Foundations
2. Foundations
There are various foundational concepts and terminology that are commonly used in software security. Although many of these concepts are complex to implement and are based on heavy-duty theory, the principles are often fairly straight forward and are accessible for every software engineer.
A reasonable grasp of these foundational concepts allows development teams to understand and implement software security for the application or system under development. This Developer Guide can only give a brief overview of these concepts, for in-depth knowledge refer to the many texts on security such as the The Cyber Security Body Of Knowledge.
Sections:
2.1 Security fundamentals
2.2 Secure development and integration
2.3 Principles of security
2.4 Principles of cryptography
2.5 OWASP Top 10
The OWASP Developer Guide is a community effort; if there is something that needs changing then submit an issue or edit on GitHub.