Development LyfeCycle Securily for Providing Secure Software
In order to provide secure software there are 2 main issues to address:
Security Inside Software
There are a lot of standard to use about that:
Good security requires having a secure configuration defined and deployed for the application, frameworks, application server, web server, database server, and platform. Secure settings should be defined, implemented, and maintained, as defaults are often insecure. Additionally, software should be kept up to date.
Check the Server Configuration:
· Check the Server hardening
· Avoid using FTP
XSS flaws occur whenever an application takes untrusted data and sends it to a web browser without proper validation or escaping. XSS allows attackers to execute scripts in the victim’s browser which can hijack user sessions, deface web sites, or redirect the user to malicious sites.
