List of Secure Coding Standards links

 

Most of the time when we analyze a software, we search the man page for usage of certain API and sometimes about the pattern of the code. Over a period of time you create a set of patterns in your mind. Sometimes we can learn that patterns from few Secure Coding standards websites. They give example on how not to write. This is the other way of learning to find the bugs. Here is the list of Secure Coding Standards links that I could able to find. If you have any more, please add it in the comment.

http://community.corest.com/~gera/InsecureProgramming/
https://wiki.mozilla.org/WebAppSec/Secure_Coding_Guidelines
https://www.securecoding.cert.org/confluence/pages/viewpage.action?pageId=637
https://www.securecoding.cert.org/confluence/display/seccode/CERT+C+Secure+Coding+Standard
CERT Oracle Secure Coding standard for Java
http://www.viva64.com/en/a/0065/ (A Collection of Examples of 64-bit Errors in Real Programs)
http://www.viva64.com/en/a/0042/ (Seven Steps of Migrating a Program to a 64-bit System)
http://www.viva64.com/en/l/      (Lessons on development of 64-bit C/C++ applications)
http://www.oracle.com/technetwork/java/seccodeguide-139067.html (Secure Coding Guidelines for the Java Programming Language, Version 4.0)
http://samate.nist.gov/index.php/Source_Code_Security_Analyzers.html
Apple’s Secure Coding standard
https://buildsecurityin.us-cert.gov/bsi/articles/knowledge/coding/305-BSI.html
Klocwork’s CERT C and C++ Secure Coding Standard
https://www.securecoding.cert.org/confluence/display/seccode/Klocwork+Cross+Reference
http://grouper.ieee.org/groups/plv/
https://www.owasp.org/index.php/Secure_Coding_Principles
http://developer.klocwork.com/klocwork-university/security-innovation/secure-coding
http://www.saferc.com/
http://stackoverflow.com/questions/4780410/secure-c-coding-practices

About these ads
This entry was posted in C/C++, Code review experiance and tagged , . Bookmark the permalink.

2 Responses to List of Secure Coding Standards links

  1. boar says:

    Don’t forget bobby tables

    http://bobby-tables.com/

  2. Pingback: Secure Coding Practices « MadMark's Blog

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s