This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "OWASP Secure Coding Practices - Quick Reference Guide"
m (Added link to a related project) |
|||
(46 intermediate revisions by 8 users not shown) | |||
Line 1: | Line 1: | ||
==== Main ==== | ==== Main ==== | ||
+ | == Welcome to the Secure Coding Practices Quick Reference Guide Project == | ||
+ | |||
+ | |||
+ | The Secure Coding Practices Quick Reference Guide is a technology agnostic set of general software security coding practices, in a comprehensive checklist format, that can be integrated into the development lifecycle. At only 17 pages long, it is easy to read and digest. | ||
+ | |||
+ | The focus is on secure coding requirements, rather then on vulnerabilities and exploits. It includes an introduction to Software Security Principles and a glossary of key terms. | ||
+ | |||
+ | It is designed to serve as a secure coding kick-start tool and easy reference, to help development teams quickly understand secure coding practices. | ||
+ | |||
+ | === Sections of the Guide: === | ||
+ | |||
+ | * Table of contents | ||
+ | * Introduction | ||
+ | * Software Security Principles Overview | ||
+ | * Secure Coding Practices Checklist | ||
+ | * Links to useful resources | ||
+ | * Glossary of important terminology | ||
+ | |||
+ | |||
+ | |||
+ | '''Download the current v2 (Stable) release:''' | ||
+ | |||
+ | * [[Media:OWASP_SCP_Quick_Reference_Guide_v2.pdf|English version PDF]] | ||
+ | * [[Media:OWASP_SCP_Quick_Reference_Guide_v2.doc|English version MS Word]] | ||
+ | |||
+ | |||
+ | |||
+ | '''Translations:''' | ||
+ | |||
+ | * [[Media:OWASP_SCP_v1.3_pt-BR.pdf|Brazilian Portuguese Translation PDF]] | ||
+ | * [[Media:OWASP_SCP_v1.3_pt-PT.pdf|Portugal Portuguese Translation PDF]] | ||
+ | * [[Media:2011%EB%85%846%EC%9B%94_OWASP_%EC%8B%9C%ED%81%90%EC%96%B4%EC%BD%94%EB%94%A9%EA%B7%9C%EC%B9%99_v2_KOR.pdf|Korean Translation PDF]] | ||
+ | * [[Media:OWASP_SCP_Quick_Reference_Guide_SPA.doc|Spanish Translation doc]] | ||
+ | * [[Media:OWASP_SCP_Quick_Reference_Guide_%28Chinese%29.pdf|Chinese Translation PDF]] | ||
+ | |||
+ | |||
+ | '''Related Presentations:'''<br> | ||
+ | This slide deck incorporates many concepts from the Quick reference guide, but also utilizes other OWASP resources.<br> | ||
+ | [https://www.owasp.org/images/b/ba/Web_Application_Development_Dos_and_Donts.ppt Web Application Development Dos and Donts - Presentation from the Royal Bank of Scotland] | ||
+ | |||
+ | |||
+ | '''Related Projects:'''<br> | ||
+ | [https://github.com/Checkmarx/Go-SCP Go programming language secure coding practices guide, based on the OWASP Secure Coding Practices] | ||
+ | |||
+ | |||
+ | '''Project Feedback and Disposition History''' | ||
+ | |||
+ | [http://www.owasp.org/images/6/64/SCP-QRG_Revisions_History.xls XLS Feedback Spreadsheet] | ||
+ | |||
+ | |||
+ | ---- | ||
+ | == Feedback and Participation: == | ||
+ | |||
+ | I hope you find the OWASP Secure Coding Practices Quick Reference Guide Project useful. Please contribute to the Project by sending your comments, questions, and suggestions to [mailto:[email protected] [email protected]]. | ||
+ | |||
+ | |||
+ | Project mailing list and archives: | ||
+ | [https://lists.owasp.org/mailman/listinfo/owasp-secure-coding-practices subscription page.] | ||
+ | |||
+ | |||
+ | ---- | ||
+ | == Project Contributors: == | ||
+ | |||
+ | If you contribute to this Project, please add your name here<br> | ||
+ | '''Project Lead:''' | ||
+ | * [[user:Keith Turpin|Keith Turpin]] | ||
+ | |||
+ | '''Contributors:'''<br> | ||
+ | * Dan Kranz | ||
+ | * Walt Pietrowski | ||
+ | * Catherine Spencer | ||
+ | * [mailto:[email protected] Caleb McGary] | ||
+ | * [mailto:[email protected] Brad Causey] | ||
+ | * [mailto:[email protected] Ludovic Petit] | ||
+ | * [mailto:[email protected] Michael V. Scovetta] | ||
+ | * [mailto:[email protected] Jim Manico] | ||
