Building Secure Software – 25 Tips from SANS

The SANS institute in collaboration with different software vendors, academics, security analysts and NSA had compiled a list of the Top 25 most dangerous software mistakes.

The list contains information on the steps that allow a hacker to compromise a piece of code. This ranges from the most obvious and well kwn no Injection Attacks to the more trivial but widely ignored data encryption and hard-coded passwords.

Any Software developer will find these information very valuable. Insecure software is becoming quickly a huge obstacle in the way of advancing online communications. The list is available at:

http://www.sans.org/top25errors/

Here is a mirror copy: cwe.mitre.org/top25/

This page contains reviews of security auditing software: http://www.sans.org/whatworks/