topic Secure Coding Practices for a Cloud Application in Tech Talk https://community.isc2.org/t5/Tech-Talk/Secure-Coding-Practices-for-a-Cloud-Application/m-p/30775#M2017 <P>Hello,</P><P>Was not sure if i chose the right location for this post.. so apologies in advance if i have to recategorize this post.</P><P>I am trying to locate resources (standards, checklists etc.) which will help accessing the security posture of a Cloud Based Application. There is OWASP and other standard resources but what if the application is not a web based application hosted on a cloud provider but a Integration based application running as PaaS. There is no front end but a lot of data manipulation. In such a scenario are we just limited to looking for PII data that is being extracted, transformed and moved around. Do we have to look at any other aspect of "Secure Coding Practices" that are being violated. If any member can share their experience, would greatly appreciate it.</P><P>Thanks</P><P>vishu</P> Mon, 09 Oct 2023 09:23:16 GMT va 2023-10-09T09:23:16Z Secure Coding Practices for a Cloud Application https://community.isc2.org/t5/Tech-Talk/Secure-Coding-Practices-for-a-Cloud-Application/m-p/30775#M2017 <P>Hello,</P><P>Was not sure if i chose the right location for this post.. so apologies in advance if i have to recategorize this post.</P><P>I am trying to locate resources (standards, checklists etc.) which will help accessing the security posture of a Cloud Based Application. There is OWASP and other standard resources but what if the application is not a web based application hosted on a cloud provider but a Integration based application running as PaaS. There is no front end but a lot of data manipulation. In such a scenario are we just limited to looking for PII data that is being extracted, transformed and moved around. Do we have to look at any other aspect of "Secure Coding Practices" that are being violated. If any member can share their experience, would greatly appreciate it.</P><P>Thanks</P><P>vishu</P> Mon, 09 Oct 2023 09:23:16 GMT https://community.isc2.org/t5/Tech-Talk/Secure-Coding-Practices-for-a-Cloud-Application/m-p/30775#M2017 va 2023-10-09T09:23:16Z Re: Secure Coding Practices for a Cloud Application https://community.isc2.org/t5/Tech-Talk/Secure-Coding-Practices-for-a-Cloud-Application/m-p/30778#M2018 <P><a href="https://community.isc2.org/t5/user/viewprofilepage/user-id/105133605">@va</a>I had an initial cast around and found this - which may give you some thoughts and principles to apply:</P><P>&nbsp;</P><P><A href="https://www.ibm.com/cloud/garage/architectures/securityArchitecture/implement-secure-devops" target="_blank">https://www.ibm.com/cloud/garage/architectures/securityArchitecture/implement-secure-devops</A></P><P>&nbsp;</P><P>Regards</P><P>&nbsp;</P><P>Caute_cautim</P> Thu, 19 Dec 2019 01:52:40 GMT https://community.isc2.org/t5/Tech-Talk/Secure-Coding-Practices-for-a-Cloud-Application/m-p/30778#M2018 Caute_cautim 2019-12-19T01:52:40Z