Difference between revisions of "ASDR TOC Principles"

From OWASP
Jump to: navigation, search
Line 1: Line 1:
 +
Back to [[ASDR_Table_of_Contents|TOC]]
 +
 
* 1 Assume attackers have source code
 
* 1 Assume attackers have source code
 
* 2 Avoid security by obscurity
 
* 2 Avoid security by obscurity

Revision as of 15:46, 6 May 2008

Back to TOC

  • 1 Assume attackers have source code
  • 2 Avoid security by obscurity
  • 3 CLASP Security Principles
  • 4 Defense in depth
  • 5 Detect intrusions
  • 6 Don’t trust infrastructure
  • 7 Don’t trust services
  • 8 Establish secure defaults
  • 9 Fail securely
  • 10 Fix security issues correctly
  • 11 Keep security simple
  • 12 Least privilege
  • 13 Minimize attack surface area
  • 14 Positive security model
  • 15 Secure Coding Principles
  • 16 Separation of duties
  • 17 Use encapsulation

Back to TOC