+ | * Jason Coleman | ||
+ | * [mailto:[email protected] Anurag Agarwal] | ||
+ | * [mailto:[email protected] Andrew Petukhov] | ||
+ | <br> | ||
+ | '''Translation Contributors'''<br> <br> | ||
+ | '''Portuguese Translation'''<BR> | ||
+ | * [mailto:[email protected] Tarcizio Vieira Neto] | ||
+ | * [mailto:[email protected] Sílvio Correia Filho] | ||
+ | * [mailto:[email protected] Leandro Gomes] | ||
+ | '''Korean Translation'''<br> | ||
+ | * OWASP Korea chapter | ||
+ | '''Spanish Translation'''<br> | ||
+ | * Canedo,Gerardo | ||
+ | * Flores,Mauro | ||
+ | * [[user:Alberto_Daniel_Hill|Hill,Alberto]] | ||
+ | * Martinez,Mateo | ||
+ | * Papaleo,Mauricio | ||
+ | * Soarez,Nicolás | ||
+ | * Targetta, Cecilia | ||
+ | '''Chinese Translation'''<br> | ||
+ | * [mailto:[email protected] Jie Wang] | ||
+ | * Yongliang He | ||
+ | * Henghui Lin | ||
+ | |||
==== Project About ==== | ==== Project About ==== | ||
Line 7: | Line 107: | ||
− | [[Category:OWASP_Project|Secure Coding Practices - Quick Reference Guide]] [[Category:OWASP_Document]] [[Category:OWASP_Download]] [[Category: | + | [[Category:OWASP_Project|Secure Coding Practices - Quick Reference Guide]] [[Category:OWASP_Document]] [[Category:OWASP Best Practices]] [[Category:OWASP_Download]] [[Category:OWASP_Release_Quality_Document|OWASP Release Quality Document]] |
+ | [[Category:SAMM-SR-1]] |
Latest revision as of 12:20, 6 July 2017
Main
Welcome to the Secure Coding Practices Quick Reference Guide Project
The Secure Coding Practices Quick Reference Guide is a technology agnostic set of general software security coding practices, in a comprehensive checklist format, that can be integrated into the development lifecycle. At only 17 pages long, it is easy to read and digest.
The focus is on secure coding requirements, rather then on vulnerabilities and exploits. It includes an introduction to Software Security Principles and a glossary of key terms.
It is designed to serve as a secure coding kick-start tool and easy reference, to help development teams quickly understand secure coding practices.
Sections of the Guide:
- Table of contents
- Introduction
- Software Security Principles Overview
- Secure Coding Practices Checklist
- Links to useful resources
- Glossary of important terminology
Download the current v2 (Stable) release:
Translations:
- Brazilian Portuguese Translation PDF
- Portugal Portuguese Translation PDF
- Korean Translation PDF
- Spanish Translation doc
- Chinese Translation PDF
Related Presentations:
This slide deck incorporates many concepts from the Quick reference guide, but also utilizes other OWASP resources.
Web Application Development Dos and Donts - Presentation from the Royal Bank of Scotland
Related Projects:
Go programming language secure coding practices guide, based on the OWASP Secure Coding Practices
Project Feedback and Disposition History
Feedback and Participation:
I hope you find the OWASP Secure Coding Practices Quick Reference Guide Project useful. Please contribute to the Project by sending your comments, questions, and suggestions to [email protected].
Project mailing list and archives:
subscription page.
Project Contributors:
If you contribute to this Project, please add your name here
Project Lead:
Contributors:
- Dan Kranz
- Walt Pietrowski
- Catherine Spencer
- Caleb McGary
- Brad Causey
- Ludovic Petit
- Michael V. Scovetta
- Jim Manico
- Jason Coleman
- Anurag Agarwal
- Andrew Petukhov
Translation Contributors
Portuguese Translation
Korean Translation
- OWASP Korea chapter
Spanish Translation
- Canedo,Gerardo
- Flores,Mauro
- Hill,Alberto
- Martinez,Mateo
- Papaleo,Mauricio
- Soarez,Nicolás
- Targetta, Cecilia
Chinese Translation
- Jie Wang
- Yongliang He
- Henghui Lin
Project About
PROJECT INFO What does this OWASP project offer you? |
RELEASE(S) INFO What releases are available for this project? | |||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|