Note from Chapter 2 of Alice and Bob Learn Secure Coding
- Follow a Secure System Development Life Cycle
- Use a Modern Framework, and All Available SecurityFeatures Within
- Input Validation
- Output Encoding
- Parameterized Queries and ORMs
- Authentication and Identity
- Authorization and Access Control
- Session Management
- Secret Management
- Password Management
- Communication Security (Cryptography and HTTPS Only)
- Protecting Sensitive Data
- Security Headers
- Same-Origin Policy
- Secure Cookies
- Error Handling
Ref: https://infosec.exchange/@SheHacksPurple/113947985460574329
Photo by Markus Winkler: pexels.com
