|
|
|
|
|
|
by aeronautic
3321 days ago
|
|
|
As the author, I should clarify that I am a developer - full time and have been for years. If my english seems to imply a lack of depth of understanding - I'm sorry. The purpose of the checklist is to get people thinking about items they may have forgotten to address during their dev. In the push to ship new products quickly, that happens all too often. I agree with you that there are many more important and basic things to do first when securing your app - than worrying about APTs. I did not think the checklist gave that impression? |
|
|
You are missing fundamentals like the Seven Deadly Sins of Web Security. Also missing is ninja threat model.
These are the thing that will wipe you out.