Richard Bucker

Secure Software Development Lifecycle

Posted at — May 14, 2014

Justification:While there are a number of obvious attack vectors for would-be black hats - most are never considered or defended against until there has been an incident. This is not to say that a huge investment is required from day one; as we have learned from the copy protection cat and mouse of the 1980s - it is expensive and with diminishing returns. But if we do a few things up front and in the beginning then we raise the cost for the attacker thus we become a less desirable target.Secure Software Development Lifecycle:frameworks are goodReferences:salted password hashing cheat sheets Evergreen Developer Skills vs Facebook - trunk Habits of Dysfunctional Programmers Commandments of egoless programming the beginning code - silent circle should code and framework passwords Detection: Support Vector Machines and Neural Networks Intrusion Detection Using Tree Augmented Naive-Bayes fun with bad crypto with unique urls and rotating keys so filtering outside applicationSecure REST tutorial tcp http is by no means a complete list. It’s represents my current reading list.