What Is Secure Coding?

• Secure coding standards govern the coding practices, techniques, and decisions that
developers make while building software. They aim to ensure that developers write code
that minimizes security vulnerabilities.

• Development tasks can be solved in many different ways, with varying levels of complexity.
Some solutions are more secure than others, and secure coding standards encourage
developers and software engineers to take the safest approach, even if it is not the fastest.

• For example, secure coding best practices often mandate a “default deny” approach to
access permissions. Developers using secure coding techniques create code that denies
access to sensitive resources unless an individual can demonstrate that they are authorized
to access it.

• There are several secure coding standards and coding security guides in widespread use
today, including the OWASP Secure Coding Practices and the SEI CERT Coding Standards.

8 Secure Coding Best Practices

• Security by Design
• Password Management
• Access Control
• Error Handling and Logging
• System Configuration
• Threat Modeling
• Cryptographic Practices
• Input Validation and Output Encoding

Security by Design

Security needs to be a priority as you develop code, not an afterthought. Organizations may have
competing priorities where software engineering and coding are concerned. Following software
security best practices can conflict with optimizing for development speed. However, a “security by
design” approach that puts security first tends to pay off in the long run, reducing the future cost of
technical debt and risk mitigation. An analysis of your source code should be conducted throughout
your software development life cycle (SDLC), and security automation should be implemented.

Password Management

Passwords are a weak point in many software systems, which is why multi-factor authentication has
become so widespread. Nevertheless, passwords are the most common security credential, and
following secure coding practices limits risk. You should require all passwords to be of adequate length
and complexity to withstand any typical or common attacks. OWASP suggests several coding best
practices for passwords, including:

©Prof Sneha Dalvi

Storing only salted cryptographic hashes of passwords and never storing plain-text passwords

Enforcing password length and complexity requirements

Disable password entry after multiple incorrect login attempts

Implementing logical access controls like password policies can do wonders for strengthening your
organization’s security posture.

Access Control

• Take a “default deny” approach to sensitive data. Limit privileges and restrict access to secure
data to only users who need it. Deny access to any user that cannot demonstrate
authorization. Ensure that requests for sensitive information are checked to verify that the
user is authorized to access it.

Error Handling and Logging

• Software errors are often indicative of bugs, many of which cause vulnerabilities. Error
handling and logging are two of the most useful techniques for minimizing their impact. Error
handling attempts to catch errors in the code before they result in a catastrophic failure.
Logging documents errors so that developers can diagnose and mitigate their cause.
• Documentation and logging of all failures, exceptions, and errors should be implemented on a
trusted system to comply with secure coding standards.

System Configuration

• Clear your system of any unnecessary components and ensure all working software is updated
with current versions and patches. If you work in multiple environments, make sure you’re
managing your development and production environments securely.
• Outdated software is a major source of vulnerabilities and security breaches. Software updates
include patches that fix vulnerabilities, making regular updates one of the most vital, secure
coding practices. A patch management system may help your business to keep on top of
updates.

Threat Modeling

• Document, locate, address, and validate are the four steps to threat modeling. To securely
code, you need to examine your software for areas susceptible to increased threats of attack.
Threat modeling is a multi-stage process that should be integrated into the software lifecycle
from development, testing, and production.

Cryptographic Practices

• Encrypting data with modern cryptographic algorithms and following secure key management
best practices increases the security of your code in the event of a breach.

Input Validation and Output Encoding

• It’s important to identify all data inputs and sources and validate those classified as untrusted.
You should utilize a standard routine for output encoding and input validation.

©Prof Sneha Dalvi

Secure Coding: Types of Security Vulnerabilities That Affect Code

Buffer Overflow

Embedded systems are becoming more connected to the outside world — through IoT. And that means
there are more opportunities for malicious code attacks. One example is buffer overflows.

Like injection attacks, buffer overflows also allow an external attacker to ‘put’ code or data into a
system. If done correctly, it opens up that system to further instructions from the outside.

Well-Known Example: Heartbleed

• Heartbleed is probably the most widely publicized security vulnerability to date. It affected so
many machines in the Internet domain (the OpenSSL package). And it had a potential direct
impact on all of us.
• Heartbleed is an example of a buffer overread defect. This means that a malicious attacker
from the outside could read data from the system that should not be exposed. Read all the
gory details about Heartbleed.

Code Injection Flaw

Code injection flaws are another common security vulnerability. This exploits a bug caused by
processing invalid data. This is one form of injection attack that you can defend against.

