Security is one of the most important aspects of software development. Gone are the days when companies focused on the amount of code developers produce. Nowadays, they care about the quality and security of your code.
The increasing number of security breaches over the past years is alarming. Too often, we hear scary stories about how millions of people’s personal information and financial records were exposed following a data breach. With this trend, every developer should focus on building more secure systems.
In this article, I will put together a list of practices that, in my view, offer a solid foundation for building more secure applications. Having worked with hundreds of developers in multiple companies for the past few decades, I’ve had the privilege to interact and learn a great deal from various development professionals.
So, here are my ground rules for writing more secure code.
Secure By Design
Writing clean and secure code begins long before creating the first class or forming the first loop. When designing systems, I see some architects focusing more on the functional requirements but sidelining the security side of things. They tend to assume that access controls and other security measures will be implemented later in the development stage.
This is wrong. Instead, development teams should embrace the secure by design concept during application development.
During the design stage, prepare a list of technical and regulatory security requirements for your project. Think of every component that will be used in application development, from the class-level language to API endpoint authorization.
Having security in mind right from project inception is the best way to eliminate weaknesses inherent in the architecture of a product. Furthermore, it becomes harder to implement security controls or address vulnerabilities as the system develops.
The most effective approach is enforcing security controls right from the design stage.
Model Threats to Your Code
Threat modeling is a cost-effective approach to implementing security in the application design phase. It involves identifying potential threats to software, analyzing their risks, and developing mitigations strategies to be implemented in the design, coding, and testing stages.
By modeling threats to your code, you can anticipate the kind of threats that may affect your application way before coding begins. For instance, if you deal with credit card numbers, personally identifiable information, or intellectual property, it will be easier to identify possible security risks and devise ways of protecting your application.
If you can imagine an attack on your code, you can keep the threat in mind when designing and implementing the system.
Don’t Trust User Data
If you look at the vast majority of software vulnerabilities, you will realize they share a common trait in that they stem from improper input validation. Think of SQL injections, cross-site scripting, LDAP injections, xPath injections, buffer overflow, uncontrolled string format, and other common security gaps.
So, I’ll insist on this – always treat all input as untrusted until proven otherwise. Sometimes being skeptical pays. As long as the data is coming from an external source, there’s every reason to verify it. This should be done regardless of whether the input comes from environment variables, network interfaces, command line arguments, or user controlled files.
When developing a PHP application, for instance, you need to validate several elements. Here is an example class you can call to validate user input from your forms.