How many apps hit the marketplace only to be called out for a number of bugs and security flaws that the developer may have accidentally overlooked? It’s not always easy to see faults in something that you’ve been working on day and night but the Open Web Application Security Project has launched a secure coding bible that could help solves bugs before you release you web applications to the public.
“The Open Web Application Security Project (OWASP) has published the third version of its developer security bible trimming the fat and offering peer-reviewed and tested means of building more secure apps,” according to The Register.
According to the report part of the new and improved version is the Application Security Verification Standard Project which was already a formidable piece of the equation. The AVSV like much of the software is improved to prevent those horrid data breaches that are continuously making news week after week.
“The Top Ten are the things not to do,” says OWASP security engineer Andrew van der Stock.
“The ASVS says to developers that ‘if you do these 20 things well, you won’t have problems.’ It goes beyond [the Top Ten] covering things like access controls, business logic flaws, a new topic on web services, and number of critical areas.”
With a resource like this web developers are able to check their work based off the sort of rubric and the added peer-review aspect makes for an extra set of eyes to help the process. You honestly can’t be too safe when it comes to dealing with user information and company information as well.
The OWASP is just one of the many tools that developers have at their fingertips in order to aid in the creation of safe web applications. Security will be an uphill battle for developers but making use of tools like these could make all the difference in the fight.
Read the full story.