. He only wants guides to be adopted not create a new one. So do not confuse others.
You may try a million times and nothing applies to me.
I've attached a screenshot to tell you that he wants a readymade guideline to be adopted.
--
______________________________________________________________________________
null - Spreading the right Information
null Mailing list charter: http://null.co.in/section/about/null_list_charter/
---
You received this message because you are subscribed to the Google Groups "null" group.
To unsubscribe from this group and stop receiving emails from it, send an email to null-co-in+...@googlegroups.com.
Visit this group at https://groups.google.com/group/null-co-in.
To view this discussion on the web visit https://groups.google.com/d/msgid/null-co-in/6e445efa-c9c4-45c4-9ca4-7949260b4922%40googlegroups.com.
game_changer007
May 27, 2019, 12:42:59 PM5/27/19
to null
@amer i think more then me you have taken this personally which i don't care... Instead of giving suggestions to me and spending your time to take screenshots and colour please spend sometime for productive work.
What i know he asked for suggestions and ppl can give suggestions what they fill correct. They don't know some to give suggestions of their suggestions.
Enjoy.
What i know he asked for suggestions and ppl can give suggestions what they fill correct. They don't know some to give suggestions of their suggestions.
Enjoy.
Reply all
Reply to author
Forward
0 new messages