fineract-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Thisura Philips <ttcphil...@gmail.com>
Subject Re: Documenting Secure code guide lines
Date Wed, 05 Jul 2017 01:30:38 GMT
Hi Myrle,

Thanks for the guidance. I will take the initiative to create a threat
model.

Thanks & Regards

On Mon, Jul 3, 2017 at 12:29 PM, Myrle Krantz <myrle@apache.org> wrote:

> There is not.
>
> If you want to create such a document, I suggest you begin by creating a
> threat model, and then relating individual guidelines to individual
> threats. (In my experience, people who don't understand why they are doing
> something tend to make mistakes that undermine their progress towards the
> real goal.)
>
> Here's some documentation on threat modeling:
> https://www.owasp.org/index.php/Application_Threat_Modeling
>
> Best Regards, and keep up the good work Thisura,
> Myrle Krantz
>
>
>
> On Mon 3. Jul 2017 at 02:25 Thisura Philips <ttcphilips@gmail.com> wrote:
>
> > Hi all,
> >
> > Is there any particular document as "Secure coding guide lines" for
> > apache-fineract?
> > We need to summarize the findings of static analysis of apache-fineract
> and
> > guide lines to code securely as much as possible.
> >
> > Thanks & Regards
> >
> > --
> > T.T.C Philips (BSc.Eng (Undergrad))
> > Computer Science and Engineering,
> > Sri Lanka Institute of Information Technology(SLIIT)
> >
>



-- 
T.T.C Philips (BSc.Eng (Undergrad))
Computer Science and Engineering,
Sri Lanka Institute of Information Technology(SLIIT)

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message