Difference between revisions of "ASDR TOC Principles"

From OWASP
Jump to: navigation, search
Line 16: Line 16:
 
* 16 Separation of duties
 
* 16 Separation of duties
 
* 17 Use encapsulation
 
* 17 Use encapsulation
 +
 +
Back to [[ASDR_Table_of_Contents|TOC]]
 +
 +
[[Category:OWASP ASDR Project]]

Revision as of 15:45, 6 May 2008

  • 1 Assume attackers have source code
  • 2 Avoid security by obscurity
  • 3 CLASP Security Principles
  • 4 Defense in depth
  • 5 Detect intrusions
  • 6 Don’t trust infrastructure
  • 7 Don’t trust services
  • 8 Establish secure defaults
  • 9 Fail securely
  • 10 Fix security issues correctly
  • 11 Keep security simple
  • 12 Least privilege
  • 13 Minimize attack surface area
  • 14 Positive security model
  • 15 Secure Coding Principles
  • 16 Separation of duties
  • 17 Use encapsulation

Back to TOC