Secure Coding Guidelines¶
Version: 2.2
Introduction¶
This page summarizes the Secure Coding Guidelines that WSO2 Engineers follow while implementing WSO2 products and applications within the organization.
The purpose of this document is to increase security awareness and make sure the products and the applications developed by WSO2 are inherently secure, by ensuring that security best practices are followed throughout the Software Development Life Cycle.
-
General Recommendations for Secure Coding
Explains different attacks or security threats that the engineers must focus on while implementing a product or an application. Prevention techniques are discussed in generic form, and some sections discuss programming language-specific prevention techniques.
-
General Recommendations for React Secure Coding
Explains secure coding best practices for React.
-
OWASP Top 10 - 2017 Prevention
Lists OWASP Top 10 2017 list of the most critical application security risks.
-
OWASP Top 10 - 2013 Prevention
Lists OWASP Top 10 2013 list of the most critical application security risks.
-
OWASP Mobile Top 10 Prevention
Explains different attacks or security threats that the engineers must focus when developing mobile applications. Prevention techniques are discussed in generic form, and some sections discuss mobile platform-specific prevention techniques.
-
Tooling Recommendations for Secure Coding
Lists all documentation on security-related tooling that is used within WSO2 and recommendations for such tools in the engineering process.