Security !! The most important term you will heard when you are working in the field of programming. Every Programmer has there own capabilities and there own level of programming,still programmer has to keep this thing in his mind that there code can be vulnerable to attacks and many security issuses. So we have to find some criteria to protect our code from attacks.Here is a list of methods which you can use to protect yourself.
- Secure input and output handling :
In this technique there is two phases input and output.
Secure input:It is often used to prevent Code Injection such as SQL injection and object injection, you can secure your code using those suggestion like we have listed below-
- Filter input: this can be demonstrated by using regular expressions or white & black list .
- Encoding input: this will help to preclude the malicious input code.
- Using scripts: in certain programming languages you can prevent the malicious inputs by scripts like it is the way in PHP.
Secure output:
It is essentially used to avoid XSS vulnerabilities, often encoding the output is mostly common by using html coding.
Use analysis tools:
Analysis tools are really helpful and available in most platform and languages, they become an essentials tools in modern programing days for their widely beneficial features.
-
-
Learn exploiting programs:
-
-
If you want to know how your application gets exploited by an attacker you must lean exploiting techniques and do some penetration testing.
- Avoid building a complex design:
The more complex your program is the more it security gets complex and certainly your flaws may increase, in result more vulnerabilities will be exposed to the attacker, so keep your program simple and basic the most you can.
- Use graphs to visualize your design:
This can be important for inspecting vulnerabilities from your design, it give you the opportunity to detect the weakest points and secure them.
Conclusion:
Do your best you can do to protect your network from any kind of attack,
every practices from above might be helpful to secure your code but it can’t definitely guaranty security because everyday exploitation and hackers becomes more and more sophisticated, the solution additionally to those practices is to keep you self update with computer security and be aware of the vulnerabilities that are exposed.
- Filter input: this can be demonstrated by using regular expressions or white & black list .
- Encoding input: this will help to preclude the malicious input code.
- Using scripts: in certain programming languages you can prevent the malicious inputs by scripts like it is the way in PHP.
Secure output:
It is essentially used to avoid XSS vulnerabilities, often encoding the output is mostly common by using html coding.
Use analysis tools:
- Learn exploiting programs:
If you want to know how your application gets exploited by an attacker you must lean exploiting techniques and do some penetration testing.
- Avoid building a complex design:
The more complex your program is the more it security gets complex and certainly your flaws may increase, in result more vulnerabilities will be exposed to the attacker, so keep your program simple and basic the most you can.
- Use graphs to visualize your design:
This can be important for inspecting vulnerabilities from your design, it give you the opportunity to detect the weakest points and secure them.
Conclusion:
Do your best you can do to protect your network from any kind of attack,
every practices from above might be helpful to secure your code but it can’t definitely guaranty security because everyday exploitation and hackers becomes more and more sophisticated, the solution additionally to those practices is to keep you self update with computer security and be aware of the vulnerabilities that are exposed.
0 comments:
Post a Comment