INFORMATION SECURITY PORTAL

GUIDELINES -

SOFTWARE DEVELOPMENT

Below is links to different webpages where information for developers are available. Depending on what is developed, more or less of the information is usefull.


The information covers privacy and security, it does not cover how to structure developing.

The OWASP Top 10 is a standard awareness document for developers and web application security. It represents a broad consensus about the most critical security risks to web applications.

Companies should adopt this document and start the process of ensuring that their web applications minimize these risks. Using the OWASP Top 10 is perhaps the most effective first step towards changing the software development culture within your organization into one that produces more secure code.

The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics. These cheat sheets were created by various application security professionals who have expertise in specific topics.


The goal is that the project provides you with excellent security guidance in an easy to read format.

Over 15 years of experience in web application security bundled into a single application. The Security Knowledge Framework is a vital asset to the coding toolkit of your development team. Use SKF to learn and integrate security by design in your web application.

SKF is an open source security knowledgebase including manageble projects with checklists and best practice code examples in multiple programming languages showing you how to prevent hackers gaining access and running exploits on your application.

The SANS Developer How To Guide provides developers with simple code examples that quickly show how to prevent common security vulnerabilities.

The OWASP SAMM (Software Assurance Maturity Model) is a community-led open-sourced framework that allows teams and developers to assess, formulate, and implement strategies for better security which can be easily integrated into an existing organizational Software Development Life Cycle (SDLC).

The ISO27k Forum is a supportive and friendly global community of over 4,000 information security professionals, most of whom are actively using the ISO/IEC 27000-series standards and willing to share their queries, experience and expertise freely with others.
Membership of the Forum is free for those with a genuine professional interest in the ISO27k standards, particularly those who have practical implementation experience and knowledge they are willing to share with the community, and those who are taking their first baby steps towards adopting the standards.

SME Guide for the implementation of ISO/IEC 27001 on Information Security Management.

Small Business Standards (SBS) is the European association that represents small and medium-sized enterprises’ (SMEs)
interests in the standardisation process at both European and international level.

DIGITAL SME is a member of SBS and is a joint effort of 28 national and regional SME associations from EU Member States and neighbouring countries to put digital SMEs at the centre of the EU agenda.

A free webpage with some informatoin about the ISO27k standard.

Copyright © 2019-2020 InformationSecurityPortal.se - All Rights Reserved