Posts

Suggestions for Applications Security while Developing the Applications and Maintenance In this blog I would like to suggest to follow below rules for application security while developing the applications and maintenance. This concept is related to "Penetration testing" From an application initial stage to maintenance stage we should maintain the application security. At the stage of development and maintenance of the application we needs to follow the below rules 1. Don't use normal statement class for retrieving the data from database in DAO classes 2. Use “Prepared Statement” for SQL query usage 3. Don't store sensitive data in application directories without encryption of the file 4. Showing the sensitive data in URL’s, it's not best practice 5. SSL certification (ECDSA, RSA) is mandatory for application or server 6. Don't expose the database keys directly in application links 7. Write data patterns in input fields should b