This post lists some secure development frameworks.
Secure Development Frameworks
List of Secure Development Frameworks:
- Secure Software Development Framework (SSDF)
- OWASP Security Knowledge Framework (OWASP-SKF)
- SEI CERT Coding Standards
Secure Software Development Framework (SSDF)
https://csrc.nist.gov/Projects/ssdf
Secue Software Development Framework (SSDF) is issued by NIST.
As of November 2022, the latest SSDF publication SP 800-218 “Secure Software Development Framework (SSDF) Version 1.1: Recommendations for Mitigating the Risk of Software Vulnerabilities” was published on March 2022.
OWASP Security Knowledge Framework (OWASP-SKF)
https://owasp.org/www-project-security-knowledge-framework/
OWASP Security Knowledge Framework (OWASP-SKF) is issued by OWASP.
There is also a OWASP Testing Framework.
SEI CERT Coding Standards
https://wiki.sei.cmu.edu/confluence/display/seccode/SEI+CERT+Coding+Standards
SEI CERT Coding Standards are developed by the CERT Coordination Center (CERT/CC).
CERT/CC belongs to the Software Engineering Institute (SEI), that is a non-profit United States federally funded research and development center. SEI belongs to the Carnegie Mellon University (CMU).
There are specific coding standards for C, C++, Java, Perl and Android.
You might also be interested in…
External references
- Robert C. Seacord Robert Martin; “MITRE CWE and CERT Secure Coding Standards“; CISA