ASDR TOC Principles

From OWASP
Revision as of 15:43, 6 May 2008 by Leocavallari (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

1 Assume attackers have source code 2 Avoid security by obscurity 3 CLASP Security Principles 4 Defense in depth 5 Detect intrusions 6 Don’t trust infrastructure 7 Don’t trust services 8 Establish secure defaults 9 Fail securely 10 Fix security issues correctly 11 Keep security simple 12 Least privilege 13 Minimize attack surface area 14 Positive security model 15 Secure Coding Principles 16 Separation of duties 17 Use encapsulation