Secure Coding

It's not a boolean

Always code with security in mind

Never trust the user

Know your tools

Know the threats

QA

  • OWASP top 10

  • Hook Code audit tool on pipeline

  • Enforce encryption at rest and in-flight 

  • Force logging & monitoring

  • Know at least one application security scanner tool

  • Know the fundamentals (AAA, PoLP, RBAC)

  • Share knowledge with devs and across teams

 
 
Made with Slides.com