Difference between revisions of "ASDR TOC Principles"

From OWASP
Jump to: navigation, search
Line 1: Line 1:
 
Back to [[ASDR_Table_of_Contents|TOC]]
 
Back to [[ASDR_Table_of_Contents|TOC]]
  
* 1 Assume attackers have source code
+
* 1 [[Assume attackers have source code]]
* 2 Avoid security by obscurity
+
* 2 [[Avoid security by obscurity]]
* 3 CLASP Security Principles
+
* 3 [[CLASP Security Principles]]
* 4 Defense in depth
+
* 4 [[Defense in depth]]
* 5 Detect intrusions
+
* 5 [[Detect intrusions]]
* 6 Don’t trust infrastructure
+
* 6 [[Don’t trust infrastructure]]
* 7 Don’t trust services
+
* 7 [[Don’t trust services]]
* 8 Establish secure defaults
+
* 8 [[Establish secure defaults]]
* 9 Fail securely
+
* 9 [[Fail securely]]
* 10 Fix security issues correctly
+
* 10 [[Fix security issues correctly]]
* 11 Keep security simple
+
* 11 [[Keep security simple]]
* 12 Least privilege
+
* 12 [[Least privilege]]
* 13 Minimize attack surface area
+
* 13 [[Minimize attack surface area]]
* 14 Positive security model
+
* 14 [[Positive security model]]
* 15 Secure Coding Principles
+
* 15 [[Secure Coding Principles]]
* 16 Separation of duties
+
* 16 [[Separation of duties]]
* 17 Use encapsulation
+
* 17 [[Use encapsulation]]
  
 
Back to [[ASDR_Table_of_Contents|TOC]]
 
Back to [[ASDR_Table_of_Contents|TOC]]
  
 
[[Category:OWASP ASDR Project]]
 
[[Category:OWASP ASDR Project]]

Revision as of 15:49, 6 May 2008

Back to TOC

Back to TOC