d3fend-ontology icon indicating copy to clipboard operation
d3fend-ontology copied to clipboard

Published 20 hours ago verified publisher icon d3fend

Source Code Hardening

Open ryantxu1 opened this issue 1 year ago • 2 comments

Collection of Source Code Hardening Techniques (address #165). Credit to @rafikap his hard work in producing the majority of this content!

Still a WIP - TODOs:

  • Consider if d3f:DeadCodeElim belongs to Source Code Hardening
  • Need Data Type PR to merge to add better data artifact relationships in input validation/sanitization
  • Consider if the 'Least Privilege Access' concept is captured by 'application configuration hardening'
  • Consider how to add a technique on HTTP Request Uniqueness Validation (nonce)

ryantxu1 avatar Aug 15 '23 18:08 ryantxu1

When you can, please confirm what else needs to be done.

netfl0 avatar Oct 13 '23 14:10 netfl0

Fuzzing may sometimes be used as Source Code Hardening: https://github.com/d3fend/d3fend-ontology/issues/303

aamedina avatar Sep 26 '24 20:09 aamedina