OWASP Developer Guide
Appendices
12. Appendices
12.1 Implementation Do’s and Don’ts
12.1.1 Container security
12.1.2 Secure coding
12.1.3 Cryptographic practices
12.1.4 Application spoofing
12.1.5 Content Security Policy (CSP)
12.1.6 Exception and error handling
12.1.7 File management
12.1.8 Memory management
12.2 Verification Do’s and Don’ts
12.2.1 Secure environment
12.2.2 System hardening
12.2.3 Open Source software
The OWASP Developer Guide is a community effort; if there is something that needs changing then submit an issue or edit on GitHub.