25. Review code for flaws Check for: Input Validation Error Handling Secure Storage etc, etc Try to hack it! Manual and automated tests Use tests defined in your threat model Secure Development Build security in Security is part of the apps DNA Plan to build security in Threat Model Design app to eliminate threats Code Review Security Testing Requirements Design Secure Development Secure Development 1 2 3 4
26. www.securityninja.co.uk Thank You! www.securedevelopment.co.uk Twitter: @securityninja David Rook, next speaking appearance: DEFCON, 1 st August, Las Vegas