Proactive OWASP
OWASP has released it's 2014 Top Ten Proactive Controls for Developers, in both PDF and HTML formats. Outstanding news.
- OWASP-C1: Parameterize Queries
- OWASP-C2: Encode Data
- OWASP-C3: Validate All Inputs
- OWASP-C4: Implement Appropriate Access Controls
- OWASP-C5: Establish Identity and Authentication Controls
- OWASP-C6: Protect Data and Privacy
- OWASP-C7: Implement Logging, Error Handling and Intrusion Detection
- OWASP-C8: Leverage Security Features of Frameworks and Security Libraries
- OWASP-C9: Include Security-Specific Requirements
- OWASP-C10: Design and Architect Security In