Best Coding Practices




You have been promoted as the manager of the e-commerce site for the company you made up in Assignment 1. You are concerned about the recent SQL attack. Your team reacted to the situation by notifying you immediately. You and your team were successful in containing and correcting the issues that allowed the website and database to be compromised by an SQL injection attack.


Knowing that many of the issues can be created by human error, you have decided to evaluate the processes your team uses when they code. As their leader, it is your responsibility to be current on all the best secure coding practices. Your job is to create guidelines for best coding practices, which you will present to your team.




Part I: Write a Memo


Write a 3–5 page report to the CEO and CSO documenting your guidelines based on your findings when you evaluated your company’s processes.


    1. Provide at least three reasons why it is less expensive to build secure software than to correct security issues after a breach.


    1. Outline the objectives and purpose of your company’s “best secure coding practices” and explain how it will influence your division.


    1. Evaluate which method of the secure software development lifecycle will best serve your team, and explain how you plan on implementing your thoughts into your existing processes.


    1. Identify three resources that can be used as “reference material” and act as a beginner’s guide for new employees. Outline the importance of each resource and how each resource can assist new coders.


Part II: PowerPoint Presentation


Create a PowerPoint presentation for your team in which you:


    1. Outline allthe major aspects of the best practice coding guideline, including objectives, purpose, resources, and methodology.Note:Please include your fictional company’s name on each slide of your presentation. Remember, you are planning on using this experience when you take what you have learned out into the real world.


The specific course learning outcomeassociated with this assignment is:


  • Establish best practices for the development and deployment of secure web applications.