Security

Developers working on projects should adhere to industry-recommended standard practices for secure design and implementation of code. For the purposes of our customers, this means our engineers should understand the OWASP Top 10 Web Application Security Risks, as well as how to mitigate as many of them as possible, using the resources below.

If you are looking for a fast way to get started evaluating your application or design, check out the "Secure Coding Practices Quick Reference" document below, which contains an itemized checklist of high-level concepts you can validate are being done properly. This checklist covers many common errors associated with the OWASP Top 10 list linked above, and should be the minimum amount of effort being put into security.

Requesting Security Reviews

When requesting a security review for your application, please make sure you have familiarized yourself with the Rules of Engagement. This will help you to prepare the application for testing, as well as understand the scope limits of the test.