Secure Programming Practices
The intent of the Secure Programming Practices Knowledge Unit is to provide students with an understanding of the characteristics of secure programs and the ability to implement programs that are free from vulnerabilities.
- Programming Flaws
- Interpretation and realization of Security Requirements
- Principles of Secure Programming
- Defensive Programming
- Secure Programming paradigms
- Catch and handle exceptions at the lowest level possible
- Static Analysis
- Produce software components that satisfy their functional requirements without introducing vulnerabilities
- Describe the characteristics of secure programming.
- Understand the vulnerabilities inherent in different programming languages.
- Examine vulnerabilities introduced through the use of libraries and how to mitigate those vulnerabilities.
- Describe the characteristics of secure programming
Below are the Knowledge, Skills, Abilities and Tasks (KSA-T) identified as being required to perform this work role.
Learn More about the KAS-T's.
||Knowledge of secure coding techniques.
||Knowledge of interpreted and compiled computer languages.
||Knowledge of applications that can log errors, exceptions, and application faults and logging.
||Skill in using binary analysis tools (e.g., Hexedit, command code xxd, hexdump).
||Ability to identify basic common coding flaws at a high level.