What are the standards that govern security practices on the we开发者_开发问答b and web development? What standards body publishes such documents?
It depends on the industry. Credit Cards use the PCI-DSS. The US medial industry uses HIPAA. Cryptographic systems are governed by FIPS-140 which was created by NIST. Then there is the CWE system which is a list of every known vulnerability type.
Have a look at OWASP.
The Open Web Application Security Project (OWASP) is a 501c3 not-for-profit worldwide charitable organization focused on improving the security of application software.
Most general and apply to any developpement but interesting anyway :
CWE/SANS TOP 25 Most Dangerous Programming Errors
I don't know of any standards governing security practices specifically focussed on web apps, but the ISO27000 family of standards cover information systems in general. Warning: getting hold of a copy of ISO2700x, unless you work for ISO or a university, is not cheap...
![Interactive visualization of a graph in python [closed]](https://www.devze.com/res/2023/04-10/09/92d32fe8c0d22fb96bd6f6e8b7d1f457.gif)
加载中,请稍侯......
精彩评论