This site graciously hosted
by our friends at




Table of Contents

Preface

1. No Straight Thing
The Vulnerability Cycle
What is an Attack?
Why Good People Write Bad Code
A Call to Arms
2. Architecture
What Is Security Architecture?
Principles of Security Architecture
Case Study: The Java Sandbox
3. Design
Why Does Good Design Matter?
Secure Design Steps
Special Design Issues
Bad Practices
Case Studies
4. Implementation
Good Practices
Bad Practices
Case Studies
5. Operations
Security Is Everybody's Problem
Good Practices
Bad Practices
Case Studies
6. Automation and Testing
Why Test?
Good General Practices
Good Practices Through the Lifecycle
Risk Assessment Methodologies
Case Studies
Appendix
Resources
Index


Site Contents Copyright (C) 2002, 2003 Mark G. Graff and Kenneth R. van Wyk. All Rights Reserved.
webmaster@securecoding.org