What is Secure Coding?

 Secure coding is simply the practice of developing software and applications in a way that protects against the accidental introduction of security vulnerabilities. Software threats have significantly grown in the last few years and the vulnerabilities in software have caused damage to companies and organizations, both financially and to their brand. Following secure coding standards is a critical step in preventing exploitable entry points for an organization. The good news is that an organization does not have to start from scratch when defining how to implement secure coding practices. There are several resources available across the industry to ensure standards are followed to protect everyone.

Adopting Industry Standards

OWASP and Microsoft are two of the most common industry standards when it comes to secure coding principles. In fact, a number of commercial off the shelf (COTS) software to assist in the identification and enforcement of secure coding practices are based on those industry guidelines. It’s these guidelines and COTS products that will help an organization ensure that they are as protected as possible against attacks due to exploits in software.

Additionally, there is a significant amount of training tools available for developers to learn secure coding practices. Education is the first step in a mature secure coding program; also the first step in Microsoft’s Security Development Lifecycle (SDL). With the right education and a mature secure coding program, an organization can be assured that they are taking necessary preventative measures in protecting their data, customers, and brand.

Speaker

Serena Curtin

Content Level

Beginner