Implementation

Presents articles related to the Implementation phase of the Software Development Life Cycle.

Title Updated
Secure Software Development Life Cycle Processes 2013-07-31
Phkmalloc 2013-07-31
OpenBSD 2013-07-31
MITRE CWE and CERT Secure Coding Standards 2013-07-25
Improving Software Assurance 2013-07-05
Measures and Measurement for Secure Software Development 2013-07-03
Supply-Chain Risk Management: Incorporating Security into Software Development 2013-07-02
Assume that Human Behavior Will Introduce Vulnerabilities into Your System 2013-06-26
Do Not Perform Arithmetic with Unvalidated Input 2013-06-26
Never Use Unvalidated Input as Part of a Directive to any Internal Component 2013-06-26
Treat the Entire Inherited Process Context as Unvalidated Input 2013-06-26
Do Not Use the "%n" Format String Specifier 2013-06-26
Be Suspicious about Trusting Unauthenticated External Representation of Internal Data Structures 2013-06-26
Handle All Errors Safely 2013-06-26
If Emulation of Another System Is Necessary, Ensure that It Is as Correct and Complete as Possible 2013-06-26
Carefully Study Other Systems Before Incorporating Them into Your System 2013-06-24
Clear Discarded Storage that Contained Secrets and Do Not Read Uninitialized Storage 2013-06-24
Use Well-Known Cryptography Appropriately and Correctly 2013-06-21
Design Configuration Subsystems Correctly and Distribute Safe Default Configurations 2013-06-20
Follow the Rules Regarding Concurrency Management 2013-06-20
Ensure that Input Is Properly Canonicalized 2013-06-20
Guidelines Overview 2013-06-20
Ensure that the Bounds of No Memory Region Are Violated 2013-06-20
Use Authorization Mechanisms Correctly 2013-06-20
Use Authentication Mechanisms, Where Appropriate, Correctly 2013-06-19
Vstr 2013-05-20
Software Security Engineering: A Guide for Project Managers 2013-05-15
strncpy_s() and strncat_s() 2013-05-14
SEI: Coding Practices 2013-05-14
strlcpy() and strlcat() 2013-05-14
strncpy() and strncat() 2013-05-14
OpenBSD's strlcpy() and strlcat() 2013-05-14
strcpy_s() and strcat_s() 2013-05-14
strcpy() and strcat() 2013-05-14
fgets() and gets_s() 2013-05-14
C++ std::string 2013-05-14
Consistent Memory Management Conventions 2013-05-13
Strong Typing 2013-05-10
Safe Integer Operations 2013-05-10
Runtime Analysis Tools 2013-05-10
Detection and Recovery 2013-05-10
Range Checking 2013-05-10
Randomization 2013-05-10
Null Pointers 2013-05-10
Heap Integrity Detection 2013-05-10
Guard Pages 2013-05-10
Compiler Checks 2013-05-10
Arbitrary Precision Arithmetic 2013-05-10
Windows XP SP2 2013-05-10
Strsafe.h 2013-05-10
SafeStr 2013-05-10
Code Analysis - References 2008-11-03
Code Analysis 2008-11-03
memcpy_s() and memmove_s() 2008-10-06