Application Security Terminology


Svg Vector Icons : Return to Glossary

Secure Coding Standards

Register for Free Courses

Secure coding standards are practices that are implemented to prevent the introduction of security vulnerabilities, such as bugs and logic laws. By following secure coding standards, companies can significantly reduce vulnerabilities before deployment.

The top secure coding standards and approaches are to:

  1. Develop a secure coding standard for a platform and development language.
  2. Validate input from all external data sources including user controlled files, network interfaces, and command line arguments. 
  3. Deny access by default. Software should identify conditions when access is permitted rather than by exclusion. 
  4. Design software to enforce and implement security policies.
  5. Use the compiler’s highest warning level to compile your code. Eliminate warning by modifying the code.
  6. Have a layered defence with multiple strategies. If one does not prevent a vulnerability, the next layer of defence should.

WhiteHat launched our Certified Secure Developer Program (WCSD) to teach developers to write secure code while keeping up with a fast workplace environment. Our program includes a 5-part webinar training series and access to a supplementary computer-based training course.