Security Patterns
From Guidance Share
(Difference between revisions)
| Revision as of 18:08, 21 June 2008 (edit) JD (Talk | contribs) ← Previous diff |
Revision as of 18:09, 21 June 2008 (edit) JD (Talk | contribs) Next diff → |
||
| Line 14: | Line 14: | ||
| * [[At a Glance: Security Inspections]] | * [[At a Glance: Security Inspections]] | ||
| - | + | Attack Patterns – Vulnerability Patterns – Security Design Patterns – Security Implementation Patterns | |
| === Techniques === | === Techniques === | ||
Revision as of 18:09, 21 June 2008
|
|
A security inspection is a focused check against criteria. In practice, there are three types of inspections: design, code, and deployment inspections. Design inspections help identify key engineering issues that have cascading impact. Code inspections catch implementation issues. Deployment inspections catch runtime and configuration issues. During inspections, you check both whether good practices are implemented, and bad practices are avoided. |
Getting StartedAttack Patterns – Vulnerability Patterns – Security Design Patterns – Security Implementation Patterns Techniques
|
Design Inspection Questions
Code Inspection Questions
|
