Jim Bird (
jimbird@shaw.ca
) just completed a 10-post blog series on the various OWASP Top Ten Proactive Controls. These articles have been cross-posted up on DZone and Java Code Geeks. Two of the posts (on logging, surprisingly, and on including security in requirements) have made "Big Links" on DZone so far and have been syndicated. The posts have already reached a couple of thousand developers and growing, so that's a good thing!

Here are the complete set of links:

Parameterize Database Queries
http://swreflections.blogspot.ca/2014/06/10-things-you-can-do-to-make-your-app.html


Encoding Data
http://swreflections.blogspot.ca/2014/06/10-things-you-can-do-to-make-your-app_9.html


Validate Input
http://swreflections.blogspot.ca/2014/06/10-things-you-can-do-to-make-your-app_11.html

Access Control
http://swreflections.blogspot.ca/2014/06/10-things-you-can-do-to-make-your-app_16.html


Authentication Controls
http://swreflections.blogspot.ca/2014/06/10-things-you-can-do-as-developer-to.html

Protect Data and Privacy
http://swreflections.blogspot.ca/2014/06/10-things-you-can-do-as-developer-to_23.html


Logging and Intrusion Detection
http://swreflections.blogspot.ca/2014/06/10-things-you-can-do-as-developer-to_30.html


Secure Frameworks: Leverage other people's code (Carefully)
http://swreflections.blogspot.ca/2014/07/10-things-you-can-do-as-developer-to.html


Start with Requirements:
http://swreflections.blogspot.ca/2014/07/10-things-you-can-do-as-developer-to_7.html


Design Security In:
http://swreflections.blogspot.ca/2014/07/10-things-you-can-do-to-as-developer-to.html

Great work, Jim Bird!

Aloha,

Jim Manico