defensive programming

(redirected from Secure coding practice)

defensive programming

Writing a secure program. Without security in mind, extensive validation of input is one area that is often overlooked. For example, if a small amount of data is expected as input, but the program accepts any amount, it provides a way for the cracker to insert executable code into the program. Using very clever hacking techniques, this code can be made to run.
Mentioned in ?
References in periodicals archive ?
First, developers should be educated on secure coding practice and media companies should include processes that ensure these practices are followed.
Add to this the secure coding practices and solutions, like firewalls, that can thoroughly examine the software code.
Under the National Institute of Standards and Technology's newer, more detailed Risk Management Framework (RMF) guideline, Parata met the high standards of secure coding practices and secure software for its Max, Mini, Automation Interface Manager and Parata Pharmacy Workflow software, among other security products.
secure coding practices along with following the basics for protecting the
Created by world-class security and development experts, these on-demand classes help developers understand secure coding practices and how to remediate vulnerabilities more quickly and efficiently.
In the HTC case, the FTC alleged that HTC, a mobile device manufacturer, failed to test the software on its mobile devices for potential security vulnerabilities and failed to follow commonly accepted secure coding practices. According to the FTC, these failures resulted in HTC's creation of numerous security vulnerabilities.
Findings from the Code Uncode competition decisively prove there is a serious lack of knowledge in secure coding practices that could be a causative source of security breaches around the world.
According to Vice president of application security for Fidelity, David Smith, the firm actually launched secure coding practices in 1997.
In light of these threats, application development and integration companies, telecoms, and banks providing payment services need to assess USSD-based apps and ensure that secure coding practices have been followed during USSD-based applications software development.
The authors also cover authentication and authorization, access control, cryptography, logging, and secure coding practices, as well as application exploits and vulnerabilities and related options and protection mechanisms, and measures to meet various security compliance requirements.
Programmers have a responsibility to test and score the security of their software and by employing secure coding practices earlier in the software development life cycle they can also be avoided.
Much of it appears to be the result of a continued emphasis on time-to-market at the expense of secure coding practices, Ewe said.

Full browser ?