Other really good requirements that aren't generic enough to be part of the project but that might be what you're looking for in YOUR environment
Revision as of 02:57, 26 February 2011 by Andylew (This is a start on the "everything else" page(s). Ideally, best practices links will aggregate here...)
Infrastructure Tips and Requirements
- No internal hostnames or addresses will be published on internet-facing DNS servers
- Management interfaces will never be on internet-facing interfaces
- Egress-blocking will be strictly enforced in DMZs. Only necessary traffic will be permitted to be initiated outbound.
OS and Webserver Tips and Requirements
- All Windows systems will be members of a dedicated DMZ domain/forest
ModSecurity will be running with a basic ruleset
iPhone Tips and Requirements
- I have no idea but there's probably SOMETHING
- Maybe "checks for jailbreak and won't install"
Language Tips and Requirements
- Will adhere to ESAPI guidelines, standards, and code to the maximum extent possible.
- Will adhere to .Net ESAPI guidelines, standards, and code to the maximum extent possible.
- <sarcasm>Shall be discarded in favor of dang near anything else</sarcasm>