Secure Coding mailing list archives

Secure Coding Standards

From: an0n.s3c at gmail.com (anon sec)
Date: Sat, 27 Sep 2008 15:57:40 -0400

I am looking for a comprehensive set of secure coding standards to implement
into my dev organization. These standards should cover Java, Web, and C/C++
as well as guidelines for using features like encryption, authentication,
SSO, SSL, etc. I am open to both publicly available standards as well as
commercially available standards. So far, I found

   1. www.securecoding.cert.org - thanks to Robert C. Seacord,
   http://krvw.com/pipermail/sc-l/2008/001401.html
   2. http://java.sun.com/security/seccodeguide.html
   3. http://wiki.services.openoffice.org/wiki/Cpp_Coding_Standards
   4. DHS Build Security In (kind of) -
   https://buildsecurityin.us-cert.gov/daisy/bsi/home.html
   5. SANS Software Security Institute - http://www.sans-ssi.org/
   6. CERT Top 10 Secure Coding Practices -
   https://www.securecoding.cert.org/confluence/display/seccode/Top+10+Secure+Coding+Practices
   7. SANS GIAC Secure Software Programmer - http://www.sans.org/gssp/

 I would greatly appreciate any pointers to other links or to companies who
have developed and sell these standards.

Thanks in advance.

An0n S3c.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://krvw.com/pipermail/sc-l/attachments/20080927/32e870cd/attachment.html

Current thread:

Secure Coding Standards anon sec (Sep 27)
- Secure Coding Standards Bedirhan Urgun (Sep 28)
  - Secure Coding Standards anon sec (Sep 28)
- Secure Coding Standards Jim Manico (Sep 28)
  - Secure Coding Standards Jim Manico (Sep 28)
    - Secure Coding Standards anon sec (Sep 28)
  - Secure Coding Standards Rohit Lists (Sep 29)
- Secure Coding Standards Cassidy, Colin (GE Infra, Energy) (Sep 29)
- Secure Coding Standards Robert C. Seacord (Sep 29)
- Secure Coding Standards Robert Martin (Sep 29)