Well-Known Example: Shellshock

• Shellshock is the result of a well-known code injection flaw. It's an example of a code injection
flaw, where arbitrary code can be executed on a remote system to perform malicious activities.
• Most embedded systems are less prone to attacks like Shellshock. They don’t provide
“sophisticated” interfaces for exposure, such as Bash shells.

Securing code involves a combination of secure coding practices, testing methodologies, and
adherence to security requirements. Below are guidelines for secure code testing with respect to
security requirements, encryption, handling system input, and encoding/escaping:

1. Security Requirements:

• Requirement Analysis: To understand and documenting security requirements for your

application. Identify specific security controls, compliance standards, and best practices
relevant to your project.

©Prof Sneha Dalvi

 • Security Architecture Review:Conduct a security architecture review to ensure that the overall
design aligns with security requirements. Verify that data flows are secure, sensitive
information is properly handled, and access controls are in place.
• Threat Modeling: Perform threat modeling exercises to identify potential security threats and
vulnerabilities early in the development process. This helps prioritize security controls and
mitigation strategies.

2. Encryption:

• Data in Transit: Ensure that sensitive data is transmitted securely over the network. Use
protocols like HTTPS to encrypt communication between clients and servers.
• Data at Rest: Implement encryption for data stored in databases or file systems, especially if
it contains sensitive information. Employ strong encryption algorithms and key management
practices.
• Secure Key Handling: Follow best practices for secure key management, such as using
dedicated key storage solutions, regularly rotating encryption keys, and protecting key
material.

3. Handling System Input:

• Input Validation: Implement input validation to ensure that user inputs are within expected
ranges and formats. Reject or sanitize inputs that could be used for injection attacks.
• Never Trust User Input: Apply the principle of never trusting user input. Assume that all input
is malicious and validate, sanitize, and escape accordingly.
• Parameterized Queries:Use parameterized queries or prepared statements to interact with
databases. This helps prevent SQL injection attacks.

4. Encoding and Escaping:

Output Encoding: Encode output data to prevent Cross-Site Scripting (XSS) attacks. Use context-aware
encoding functions based on the output context (HTML, JavaScript, URLs, etc.).

HTML Entity Encoding: When outputting data in HTML, encode special characters using HTML entity
encoding to prevent HTML injection.

URL Encoding: URL encode data when constructing URLs to prevent injection attacks and ensure
proper handling of special characters.

5. Code Testing:

• Static Analysis:Use static code analysis tools to scan source code for security vulnerabilities.
These tools can identify potential issues, such as injection flaws, insecure configurations, and
more.
• Dynamic Analysis:Perform dynamic analysis, including penetration testing and security
scanning, to identify vulnerabilities in the running application. This includes testing for
common web application vulnerabilities like SQL injection, XSS, CSRF, etc.

©Prof Sneha Dalvi

 • Code Reviews:Conduct regular code reviews with a security focus. Involve developers, security
experts, and other stakeholders to identify and address security issues.
• Automated Testing:Integrate security testing into the CI/CD pipeline. Use automated security
testing tools to identify vulnerabilities early in the development process.

6. Security Training:

• Developer Training:0020Ensure that developers receive training on secure coding practices,

including proper input validation, secure handling of data, and adherence to encryption
standards.
• Awareness Training: Increase security awareness among all team members to foster a
security-conscious culture.

Why Code Review is important?

Code review is one of the most crucial parts of the development process. The code reviewing process
helps in:

1. Increases Visibility: Every developer has a different coding style, and one project can have
multiple developers. If each developer follows a different coding style, it will be difficult for
anyone to understand the code, and the readability of the project will be reduced. While
reviewing, a fixed coding style is followed, increasing the readability and bringing consistency
to the whole project.
2. Minimize the Mistakes: This is considered one of the most significant advantages of code
review as it helps reduce the number of bugs.
3. Improves Project Quality: During the process of the code review, a lot of the things are
checked whereas, one thing that is given most importance is that one has created the software
according to the need of the project and no vital feature has been missed by the developer
which helps save a lot of time.
4. Improves Code Performance: Some budding developers might be unfamiliar with the
optimization techniques that could be used to improve the code. Secondly, it provides these
budding developers with the opportunity to polish their skills and become experts in their
area.
5. Gather Smarter Solutions: When more than one brain is working on an idea, more than one
possible solution will likely emerge to tackle the problem. One can gather smarter and faster
solutions for solving the same issue, resulting in more efficient and improved code
performance.

©Prof Sneha Dalvi