ASDR TOC Principles
From OWASP
Back to TOC
- 1 Assume attackers have source code
- 2 Avoid security by obscurity
- 3 Input Validation
- 4 Defense in depth
- 5 Detect intrusions
- 6 Don’t trust infrastructure
- 7 Don’t trust services
- 8 Establish secure defaults
- 9 Fail securely
- 10 Fix security issues correctly
- 11 Keep security simple
- 12 Least privilege
- 13 Minimize attack surface area
- 14 Positive security model
- 15 Secure Coding Principles
- 16 Separation of duties
- 17 Use encapsulation
- 18 Don't trust user input
- 19 Reduce Surface Area
- 20 The Insecure-Bootstrapping Principle
Back to TOC
