Natural Order Development | Defensive Java Programming Notes

Board >> Conference Center >> Technical Tidbits >> Defensive Java Programming Notes

Posted by Leeland Posts 77 Registered at 2007-05-25 09:29:17	2008-08-01 14:10:40 - Best Practice #11 Limit the Number of Entry Points to Your App
	Keep the attack exposure as small as possible. Only allow inputs and outputs through specific points and then examine the API or services closely.
Posted by Leeland Posts 77 Registered at 2007-05-25 09:29:17	2008-08-01 14:13:48 - Best Practice #12 Do Not Reinvent the Wheel
	If there is a solid known good solution use it. Software engineers love to reinvent components over and over again. In many cases reinventing the wheel makes sense when: Existing solutions do not meet the needs and are not extensible License agreement with 3rd party component might not be applicable to needed solution Usage of the existing wheel is to heavy (no need to include a 50MB library to get at 3 functions)
Posted by Leeland Posts 77 Registered at 2007-05-25 09:29:17	2008-08-01 14:16:35 - Best Practice #13 Do Not Reveal Too Much Information
	This falls back on the issues of giving away the keys to the kingdom. Given enough time attackers can discover enough about the layout of your application in order exploit a vulnerability.

Page: Previous 1 2 3

Please login to post a reply.