Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 


Forgot your password?
Close
typodupeerror
Security Software

Ask Slashdot: Share Your Security Review Tales

Posted by msmash from the let's-get-going dept.
New submitter TreZ writes: If you write software, you are most likely subject to a "security review" at some point. A large portion of this is common sense like don't put plain text credentials into github, don't write your own encryption algorithms, etc. Once you get past that there is a "subjective" nature to these reviews.

What is the worst "you can't do" or "you must do" that you've been subjected to in a security review? A fictitious example would be: you must authenticate all clients with a client certificate, plus basic auth, plus MFA token. Tell your story here, omitting incriminating details.

Ask Slashdot: Share Your Security Review Tales More | Reply

Ask Slashdot: Share Your Security Review Tales

Comments Filter:

Slashdot Top Deals

Advertising may be described as the science of arresting the human intelligence long enough to get money from it.

Close