OWASP Developer Guide
Appendices
12. Appendices
12.1 Implementation Do’s and Don’ts
12.1.1 Container security
12.1.2 Secure coding
12.1.3 Cryptographic practices
12.1.4 Application spoofing
12.1.5 Content Security Policy (CSP)
12.1.6 Exception and error handling
12.1.7 File management
12.1.8 Memory management
12.2 Verification Do’s and Don’ts
12.2.1 Secure environment
12.2.2 System hardening
12.2.3 Open Source software
Traducción de versión original en inglés.