Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add secure coding #149

Open
aubertc opened this issue Sep 18, 2023 · 1 comment
Open

Add secure coding #149

aubertc opened this issue Sep 18, 2023 · 1 comment
Labels
content

Comments

@aubertc
Copy link
Contributor

aubertc commented Sep 18, 2023

We should add some discussion about secure coding in our material.

I think they are looking to see if we use something that checks for security violations in source code. Something like this for source code https://www.nist.gov/itl/ssd/software-quality-group/source-code-security-analyzers , or this for web applications -- https://owasp.org/www-community/Vulnerability_Scanning_Tools.

It really would be wonderful if we could increase the amount of security in our curriculum, I think starting with secure coding techniques/practices would be a good place to start. Lots of useful information on the subject here -- https://www.sei.cmu.edu/our-work/secure-development/. Attached is one of their (old) products.

Cf. also SEI CERT C Coding Standard Rules for Developing Safe, Reliable, and Secure Systems.
@aubertc
Copy link
Contributor Author

aubertc commented Sep 18, 2023
edited
Loading

Some topics include:

Size of data types
Importance of access modifiers
Correctly prompting the user
Safe data assignment
Checking array bounds

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
content
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@aubertc