Configuration and Abstraction
Reduce your code base and improve code integrity
One of my post that may later become a book on Secure Code. Also one of my posts on Application Security and The Principle of Abstraction.
Free Content on Jobs in Cybersecurity | Sign up for the Email List
When you need to deploy code to multiple environments, do you find yourself manually making changes to code at the point of deployment? Do you need to rebuild containers or recompile libraries to deploy to production? When you write code to deploy infrastructure to cloud environments do you write separate code for each region (AWS), subscription (Azure), or project (GCP) for the same application or applications with similar infrastructure requirements? Do you have to make any modifications to your code when you deploy it or test it?
If you answered yes to any of the above, you have a potential security issue. First, you may have repetitive code. I already explained in another post how that can cause security problems.
Additionally, you have a situation where people are manually editing code. Any time someone has to change code, they could introduce an inadvertent or malicious change that causes a security problem. An analysis of data breaches in the UK showed that 88% of data breaches involved human error. You…