H5

Defensive coding practices is one of the most critical proactive security countermeasures in SDLC. If software developers follow certain security best-practices, most of the weaknesses can be eliminated. In this module’s readings, you looked at defensive tactics used in the development of software. You also learned OWASP proactive controls.

Question 1

Extract defensive coding practices from Chapter 13 of the Conklin & Shoemaker. Explain each coding practice in one short paragraph.

Question 2

For each coding practice, describe a corresponding CWE (https://cwe.mitre.org/)  and OWASP proactive control (https://owasp.org/www-project-proactive-controls/)