IJMTES – Paper Presented in: ‘2 day State Level workshop on Cyber Fest 17’, conducted by: ‘Department of Computer Engineering, Marathwada Mitra Mandal College of Engineering, Pune’ on 22-23 Feb 2017

Journal Title : International Journal of Modern Trends in Engineering and Science

Paper Title : SECURE CODING PRACTICES – AN INDUSTRY PERSPECTIVE

Author’s Name : Milind K Thombre | Dr Prachi M Joshiunnamed

Paper Presented in : ‘2 day State Level workshop on Cyber Fest 17’, conducted by: ‘Department of Computer Engineering, Marathwada Mitra Mandal College of Engineering, Pune’ on 22-23 Feb 2017

Volume 04 Issue 05 2017

ISSN no:  2348-3121

Page no: 40-42

Abstract – While there is sufficient study being done in cyber security post-priori, there seems to be little being done even today to ensure that badly coded systems do not go to production. Consequently, data is routinely being leaked even by seemingly secure websites. This paper addresses several industry issues around Secure Coding Practices (SCP), why they are not effectively used and the plethora of ignorance on this subject from Software development managers to Project Managers, Business Analysts as well as developers, and testers alike. We examine this issue from 3 different perspectives: The System Administrators, Developers/Testers, and Management. We note that there is an urgent need to better educate the entire community involved with software development in SCP.

Keywords— Secure coding practices, Cyber security, Cyber defence, Countermeasures, Cyber warfare

References

  1. http://www.Owasp.org
  2. http://www.pythonsecurity.org/
  3. “A study on improving static analysis tools: why are we not using them?” by Brittany Johnson, ICSE’ 2012.
  4. “Top 10 Secure Coding Practices” by Robert Seacord , SEI-CERT, March 01, 2011
  5. Secure Coding: Principles and Practices 2003, Mark G. Graff, Kenneth R. van Wyk
  6. Secure coding Guide, Apple Computer Inc. 2016.
  7. William G.J. Halfond, Jeremy Viegas, and Alessandro Orso – “A Classification of SQL Injection Attacks and Countermeasures”
  8. “OWASP Secure coding practices Quick reference Guide” 2010.