Thanks. The OWASP Developer Guide Version 3 looks promising. Thanks again
An0n S3c http://an0ns3c.blogspot.com On Sun, Sep 28, 2008 at 10:23 AM, Bedirhan Urgun <[EMAIL PROTECTED]> wrote: > > The ones I know of from the OWASP (may not be called "standard", not sure); > > http://www.owasp.org/index.php/Category:OWASP_Guide_Project (a little bit > old, new version pending) > http://www.owasp.org/index.php/OWASP_Backend_Security_Project (an owasp > SoC '08 project, not finished yet but seems rather comprehensive) > http://www.owasp.org/index.php/Category:Countermeasure (sporadic) > > cheers, > Bedirhan Urgun > http://www.webguvenligi.org > http://www.owasp.org/index.php/Turkey > > > ------------------------------ > > Date: Sat, 27 Sep 2008 15:57:40 -0400 > From: [EMAIL PROTECTED] > To: sc-l@securecoding.org > Subject: [SC-L] Secure Coding Standards > > > > I am looking for a comprehensive set of secure coding standards to > implement into my dev organization. These standards should cover Java, Web, > and C/C++ as well as guidelines for using features like encryption, > authentication, SSO, SSL, etc. I am open to both publicly available > standards as well as commercially available standards. So far, I found > > 1. www.securecoding.cert.org - thanks to Robert C. Seacord, > http://krvw.com/pipermail/sc-l/2008/001401.html > 2. http://java.sun.com/security/seccodeguide.html > 3. http://wiki.services.openoffice.org/wiki/Cpp_Coding_Standards > 4. DHS Build Security In (kind of) - > https://buildsecurityin.us-cert.gov/daisy/bsi/home.html > 5. SANS Software Security Institute - http://www.sans-ssi.org/ > 6. CERT Top 10 Secure Coding Practices - > > https://www.securecoding.cert.org/confluence/display/seccode/Top+10+Secure+Coding+Practices > 7. SANS GIAC Secure Software Programmer - http://www.sans.org/gssp/ > > I would greatly appreciate any pointers to other links or to companies who > have developed and sell these standards. > > Thanks in advance. > > An0n S3c. > > > ------------------------------ > Get more out of the Web. Learn 10 hidden secrets of Windows Live. Learn > Now<http://windowslive.com/connect/post/jamiethomson.spaces.live.com-Blog-cns!550F681DAD532637!5295.entry?ocid=TXT_TAGLM_WL_getmore_092008> >
_______________________________________________ Secure Coding mailing list (SC-L) SC-L@securecoding.org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. _______________________________________________
