fineract-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Myrle Krantz <my...@apache.org>
Subject Re: Documenting Secure code guide lines
Date Mon, 03 Jul 2017 06:59:09 GMT
There is not.

If you want to create such a document, I suggest you begin by creating a
threat model, and then relating individual guidelines to individual
threats. (In my experience, people who don't understand why they are doing
something tend to make mistakes that undermine their progress towards the
real goal.)

Here's some documentation on threat modeling:
https://www.owasp.org/index.php/Application_Threat_Modeling

Best Regards, and keep up the good work Thisura,
Myrle Krantz



On Mon 3. Jul 2017 at 02:25 Thisura Philips <ttcphilips@gmail.com> wrote:

> Hi all,
>
> Is there any particular document as "Secure coding guide lines" for
> apache-fineract?
> We need to summarize the findings of static analysis of apache-fineract and
> guide lines to code securely as much as possible.
>
> Thanks & Regards
>
> --
> T.T.C Philips (BSc.Eng (Undergrad))
> Computer Science and Engineering,
> Sri Lanka Institute of Information Technology(SLIIT)
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message