Appendix C
A Designer's Security Checklist
The following checklist, available in the Security Templates folder in the book's companion content, is a minimum set of items a designer, architect, or team lead should ask herself as she is designing the product. Consider this document to be completed as a sign-off requirement for the application design phase.
Check | Category | Chapter |
Education in place for team | 2 | |
Someone on team signed up to monitor BugTraq and NTBugtraq | 1 | |
Competitor's vulnerabilities analyzed to determine if the issues exist in this product | 3 | |
Past vulnerabilities in previous versions of product analyzed for root cause | 3 | |
Application attack surface is as small as possible | 3 | |
If creating new user accounts, they are low privilege and have strong passwords | 3, 7 | |
Safe-for-scripting ActiveX controls thoroughly reviewed | 16 | |
Sample code reviewed for security issues. You must treat sample code as production code. | 23 | |
Default install is secure | 3 | |
Threat models complete for design phase | 2 | |
Product has layered defenses | 3 | |
Security failures logged for later analysis | 23 | |
Privacy implications understood and documented | 22 | |
Plans in place to migrate appropriate code to managed code | 23 | |
End-of-life plans in place for features that will eventually be deprecated | 2 | |
Security response process in place | 2 | |
Documentation reflects good security practice | 24 |