R158. Use a secure programming language

Requirement

System source code must be implemented in a stable, updated, tested, and free of known vulnerabilities version of the chosen programming language.

References

  1. OWASP-ASVS v3.1-1.9 A mechanism for enforcing updates of the application exists.

  2. OWASP-ASVS v3.1-1.11 All application components, libraries, modules, frameworks, platform, and operating systems are free from known vulnerabilities.

  3. OWASP-ASVS v4.0.1 V5.4 Memory, String, and Unmanaged Code Requirements.(5.4.1) Verify that the application uses memory-safe string, safer memory copy and pointer arithmetic to detect or prevent stack, buffer, or heap overflows.

Copyright © 2020 Fluid Attacks, We hack your software. All rights reserved.

Service status - Terms of Use - Privacy Policy - Cookie Policy