Cyber Security References

Starting a new web based project? This is a reference of useful security related links and tools. Mostly web focused generally related to technologies I happen to be working with.

There are many related terms which are not all the same, but do share much overlap; WebSec/WebSecOps, DevSec/DevSecOps, Cyber/CyberSec/Cyber Security, SDLC. Security in general should be one of the first considerations when planning a new feature. As with most things in software development, the earlier security is considered the cheaper it is to apply its principles. I won’t go in to details on that philosophy in this post, but this is also known as shifting left which is common when talking about testing strategies.

This post contains a selection of resources related to Cyber Security for an easy reference. There are a lot of these out there, so this particular list is by no means exhaustive.

Tools

Security Code Scan – static code analyser for .NET

https://security-code-scan.github.io/

Audit.Net

https://github.com/OSSIndex/audit.net

Uses the public OSS Index database to scan for vulnerable Nuget packages.

 

WhiteSource

https://www.whitesourcesoftware.com/

Open Source library vulnerability scanning.

 

Services

SSL Labs SSL Test

https://www.ssllabs.com/ssltest/

 

Security Headers

https://securityheaders.com/

Check security related HTTP headers on publicly available sites.

 

‘;–have i been pwned?

https://haveibeenpwned.com/

 

Blogs / Podcasts

Troy Hunt

https://www.troyhunt.com/

 

Security Now

https://www.grc.com/SecurityNow.htm

 

Andrew Lynes: The Blog

https://anlynes.wordpress.com/category/cyber-security/

 

Information Resources / Databases

OWASP

https://www.owasp.org/

 

Microsoft Security Development Lifecycle

https://www.microsoft.com/en-us/securityengineering/sdl/

 

Common Vulnerabilities and Exposures

http://cve.mitre.org/

 

NIST National Vulnerability Database

https://nvd.nist.gov/

 

I’d like to keep this somewhat up to date. If you have any other suggestions please let me know in the comments.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s