Pushing Left, Like a Boss, Part 5.14 Secure Coding Summary
This article will summarize the previous articles in Part 5 of this series, and is hopefully something that you can use for your organization as a start for a secure coding guideline for your developers. The previous article in this series is Part 5.13 — HTTPS only.
16 Secure Coding Guidelines
1. Input validation should be used in every possible scenario. This includes Redirects and Forwards.
2. Output Encoding is required for all output.
3. Parameterized Queries are mandatory, inline SQL is forbidden.
4. All 3rd party code and components must be verified not to contain known vulnerabilities.
5. Every applicable security header should be used.
